Sunfire B1600 User Manual

Sun Fire

B1600 Blade System

Chassis Switch Administration

Guide

Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. 650-960-1300

Part No. 817-2576-10 June 2003, Revision A

Send comments about this document to: docfeedback@sun.com

Copyright 2003Sun Microsystems,Inc., 4150Network Circle, SantaClara, California95054, U.S.A.All rightsreserved. Sun Microsystems,Inc. hasintellectual property rightsrelating totechnology embodiedin theproduct that is described inthis document.In

particular,and withoutlimitation, theseintellectual property rightsmay includeone ormore ofthe U.S.patents listedat http://www.sun.com/patents andone ormore additionalpatents orpending patentapplications inthe U.S.and inother countries.

This documentand theproduct towhich itpertains are distributedunder licensesrestricting theiruse, copying,distribution, and decompilation. Nopart ofthe productor ofthis documentmay bereproducedin anyform byany meanswithout priorwritten authorizationof Sun andits licensors,if any.

Third-party software, includingfont technology,is copyrightedand licensedfrom Sun suppliers. Parts ofthe productmay bederived from BerkeleyBSD systems,licensed fromthe Universityof California.UNIX isa registered trademarkin

the U.S.and inother countries,exclusively licensedthrough X/OpenCompany, Ltd. Sun, SunMicrosystems, theSun logo,AnswerBook2, docs.sun.com,Sun Fire, andSolaris aretrademarks orregisteredtrademarks ofSun

Microsystems, Inc.in theU.S. andin othercountries. All SPARCtrademarks areused underlicense andare trademarks or registered trademarksof SPARCInternational, Inc.in theU.S. andin other

countries. Productsbearing SPARCtrademarks are basedupon anarchitecture developed by Sun Microsystems,Inc. The OPENLOOK andSun™ GraphicalUser Interfacewas developedby SunMicrosystems, Inc.for itsusers andlicensees. Sunacknowledges

the pioneeringefforts ofXerox in researchingand developingthe conceptof visualor graphicaluser interfacesfor thecomputer industry.Sun holds anon-exclusive licensefrom Xerox tothe XeroxGraphical UserInterface, whichlicense alsocovers Sun’slicensees whoimplement OPEN LOOK GUIsand otherwisecomply withSun’s writtenlicense agreements.

Use, duplication,or disclosure bythe U.S.Government issubject to restrictionsset forthin theSun Microsystems, Inc.license agreementsand as provided in DFARS 227.7202-1(a) and227.7202-3(a) (1995),DFARS252.227-7013(c)(1)(ii) (Oct. 1998),FAR12.212(a)(1995), FAR52.227-19, orFAR

52.227-14 (ALT III), as applicable. DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,

INCLUDING ANYIMPLIED WARRANTY OFMERCHANTABILITY, FITNESSFOR A PARTICULAR PURPOSEOR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.

Copyright 2003Sun Microsystems,Inc., 4150Network Circle, SantaClara, California95054, Etats-Unis.Tous droitsréservés. Sun Microsystems,Inc. ales droits depropriété intellectuelsrelatants à la technologie incorporée dans leproduit quiest décritdans ce

document. Enparticulier, etsans la limitation,ces droitsdepropriété intellectuelspeuvent inclure unou plusdes brevets américainsénumérés à http://www.sun.com/patents etun oules brevetsplus supplémentaires oules applicationsde breveten attentedans lesEtats-Unis etdans les autres pays.

Ce produitou documentest protégé parun copyrightet distribuéavec deslicences quien restreignent l’utilisation,la copie,la distribution,et la décompilation. Aucunepartie dece produitou documentne peutêtre reproduite sousaucune forme,parquelque moyen que ce soit, sans l’autorisation préalableet écritede Sunet deses bailleursde licence,s’il yena.

Le logicieldétenu pardes tiers,et quicomprend latechnologie relative auxpolices decaractères, estprotégépar uncopyright etlicencié pardes fournisseurs deSun.

Des partiesde ceproduit pourront êtredérivées dessystèmes BerkeleyBSD licenciéspar l’Universitéde Californie.UNIX estune marque déposée auxEtats-Unis etdans d’autrespays etlicenciée exclusivementpar X/OpenCompany, Ltd.

Sun, SunMicrosystems, lelogo Sun,AnswerBook2, docs.sun.com,Sun Fire, etSolaris sontdes marquesde fabriqueou desmarquesdéposées de SunMicrosystems, Inc.aux Etats-Uniset dansd’autres pays.

Toutes lesmarques SPARC sont utilisées sous licence et sont des marques defabrique oudes marquesdéposées deSPARC International,Inc. aux Etats-Uniset dansd’autres pays.Les produits protantles marques SPARC sont baséssur unearchitecturedéveloppée parSun Microsystems, Inc.

L’interfaced’utilisation graphiqueOPEN LOOKet Sun™a étédéveloppée parSun Microsystems, Inc.pour sesutilisateurs etlicenciés. Sun reconnaît lesefforts de pionniers de Xeroxpour larecherche et le développment du concept des interfaces d’utilisation visuelle ou graphique pour l’industriede l’informatique.Sun détientune licensenon exclusivedo Xeroxsur l’interfaced’utilisation graphiqueXerox, cette licence couvrant égalementles licenciées deSun quimettent enplacel’interface d’utilisation graphiqueOPEN LOOK etqui enoutre se conformentaux licences écritesde Sun.

LA DOCUMENTATION EST FOURNIE “EN L’ÉTAT” ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENTEXCLUES, DANSLA MESUREAUTORISEE PARLA LOIAPPLICABLE, YCOMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L’APTITUDE A UNE UTILISATION PARTICULIERE OU A L’ABSENCE DE CONTREFAÇON.

This distribution may include materials developed by third parties. Sun, Sun Microsystems, the Sun logo, Java, Solaris, Sun Fire and the 100% Pure Java logo are trademarks or registered trademarks of Sun

Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other

countries. Products bearing SPARC trademarks are based upon architecture developed by Sun Microsystems, Inc. This productis covered and controlled byU.S. Export Control laws andmay be subjectto theexport or importlaws in othercountries. Nuclear,

missile, chemical biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited. Export or reexport to countries subject to U.S. embargo or to entities identiﬁed on U.S. export exclusion lists, including, but not limited to, the denied persons and specially designated nationals lists is strictly prohibited.

Use of any spare or replacement CPUs is limited to repair or one-for-one replacement of CPUs in products exported in compliance with U.S. export laws. Use of CPUs as product upgrades unless authorized by the U.S. Government is strictly prohibited.

Cette distribution peut comprendre des composants développés pardes tierces parties. Sun, Sun Microsystems, le logo Sun, Java, Solaris, Sun Fire et le logo 100% Pure Java sont des marques de fabrique ou des marques déposées

de Sun Microsystems, Inc. aux Etats-Unis et dans d’autres pays. Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques déposées de SPARC International, Inc.

aux Etats-Unis et dans d’autres pays. Les produits protant les marques SPARC sont basés sur une architecture développée par Sun Microsystems, Inc.

Les produits qui font l’objet de ce manuel d’entretien et les informations qu’il contient sont régis par la législation américaine en matière de contrôle des exportations et peuvent être soumis au droit d’autres pays dans le domaine des exportations et importations. Les utilisations ﬁnales, ou utilisateurs ﬁnaux, pour des armes nucléaires, des missiles, des armes biologiques et chimiques ou du nucléaire maritime, directement ou indirectement, sont strictement interdites. Les exportations ou réexportations vers des pays sous embargo des États-Unis, ou vers des entités ﬁgurant sur les listes d’exclusion d’exportation américaines, y compris, mais de manière non exclusive, la liste de personnes qui font objet d’un ordre de ne pas participer, d’une façon directe ou indirecte, aux exportations des produits ou des services qui sont régi par la législation américaine en matière de contrôle des exportations (“U.S. Commerce Department’s Table of Denial Orders”) et la liste de ressortissants spéciﬁquement désignés (“U.S. Treasury Department of Specially Designated Nationals and Blocked Persons”).

L’utilisation de pièces détachées ou d’unités centrales de remplacement est limitée aux réparations ou à l’change standard d’unités centrales pour les produits exportés, conformément à la législation américaine en matière d’exportation. Sauf autorisation par les autorités des ÉtatsUnis, l’utilisation d’unités centrales pour procéder à des mises à jour de produits est rigoureusement interdite.

1. Introduction 1-1

1.1 Overview 1-2

1.1.1 Switch Architecture 1-2

1.1.2 Ways of Accessing the Switch Management Application 1-2

1.2 Description of Hardware 1-3

1.2.1 Ethernet Ports 1-3

1.2.1.1 Up-link Ports 1-3

1.2.1.2 Internal Ports 1-4

1.2.2 Status LEDs 1-5

1.3 Features of the Switch 1-6

1.4 Switch Default Settings 1-9

2. Initial Configuration 2-1

2.1 Connecting to the Switch Interface 2-2

2.1.1 Configuration Options 2-2

2.1.1.1 Configuring the Switch Through the Built-in Switch Interfaces 2-2

2.2 Enabling SNMP Management Access 2-3

2.2.1 Community Strings 2-3

2.2.2 Trap Receivers 2-4

3. General Management of the Switch 3-1

3.1 Using the Web Interface 3-2

3.1.1 Navigating the Web Browser Interface 3-3

3.1.1.1 Home Page 3-3

3.1.1.2 Configuration Options 3-4

3.1.2 Panel Display 3-4

3.1.3 Main Menu 3-5

3.2 Basic Configuration 3-8

3.2.1 Displaying System Information 3-8

3.2.1.1 Web Interface: Displaying and Specifying Identification Details 3-8

3.2.1.2 Command-line Interface: Displaying and Specifying Identification Details 3-10

3.2.1.3 MIB Variables: Identification Details 3-11

3.2.2 Setting the IP Address 3-12

3.2.2.1 Manual Configuration 3-13

3.2.2.2 Using DHCP/BOOTP 3-16

3.2.3 Displaying Switch Software Versions 3-18

3.2.3.1 Web Interface: Displaying Switch Software Version Information 3-18

3.2.3.2 Comand-line Interface: Displaying Switch Software Version Information 3-19

3.2.3.3 MIB Variables Associated With Software Version Information 3-20

3.2.4 Managing Firmware 3-21

3.2.4.1 Downloading Switch Firmware From a Server 3-21

3.2.5 Saving or Restoring Configuration Settings 3-25

3.2.5.1 Downloading Configuration Settings From a Server 3-25

3.2.6 Configuring User Authentication 3-28

3.2.6.1 Web Interface: Configuring User Authentication 3-30

vi Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

3.2.6.2 Command-line Interface: Configuring User Authentication 3-32

3.2.6.3 MIB variables Associated With User Authentication 3-33

3.2.7 Configuring SNMP 3-33

3.2.7.1 Configuring SNMP Access 3-34

3.2.7.2 Specifying Trap Managers and Trap Types 3-36

3.3 Configuring Global Network Protocols 3-39

3.3.1 VLAN Configuration 3-39

3.3.1.1 Displaying Basic VLAN Information 3-41

3.3.1.2 Enabling or Disabling GVRP (Global Setting) 3-45

3.3.1.3 Configuring VLANs 3-46

3.3.1.4 Adding Static Members to VLANs 3-50

3.3.2 Multicast Configuration 3-54

3.3.2.1 Configuring IGMP Snooping Parameters 3-55

3.3.2.2 Specifying Interfaces Connected to Multicast Routers 3-59

3.3.2.3 Configuring Multicast Services 3-64

3.3.3 Broadcast Storm Control (Global Setting) 3-67

3.3.3.1 Web Interface: Using Broadcast Storm Control 3-67

3.3.3.2 Command-line Interface: Using Broadcast Storm Control 3-68

3.3.4 Spanning Tree Algorithm Configuration 3-70

3.3.4.1 Configuring Basic STA Settings 3-70

3.3.4.2 Configuring Advanced STA Settings 3-76

3.3.5 Class of Service Configuration 3-78

3.3.5.1 Setting the Default Priority for Interfaces 3-78

3.3.5.2 Mapping COS Values to Egress Queues 3-80

3.3.5.3 Setting the Service Weight for Traffic Classes 3-84

3.3.5.4 Mapping Layer 3/4 Priorities to COS Values 3-85

Contents vii

3.3.5.5 Mapping IP Precedence 3-87

3.3.5.6 Mapping DSCP Priority 3-90

3.3.6 Address Table Settings 3-92

3.3.6.1 Displaying the Address Table 3-92

3.3.6.2 Changing the Aging Time 3-94

3.4 Port Configuration 3-96

3.4.1 Displaying Connection Status 3-96

3.4.2 Configuring Interface Connections 3-102

3.4.2.1 Web Interface: Configuring Interface Connections 3-103

3.4.2.2 Command-line Interface: Configuring Interface Connections 3-105

3.4.2.3 MIB Variables Inspecting or Configuring Interface Connections 3-105

3.4.3 Configuring Aggregated Links 3-107

3.4.3.1 Dynamically Configuring an Aggregated Link with LACP 3-108

3.4.3.2 Statically Configuring an Aggregated Link 3-111

3.4.4 Configuring VLAN Behavior for Interfaces 3-114

3.4.4.1 Web Interface: Configuring VLAN Behavior for Interfaces 3-115

3.4.4.2 Command-line Interface: Configuring VLAN Behavior for Interfaces 3-117

3.4.4.3 MIB Variables Associated With VLAN Behavior of Interfaces 3-118

3.4.5 Configuring Static Addresses 3-121

3.4.5.1 Web Interface: Configuring Static Addresses 3-122

3.4.5.2 Command-line Interface: Configuring Static Addresses 3-123

3.4.5.3 MIB Variables Associated With Static Addresses 3-123

3.4.6 Managing Interfaces for Spanning Tree Algorithm 3-125

viii Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

3.4.6.1 Displaying the Current Interface Settings for STA 3-125

3.4.6.2 Configuring Interface Settings for STA 3-129

3.4.6.3 Checking the STA Protocol Status for Interfaces 3-132

3.4.7 Filtering Traffic From the Down Link Ports to the Management Port 3-134

3.4.7.1 Web Interface: Filtering Traffic to the Management

Port 3-135

3.4.7.2 Command-line Interface: Filtering Traffic to the

Management Port 3-136

3.4.7.3 MIB Variables Associated With Filtering Traffic to the

Management Port 3-137

3.5 Monitoring Port and Management Traffic 3-139

3.5.1 Configuring Port Mirroring 3-139

3.5.1.1 Web Interface: Configuring Port Mirroring 3-139

3.5.1.2 Command-line Interface: Configuring Port Mirroring

3-140

3.5.1.3 MIB Variables Associated With Port Mirroring 3-141

3.5.2 Showing Port Statistics 3-141

3.5.2.1 Web Interface: Viewing Port Statistics 3-145

3.5.2.2 Command-line Interface: Viewing Port Statistics 3-147

3.5.2.3 MIB Variables Associated With Port Statistics 3-148

3.5.3 Showing SNMP Statistics 3-152

3.5.3.1 Web Interface: Viewing SNMP Statistics 3-153

3.5.3.2 Command-line Interface: Viewing SNMP Statistics

3-155

3.5.3.3 MIB Variables Associated With SNMP Statistics 3-156

3.5.4 Configuring Message Logs 3-156

3.5.4.1 Web Interface: Configuring Message Logs 3-157

3.5.4.2 Command-line Interface: Configuring Message Logs

3-158

Contents ix

3.5.4.3 MIB Variables Associated With Message Logs 3-159

4. Command-Line Reference 4-1

4.1 Using the Command-Line Interface 4-2

4.1.1 Accessing the CLI 4-2

4.1.1.1 Console Connection 4-2

4.1.1.2 Telnet Connection 4-3

4.1.2 Entering Commands 4-4

4.1.2.1 Keywords and Arguments 4-4

4.1.2.2 Minimum Abbreviation 4-5

4.1.2.3 Command Completion 4-5

4.1.2.4 Getting Help on Commands 4-5

4.1.2.5 Showing Commands 4-6

4.1.2.6 Partial Keyword Lookup 4-7

4.1.2.7 Negating the Effect of Commands 4-7

4.1.2.8 Using Command History 4-7

4.1.2.9 Understanding Command Modes 4-7

4.1.2.10 Exec Commands 4-8

4.1.2.11 Configuration Commands 4-9

4.1.2.12 Command-Line Processing 4-10

4.2 Command Groups 4-11

4.3 Detailed Command Description 4-13

4.3.1 General Commands 4-13

4.3.1.1 enable 4-13

4.3.1.2 disable 4-14

4.3.1.3 configure 4-15

4.3.1.4 show history 4-16

4.3.1.5 reload 4-17

4.3.1.6 end 4-18

x Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

4.3.1.7 exit 4-19

4.3.1.8 quit 4-19

4.3.2 Flash/File Commands 4-20

4.3.2.1 copy 4-20

4.3.2.2 delete 4-22

4.3.2.3 dir 4-23

4.3.2.4 whichboot 4-25

4.3.2.5 boot system 4-26

4.3.3 System Management Commands 4-27

4.3.3.1 hostname 4-28

4.3.3.2 username 4-29

4.3.3.3 enable password 4-30

4.3.3.4 ip http port 4-31

4.3.3.5 ip http server 4-32

4.3.3.6 jumbo frame 4-33

4.3.3.7 logging on 4-34

4.3.3.8 logging history 4-35

4.3.3.9 clear logging 4-36

4.3.3.10 show logging 4-37

4.3.3.11 show startup-config 4-38

4.3.3.12 show running-config 4-40

4.3.3.13 show system 4-42

4.3.3.14 show users 4-44

4.3.3.15 show version 4-44

4.3.4 Authentication Commands 4-45

4.3.4.1 authentication login 4-46

4.3.4.2 radius-server host 4-48

4.3.4.3 radius-server port 4-48

Contents xi

4.3.4.4 radius-server key 4-49

4.3.4.5 radius-server retransmit 4-50

4.3.4.6 radius-server timeout 4-50

4.3.4.7 show radius-server 4-51

4.3.4.8 tacacs-server host 4-52

4.3.4.9 tacacs-server port 4-52

4.3.4.10 tacacs-server key 4-53

4.3.4.11 show tacacs-server 4-54

4.3.5 SNMP Commands 4-54

4.3.5.1 snmp-server community 4-55

4.3.5.2 snmp-server contact 4-56

4.3.5.3 snmp-server location 4-57

4.3.5.4 snmp-server host 4-57

4.3.5.5 snmp-server enable traps 4-59

4.3.5.6 show snmp 4-60

4.3.6 Line Commands 4-62

4.3.6.1 line 4-62

4.3.6.2 login 4-63

4.3.6.3 password 4-64

4.3.6.4 exec-timeout 4-66

4.3.6.5 password-thresh 4-66

4.3.6.6 silent-time 4-67

4.3.6.7 show line 4-68

4.3.7 IP Commands 4-69

4.3.7.1 ip address 4-70

4.3.7.2 ip dhcp restart 4-71

4.3.7.3 ip dhcp client-identifier 4-72

4.3.7.4 ip default-gateway 4-74

xii Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

4.3.7.5 show ip interface 4-75

4.3.7.6 show ip redirects 4-75

4.3.7.7 ping 4-76

4.3.7.8 ip filter 4-77

4.3.7.9 show ip filter 4-81

4.3.8 Interface Commands 4-83

4.3.8.1 interface 4-83

4.3.8.2 description 4-84

4.3.8.3 speed-duplex 4-85

4.3.8.4 negotiation 4-86

4.3.8.5 capabilities 4-87

4.3.8.6 flowcontrol 4-89

4.3.8.7 shutdown 4-91

4.3.8.8 switchport broadcast packet-rate 4-91

4.3.8.9 clear counters 4-93

4.3.8.10 show interfaces status 4-93

4.3.8.11 show interfaces counters 4-95

4.3.8.12 show interfaces switchport 4-96

4.3.9 Address Table Commands 4-98

4.3.9.1 mac-address-table static 4-99

4.3.9.2 clear mac-address-table dynamic 4-100

4.3.9.3 show mac-address-table 4-100

4.3.9.4 mac-address-table aging-time 4-101

4.3.9.5 show mac-address-table aging-time 4-102

4.3.10 Port Security Commands 4-103

4.3.10.1 port security 4-103

4.3.11 Spanning Tree Commands 4-105

4.3.11.1 spanning-tree 4-105

Contents xiii

4.3.11.2 spanning-tree mode 4-106

4.3.11.3 spanning-tree forward-time 4-107

4.3.11.4 spanning-tree hello-time 4-108

4.3.11.5 spanning-tree max-age 4-109

4.3.11.6 spanning-tree priority 4-110

4.3.11.7 spanning-tree pathcost method 4-111

4.3.11.8 spanning-tree transmission-limit 4-112

4.3.11.9 spanning-tree cost 4-112

4.3.11.10 spanning-tree port-priority 4-114

4.3.11.11 spanning-tree edge-port 4-115

4.3.11.12 spanning-tree protocol-migration 4-116

4.3.11.13 spanning-tree link-type 4-117

4.3.11.14 show spanning-tree 4-118

4.3.12 VLAN Commands 4-120

4.3.12.1 vlan database 4-121

4.3.12.2 vlan 4-121

4.3.12.3 interface vlan 4-123

4.3.12.4 switchport mode 4-123

4.3.12.5 switchport acceptable-frame-types 4-124

4.3.12.6 switchport ingress-filtering 4-125

4.3.12.7 switchport native vlan 4-126

4.3.12.8 switchport allowed vlan 4-127

4.3.12.9 switchport forbidden vlan 4-129

4.3.12.10 show vlan 4-130

4.3.13 GVRP and Bridge Extension Commands 4-131

4.3.13.1 switchport gvrp 4-132

4.3.13.2 show gvrp configuration 4-132

4.3.13.3 garp timer 4-133

xiv Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

4.3.13.4 show garp timer 4-135

4.3.13.5 bridge-ext gvrp 4-135

4.3.13.6 show bridge-ext 4-136

4.3.14 IGMP Snooping Commands 4-138

4.3.14.1 ip igmp snooping 4-139

4.3.14.2 ip igmp snooping vlan static 4-140

4.3.14.3 ip igmp snooping version 4-141

4.3.14.4 show ip igmp snooping 4-142

4.3.14.5 show mac-address-table multicast 4-143

4.3.14.6 ip igmp snooping querier 4-144

4.3.14.7 ip igmp snooping query-count 4-144

4.3.14.8 ip igmp snooping query-interval 4-145

4.3.14.9 ip igmp snooping query-max-response-time 4-146

4.3.14.10 ip igmp snooping router-port-expire-time 4-147

4.3.14.11 ip igmp snooping vlan mrouter 4-148

4.3.14.12 show ip igmp snooping mrouter 4-149

4.3.15 Priority Commands 4-150

4.3.15.1 switchport priority default 4-151

4.3.15.2 queue bandwidth 4-152

4.3.15.3 queue cos-map 4-153

4.3.15.4 show queue bandwidth 4-155

4.3.15.5 show queue cos-map 4-156

4.3.15.6 map ip precedence (Global Configuration) 4-157

4.3.15.7 map ip precedence (Interface Configuration) 4-158

4.3.15.8 map ip dscp (Global Configuration) 4-159

4.3.15.9 map ip dscp (Interface Configuration) 4-160

4.3.15.10 show map ip precedence 4-161

4.3.15.11 show map ip dscp 4-162

Contents xv

4.3.16 Mirror Port Commands 4-164

4.3.16.1 port monitor 4-164

4.3.16.2 show port monitor 4-165

4.3.17 Link Aggregation Commands 4-166

4.3.17.1 channel-group 4-167

4.3.17.2 lacp 4-168

A. Management Information Base A-1

A.1 Supported MIBs A-2

A.2 Supported Traps A-3

B. Troubleshooting B-1

B.1 Diagnosing Switch Indicators B-2

B.2 Diagnosing Port Connections B-2

B.3 Accessing the Management Interface B-2

B.4 Using System Logs B-4

B.4.1 Log Messages B-4

B.5 Error Messages B-5

B.5.1 Command-Line Error Detection B-5

B.5.2 System Errors B-6

B.5.3 Command Line Errors B-6

B.5.4 Web Interface Errors B-9

C. Specifications C-1

C.1 Switch Architecture C-2

C.2 Management Features C-3

C.3 Physical C-3

C.4 Power C-4

C.5 Environmental C-4

C.6 Standards C-4

xvi Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

Glossary Glossary-1

Index Index-1

Contents xvii

xviii Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

Preface

This Sun Fire B1600 Blade System Chassis Switch Administration Guide provides information that enables you to understand and use the switch inside the Switch and System Controller (SSC) module in the system chassis. There are two interfaces to the switch: a command-line interface and a web interface. This manual describes both.

The manual is intended for network administrators who are responsible for managing the system chassis. The manual assumes a working knowledge of local area network operations and familiarity with networking protocols.

Before You Read This Book

Before you start configuring the switch:

Install your system chassis by following the instructions in the Sun Fire B1600 Blade System Chassis Hardware Installation Guide and the Sun Fire B1600 Blade System Chassis Software Setup Guide.

How This Book Is Organized

Chapter 1 provides an overview of the switch, including management options, hardware features, switching features, and default settings.

Chapter 2 describes how to connect to the switch console and to the alternative web interface.

xix

Chapter 3 describes all of the key switch features and shows you how to configure these features through both the web interface and the console interface. It also provides a list of comparable MIB variables used by SNMP management applications.

Chapter 4 provides a detailed listing of all the console interface commands and parameters.

Appendix A lists the Management Information Bases (MIB) and traps supported by this switch.

Appendix B provides basic troubleshooting information, including how to interpret the system and port LEDs, how to solve problems that might prevent you from accessing the management interface, and how to use the system logs.

Appendix C provides detailed specifications of the switch’s features.

The Glossary is a list of words and phrases and their definitions.

The Index provides page references to all of the key topics discussed in this manual.

xx Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

Typographic Conventions

Typeface Meaning Examples

AaBbCc123 The names of commands and

files; on-screen computer output

AaBbCc123 What you type, when contrasted

with on-screen computer output

AaBbCc123 Book titles, new words or terms,

words to be emphasized. Replace command-line variables with real names or values.

Display system files. Use dir to list all files.

enable

Password:

Read Chapter 6 in the Sun Fire B1600 Installation and Maintenance Guide.

These are called class options. Yo u must be an administrator to do this. To delete a file, type del filename.

Introduction

The Sun Fire B1600 blade system chassis includes two (Switch and System Controller (SSC) modules. The SSC includes a high-performance Gigabit Ethernet switch. The 16 internal full-duplex Gigabit ports on this switch provide high-capacity connectivity within the chassis, while the eight external full-duplex Gigabit ports connect to the wider network.

This chapter contains the following sections:

■ Section 1.1, “Overview” on page 1-2

■ Section 1.2, “Description of Hardware” on page 1-3

■ Section 1.3, “Features of the Switch” on page 1-6

■ Section 1.4, “Switch Default Settings” on page 1-9

1-1

1.1 Overview

The switches provide Gigabit Ethernet connectivity for the Sun Fire B1600 blade system chassis. interruption supply units (PSUs)—plug into a common midplane which provides all interconnection between the components.

Each of the 16 server blades is connected to a single port on each switch by a Gigabit Ethernet link that provides the blade’s principal means of I/O. The switch within each SSC provides the Gigabit Ethernet fabric that connects all the blades together, in addition to eight external links for connection to the network. Each blade is also connected to the System Controller (SC) within each SSC by a simple serial link. The SC enables you to manage and monitor the components of the chassis. It also gives you access to the switch's command-line interface, and to the console for each server blade installed in the chassis.

1.1.1 Switch Architecture

The switch employs a high-speed switching fabric that enables simultaneous transport of multiple packets at low latency on all ports. The switch also uses storeand-forward technology to ensure maximum data integrity. In this mode, the entire packet must be received into a port buffer and checked for validity before being forwarded, preventing errors from propagating throughout the network.

If a fault develops in one switch, operation continues without

on the second. All components in the chassis—blades, SSCs and power

1.1.2 Ways of Accessing the Switch Management Application

There is a serial console port implemented with an RJ-45 jack that provides on-site management access to the SC. When you apply power to the system chassis, the interface for the SC is displayed. To access the command-line interface for the switch, see “Configuration Options” on page 2-2 or refer to the Sun Fire B1600 Blade System Chassis Software Setup Guide.

This command-line interface can also be accessed directly using telnet through the 100BASE-TX RJ-45 management port (NETMGT) on the SSC.

The switch can also be managed by connecting to this port over the network with a Web browser or SNMP/RMON software.

1-2 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

When you connect through a web browser the switch provides HTTP management access with a graphical user interface.

The information provided by SNMP can be displayed by an appropriately configured management application that is able to use SNMP.

1.2 Description of Hardware

The SSC includes the switch board, the SC, cooling fans, as well as midplane and rear panel connectors. The SC provides management access to the server chassis and switch board. The SC also drives the system indicators, duplicate copies of which are located on the front and rear of the Sun Fire B1600 blade system chassis.

1.2.1 Ethernet Ports

1.2.1.1 Up-link Ports

Eight external RJ-45 ports support IEEE 802.3x auto-negotiation of speed, duplex mode, and flow control. Each port can operate at 10 Mbit/sec, 100 Mbit/sec, and 1000 Mbit/sec, from overflowing. 1000BASE-T compliant devices up to 100 m (328 ft.) away using Category 5 twistedpair cable. These ports also feature automatic MDI/MDI-X operation, so you can use straight-through cables for all connections. The up-link ports are named NETP0 to NETP7 in the configuration interface.

full- and half-duplex, and control the data stream to prevent buffers

The up-link ports can be connected to other IEEE 802.3ab

Note – When using auto-negotiation, the speed, transmission mode, and flow

control can be automatically set if this feature is also supported by the connected device. Otherwise, these settings can be manually configured for any connection.

Note – Autonegotiation must be enabled for automatic MDI/MDI-X pinout

configuration.

Chapter 1 Introduction 1-3

1.2.1.2 Internal Ports

The switch also includes 16 internal 1000BASE-X Gigabit Ethernet ports that connect to the blades in the chassis. These ports are fixed at 1000 Mbit/sec, full duplex. The internal ports are named SNP0 to SNP15 in the configuration interface.

The switch also includes an internal 10/100BASE-TX port called NETMGT, which is connected to the SC's network port and to the external management port on the SSC’s front panel through an internal hub.

1-4 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

1.2.2 Status LEDs

Switch level indicators are located on the SSC module. The 1000BASE-T up-link ports and the 10/100BASE-TX management port located on the rear panel of the SSC also include indicators for both Link and Speed.

Ready to Remove Service Required Active

Link Speed

SERIAL

Serial Mgt. Port

Network Mgt. Port

FIGURE 1-1 SSC Exterior Panel

TABLE 1-1 Port LEDs

LED Condition Status

MGT

NET MGT

Uplink Port Designations

NETP4 NETP5 NETP6 NETP7

NETP0 NETP1 NETP2 NETP3

SSC

Active On (Green) The SSC is functioning normally.

Service Required On (Amber) The SSC requires service.

Ready to Remove On (Blue) The SSC can now be removed.

RJ-45 Ports

Link On (Green) Port has established a valid network connection.

Speed On (Amber) Link is operating at 1 Gbps.

Off Link is operating at less than 1 Gbps.

Chapter 1 Introduction 1-5

1.3 Features of the Switch

The switch provides a wide range of advanced performance-enhancing features. Multicast filtering provides support for real-time network applications. Port-based and tagged virtual local area networks (VLANs), plus support for automatic GARP VLAN Registration Protocol (GVRP) provides traffic security and efficient use of network bandwidth. Quality of Service (QoS) priority queueing ensures the minimum delay for moving real-time multi-media data across the network. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. And broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Some of the management features are briefly described in this section.

■ IEEE 802.1D Bridge – The switch supports IEEE 802.1D transparent bridging. The

address table facilitates data switching by learning addresses and then filtering or forwarding traffic based on this information. The address table supports up to 8000 addresses.

■ Store-and-Forward Switching – The switch copies each frame into its memory

before forwarding it to another port to ensure that all frames are a standard Ethernet size and have been verified for accuracy with the cyclic redundancy check (CRC). This prevents bad frames from entering the network and wasting bandwidth.

To avoid dropping frames on congested ports, the switch provides 128 Kbytes of frame buffering per port. This buffer can queue packets awaiting transmission on congested networks.

■ Spanning Tree Protocol – The switch supports these spanning tree protocols:

■ Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol adds a level of fault

tolerance by allowing two or more redundant connections to be created between a pair of LAN segments. When there are multiple physical paths between segments, this protocol chooses a single path and disables all others to ensure that only one route exists between any two stations on the network. This prevents the creation of network loops. However, if the chosen path fails for any reason, an alternate path will be activated to maintain the connection.

■ Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This protocol reduces the

convergence time for network topology changes to about 10% of that required by the older IEEE 802.1D STP standard. It is intended as a complete replacement for STP, but can still interoperate with switches running the older standard by automatically reconfiguring ports to STP-compliant mode if they detect STP protocol messages from connected devices.

■ Virtual LANs – The switch supports up to 256 VLANs. A virtual LAN is a

collection of network nodes that share the same collision domain regardless of their physical locations or connection points in the network. The switch supports tagged VLANs based on the IEEE 802.1Q standard. Members of VLAN groups

1-6 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

can be dynamically learned through GVRP or ports can be manually assigned to a specific set of VLANs. This allows the switch to restrict traffic to the VLAN groups to which a user has been assigned. By segmenting your network into VLANs, you can:

■ Eliminate broadcast storms, which severely degrade performance in a flat

network.

■ Simplify network management for node changes and moves by remotely

configuring VLAN membership for any port, rather than having to manually change the network connection.

■ Provide data security by restricting all traffic to the originating VLAN, except

where a connection has been configured between separate VLANs using a router or Layer 3 switch.

■ Port Mirroring – The switch can unobtrusively mirror traffic from any port to a

monitor port. You can then connect a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity.

■ Link aggregation – Ports can be combined into an aggregate link. Aggregate links

can be manually set up or dynamically configured using IEEE 802.3ad Link Aggregation Control Protocol (LACP). The additional ports dramatically increase the throughput across any connection, and provide redundancy by taking over the load if a port in the trunk fails. The switch supports six aggregated links, with up to four up-link ports per aggregated link or up to two down-link ports per aggregated link.

■ Port Security – Port security prevents unauthorized users from accessing your

network. It enables each port to learn, or be assigned, a list of MAC addresses for devices authorized to access the network through that port. Any packet received on the port must have a source address that appears in the authorized list, otherwise it will be dropped. Port security is disabled on all ports by default, but can be enabled on a per-port basis.

■ Broadcast Suppression – Broadcast suppression prevents broadcast traffic from

overwhelming the network. When enabled on a port, the level of broadcast traffic passing through the port is restricted. If broadcast traffic rises above a pre-defined threshold, it is throttled until the level falls back beneath the threshold.

■ Flow Control – Flow control reduces traffic during periods of congestion and

prevent packets from being dropped when port buffers overflow. The switch supports flow control based on the IEEE 802.3x standard. By default, flow control is disabled on all ports.

■ Traffic Priority – This switch provides Quality of Service (QoS) by prioritizing

each packet based on the required level of service, using four priority queues with Weighted Round Robin queuing. The switch uses IEEE 802.1p and 802.1Q tags to prioritize incoming traffic based on input from the end-station application. These functions can be used to provide independent priorities for delay-sensitive data and best-effort data.

Chapter 1 Introduction 1-7

This switch also supports several common methods of prioritizing layer 3/4 traffic to meet application requirements. Traffic can be prioritized based on the priority bits in the IP frame’s Type of Service (ToS) octet. When these services are enabled, the priorities are mapped to a Class of Service value by the switch, and the traffic is then sent to the corresponding output queue.

■ Address Filtering – This switch provides a packet filter for all traffic entering the

CPU port and potentially forwarded or routed to the management network. The packet filter is rule/pattern-based and constitutes a set of patterns that when matched DROPS the packet, and a further set of patterns that when matched ACCEPTS the packet.

■ Multicast Switching – Specific multicast traffic can be assigned to its own VLAN

to ensure that it does not interfere with normal network traffic and to guarantee real-time delivery by setting the required priority level for the designated VLAN. The switch uses IGMP Snooping and IGMP to manage multicast group registration.

1-8 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003

+ 372 hidden pages