Manuals
/
Brands
/
Computer Equipment
/
Switch
/
3Com
/
Computer Equipment
/
Switch
3Com
DUA1750-2BAA01 manual
1
1
773
773
Download
773 pages, 4.81 Mb
3Com Switch 8800
Configuration Guide
www.3com.com
Part No. DUA1750-2BAA01
Published: December 2005
Contents
Main
3Com Corporation 350 Campus Drive Marlborough, MA 01752-3064
About This Manual
Release Notes
Related Manuals
Organization
Intended Audience
Conventions
I. General conventions
II. Command conventions
III. GUI conventions
IV. Keyboard operation
V. Mouse operation
VI. Symbols
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Chapter 1 Product Overview
1.1 Product Overview
1.2 Function Features
Page
Chapter 2 Logging into Switch
2.1 Setting Up Configuration Environment Through the Console Port
Page
2.2 Setting Up Configuration Environment Through Telnet
2.2.1 Connecting a PC to the Switch Through Telnet
2.2.2 Telneting a Switch Through Another Switch
2.3 Setting Up Configuration Environment Through a Dial-up the Modem
Page
Page
Chapter 3 Command Line Interface
3.1 Command Line Interface
3.2 Command Line View
Page
Page
Page
Page
Page
3.3 Features and Functions of Command Line
3.3.1 Online Help of Command Line
Page
3.3.2 Displaying Characteristics of Command Line
3.3.3 History Command of Command Line
3.3.4 Common Command Line Error Messages
3.3.5 Editing Characteristics of Command Line
Page
Chapter 4 User Interface Configuration
4.1 User Interface Overview
I. Absolute number
II. Relative number
4.2 User Interface Configuration
4.2.1 Entering User Interface View
4.2.2 Define the Login Header
4.2.3 Configuring Asynchronous Port Attributes
I. Configuring the transmission speed
II. Configuring flow control
III. Configuring parity
IV. Configuring the stop bit
4.2.4 Configuring Terminal Attributes
II. Configuring idle-timeout
III. Locking user interface
IV. Setting the screen length
V. Setting the history command buffer size
4.2.5 Managing Users
I. Configuring the authentication method
Page
II. Setting the command level used after a user logging in
III. Setting the command level used after a user logs in from a user interface
IV. Setting the command priority
V. Setting input protocol for a user terminal
4.2.6 Configuring Modem Attributes
4.2.7 Configuring Redirection
I. Send command
II. Auto-execute command
4.3 Displaying and Debugging User Interface
Chapter 5 Management Interface Configuration
5.1 Management Interface Overview
5.2 Management Interface Configuration
Chapter 6 Ethernet Port Configuration
6.1 Ethernet Port Overview
6.2 Ethernet Port Configuration
6.2.1 Entering Ethernet Port View
6.2.2 Enabling/Disabling an Ethernet Port
6.2.3 Setting Ethernet Port Description
6.2.4 Setting the Duplex Attribute of the Ethernet Port
6.2.5 Setting Speed on the Ethernet Port
6.2.6 Setting the Cable Type for the Ethernet Port
6.2.7 Enabling/Disabling Flow Control for the Ethernet Port
6.2.8 Permitting/Forbidding Jumbo Frame to Pass the Ethernet Port
6.2.9 Setting the Ethernet Port Broadcast Suppression Ratio
6.2.10 Setting the Ethernet Port Mode
6.2.11 Setting the Link Type for the Ethernet Port
6.2.12 Adding the Ethernet Port to Specified VLANs
6.2.13 Setting the Default VLAN ID for the Ethernet Port
6.2.14 Setting the VLAN VPN Feature
6.2.15 Copying Port Configuration to Other Ports
Page
6.2.16 Setting Port Hold Time
6.2.17 Setting the Ethernet Port in Loopback Mode
6.3 Displaying and Debugging Ethernet Port
6.4 Ethernet Port Configuration Example
6.5 Ethernet Port Troubleshooting
Chapter 7 Link Aggregation Configuration
7.1 Overview
7.1.1 Introduction to Link Aggregation
7.1.2 Introduction to LACP
7.1.3 Aggregation Types
I. Manual aggregation and static LACP aggregation
II. Dynamic LACP aggregation
7.1.4 Load Sharing
I. Types of Load sharing
II. Port state
7.2 Link Aggregation Configuration
7.2.1 Enabling/Disabling LACP at Port
7.2.2 Creating/Deleting an Aggregation Group
7.2.3 Adding/Deleting an Ethernet Port into/from an Aggregation Group
7.2.4 Setting/Deleting Aggregation Group Description
7.2.5 Configuring System Priority
7.2.6 Configuring Port Priority
7.3 Displaying and Debugging Link Aggregation
7.4 Link Aggregation Configuration Example
Page
Chapter 8 VLAN Configuration
8.1 VLAN Overview
8.2 Configuring VLAN
8.2.1 Creating/Deleting a VLAN
8.2.2 Specifying a Description Character String for a VLAN or VLAN interface
8.2.3 Creating/Removing a VLAN Interface
8.2.4 Shutting down/Bringing up a VLAN Interface
8.3 Configuring Port-Based VLAN
8.3.1 Adding Ethernet Ports to a VLAN
8.4 Configuring Protocol-Based VLAN
8.4.1 Creating/Deleting a VLAN Protocol Type
8.4.2 Associating/Dissociating a Port with/from a Protocol-Based VLAN
8.5 Displaying VLAN
8.6 VLAN Configuration Example
Chapter 9 GARP/GVRP Configuration
9.1 Configuring GARP
9.1.1 GARP Overview
9.1.2 Setting the GARP Timer
9.1.3 Displaying and Debugging GARP
9.2 Configuring GVRP
9.2.1 GVRP Overview
9.2.2 Enabling/Disabling Global GVRP
9.2.3 Enabling/Disabling Port GVRP
9.2.4 Setting the GVRP Registration Type
9.2.5 Displaying and Debugging GVRP
9.2.6 GVRP Configuration Example
Page
Chapter 10 Super VLAN Configuration
10.1 Super VLAN Overview
10.2 Configuring a Super VLAN
10.2.1 Configuring a Super VLAN
Page
10.2.2 Super VLAN Configuration Example
Chapter 11 IP Address Configuration
11.1 Introduction to IP Address
11.1.1 IP Address Classification and Representation
Page
11.1.2 Subnet and Mask
11.2 Configuring IP Address
11.2.1 Configuring the Hostname and Host IP Address
11.2.2 Configuring the IP Address of the VLAN Interface
11.3 Displaying and debugging IP Address
11.4 IP Address Configuration Example
11.5 Troubleshooting IP Address Configuration
Chapter 12 ARP Configuration
12.1 Introduction to ARP
I. Necessity of ARP
II. ARP implementation procedure
12.2 Configuring ARP
12.2.1 Manually Adding/Deleting Static ARP Mapping Entries
12.2.2 Configuring the Dynamic ARP Aging Timer
12.2.3 Enabling/Disabling the Checking Function of ARP Entry
12.3 Displaying and Debugging ARP
12.4 Enabling/Disabling the Scheme of Preventing Attack from Packets
12.4.1 Introduction to the Scheme of Preventing Attack from Packets
Page
Chapter 13 DHCP Configuration
13.1 Introduction to DHCP
13.1.1 How DHCP Works
I. IP address assignment
II. Communications between DHCP clients and DHCP server
13.2 Configuring General DHCP
13.2.1 Enabling/Disabling DHCP Service
13.2.2 Configuring Processing Method of DHCP Packets
13.2.3 Enabling/Disabling Fake DHCP Server Detection
13.3 Configuring DHCP Server
13.3.1 Creating a Global DHCP IP Address Pool
13.3.2 Configuring IP Address Assignment Mode
I. Configuring static address binding for a global DHCP address pool
II. Configuring static address binding for a VLAN interface address pool
III. Configuring dynamic IP address assignment
13.3.3 Forbidding Specified IP Addresses to Be Automatically Assigned
13.3.4 Configuring Lease Time For DHCP Address Pool
I. Configuring a lease time for a global DHCP address pool
II. Configuring a lease time for current VLAN interface
III. Configuring a lease time for multiple VLAN interfaces
13.3.5 Configuring DHCP Client Domain Names
I. Configuring a DHCP client domain name for a global DHCP address pool
II. Configuring a DHCP client domain name for current VLAN interface
III. Configuring a DHCP client domain name for multiple VLAN interfaces
13.3.6 Configuring DNS Server Address for DHCP Clients
I. Configuring DNS server address for a global DHCP address pool
II. Configuring DNS server address for current VLAN interface
III. Configuring DNS server address for multiple VLAN interfaces
13.3.7 Configuring NetBIOS Server Address for DHCP Clients
I. Configuring NetBIOS server address for a global DHCP address pool
II. Configuring NetBIOS server address for current VLAN interface
III. Configuring NetBIOS server address for multiple VLAN interfaces
13.3.8 Configuring NetBIOS Node Type for DHCP Clients
I. Configuring NetBIOS node type for a global DHCP address pool
II. Configuring NetBIOS node type for current VLAN interface
III. Configuring NetBIOS node type for multiple VLAN interfaces
13.3.9 Configuring Custom DHCP Options
I. Configuring custom DHCP options for a global DHCP address pool
II. Configuring custom DHCP options for current VLAN interface
III. Configuring custom DHCP options for multiple VLAN interfaces
13.3.10 Configuring Outbound Gateway Address for DHCP Clients
13.3.11 Configuring Parameters for DHCP Server to Send Ping Packets
13.3.12 Displaying and Debugging the DHCP Server
13.3.13 Clearing the Configuration Information of the DHCP Server
13.3.14 DHCP Server Configuration Example
Page
13.4 Configuring DHCP Relay
13.4.1 Introduction to DHCP Relay
13.4.2 Configuring DHCP Relay
I. Configuring a DHCP server for a VLAN interface
II. Configure user address entries for a DHCP Server
III. Enable/Disable DHCP security on a VLAN interface
13.4.3 Displaying and Debugging DHCP Relay
13.4.4 DHCP Relay Configuration Example
Page
Chapter 14 DNS Configuration
14.1 Introduction to DNS
14.1.1 Static Domain Name Resolution
14.1.2 Dynamic Domain Name Resolution
14.2 Configuring Static Domain Name Resolution
14.3 Configuring Dynamic Domain Name Resolution
14.3.1 Enable/Disable Static Domain Name Resolution
14.3.2 Configure the IP Address of Domain Name Server
14.3.3 Configure Domain Name Suffix
14.4 Displaying and Debugging Domain Name Resolution
14.5 DNS Configuration Example
III. Configuraiton procedure
14.6 Troubleshooting Domain Name Resolution Configuration
Chapter 15 IP Performance Configuration
15.1 Configuring IP Performance
15.1.1 Configuring TCP Attributes
15.2 Displaying and Debugging IP Performance
15.3 Troubleshooting IP Performance
Page
Chapter 16 IP Routing Protocol Overview
16.1 Introduction to IP Route and Routing Table
16.1.1 IP Route and Route Segment
16.1.2 Route Selection through the Routing Table
Page
16.2 Routing Management Policy
16.2.1 Routing Protocols and the Preferences of the Corresponding Routes
16.2.2 Supporting Load Sharing and Route Backup
I. Load sharing
II. Route backup
16.2.3 Routes Shared Between Routing Protocols
Chapter 17 Static Route Configuration
17.1 Introduction to Static Route
17.1.1 Static Route
17.1.2 Default Route
17.2 Configuring Static Route
17.2.1 Configuring a Static Route
17.2.2 Configuring a Default Route
17.2.3 Deleting All the Static Routes
17.3 Displaying and Debugging Static Route
17.4 Typical Static Route Configuration Example
3Com Switch 8800 Configuration Guide Chapter 17 Static Route Configuration
17-5
Figure 17-1 Network diagram for the static route configuration example
Configure the static route for Switch A
Configure the static route for Switch B
Configure the static route for Switch C
17.5 Troubleshooting Static Route Faults
Chapter 18 RIP Configuration
18.1 Introduction to RIP
18.1.1 RIP Operation Mechanism
I. RIP basic concepts
II. RIP route database
18.2 Configuring RIP
18.2.1 Enabling RIP and Entering RIP View
18.2.2 Enabling RIP on the Specified Network Segment
18.2.3 Configuring Unicast of the Packets
18.2.4 Configuring Split Horizon
18.2.5 Setting Additional Routing Metric
18.2.6 Configuring RIP to Import Routes of Other Protocols
18.2.7 Configuring Route Filtering
I. Configuring RIP to filter the received routes
II. Configuring RIP to filter the routes advertised by RIP
18.2.8 Disabling RIP to Receive Host Route
18.2.9 Enabling RIP-2 Route Aggregation Function
18.2.10 Setting the RIP Preference
18.2.11 Specifying RIP Version of the Interface
18.2.12 Configuring RIP Timers
18.2.13 Configuring RIP-1 Zero Field Check of the Interface Packet
18.2.14 Specifying the Operating State of the Interface
18.2.15 Setting RIP-2 Packet Authentication
18.3 Displaying and Debugging RIP
18.4 Typical RIP Configuration Example
Page
18.5 Troubleshooting RIP Faults
Chapter 19 OSPF Configuration
19.1 OSPF Overview
19.1.1 Introduction to OSPF
19.1.2 Process of OSPF Route Calculation
19.1.3 OSPF Packets
19.1.4 LSA Type
I. Five basic LSA types
II. Type-7 LSA
19.1.5 Basic Concepts Related to OSPF
I. Router ID
II. DR and BDR
III. Area
IV. Backbone area and virtual link
V. Route summary
19.1.6 OSPF Features Supported by the Switch 8800
19.2 Configuring OSPF
19.2.1 Configuring Router ID
19.2.2 Enabling OSPF
19.2.3 Entering OSPF Area View
19.2.4 Specifying an Interface to Run OSPF
19.2.5 Configuring OSPF to Import Routes of Other Protocols
I. Configuring OSPF to import external routes
II. Configuring parameters for OSPF to import external routes
III. Configuring the default interval and number for OSPF to import external routes
19.2.6 Configuring OSPF to Import Default Routes
19.2.7 Configuring OSPF Route Filtering
I. Configuring OSPF to filter the received routes
II. Configuring filtering the routes imported to OSPF
19.2.8 Configuring the Route Summary of OSPF
I. Configuring the route summary of OSPF area
II. Configuring summarization of imported routes by OSPF
19.2.9 Setting OSPF Route Preference
19.2.10 Configuring OSPF Timers
I. Setting the interval for Hello packet transmission
II. Setting a dead timer for the neighboring routers
III. Setting an interval for LSA retransmission between neighboring routers
19.2.11 Configuring the Network Type on the OSPF Interface
19.2.12 Configuring NBMA Neighbors for OSPF
19.2.13 Setting the Interface Priority for DR Election
Page
19.2.14 Configuring an Interval Required for Sending LSU Packets
19.2.15 Configuring the Cost for Sending Packets on an Interface
19.2.16 Configuring to Fill the MTU Field When an Interface Transmits DD Packets
19.2.17 Setting a Shortest Path First (SPF) Calculation Interval for OSPF
19.2.18 Disabling the Interface to Send OSPF Packets
19.2.19 Configuring OSPF Authentication
I. Configuring the OSPF Area to Support Packet Authentication
II. Configuring OSPF packet authentication
19.2.20 Configuring OSPF Virtual Link
19.2.21 Configuring Stub Area of OSPF
19.2.22 Configuring NSSA Area of OSPF
19.2.23 Configuring OSPF and Network Management System (NMS)
I. Configuring OSPF MIB binding
II. Configuring OSPF TRAP
19.2.24 Resetting the OSPF Process
19.3 Displaying and Debugging OSPF
19.4 Typical OSPF Configuration Example
19.4.1 Configuring DR Election Based on OSPF Priority
Page
19.4.2 Configuring OSPF Virtual Link
3Com Switch 8800 Configuration Guide Chapter 19 OSPF Configuration
19-32
Configure Switch A
Configure Switch B
Configure Switch C
19.5 Troubleshooting OSPF Faults
RTA RTB RTC RTD
area0 area1 area2 RTA RTB RTC RTD
area0 area1 area2
Chapter 20 Integrated IS-IS Configuration
20.1 Introduction to Integrated IS-IS
20.1.1 Terms of IS-IS Routing Protocol
I. Terms of IS-IS routing protocol
II. Link types IS-IS routing protocol is applied to
20.1.2 Two-level Structure of IS-IS Routing Protocol
I. Two-level structure of IS-IS routing protocol
II. Level-1 and Level-2
20-3
Figure 20-1 IS-IS topology
20.1.3 NSAP Structure of IS-IS Routing Protocol
I. Address structure
II. NET
20.1.4 IS-IS Routing Protocol Packets
I. Hello packets
II. LSP
III. SNP
20.2 Configuring Integrated IS-IS
Page
20.2.1 Enabling IS-IS and Entering the IS-IS View
20.2.2 Setting Network Entity Title
Page
20.2.3 Enabling IS-IS on the Specified Interface
20.2.4 Setting Priority for DIS Election
20.2.5 Setting Router Type
20.2.6 Setting Interface Circuit Level
20.2.7 Configuring IS-IS to Import Routes of Other Protocols
20.2.8 Configuring IS-IS Route Filtering
I. Configuring to filter the routes received by IS-IS
II. Configuring to filter the advertised routes
20.2.9 Configuring IS-IS Routing Leak
20.2.10 Setting IS-IS Route Summary
20.2.11 Setting to Generate Default Route
20.2.12 Setting the Preference of IS-IS Protocol
20.2.13 Configuring IS-IS Route Metric Type
20.2.14 Setting IS-IS Link State Routing Cost
20.2.15 Configuring IS-IS Timers
I. Setting the Hello packet broadcast interval
II. Setting the CSNP packet broadcast interval
III. Setting the LSP packet transmission interval
IV. Setting LSP packet retransmission interval
V. Configuringnumber of invalid Hello packets for the interface
20.2.16 Setting IS-IS Authentication
I. Setting interface authentication
II. Setting IS-IS area or IS-IS routing domain authentication password
III. Setting the IS-IS to use the MD5 algorithm compatible with that of the other vendors
20.2.17 Setting the Mesh Group of the Interface
20.2.18 Setting Overload Flag Bit
20.2.19 Setting to Discard the LSPs with Checksum Errors
20.2.20 Setting to Log the Peer Changes
20.2.21 Setting LSP Refreshment Interval
20.2.22 Setting Lifetime of LSP
20.2.23 Setting Parameters Related to SPF
I. Setting SPF calculation interval
II. Setting SPF calculation in slice
III. Setting SPF to release CPU actively
20.2.24 Enabling/Disabling the Interface to Send Packets
20.2.25 Resetting All the IS-IS Data Structure
20.2.26 Resetting the Specified IS-IS Peer
20.3 Displaying and Debugging Integrated IS-IS
20.4 Typical Integrated IS-IS Configuration Example
20-26
Figure 20-3 IS-IS configuration example
Configure Switch A
Configure Switch B
20-27
Configure Switch C
Configure Switch D
Chapter 21 BGP Configuration
21.1 BGP/MBGP Overview
21.1.1 Introduction to BGP
21.1.2 BGP Message Types
21.1.3 BGP Routing Mechanism
I. Route advertisement policy
II. Route selection policy
21.1.4 MBGP
I. MBGP overview
II. MBGP extension attributes
III. Address family
21.1.5 BGP Peer and Peer Group
21.2 Configuring BGP
21.2.1 Enabling BGP
21.2.2 Configuring Basic Features for BGP Peer
I. Creating a peer group
II. Configuring AS number of an EBGP peer group
III. Adding a member to a peer group
IV. Configuring the state of a peer/peer group
V. Configuring description of a peer (group)
VI. Configuring timer of a peer (group)
VII. Configuring the interval at which route update messages are sent by a peer group
21.2.3 Configuring application features of a BGP peer (group)
I. Configuring to permit connections with EBGP peer groups on indirectly connected networks
II. Configuring an IBGP peer group to be a client of a route reflector
III. Configuring to send default route to a peer group
IV. Configuring itself as the next hop when advertising routes
V. Removing private AS numbers while transmitting BGP update messages
VI. Configuring to send the community attributes to a peer group
VII. Configuring the repeating time of local AS
VIII. Specifying the source interface of a route update packet
IX. Configuring BGP MD5 authentification password
21.2.4 Configuring Route Filtering of a Peer (group)
I. Configuring route policy for a peer (group)
II. Configuring route filtering policy based on IP ACL for a peer (group)
III. Configuring route filtering policy based on AS path list for a peer (group)
IV. Configuring route filtering policy based on address prefix list for a peer (group)
21.2.5 Configuring Network Routes for BGP Distribution
21.2.6 Configuring the Interaction Between BGP and IGP
I. Importing IGP routes
II. Configuring not to syncronize with IGP
21.2.7 Configuring BGP Route Summarization
21.2.8 Configuring BGP Route Filtering
I. Configuring BGP to filter the received route information
II. Configuring to filter the routes advertised by the BGP
21.2.9 Configuring BGP Route Dampening
I. Configure BGP route dampening
II. Clear route attenuation information
21.2.10 Configuring BGP Preference
21.2.11 Configuring BGP Timer
21.2.12 Configuring the Local Preference
21.2.13 Configuring MED for AS
21.2.14 Comparing the MED Routing Metrics from the Peers in Different ASs
21.2.15 Configuring BGP Route Reflector
I. Configuring the route reflection between clients
II. Configuring the cluster ID
21.2.16 Configuring BGP AS Confederation Attribute
I. Configuring confederation_ID
II. Configuring sub-AS belonging to the confederation
III. Configuring AS confederation attribute compatible with nonstandard
21.2.17 Clearing BGP Connection
21.2.18 Refreshing BGP Routes
21.3 Displaying and Debugging BGP
Page
21.4 Typical BGP Configuration Example
21.4.1 Configuring BGP AS Confederation Attribute
3Com Switch 8800 Configuration Guide Chapter 21 BGP Configuration
21-27
Figure 21-2 Network diagram for AS confederation configuration
Configure Switch A:
Configure Switch B:
3Com Switch 8800 Configuration Guide Chapter 21 BGP Configuration
21-28
21.4.2 Configuring BGP Route Reflector
Figure 21-3 Network diagram for BGP route reflector configuration
1) Configure Switch A:
Page
21.4.3 Configuring BGP Routing
Page
Page
21.5 Troubleshooting BGP
Page
Chapter 22 IP Routing Policy Configuration
22.1 Introduction to IP Routing Policy
22.1.1 Filter
I. acl
II. ip-prefix
22.2 Configuring IP Routing Policy
22.2.1 Configuring a Route-policy
I. Defining a route-policy
II. Defining if-match clauses for a route-policy
III. Defining apply clauses for a route-policy
Page
22.2.2 Configuring ip-prefix
22.2.3 Configuring the AS Path List
22.2.4 Configuring a Community Attribute List
22.2.5 Importing Routing Information Discovered by Other Routing Protocols
22.2.6 Configuring Route Filtering
I. Configuring to filter the received routes
II. Configuring to filter the advertised routes
22.3 Displaying and Debugging the Routing Policy
22.4 Typical IP Routing Policy Configuration Example
22.4.1 Configuring to Filter the Received Routing Information
22.5 Troubleshooting Routing Policy
Chapter 23 IP Multicast Overview
23.1 IP Multicast Overview
23.1.1 Problems with Unicast/Broadcast
I. Data transmission in unicast mode
II. Data transmission in broadcast mode
23.1.2 Advantages of Multicast
I. Multicast
Multicast
II. Advantages
23.1.3 Application of Multicast
23.2 Implementation of IP Multicast
23.2.1 IP Multicast Addresses
I. IP Multicast Addresses
Page
II. Ethernet Multicast MAC Addresses
23.2.2 IP Multicast Protocols
I. Multicast group management protocol
II. Multicast routing protocols
23.3 RPF Mechanism for IP Multicast Packets
Page
Chapter 24 IGMP Snooping Configuration
24.1 IGMP Snooping Overview
24.1.1 IGMP Snooping Principle
24.1.2 Implement IGMP Snooping
I. Related concepts of IGMP Snooping
II. Implement Layer 2 multicast with IGMP Snooping
24.2 IGMP Snooping Configuration
24.2.1 Enabling/Disabling IGMP Snooping
24.2.2 Configuring Router Port Aging Time
24.2.3 Configuring Maximum Response Time
24.2.4 Configuring Aging Time of Multicast Group Member Ports
24.2.5 Configuring Unknown Multicast Packets not Broadcasted within a VLAN
24.3 Displaying and debugging IGMP Snooping
24.4 IGMP Snooping Configuration Example
24.4.1 Enable IGMP Snooping
24.5 Troubleshoot IGMP Snooping
Page
Chapter 25 Multicast VLAN Configuration
25.1 Multicast VLAN Overview
25.2 Multicast VLAN Configuration
25.3 Multicast VLAN Configuration Example
3Com Switch 8800 Configuration Guide Chapter 25 Multicast VLAN Configuration
25-3
Figure 25-1 Network diagram for multicast VLAN configuration
Page
Chapter 26 Common Multicast Configuration
26.1 Introduction to Common Multicast Configuration
26.2 Common Multicast Configuration
26.2.1 Enabling Multicast
26.2.2 Configuring multicast route number limit
26.2.3 Clearing MFC Forwarding Entries or Its Statistic Information
26.2.4 Clearing Route Entries from the Kernel Multicast Routing Table
26.3 Controlled Multicast Configuration
26.3.1 Controlled Multicast Overview
26.3.2 Configuring Controlled Multicast
26.3.3 Controlled Multicast Configuration Example
I. Network reuirements
II. Network diagram
III. Configuration procedure
26.4 Displaying and Debugging Common Multicast Configuration
Page
Chapter 27 IGMP Configuration
27.1 IGMP Overview
27.1.1 Introduction to IGMP
I. Election mechanism of multicast routers on the shared network segment
II. Leaving group mechanism
27.2 IGMP Configuration
27.2.1 Enabling Multicast
27.2.2 Enabling IGMP on an Interface
27.2.3 Configuring the IGMP Version
27.2.4 Configuring the Interval to Send IGMP Query Message
27.2.5 Configuring the Interval and the Number of Querying IGMP Packets
I. Configuring interval for querying IGMP packets
II. Configuring the number of last member querying
27.2.6 Configuring the Present Time of IGMP Querier
27.2.7 Configuring Maximum Response Time for IGMP Query Message
27.2.8 Configuring the limit of IGMP groups on an interface
27.2.9 Configuring a Router to Join Specified Multicast Group
27.2.10 Limiting Multicast Groups that an Interface Can Access
27.2.11 Deleting IGMP Groups Joined on an Interface
27.3 Displaying and Debugging IGMP
Chapter 28 PIM-DM Configuration
28.1 PIM-DM Overview
28.1.1 Introduction to PIM-DM
28.1.2 PIM-DM Working Principle
I. Neighbor discovery
III. Assert mechanism
IV. Graft
28.2 PIM-DM Configuration
28.2.1 Enabling Multicast
28.2.2 Enabling PIM-DM
28.2.3 Configuring the Time Intervals for Ports to Send Hello Packets
28.2.4 Entering the PIM View
28.2.5 Configuring the Filtering of Multicast Source/Group
28.2.6 Configuring the Filtering of PIM Neighbor
28.2.7 Configuring the Maximum Number of PIM Neighbor on an Interface
28.2.8 Clearing multicast route entries from PIM routing table
28.2.9 Clearing PIM Neighbors
28.3 Displaying and Debugging PIM-DM
28.4 PIM-DM Configuration Example
3Com Switch 8800 Configuration Guide Chapter 28 PIM-DM Configuration
28-8
Figure 28-2 PIM-DM configuration networking
Enable IGMP and PIM-DM on the interface.
Chapter 29 PIM-SM Configuration
29.1 PIM-SM Overview
29.1.1 Introduction to PIM-SM
29.1.2 PIM-SM Working Principle
I. Build the RP shared tree (RPT)
29.1.3 Preparations before Configuring PIM-SM
I. Configuring candidate RPs
II. Configuring BSRs
III. Configuring static RP
29.2 PIM-SM Configuration
29.2.1 Enabling Multicast
29.2.2 Enabling PIM-SM
29.2.3 Entering the PIM View
29.2.4 Configuring the Time Intervals for Ports to Send Hello Packets
29.2.5 Configuring Candidate-BSRs
29.2.6 Configuring Candidate-RPs
29.2.7 Configuring Static RP
29.2.8 Configuring the PIM-SM Domain Border
29.2.9 Configuring the filtering of multicast source/group
29.2.10 Configuring the filtering of PIM neighbor
29.2.11 Configuring RP to Filter the Register Messages Sent by DR
29.2.12 Limiting the range of legal BSR
29.2.13 Limiting the range of legal C-RP
29.3 Displaying and Debugging PIM-SM
29.4 PIM-SM Configuration Example
3Com Switch 8800 Configuration Guide Chapter 29 PIM-SM Configuration
29-10
Figure 29-2 PIM-SM configuration networking
1) Configure LS_A Enable PIM-SM.
Page
3Com Switch 8800 Configuration Guide Chapter 29 PIM-SM Configuration
29-12
Enable PIM-SM.
Chapter 30 MSDP Configuration
30.1 MSDP Overview
30.1.1 Introduction
30.1.2 Working Principle
I. Indentifying multicast source and receiving multicast data
II. Message forwarding and RPF check between MSDP peers
III. Precautions for configuration
30.2 MSDP Configuration
30.2.1 Enabling MSDP
30.2.2 Configuring MSDP Peers
30.2.3 Configuring Static RPF Peers
30.2.4 Configuring Originating RP
30.2.5 Configuring SA Caching State
30.2.6 Configuring the Maximum Number of SA caching
30.2.7 Requesting Source Information of MSDP Peers
30.2.8 Controlling the Source Information Created
I. Filtering the multicast routing entries imported
II. Filtering SA request messages
30.2.9 Controlling the Source Information Forwarded
I. Using MSDP outbound filter
II. Using TTL to filter SA messages with encapsulated data
30.2.10 Controlling the Received Source Information
30.2.11 Configuring MSDP Mesh Group
30.2.12 Configuring the MSDP Connection Retry Period
30.2.13 Shutting MSDP Peers Down
30.2.14 Clearing MSDP Connections, Statistics and SA Caching Configuration
30.3 Displaying and Debugging MSDP
I. Displaying and Debugging MSDP
II. Tracing the Transmission Path of SA Messages on the Network
30-13
30.4 MSDP Configuration Examples
30.4.1 Configuring Static RPF Peers
Figure 30-3 Configuring static RPF peers
Configure Switch A to be a static RPF peer of Switch D.
30.4.2 Configuring Anycast RP
30-15
Figure 30-4 Networking diagram for Anycast RP configuration
1) Configure SwitchB: Configure VLAN
Enable multicast.
[SwitchB] multicast routing-enable
Configure the IP address of interface loopback0.
Page
30-17
Enable multicast.
Configure the IP address of interface loopback0.
Configure the IP address of interface loopback10 and enable IGMP and PIM-SM.
Configure the IP address of interface Vlan-interface20 and enable IGMP and PIM-SM.
Configure the IP address of Vlan-interface10 and enable IGMP and PIM-SM.
30.4.3 MSDP Integrated Networking
I. Networking requirement
PIM-SM domain 4
PIM-SM domain 3
Figure 30-5 MSDP integrated networking
30-20
Enable multicast.
Configure the IP address of interface loopback0 and enable PIM-SM.
Configure the IP address of interface loopback10 and enable PIM-SM.
Configure the IP address of Vlan-interface30 and enable IGMP and PIM-SM.
Configure the IP address of Vlan-interface10 and enable IGMP and PIM-SM.
Configure MSDP peer, Mess Group and Originating RP.
Configuring C-RP and BSR.
Enable multicast.
2) Configure Switch E: Configuring VLAN
Configure the IP address of interface loopback0 and enable PIM-SM.
Configure the IP address of interface lookback10 and enable PIM-SM.
Configure the IP address of Vlan-interface10 and enable IGMP and PIM-SM.
Configure the IP address of Vlan-interface20 and enable IGMP and PIM-SM.
Configuring OSPF
Page
Chapter 31 MBGP Multicast Extension Configuration
31.1 MBGP Multicast Extension Overview
31.1.1 Introduction
31.1.2 MBGP Extension Attributes for Multicast
I. MP_REACH_NLRI attribute
31.1.3 MBGP Operating Mode and Message Type
31.2 MBGP Multicast Extension Configuration
31.2.1 Enabling MBGP Multicast Extension Protocol
31.2.2 Specifying Network Routes Notified by MBGP Multicast Extension
31.2.3 Configuring the MED Value for an AS
31.2.4 Comparing MED Values from Different AS Neighbor Paths
31.2.5 Configuring Local Preference
31.2.6 Configuring MBGP Timer
31.2.7 Configuring MBGP Peer (Group)
I. Creating a peer group with members
II. Enabling a peer (group)
III. Adding an MBGP peer to the group
IV. Advertising MBGP community attributes to a peer (group)
V. Configuring a peer (group) as an MBGP route reflector client
VI. Configuring the local address as the next hop when advertising routes
VII. Specifying the routing policy for a peer (group)
VIII. Configuring IP-ACL-based route filtering policy for a peer (group)
IX. Configuring AS-path-list-based route filtering policy for a peer (group)
X. Configuring prefix-list-based route filtering policy for a peer (group)
31.2.8 Configuring MBGP Route Aggregation
31.2.9 Configuring an MBGP Route Reflector
31.2.10 Configure MBGP Community Attributes
31.2.11 Importing IGP Routing Information into MBGP
31.2.12 Defining AS Path List and Routing Policy
31.2.13 Configuring MBGP Route Filtering
31.2.14 Resetting BGP Connections
31.3 Displaying and Debugging MBGP Configuration
31.4 MBGP Multicast Extension Configuration Example
I. Networking requirement
II. Networking diagram
III. Configuration procedure
Page
3Com Switch 8800 Configuration Guide Chapter 31 MBGP Multicast Extension Configuration
31-14
3) Configure Switch C:
3Com Switch 8800 Configuration Guide Chapter 31 MBGP Multicast Extension Configuration
31-15
Configure the local preference attribute of Switch C.
matching ACL 2000 to 200, and otherwise, to 100.
(Switch A).
4) Configure Switch D:
Page
Chapter 32 ACL Configuration
32.1 ACL Overview
32.1.1 Introduction to ACL
I. ACLs being activated directly on hardware
II. ACLs being referenced by upper-level modules
32.1.2 ACLs Supported
32.2 ACL Configuration
32.2.1 Configuring Time Range
32.2.2 Defining and Applying Flow Template
I. Defining Flow Template
Page
II. Applying Flow Template
32.2.3 Defining ACL
I. Defining basic ACL
II. Defining advanced ACL
III. Defining L2 ACLs
32.2.4 Activating ACL
32.3 Displaying and Debugging ACL Configurations
32.4 ACL Configuration Example
32.4.1 Advanced ACL Configuration Example
32.4.2 Basic ACL Configuration Example
32.4.3 L2 ACL Configuration Example
Page
Chapter 33 QoS Configuration
33.1 QoS Overview
I. Flow
II. Traffic classification
III. Packet filtering
IV. Traffic policing
V. Redirection
VI. Traffic priority
VII. Queue scheduling
Page
VIII. Traffic mirroring
IX. Port mirroring
X. Flow-based traffic statistics
33.2 Introduction to Port Group-Based QoS Configuration
33.2.1 Group-Based QoS Configuration Task
Page
33.2.2 Configuration Example for port group
33.3 QoS Configuration
33.3.1 Configuring Service Parameter Allocation Rule
I. Configuring mapping table
II. Configuring default local precedence for port
33.3.2 Configuring Traffic Policing
I. Configuring mapping tables
II. Configuring traffic policing
33.3.3 Configuring Traffic Shaping
33.3.4 Configuring Traffic Priority
33.3.5 Configuring Traffic Redirection
Page
33.3.6 Configuring Queue Scheduling
33.3.7 Configuring WRED Parameters
I. Configuring WRED parameters
II. Configuring drop algorithm
33.3.8 Configuring Traffic Mirroring
33.3.9 Configuring Port Mirroring
33.3.10 Configuring Traffic Statistics
33.3.11 Displaying and Debugging QoS Configuration
Page
33.4 Configuration Example
33.4.1 Traffic Shaping Configuration Example
33.4.2 Port Mirroring Configuration Example
Figure 33-7 Networking for port mirroring configuration
Define a mirroring group, with monitoring port as GigabitEthernet3/1/8.
33.4.3 Traffic Priority Configuration Example
Figure 33-8 Network diagram for priority configuration
1) Define the time range. Define the time range from 8:00 to 18:00.
Page
33.4.4 Traffic Redirection Configuration Example
33.4.5 Queue Scheduling Configuration Example
33.4.6 WRED Parameters Configuration Example
33.4.7 Traffic Statistics Configuration Example
Page
Chapter 34 Logon User ACL Control Configuration
34.1 Overview
34.2 Configuring ACL for Telnet Users
34.2.1 Defining ACL
34.2.2 Importing ACL
34.2.3 Configuration Example
34.3 Configuring ACL for SNMP Users
34.3.1 Defining ACL
34.3.2 Importing ACL
34.3.3 Configuration Example
Chapter 35 MPLS Architecture
35.1 MPLS Overview
35.2 MPLS Basic Concepts
35.2.1 FEC
35.2.2 Label
I. Label definition
II. Label structure
III. Label operations
Page
35.2.3 LDP
35.3 MPLS Architecture
35.3.1 MPLS Network Structure
35.3.2 Forwarding Labeled Packets
35.3.3 Establishing LSP
I. LDP working process
ABC D E FG H
II. LSP loop control
35.3.4 LSP Tunnel and Hierarchy
I. LSP tunnel
II. Multi-layer label stack
35.4 MPLS and other Protocols
35.4.1 MPLS and Routing Protocols
35.5 MPLS Application
35.5.1 MPLS VPN
Page
Chapter 36 MPLS Basic Capability Configuration
36.1 MPLS Basic Capability Overview
36.2 MPLS Configuration
36.2.1 Defining MPLS LSR ID
36.2.2 Enabling MPLS and Entering MPLS View
36.2.3 Configuring the Topology-Driven LSP Setup Policy
36.2.4 Configuring Static LSP
36.3 LDP Configuration
36.3.1 Enabling LDP protocol
36.3.2 Enabling LDP on VLAN interface
36.3.3 Configuring Remote-Peer for Extended Discovery Mode
I. Create a remote-peer
II. Configuring an address for the remote-peer
36.3.4 Configuring session parameters
I. Configuring session hold-time
II. Configuring hello transport-address
36.3.5 Configuring LDP Loop Detection Control
I. Enabling loop detection
II. Setting the maximum hop count for loop detection
III. Setting the maximum hop count in path vector mode
36.3.6 Configuring LDP Authentication Mode Between Every Two Routers
36.4 Displaying and Debugging MPLS
36.4.1 Displaying and Debugging MPLS
I. Displaying static LSPs
II. Displaying MPLS-enabled interfaces
III. Displaying LSP
IV. Debugging MPLS
V. Trapping MPLS
36.4.2 Displaying and Debugging LDP
I. LDP display commands
II. LDP debugging commands
36.5 Typical MPLS Configuration Example
I. Network requirements
Switch A
36-12
Figure 36-1 Network diagram
1) Configure Switch A Configure LSR ID and enable MPLS and LDP.
Configure IP address and enable MPLS and LDP for VLAN interface 201.
Enable OSPF on the interface connecting Switch A with Switch B.
2) Configure Switch B Configure LSR ID and enable MPLS and LDP.
Configure IP address and enable MPLS and LDP for VLAN interface 201.
Configure IP address and enable MPLS and LDP for VLAN interface 203.
3) Configure Switch C
Configure IP address and enable MPLS and LDP for VLAN interface 202.
Configure LSR ID and enable MPLS and LDP.
Configure IP address and enable LDP and MPLS for VLAN interface 202.
Enable OSPF on the interface connecting Switch C with Switch B.
4) Configure Switch D Configure LSR ID and enable MPLS and LDP.
Configure IP address and enable MPLS and LDP for VLAN interface 203.
36.6 Troubleshooting MPLS Configuration
Chapter 37 BGP/MPLS VPN Configuration
37.1 BGP/MPLS VPN Overview
37-2
37.1.1 BGP/MPLS VPN Model
I. BGP/MPLS VPN model
Backbone network of the service provider
II. Nested BGP/MPLS VPN model
III. Basic concepts in BGP/MPLS VPN
IV. VPN Target attribute
37.1.2 BGP/MPLS VPN Implementation
I. Advertising VPN routing information
II. Forwarding VPN packets
37.1.3 Nested BGP/MPLS VPN Implementation
37.1.4 Hierarchical BGP/MPLS VPN Implementation
37.1.5 Introduction to OSPF Multi-instance
37-9
CE22
MPLS VPN Backbone
37.1.6 Introduction to Multi-Role Host
37.2 BGP/MPLS VPN Configuration
I. CE router
II. PE router
III. P router
37.2.1 Configuring CE Router
I. Creating static route
II. Configuring RIP
III. Configuring OSPF
IV. Configuring EBGP
37.2.2 Configuring PE Router
I. Configuring basic MPLS capability
II. Defining BGP/MPLS VPN site
Page
Page
Page
III. Configuring PE-CE route exchanging
Page
Page
Page
Page
Page
IV. Configuring PE-PE route exchanging
Page
Page
37.2.3 Configuring P Router
37.3 Displaying and Debugging BGP/MPLS VPN
I. Displaying VPN address information from BGP table
II. Displaying IP routing table associated with vpn-instance
III. Displaying vpn-instance related information
IV. Debugging information concerning processing BGP
V. Displaying MPLS l3vpn-lsp information
VI. Displaying sham link
37.4 Typical BGP/MPLS VPN Configuration Example
37.4.1 Integrated BGP/MPLS VPN Configuration Example
I. Network requirements
37-28
Figure 37-8 Network diagram for integrated BGP/MPLS VPN
Page
37-30
37-31
Page
37.4.2 Hybrid BGP/MPLS VPN Configuration Example
II. Network diagram
loopback0 1.1.1.9/32
192.168.1.1/24
loopback0 1.1.1.9/32
192.168.1.2/24 loopback0 2.2.2.9/32
Page
Page
Page
Page
Page
37-40
37.4.3 Extranet Configuration Example
SP network
Figure 37-10 Network diagram for Extranet
Page
Page
Page
37.4.4 Hub&Spoke Configuration Example
Page
Page
37-47
Configure loopback interface
Page
Page
37.4.5 CE Dual-home Configuration Example
37-51
Figure 37-12 Network diagram for CE dual-home
37-52
Configure loopback interface
37-53
Page
Page
37.4.6 Cross-domain BGP/MPLS VPN Configuration Example
37-57
Figure 37-13 Network diagram for ASBR
1) Configure PE1 Enable MPLS and LDP.
Configure VLAN interface connecting PE1 and P1.
[PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp
Configure the VLAN interface connecting CE.
Bind the VLAN interface with the VPN-instance.
Enable EBGP between PE and CE.
Enable IBGP between PE-ASBRs.
2) Configure PE2 Configure MPLS.
Configure the VLAN interface connecting CE.
Configure loopback interface.
Configure VPN-instance.
Configure the VLAN interface connecting PE2 and P2.
Bind the VLAN interface with the VPN-instance.
Enable IBGP between PE-ASBRs
3) Configure P1 (P2 in similar way) Configure MPLS basic capability.
Configure the interface loopback 0.
Configure VLAN interface connecting PE1.
Configure VLAN interface connecting PE2.
37.4.7 Cross-Domain BGP/MPLS VPN Configuration Example Option C
Figure 37-14 Network diagram for Multihop EBGP cross-domain VPN
Page
Page
37-64
Configure basic MPLS capability on PE2 and enable LDP on the interface connected to ASBR-PE2.
Page
Page
37-67
Configure ASBR-PE1: set up EBGP peer relation with ASBR-PE2, and IBGP peer relation with PE1.
Configure CE2.
37-68
Configure ASBR-PE2: configure the route policy.
37.4.8 Hierarchical BGP/MPLS VPN Configuration Example
Page
37-70
Configure VPN-instance
2) Configure UPE
Configure BGP
Configure OSPF
Configure the basic MPLS capability.
Configure VPN-instance
Configure interfaces
Configure BGP
Configure OSPF
37.4.9 OSPF Multi-instance sham link Configuration Example
Configure VLAN interface.
Figure 37-16 Network diagram for OSPF multi-instance
1) Configure PE1 Enable MPLS and LDP.
Configure VPN-instance.
Configure BGP peer.
Configure BGP and import OSPF routing and direct-connect route.
Page
37-75
Configure BGP.
Configure VPN-instance and import OSPF and direct-connect route.
Configure MBGP and enable peer.
Page
37.4.10 Nested BGP/MPLS VPN Configuration Example
37-78
Figure 37-17 Network diagram for nested VPN
37-79
Configure prov_pe2
Configure basic MPLS capability and MPLS LDP on the backbone network. Configure prov_pe1
Configure prov_pe2
Configure IBGP between provider PEs. Configure prov_pe1
37-80
Configure prov_pe2
Configure prov_pe2
37-81
Configure cust_pe1
Configure cust_pe2
37-82
Configure prov_pe1 to access CE5
Configure prov_pe2 to access the corresponding Customer PE.
Configure cust_pe1
Configure cust_pe2
37.4.11 OSPF Multi-instance CE Configuration Example
37-84
Figure 37-18 Network diagram for OSPF multi-instance CE configuration
1) Configuring CE router Configure instance vpn1
Configure VLAN203
Configure instance vpn2
Configure VLAN201
37.4.12 Multi-Role Host Configuration Example
37-86
Figure 37-19 Network diagram for multi-role host application
[PE2] interface loopback 0
1) Configure OSPF as the IGP protocol on the MPLS backbone network. Configure OSPF on PE1:
Configure OSPF on PE2:
Configure basic MPLS capability on PE2:
37-88
Create a VPN instance for VPN1 on PE2, and bind Ethernet2/1/0 to VPN1.
Configure BGP. Configure CE1:
Configure CE2:
Configure CE3:
37-89
37.5 Troubleshooting
I. Symptom 1
II. Symptom 2
III. Symptom 3
IV. Symptom 4
V. Symptom 5
Chapter 38 MSTP Region-configuration
38.1 Introduction to MSTP
38.1.1 MSTP Concepts
I. MST region
II. VLAN mapping table
III. IST
IV. CST
V. CIST
VI. MSTI
VII. Region root
VIII. Common Root Bridge
XI. TC packet
Page
38.1.2 MSTP Principles
I. CIST calculation
II. MSTI calculation
Page
Page
Page
Page
38.1.3 MSTP Implementation on the Switch
38.2 Configuring MSTP
38.2.1 Configuring the MST Region for a Switch
I. Entering MST region view
II. Configuring parameters for the MST region
III. Activating the MST region configuration,and exit the MST region view
38.2.2 Specifying the Switch as a Primary or a Secondary Root bridge
38.2.3 Configuring the MSTP Running Mode
38.2.4 Configuring the Bridge Priority for a Switch
38.2.5 Configuring the Max Hops in an MST Region
38.2.6 Configuring the Switching Network Diameter
38.2.7 Configuring the Time Parameters of a Switch
Page
38.2.8 Setting the Timeout Factor of a Specific Bridge
38.2.9 Configuring the Max Transmission Speed on a Port
38.2.10 Configuring a Port as an Edge Port or Non-edge Port
38.2.11 Configuring the Path Cost of a Port
I. Configuration in system view
II. Configuration in Ethernet port view
38.2.12 STP Path Cost Calculation Standards on STP port
I. DOT1T calculation standard
II. DOT1D-1998 calculation standard
III. The Switch 8800 legacy calculation standard
38.2.13 Configuring the Priority of a Port
38.2.14 Configuring the Port (Not) to Connect with the Point-to-Point Link
Page
38.2.15 Configuring the mCheck Variable of a Port
38.2.16 Configuring the Switch Protection Function
I. BPDU protection
II. Root protection
III. Loop protection
IV. TC-protection
38.2.17 Enabling/Disabling MSTP on the Device
38.2.18 Enable/Disable Address Table Reset on Specified Port
38.2.19 Enabling/Disabling ARP Address Update
38.2.20 Enabling/Disabling MSTP on a Port
38.3 Displaying and Debugging MSTP
38.4 Typical MSTP Configuration Example
Page
Page
Chapter 39 802.1x Configuration
39.1 802.1x Overview
39.1.1 802.1x Standard Overview
39.1.2 802.1x System Architecture
39.1.3 802.1x Authentication Process
39.1.4 Implementing 802.1x on Ethernet Switches
39.2 802.1x Configuration
Page
39.2.1 Enabling/Disabling 802.1x
39.2.2 Setting the Port Access Control Mode
39.2.3 Setting Port Access Control Method
39.2.4 Checking the Users that Log on the Switch via Proxy
39.2.5 Setting Supplicant Number on a Port
39.2.6 Setting the Authentication in DHCP Environment
39.2.7 Configuring Authentication Method for 802.1x User
39.2.8 Enabling/Disabling Guest VLAN
39.2.9 Setting the Maximum times of authentication request message retransmission
39.2.10 Configuring 802.1x Timers
39.2.11 Enabling/Disabling quiet-period Timer
39.3 Displaying and Debugging 802.1x
39.4 802.1x Configuration Example
Page
Page
Chapter 40 AAA and RADIUS/TACACS+ Protocol Configuration
40.1 AAA and RADIUS/TACACS+ Protocol Overview
40.1.1 AAA Overview
40.1.2 RADIUS Protocol Overview
I. What is RADIUS
40.1.3 TACACS+ Protocol Overview
I. TACACS+ SPECIALITY
II. Basic message exchange procedures in TACACS+
Page
3Com Switch 8800 Configuration Guide Chapter 40 AAA and RADIUS/TACACS+ Protocol Con
figuration
40-5
User TACACS Client TACACS
40.1.4 Implementing AAA/RADIUS on a Switch
40.2 AAA Configuration
40.2.1 Creating/Deleting an ISP Domain
40.2.2 Configuring Relevant Attributes of an ISP Domain
40.2.3 Configuring Self-Service Server URL
40.2.4 Creating/Deleting a Local User
40.2.5 Setting the Attributes of a Local User
I. Setting the password display mode
II. Setting/Removing the attributes of a local user
40.2.6 Disconnecting a User by Force
40.2.7 Configuring Dynamic VLAN Delivering
40.3 Configuring RADIUS Protocol
40.3.1 Creating/Deleting a RADIUS scheme
40.3.2 Setting IP Address and Port Number of a RADIUS Server
Page
40.3.3 Setting the RADIUS Packet Encryption Key
40.3.4 Setting the Response Timeout Timer of a RADIUS Server
40.3.5 Setting the Retransmission Times of RADIUS Request Packets
40.3.6 Enabling the Selection Of Radius Accounting Option
40.3.7 Setting a Real-time Accounting Interval
40.3.8 Setting the Maximum Times of Real-time Accounting Request Failing to be Responded
40.3.9 Enabling/Disabling Stopping Accounting Request Buffer
40.3.10 Setting the Maximum Retransmitting Times of Stopping Accounting Request
40.3.11 Setting the Supported Type of RADIUS Server
40.3.12 Setting RADIUS Server State
40.3.13 Setting the Username Format Transmitted to RADIUS Server
40.3.14 Setting the Unit of Data Flow that Transmitted to RADIUS Server
40.3.15 Creating/Deleting a Local RADIUS authentication Server
40.4 Configuring TACACS+ Protocol
40.4.1 Creating a HWTACAS Scheme
40.4.2 Configuring TACACS+ Authentication Servers
40.4.3 Configuring TACACS+ Authorization Servers
40.4.4 Configuring TACACS+ Accounting Servers and the Related Attributes
I. Configuring TACACS+ accounting servers
II. Enabling stop-accounting packet retransmission
40.4.5 Configuring the Source Address for TACACS+ Packets Sent by NAS
40.4.6 Setting a Key for Securing the Communication with TACACS Server
40.4.7 Setting the Username Format Acceptable to the TACACS Server
40.4.8 Setting the Unit of Data Flows Destined for the TACACS Server
40.4.9 Setting Timers Regarding TACACS Server
I. Setting the response timeout timer
II. Setting the quiet timer for the primary TACACS server
III. Setting a realtime accounting interval
40.5 Displaying and Debugging AAA and RADIUS Protocol
Page
40.6 AAA and RADIUS/TACACS+ Protocol Configuration Examples
40.6.1 Configuring Authentication at Remote RADIUS Server
II. Network Topology
III. Configuration procedure
40.6.2 Configuring Authentication at Local RADIUS Authentication Server
40.6.3 Configuring Authentication at Remote TACACS Server
III. Configuration procedure
40.7 Troubleshooting AAA and RADIUS/TACACS+
I. Symptom: User authentication/authorization always fails
II. Symptom: RADIUS/TACACS+ packet cannot be transmitted to RADIUS/TACACS+ server.
Chapter 41 VRRP Configuration
41.1 Introduction to VRRP
41.2 Configuring VRRP
41.2.1 Enabling/Disabling the Function to Ping the Virtual IP Address
41.2.2 Enabling/Disabling the Check of TTL Value of VRRP Packet
41.2.3 Setting Correspondence Between Virtual IP Address and MAC Address
41.2.4 Adding/Deleting a Virtual IP Address
41.2.5 Configuring the Priority of Switches in the Virtual Router
41.2.6 Configuring Preemption and Delay for a Switch Within a Virtual Router
41.2.7 Configuring Authentication Type and Authentication Key
41.2.8 Configuring Virtual Router Timer
41.2.9 Configuring Switch to Track a Specified Interface
41.3 Displaying and debugging VRRP
41.4 VRRP Configuration Example
41.4.1 VRRP Single Virtual Router Example
Page
41.4.2 VRRP Tracking Interface Example
41.4.3 Multiple Virtual Routers Example
Page
41.5 Troubleshooting VRRP
I. Fault 1: Frequent prompts of configuration errors on the console
II. Fault 2: More than one Masters existing within the same virtual router
III. Fault 3: Frequent switchover of VRRP state
Chapter 42 HA Configuration
42.1 Introduction to HA
42.2 Configuring HA
42.2.1 Restarting the Slave System Manually
42.2.2 Starting the Master-Slave Switchover Manually
42.2.3 Enabling/Disabling Automatic Synchronization
42.2.4 Synchronizing the Configuration File Manually
42.2.5 Configuring the Load Mode of the Fabric and Slave Board
42.3 Displaying and Debugging HA Configuration
Chapter 43 File System Management
43.1 File System Configuration
43.1.1 File System Overview
43.1.2 Directory Operation
43.1.3 File Operation
43.1.4 Storage Device Operation
43.1.5 Setting the Prompt Mode of the File System
43.2 Configuration File Management
43.2.1 Configuration File Management Overview
43.2.2 Displaying the Current-Configuration and Saved-Configuration of Ethernet Switch
43.2.3 Modifying and Saving the Current-Configuration
43.2.4 Erasing Configuration Files from Flash Memory
43.2.5 Configuring the Name of the Configuration File Used for the Next Startup.
43.3 FTP Configuration
43.3.1 FTP Overview
Switch PC
Network SwitchSwitch PC
Network
43.3.2 Enabling/Disabling FTP Server
43.3.3 Configuring the FTP Server Authentication and Authorization
43.3.4 Configuring the Running Parameters of FTP Server
43.3.5 Displaying and Debugging FTP Server
43.3.6 Disconnecting an FTP User
43.3.7 Introduction to FTP Client
43.3.8 FTP Client Configuration Example
Switch PC
SwitchSwitch PC
43.3.9 FTP Server Configuration Example
SwitchSwitch PC
Switch PC
43.4 TFTP Configuration
43.4.1 TFTP Overview
Switch PC
Network SwitchSwitch PC
Network
43.4.2 Downloading Files by Means of TFTP
43.4.3 Uploading Files by Means of TFTP
43.4.4 TFTP Client Configuration Example
Page
Chapter 44 MAC Address Table Management
44.1 MAC Address Table Management Overview
44.2 MAC Address Table Management Configuration
44.2.1 Setting MAC Address Table Entries
44.2.2 Setting MAC Address Aging Time
44.3 Maximum MAC Address Number Learned by Ethernet Port and Forwarding Option Configuration
44.3.1 Maximum MAC Address Number Learned by a Port and Forwarding Option Configuration Tasks
44.4 Displaying and Debugging MAC Address Tables
44.5 Resetting MAC Addresses
44.6 MAC Address Table Management Configuration Example
Page
Chapter 45 Device management
45.1 Device Management Overview
45.2 Device Management Configuration
45.2.1 Rebooting the Ethernet Switch
45.2.2 Enabling the Timing Reboot Function
45.2.3 Designating the APP Adopted on Next Booting
45.2.4 Upgrading BootROM
45.2.5 Setting Slot Temperature Limit
45.2.6 Updating Service Processing Boards
45.3 Displaying and Debugging Device Management
45.4 Device Management Configuration Example
45.4.1 Using the Switch as an FTP Client to Implement the Remote Upgrade
Page
45.4.2 Use the Switch as an FTP Server to Implement the Remote Upgrade
Switch PC
Network SwitchSwitch PC
Network
Page
Chapter 46 System Maintenance and Debugging
46.1 Basic System Configuration
46.1.1 Setting a Name for a Switch
46.1.2 Setting the System Clock
46.1.3 Setting the Time Zone
46.2 Displaying the State and Information of the System
46.3 System Debugging
46.3.1 Enabling/Disabling the Terminal Debugging
46.3.2 Displaying Diagnostic Information
46.4 Testing Tools for Network Connection
46.4.1 ping
46.4.2 ping-distribute enable
46.4.3 tracert
46.5 Logging Function
46.5.1 Introduction to Info-center
Page
Page
Page
46.5.2 Info-center Configuration
Page
Page
Page
46.5.3 Sending the Configuration Information to the Loghost
Page
46.5.4 Sending the Configuration Information to Console terminal
Page
Page
46.5.5 Sending the Configuration Information to Telnet Terminal or Dumb Terminal
Page
46.5.6 Sending the Configuration Information to the Log Buffer
Page
46.5.7 Sending the Configuration Information to the Trap Buffer
Page
46.5.8 Sending the Configuration Information to SNMP Network Management
Page
46.5.9 Displaying and Debugging Info-center
46.5.10 Configuration Examples of Sending Log to the Unix Loghost
III. Configuration steps
46.5.11 Configuration examples of sending log to Linux loghost
Page
46.5.12 Configuration Examples of Sending Log to the Console Terminal
Chapter 47 SNMP Configuration
47.1 SNMP Overview
47.2 SNMP Versions and Supported MIB
Page
47.3 Configuring SNMP
47.3.1 Setting Community Names
47.3.2 Setting the System Information
47.3.3 Enabling/Disabling SNMP Agent to Send Trap
47.3.4 Setting the Destination Address of Trap
47.3.5 Setting Lifetime of Trap Message
47.3.6 Setting the Engine ID of a Local or Remote Device
47.3.7 Setting/Deleting an SNMP Group
47.3.8 Setting the Source Address of Trap
47.3.9 Adding/Deleting a User to/from an SNMP Group
47.3.10 Creating/Updating View Information or Deleting a View
47.3.11 Setting the Size of the SNMP Packet Sent/Received by an Agent
47.3.12 Disabling SNMP Agent
47.4 Displaying and Debugging SNMP
47.5 SNMP Configuration Example
II. Network diagram
III. Configuration procedure
IV. Configure network management system
Page
Chapter 48 RMON Configuration
48.1 RMON Overview
48.2 Configuring RMON
48.2.1 Adding/Deleting an Entry to/from the Event Table
48.2.2 Adding/Deleting an Entry to/from the Alarm Table
48.2.3 Adding/Deleting an Entry to/from the Extended RMON Alarm Table
48.2.4 Adding/Deleting an Entry to/from the History Control Table
48.2.5 Adding/Deleting an Entry to/from the Statistics Table
48.3 Displaying and Debugging RMON
48.4 RMON Configuration Example
Page
Chapter 49 NTP Configuration
49.1 Brief Introduction to NTP
49.1.1 NTP Functions
49.1.2 Basic Operating Principle of NTP
49.2 NTP Configuration
49.2.1 Configuring NTP Operating Mode
I. Configuring NTP Server Mode
II. Configuring NTP Peer Mode
III. Configuring NTP Broadcast Server Mode
IV. Configuring NTP Broadcast Client Mode
V. Configuring NTP Multicast Server Mode
VI. Configuring NTP Multicast Client Mode
49.2.2 Configuring NTP ID Authentication
49.2.3 Setting NTP Authentication Key
49.2.4 Setting Specified Key as Reliable
49.2.5 Designating an Interface to Transmit NTP Messages
49.2.6 Setting NTP Master Clock
49.2.7 Setting Authority to Access a Local Ethernet Switch
49.2.8 Setting Maximum Local Sessions
49.3 Displaying and Debugging NTP
49.4 NTP Configuration Example
49.4.1 Configuring a NTP Server
49.4.2 NTP Peer Configuration Example
Page
49.4.3 Configure NTP Broadcast Mode
49.4.4 Configure NTP Multicast Mode
Page
49.4.5 Configure Authentication-Enabled NTP Server Mode
Page
Chapter 50 SSH Terminal Service
50.1 SSH Terminal Service
50.1.1 SSH Overview
Page
50.1.2 SSH Server Configuration
Page
I. Configuring the protocol the current user interface supports
II. Generating or destroying an RSA key pair
III. Configuring the user authentication mode
IV. Configuring the updating cycle of the server key
V. Configuring the authentication timeout
VI. Configuring the number of authentication retries
VII. Entering the public key view
VIII. Entering the public key edit view
IX. Generating the Client Public Key
Page
3Com Switch 8800 Configuration Guide Chapter 50 SSH Terminal Service
50-10
Convert the file aaa.pub into key configuration data in Hex.
Convert the converted result into the CLI of the switch unit
Exit from editing the peer public key
X. Exiting the public key edit view
XI. Specifying the public key for an SSH user
XII. Configuring the server compatibility mode
50.1.3 SSH Client Configuration
I. Starting the SSH client
II. Specifying the public key of the server
III. Configuring the first-time authentication of the server
50.1.4 Displaying and Debugging SSH
50.1.5 SSH Server Configuration Example
Page
Page
50.1.6 SSH Client Configuration Example
50.2 SFTP Service
50.2.1 SFTP Overview
50.2.2 SFTP Server Configuration
I. Configuring the service type to be used
II. Starting the SFTP server
50.2.3 SFTP Client Configuration
I. Starting the SFTP client
II. Shutting down the SFTP client
III. SFTP directory operations
IV. SFTP file operations
V. Displaying help information
50.2.4 SFTP Configuration Example
3Com Switch 8800 Configuration Guide Chapter 50 SSH Terminal Service
50-23
Establish the SSH connection between the client and the server.
Establish a connection with the remote SFTP server and enter the SFTP client view.
Page
Page
Chapter 51 PoE Configuration
51.1 PoE Overview
51.1.1 PoE on the Switch
51.1.2 External PSE4500-A Power System
51.2 PoE Configuration
51.2.1 PoE Configuration Tasks
Page
51.3 Comprehensive Configuration Example
Page
Chapter 52 PoE PSU Supervision Configuration
52.1 Introduction to PoE PSU Supervision
52.2 AC Input Alarm Thresholds Configuration
52.2.1 AC Input Alarm Thresholds Configuration Tasks
52.2.2 AC Input Alarm Thresholds Configuration Example
52.3 DC Output Alarm Thresholds Configuration
52.3.1 DC Output Alarm Thresholds Configuration Tasks
52.3.2 DC Output Alarm Thresholds Configuration Example
52.4 Displaying PoE Supervision Information
52.5 PoE PSU Supervision Configuration Example