Blade ICE BMD00098 Secure Management Network, Secure Shell SSH, Trunk Group Configuration Tips

Page 21

BLADE OS 5.1 Release Notes

Secure Management Network

The following GbESM attributes are reserved to provide secure management access to and from the IBM management module:

Internal management—

￿MGT1 (port 15) and MGT2 (port 16)

￿VLAN 4095

￿IP interface 128

￿Gateway 4

￿STG 128

For more information about remotely managing the GbESM through the external ports, see “Accessing the Switch” in the BLADEOS 5.1 Application Guide.

Note – The external uplink ports (EXTx) cannot be members of management VLANs.

Secure Shell (SSH)

Because SSH key generation is CPU intensive, the GbESM attempts to avoid unnecessary key generation. The process generates three server keys:

1.One key is generated to replace the current server key, if used.

2.A second key is generated as a spare, in case the current server key is used and the specified interval expires.

3.A third key is generated for use at the next reboot.

Therefore, if you never login via SSH, you will only see two key generation events. You may see all three events directly following a reboot. If you want to witness the key generation after the specified interval has expired, then you must login via SSH at least once during each expiration interval.

Trunk Group Configuration Tips

Please be aware of the following information when you configure trunk groups:

￿Always configure trunk groups first on both ends, before you physically connect the links.

￿Configure all ports in a trunk group to the same speed (you cannot aggregate 1Gb ports with 10GBASE-SFP+ ports).

BMD00098, December 2009

21

Page 20 Page 22
Image 21
Page 20 Page 22
Contents Release Notes Blade OS 5.1 Release Notes Release Notes 10Gb Uplink ESM Faceplate Hardware SupportRecommended SFP+ transceiver Loading New Software to Your Switch Updating the Switch Software ImageUsing the Bladeos CLI Using the Iscli Using the BBI New and Updated Features Remote MonitoringLink Layer Detection Protocol Operation/Administration/Maintenance Protocol Uni-Directional Link Discovery ProtocolSFlow Monitoring Rate Limiting Internal Loopback InterfaceOspf Enhancements Hot LinksLayer 2 Failover Enhancements Lacp Trunk EnhancementsACL Precedence Enhancement Forwarding Database EnhancementsISL Layer 2 Protocol Enhancements STP Fast Uplink Bridge PriorityCLI List and Range Inputs BC-S Chassis Support Chassis Internal NetworkINT1 Other Features Management Module Supplemental InformationManagement Module/GbESM Connectivity Trunk Group Configuration Tips Secure Management NetworkSecure Shell SSH Syslog Configuration Tip Spanning Tree Configuration TipsInternal Port Autonegotiation FTP/TFTP Directory PathAccess Control Lists Known issuesIgmp Relay Interoperability with Older HubsLinking at 10/100Mb Link Aggregation Control ProtocolStatic Mrouter QoS MeteringRIP MIBs Radius with SSHv2Trunk and Link Loop Trunk TrafficStrong Password Expiration
Top Page Image Contents