Avaya 580, 882 13

User Guide for the Avaya P580 and P882 Multiservice Switches, v6.1 13-1

13 Configuring Access Lists

Overview

Contents This chapter contains the following sections:

■Creating Access Rules

■Enabling an Access List

■Example: Using an Access Control Rule to Filter Web Traffic

■Logging ACL Activity

■Optimizing Switch Performance

For more information about the CLI commands that are mentioned in this

chapter, see Command Reference Guide for the Avaya P580 and P882

Multiservice Switches, Software Version 6.1

What is an Access

Control List? An Access Control List (ACL) is a group of Access Control Rules. Access

Control Rules are used to describe how to forward (route) packets, as

opposed to where to forward them. The how can be to forward the packet

with a specific priority(0-7), forward the traffic with an un-changed priority,

or filter packets (drop).

ACLs provide the mechanism to prioritize traffic flows through the router

and the network. This traffic flow management is commonly referred to as

Quality of Service (QoS). See Chapter 25 for more information on QoS.

Standard vs.

Extended ACLs A standard ACL allows you to prioritize traffic by the Source IP address.

An extended ACL provides greater control over what traffic is prioritized.

Extended ACLs can use any or all of the following parameters:

■Source IP address

■Destination IP address

■TCP/UDP Source port

■TCP/UDP Destination port.

■Protocol ID (RFC1700)

Contents

Main Page Table of Contents Chapter 3 Configuring System Information . . . . . . . . . . . . . . . . . . . . . . . . 3-1 Page Chapter 6 Using VLANs, Hunt Groups, and VTP Snooping. . . . . . . . . . . 6-1 Chapter 7 Configuring Rapid Spanning Tree. . . . . . . . . . . . . . . . . . . . . . . 7-1 Chapter 9 Managing the Address Forwarding Table. . . . . . . . . . . . . . . . . 9-1 Chapter 10 Configuring Redundancy Options . . . . . . . . . . . . . . . . . . . . . 10-1 Chapter 11 Configuring DNS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1 Chapter 12 Configuring IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1 Chapter 13 Configuring Access Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1 Chapter 14 Configuring RIP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1 Chapter 15 Configuring the OSPF Routing Protocol . . . . . . . . . . . . . . . 15-1 Chapter 16 Configuring IPX Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 Chapter 17 Configuring the IPX RIP Protocol . . . . . . . . . . . . . . . . . . . . 17-1 Chapter 18 Configuring the IPX SAP Protocol . . . . . . . . . . . . . . . . . . . . 18-1 Chapter 19 Configuring AppleTalk Routing . . . . . . . . . . . . . . . . . . . . . . 19-1 Chapter 20 Managing Intelligent Multicasting . . . . . . . . . . . . . . . . . . . . 20-1 Chapter 21 Monitoring the Avaya Multiservice Switch . . . . . . . . . . . . . . 21-1 Chapter 22 Monitoring and Configuring the Forwarding Cache . . . . . . 22-1 Chapter 24 Managing Buffers and Queues on 50-Series Modules . . . . . 24-1 Appendix A Upgrading the Application Software . . . . . . . . . . . . . . . . . . . A-1 Appendix C Supported MIB Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C-1 Preface Preface Contents Overview of User Guide Contents Page Page Technical Support Avaya Products and Services P580 and P882 Documentation Available Documentation Documents Installing the Online Help Files Setting the Location of the Online Help Files Document Conventions Notes, Cautions, and Warnings Convention Represents Examples Page 1 Switch Descriptions Hardware Components Chassis Fabric Mode 1 Fabric Mode 2 Contents Avaya P580 Multiservice Switch Chassis Slots Ports Fan Tray Switch Fabric Avaya P882 Multiservice Switch Chassis Slots Ports Fan Tray Switch Fabric The Power System Overview Static Power Allocation Dynamic Power Allocation The M8000R-SUP Supervisor Module Functions Hardware Features packets that arrive on layer 2-only media modules Table 1-1. Supported Memory, Boot Code, and Software Configurations Memory (in MB) Boot Code Software Vers ion Media Modules 50-Series Media Modules 80-Series Media Modules Table 1-5. 80-Series Gigabit Modules Model Number Description Note: ATM Upl in k Module Software Features Security VLANs Hunt Groups Spanning Tree Extensive Fault Tolerance Routing Protocols Access Lists IP Multicast 50-Series Buffers and Queues 80-Series QoS System Management Routing Overview Compatibility with Layer 2 Modules Routing with Layer 2 and Layer 3 Modules Page Page 2 Setting Up Your Laptop or PC Performing Initial Setup of the Switch Before Moving a Supervisor Module Assigning an IP Address Page Page Connecting to the Supervisors 10/ 100Base-T port Using Telnet to Manage the Switch Setting up a Management Interface Establishing a Telnet Session Supported Number of Telnet Sessions Terminating a Telnet session Troubleshooting Tip Viewing Active Telnet Sessions Telnet Session Expiration Timer Using the Web Agent to Configure the Switch Opening the Web Agent Page Logging Out of the Web Agent Configuring Custom Access Types Creating a Custom Access Type Web Agent Procedure CLI Command Modifying a Custom Access Type Web Agent Procedure CLI Command Deleting a Custom Access Type Web Agent Procedure CLI Command Configuring User Accounts Configuring User Account Security Web Agent Procedure Page CLI Commands Creating a User Account Web Agent Procedure Page CLI Command Modifying a User Account CLI Commands Changing Your Password Web Agent Procedure CLI Command Disabling a User Account Web Agent Procedure CLI Command Deleting a User Account Web Agent Procedure Changing the Console Serial Port Settings Configuring the Serial Console Port as a TTY Console Web Agent Procedure CLI Command Configuring the Serial Console Port as a PPP Console Connecting a Modem Web Agent Procedure CLI Command Regaining Configuration Access to the PPP Serial Port Console Configuring Dial-Up Networking Page Using Dial-Up Networking with a PPP Serial Port Console Changing the TCP Ports for HTTP and Telnet Changing the TCP Port Number for HTTP and Telnet Requests Web Agent Procedure Page CLI Commands Starting a Telnet Session Opening the Web Agent Managing Configuration Files Viewing the Running Configuration Viewing the Startup Configuration Viewing the Script Execution Log File Copying Configuration Files Web Agent Procedure CLI Command Copying Files Web Agent Procedure Page CLI Command Viewing the Status of a TFTP Transfer Web Agent Procedure CLI Command Page 3 Information Entering General System Information Web Agent Procedure Enabling the Simple Network Time Protocol Web Agent Procedure CLI Command Setting Summer Time Hours Setting Recurring Summer Time Hours Web Agent Procedure Page Page Page CLI Command command from Configure mode: (configure)# clock summer-time recurring <week> Table 3-1. Recurring Summer Time Hours Parameters Setting One-Time Summer Time Hours Web Agent Procedure CLI Command Setting the System Clock Web Agent Procedure CLI Command Setting the Temperature System Web Agent Procedure CLI Command Displaying the Power System Statistics Web Agent Procedure CLI Command Displaying Cooling System Statistics Web Agent Procedure CLI Command Performing a Reset Web Agent Procedure CLI Command 4 Secure Mode Page Enabling Secure Mode Disabling Secure Mode Viewing the Secure Mode Setting SSHv2 Purpose of SSH SSH Server and Client Encryption Ciphers User Authentication Enabling SSH on a TCP Port Web Agent Procedure CLI Command Disabling SSH Web Agent Procedure CLI Command Generating an SSH Server Key Web Agent Procedure CLI Command Displaying the Public SSH Key Configuring SSH Server Web Agent Procedure CLI Commands Displaying SSH Connections CLI Command Sample Output Using the SSH Client HTTPS Using SSLv3 or TLSv1 Supported Cipher Suites Viewing Cipher Suites Viewing the SSL Configuration Creating a Self-Signed SSL Server Certificate Overview Web Agent Procedure Page CLI Command Viewing the Server Certificate Web Agent Procedure Page Enabling SSL/HTTPS Web Agent Procedure CLI Command Disabling SSL/HTTPS Web Agent Procedure Restarting SSL/HTTPS Reverting to a Backup Certificate RADIUS Client Support Purpose of RADIUS Authentication Process Section Contents Realms and Groups Overview Realms Groups and VSAs Login Order of Operations Avaya VSAs Switch Service Type s Management Type s CAT Access Mask CAT Read-Only Mask RADIUS Server Files Sample User File Sample Client File Configuring a RADIUS Client Table 4-4. RADIUS Web Page Configuration Parameters CLI Command Page Page 5 Supported versions of SNMP SNMPv3 Security Features Contents RFC Standards Authentication and Encryption Localized Keys Engine ID Timeliness Checks Views Predefined Views User Groups Predefined Groups Migration of Existing Community Strings ATM Uplink Module Overview Process Accessing the ATM- Up lin k Module Initial SNMPv3 User and SNMPv3 Administrator Initial User SNMPv3 Administrator Changing the Engine ID of the Switch Viewing the Engine ID Creating an SNMPv3 Administrator Configuring Views Creating or Modifying a View Viewing Configured Views Deleting a View Configuring Groups Creating or Modifying a Group Viewing Configured Groups Deleting a Group Configuring an SNMPv3 User Creating or Modifying a User Adding a User to a Group To add an SNMPv3 user to a group, use the following CLI command: (configure)# snmp-server user <username> group <groupname> Table 5-7. snmp-server user Command Removing a User from a Group Viewing Configured Users Deleting a User Changing a User Password Configuring SNMPv1 or v2 Community Strings Creating or Modifying a Community String for the Switch Creating or Modifying a Community String for the ATM- Uplink Module Viewing Configured Community Strings Setting the Trap Receiver Deleting a Community String Switch Community String ATM Module Community String Setting the Administrative Contact CLI Command SNMP Setting the Physical Location of the Switch CLI Command SNMP Disabling or Reenabling SNMP Disabling SNMP Reenabling SNMP Viewing the SNMP Status Page 6 VTP Snooping VLAN Introduction Need for VLANs What is a VLAN? Port Based VLANS Page IEEE 802.1Q VLAN Tagging VLAN Operation Ingress Rules Forwarding Rules Binding a Port to more than one VLAN using the CLI Egress Rules Creating and Implementing VLANs VLAN Considerations Creating a VLAN Page Page Configuring VLAN Parameters Page 4. Click APPLY to save your changes, or CANCEL to restore previous Note: Table 6-2. VLAN Switch Port Web Page Parameters Parameter Defines... Assigning Ports to VLANs Using Hunt Groups to Aggregate Bandwidth Hunt Group Features Hunt Group Terminology How Hunt Groups Load Share Forwarding Engines and Fabric Ports 80-Series Forwarding Engines Fabric Ports 50-series Forwarding Engines and Fabric Ports Load Share Function Hunt Group Example Page Optimizing Hunt Group Throughput Hunt Group Configuration Considerations Hunt Groups and Multicast Traffic Creating Hunt Groups Web Agent Procedure Page CLI Commands Adding Ports to the Hunt Group Web Agent Procedure Page Page Page Viewing Hunt Group Members Web Agent Procedure CLI Commands Removing Ports from Hunt Groups Web Agent Procedure CLI Command Configuring VTP Snooping Web Agent Procedure CLI Command Page 7 Spanning Tree Purpose of Spanning Tree RSTP vs. STP Port States Interoperability with STP Upgrading to RSTP How RSTP Achieves Rapid Recovery Port Roles Rapid Transition to Forwarding IEEE Standards Spanning Tree Configurations IEEE802.1D Spanning Tree Per-VLAN Spanning Tree Dual-Layer Spanning Global Disable Spanning Tree Design Configuring Global Spanning Tree Options Page CLI Command Viewing Global Spanning Tree Information Web Agent Procedure CLI Commands Configuring Spanning Tree Bridges Web Agent Procedure Note: Table 7-3. Spanning Tree Bridge Configuration Field Definition CLI Command Viewing Bridge Port Information Web Agent Procedure Page CLI Command name>}} command to view information about Spanning Tree bridge ports. Table 7-4. Spanning Tree Bridge Port Information Field Explanation Configuring a Bridge Port Web Agent Procedure Page Note: Table 7-5. Spanning Tree Port Configuration Field Definition CLI Commands Configuring Spanning Tree Settings for Switch Ports Web Agent Procedure Page Page CLI Commands 8 Two Categories of Port Settings Physical Port Features Auto-negotiation Page Remote Fault Detection Flow Control Page Switch Port Features Relationship Between Different Switch Port Parameters Table 8-2. Relationship Between Switch Parame ters VLAN Binding Trunk Mode Description Note: Assigning VLANs to a Port and Associated Issues Page Configuring Physical Port Settings Configuring Physical Ports on 10-Gigabit Ports Overview Page Page Page Table 8-3. Detailed Physical Port Web Page CLI Command Configuring Physical Ports on Gigabit Ports Web Agent Procedure Page Page Page Note: Table 8-4. Detailed Physical Port Web Page Parameters CLI Command Configuring Physical Ports on Fast Ethernet Ports Web Agent Procedure Page Page Page Page Table 8-5. Fast Ethernet (10/100) Port Parameters CLI Command following command from Configure mode: (configure)# set port <options> Table 8-5. Fast Ethernet (10/100) Port Parameters Using the All Ports Configuration Web Page Configuring Switch Ports Settings Configuring Switch Ports Web Agent Procedure Page Page Note: Page Example Cisco Catalyst 5000TM. Table 8-7. Example 1. Trunk to Cisco Catalyst 5000 Parameter Recommended Setting CLI Command Automatic VLAN Creation Table 8-8. VLAN Binding Options Note: Table 8-9. Avaya P580 and P882 Multiservice Switch VLAN Table Name ID Group ID AFT Index Automatically Creating VLANs and Frame Tags Parameters Automatic Binding of VLANs to Ports Configuring MAC Address Lock and Intrusion Detection Overview Web Agent Procedure CLI Commands Using the All Module Ports Configuration Web Page Page Viewing Switch Port Settings Web Agent Procedure CLI Command Configuring Port Redundancy Creating a Port Redundancy Pair Overview Web Agent Procedure CLI Command Deleting a Port Redundancy Pair Web Agent Procedure CLI Command Disabling or Enabling Port Redundancy Web Agent Procedure CLI Command GBIC Identification Web Agent Procedure CLI Command Network Error Detection and Recovery Functionality Hardware Support Example Enabling NEDR Page Page Internal Error Detection and Recovery Enabling IEDR Enabling IEDR for Hunt Groups Setting the IEDR Threshold for Internal Errors Viewing IEDR Settings Viewing IEDR Settings for Hunt Groups Error Messages System Messages Page Page 9 Forwarding Table Chapter contents Relationship between VLANs, AFT and Hash Table Sizes Hash Tables and Buckets Hash Table and Bucket memory usage guidelines Hash Table guidelines for creating VLANs Maximum Number of VLANs Page Page Examples of Configuring VLANs and Hash T able Size Example 1 Example 2 AFT Default Settings Address Forwarding Table, Auto-Sizing, Auto Increment and Threshold Default Settings Auto-Increment Trigger (Multiplier) Threshold (Util%) Total Entries, Address Memory, Age and Super- Age Timers Total Entries Address Memory Address Age and Super Age timers Configuring the AGE and Super Age Timers Web Agent Procedure Instance Table Information Page Note: Hash Table size should be times the number of expected AFT entries (MAC entries) on the VLAN. Table 9-3. Address Table Instance Parameters Controlling Re- configuration of AFT Sizes Using the Web Agent Controlling Reconfiguration of AFT Sizes Using the CLI Searching the Switch AFT Web Agent Procedure Page Page Page Note: Table 9-4. Address Forwarding Table Parameters CLI Command Adding Static Entries to the AFT Web Agent Procedure Page CLI Command Option 82 for DHCP Overview Web Agent Procedure CLI Commands 10 Options VRRP Hunt Groups Redundant Power Supplies Supervisor Failover conditions Chapter Contents Configuring Redundant Hardware Redundant Switch Controllers and Elements Page Installing and Enabling Redundant Hardware Installing Redundant Hardware Enabling Redundant Hardware Web Agent Procedure CLI Command Replacing the Primary Controller Page Replacing an Element Web Agent Procedure CLI Command Configuring Supervisor Module Redundant Ethernet Console IP Addresses Web Agent Procedure CLI Command Synchronizing the Active and Standby CPUs Supervisor Module Redundancy Statistics Active and Standby Roles Page Synchronization Procedure Web Agent Procedure Page CLI Command Page 11 DNS Client Support Recursive vs. Iterative Sample Recursive DNS Query DNS Client on the Avaya Multiservice Switch Order of Operations for DNS on the Switch Configuring the DNS Client Web Agent Procedure Page CLI Commands CLI Example Page Page 12 Routing Function Requirements for IP Routing Hardware Requirements Software Requirements Minimum Configuration Requirements Routing Configuration Quickstart Displaying Existing IP Interfaces Web Agent Procedure Page Creating and Assigning IP Interfaces to the VLAN Web Agent Procedure Page Table 12-1. Add IP Interface Web Page Fields Note: Table 12-1. Add IP Interface Web Page Fields CLI Commands Enabling IP Routing Global Parameters Page Table 12-2. IP Global Configuration Parameters Note: Table 12-2. IP Global Configuration Parameters IP Multinetting Creating a Multinet Interface Configuring Short-Lived IP Protocol Filters Enabling a Short-Lived IP Protocol Filter Overview CLI Command Examples Disabling a Short-Lived IP Protocol Filter Overview CLI Command Examples Displaying Short-Lived IP Protocol Filters CLI Command Example Creating IP Static Routes Web Agent Procedure CLI Commands Creating a Static Route to a Null Interface Control Message Protocol (ICMP) Procedure Web Agent Procedure CLI Command Creating IP Static ARP Entries Web Agent Procedure CLI Command Creating a BOOTP/DHCP Server Entry Web Agent Procedure CLI Command Configuring Route Redistribution Creating an IP Redistribute List Entry Web Agent Procedure CLI Commands Viewing IP Redistribute List Entries Modifying an IP Redistribute List Entry CLI Command Deleting an IP Redistribute Entry Web Agent Procedure CLI Commands IP Multicast Configuring IGMP Globally Enabling IGMP Web Agent Procedure CLI Command Modifying IGMP Interfaces Web Agent Procedure Page CLI Command from interface mode: (config-if:<interface>)# ip igmp <options> Note: Table 12-8. IGMP Interface Parameters Configuring and Modifying DVMRP Configuring the DVMRP Global Configuration Web Agent Procedure Page CLI Command (configure)# router dvmrp Table 12-9. DVMRP Global Configuration Web Page Parameters Modifying a DVMRP Interface Web Agent Procedure CLI Command (configure-if:<interface>)# ip dvmrp <options> Table 12-10. DVMRP Interface Parameters Monitoring Switch Performance Using IP Statistics Displaying Global IP Routing Statistics Web Agent Procedure Page Note: Page Page Page CLI Command Searching the IP Routing Table Page Displaying the IP Routing Table Statistics CLI Command Searching the IP ARP Cache Page IP Multicast Statistics Displaying IGMP Global Statistics Web Agent Procedure Displaying IGMP Interface Statistics Web Agent Procedure Table 12-16. IGMP Interface Statistics Web Page Parameters CLI Command Displaying the IGMP Group Membership Table Web Agent Procedure CLI Command Displaying the IGMP Local Multicast Forwarding Cache Displaying DVMRP Global Statistics Web Agent Procedure Page Displaying DVMRP Interface Statistics Web Agent Procedure Page CLI Command Displaying DVMRP Neighbor Routers Web Agent Procedure CLI Command Displaying DVMRP Routing Table Statistics Web Agent Procedure Displaying the DVMRP Route Table Web Agent Procedure Page CLI Command Displaying the DVMRP Upstream Routers Web Agent Procedure Displaying the DVMRP Designated Forwarder(s) Table Web Agent Procedure Displaying the DVMRP Downstream Dependent Routers Web Agent Procedure Displaying the DVMRP Multicast Forwarding Cache Web Agent Procedure Table 12-28. Upstream Prune Information Web Page Parameter Parameter Displays the... Table 12-27. Multicast Forwarding Cache Web Page Parameters Page Page Configuring VRRP Globally Enabling VRRP Web Agent Procedure CLI Command Enabling VRRP on an Interface Creating a VRRP Virtual Router Page Page Table 12-31. Add VRRP Virtual Router Web Page Parameters CLI Command Displaying VRRP Statistics Web Agent Procedure Page CLI Command VRRP Configuration Considerations Selecting VR ID numbers for Virtual Routers Assigning the IP Address of a Virtual Router IP Address Owner Features Non-Address Owner Features Page Configuring IRDP Enabling IRDP on an Interface Web Agent Procedure Page CLI Command Configuring LDAP Configuring LDAP Settings Web Agent Procedure Page CLI Command Viewing LDAP Statistics Web Agent Procedure CLI Command Configuring a Static Route for the PPP Console Web Agent Procedure Configuring the IP Interface for the PPP Console Web Agent Procedure CLI Command Page 13 Contents What is an Access Control List? Standard vs. Extended ACLs Naming Conventions for ACLs How Packets are Processed What are Wildcards? What is TCP Established? Page Creating Access Rules Creating Standard Access Rules Page Creating Extended Access Rules Page Table 13-2. IP Extended Access Rule Creation Par ameters Note: Page Enabling an Access List Web Agent Procedure CLI Command Example: Using an Access Control Rule to Filter Web Traffic Second Example Logging ACL Activity Enabling ACL Logging Web Agent Procedure Setting a Logging Interval CLI Command Optimizing Switch Performance Purpose Terminology Page Techniques Recognizing Performance Issues Evaluating System Performance Slow Path versus Fast Path How Many Cache Entries? Enabling Routing at the Module Designing Safe, Efficient ACLs Identifying the Ports Configuring Hash Mode Web Agent Procedure CLI Command Using Protocol or Port IDs in Access Rules Potential Hashing Issues Example Interrelation with Hash Mode Setting Managing F-chip Memory Web Agent Procedure CLI Command Page 14 Configuring RIP on the Switch Web Agent Procedure Page CLI Commands Modifying RIP Interfaces Web Agent Procedure 3. Click APPLY to save your changes, or CANCEL to restore previous Table 14-2. RIP Interface Web Page Parameters V1 is the default setting CLI Command command from Configure mode: (configure)# interface <intf-name> | [type {mbna | ethernet}] Table 14-2. RIP Interface Web Page Parameters Creating Trusted RIP Neighbors Web Agent Procedure CLI Command Key Chains Key Chains on the Avaya Multiservice Switch Configuring Key Chains Web Agent Procedure Page CLI Commands CLI Example Viewing RIP Statistics Web Agent Procedure CLI Command NBMA IP Interfaces 15 Routing Protocol What is OSPF? Configuring OSPF Configuring the OSPF Global Configuration Web Agent Procedure Page CLI Command Creating OSPF Areas Web Agent Procedure Page CLI Command Deleting OSPF Areas Web Agent Procedure CLI Command Modifying OSPF Areas Web Agent Procedure CLI Command Enabling OSPF on an IP Interface Web Agent Procedure Modifying OSPF Interfaces Web Agent Procedure Page CLI Command Configuring an OSPF Passive-Interface Web Agent Procedure CLI Commands Creating OSPF Virtual Links Web Agent Procedure Page CLI Command (configure router:ospf)# area <area-id> virtual-link <router- id> Table 15-4. Add OSPF Virtual Link Web Page Parameters Deleting OSPF Virtual Links Web Agent Procedure CLI Command Modifying OSPF Virtual Links Web Agent Procedure Creating OSPF Summaries Web Agent Procedure CLI Command Deleting OSPF Summaries Web Agent Procedure CLI Command Modifying OSPF Summaries Web Agent Procedure Monitoring Switch Performance Using OSPF Statistics Displaying OSPF Statistics Web Agent Procedure CLI Commands commands: Table 15-6. OSPF Statistical Parameters Parameter Displays the... Displaying OSPF Links Web Agent Procedure CLI Commands Displaying OSPF Neighbors Web Agent Procedure CLI Command command: > show ip ospf neighbor Table 15-8. OSPF Neighbors Web Page Parameters Searching the OSPF Link State Database Web Agent Procedure Page Table 15-10. OSPF Link State Database Parameters Parameter Displays... Page CLI Command NBMA IP Interfaces Setting Up an NBMA IP Interface Web Agent Procedure CLI Commands Setting Up NBMA Neighbors Web Agent Procedure CLI Commands Removing NBMA Neighbors CLI Command CLI Commands for RIP Page 16 IPX Overview IPX Datagram Structure Configuring the Avaya Switch as an IPX Router Hardware Requirements Configuring IPX Routing Globally Web Agent Procedure CLI Commands Configuring IPX Interfaces Web Agent Procedure Page Page Table 16-3. IPX Interface Web Page Parameters Note: CLI Command Creating IPX Static Routes Web Agent Procedure Page CLI Command Deleting IPX Static Routes Web Agent Procedure CLI Command Modifying IPX Static Routes Web Agent Procedure CLI Command Creating IPX Static Services Web Agent Procedure Page Page CLI Command Deleting IPX Static Service Web Agent Procedure CLI Command Modifying IPX Static Service Web Agent Procedure Monitoring Your Switch Using IPX Displaying IPX Global Statistics Web Agent Procedure Page CLI Command Searching the IPX Route Table Page Displaying the IPX Route Table Displaying IPX Route Table Statistics Searching the IPX Service Table Page Displaying the IPX Service Table Displaying IPX Service Table Statistics Page Page 17 Protocol Configuring IPX RIP Interfaces Web Agent Procedure Page CL Command Creating and Modifying IPX RIP Filters Web Agent Procedure Page Table 17-2. Add IPX RIP Filters Web Page Parameters Note: Page Page CLI Command Viewing RIP Interface Statistics Web Agent Procedure CLI Command Page 18 Protocol Configuring IPX SAP Interfaces Web Agent Procedure Page CLI Command command from Interface mode: (config-if <interface-name>)# ipx sap Creating IPX SAP Filters This section provides the following procedures: Table 18-1. IPX SAP Interface Web Page Parameters Creating IPX SAP Name Filters Web Agent Procedure Table 18-2. IPX SAP Name Filter Web Page Parameters Note: Page CLI Command Creating IPX SAP Network Filters Web Agent Procedure Page Default value is outbound. Table 18-3. Add IPX SAP Network Filter Web Page Parameters Page CLI Command Interpreting IPX SAP Interface Statistics Web Agent Procedure CLI Command Page 19 Routing Implementation What is AppleTalk Routing? Page Need for AppleTalk Routing Configuring AppleTal k Routing Enabling AppleTalk Global Routing Creating an AppleTalk Routing Interface Web Agent Procedure Page Page CLI Commands Editing AppleTalk Interfaces Web Agent Procedure Page CLI Command Deleting an AppleTalk Interface Web Agent Procedure CLI Commands Creating an AppleTalk Static Route Web Agent Procedure Page CLI Command Editing AppleTalk Static Routes Web Agent Procedure CLI Command Deleting an AppleTalk Static Route Web Agent Procedure CLI Command Creating an AppleTalk Name-Binding Protocol (NBP) Filter Web Agent Procedure CLI Command Editing an AppleTalk NBP Filter Web Agent Procedure CLI Command Adding or Deleting Interfaces to an NBP Filter Web Agent Procedure CLI Commands Creating an AppleTalk Zone Filter Web Agent Procedure CLI Command Editing an AppleTalk Zone Filter Web Agent Procedure CLI Command Adding or Deleting Interfaces to a Zone Filter Web Agent Procedure CLI Commands Viewing AppleTalk Statistics Viewing AppleTalk Global Statistics Page CLI Command Viewing the AppleTalk Interface Statistics Table Web Agent Procedure CLI Command Viewing the AppleTalk Route Table Web Agent Procedure CLI Command Viewing AppleTalk Route Table Statistics Web Agent Procedure CLI Command Viewing the AppleTalk ARP Cache Table Web Agent Procedure CLI Command Viewing the AppleTalk Zone Table Web Agent Procedure CLI Command Viewing AppleTalk Zone Table Statistics Web Agent Procedure CLI Command Viewing the AppleTalk NBP Table Web Agent Procedure CLI Command Page 20 Multicasting Introduction Manually Configured Intelligent Multicasting Dynamic Intelligent Multicasting The Learning Process, IGMP Snooping The Administration Process; Management and Pruning The Dissemination Process, LGMP and CGMP Snooping Configuring Intelligent Multicasting Configuring Global Intelligent Multicasting Web Agent Procedure Page CLI Command following command from Configure mode: (configure)# set intelligent-multicast {enable} Table 20-1. Intelligent Global Multicast Configuration Web Page Parameters Displaying Router Ports Web Agent Procedure CLI Command Configuring Static Router Ports Web Agent Procedure CLI Command Searching for Intelligent Multicast Sessions Web Agent Procedure Page Page CLI Command Deleting an Intelligent Multicast Session Web Agent Procedure CLI Command Deleting a Multicast Session Client Port Web Agent Procedure CLI Command Creating a Static Multicast Session Web Agent Procedure Page CLI Command Deleting Static Multicast Sessions Web Agent Procedure CLI Command Creating Static Client Ports Web Agent Procedure CLI Command Deleting Static Client Ports Web Agent Procedure CLI Command Managing IGMP Snooping Enabling IGMP Snooping Web Agent Procedure CLI Command Viewing IGMP Snooping Statistics Web Agent Procedure CLI Command Managing the LGMP Server Configuring the LGMP Server Web Agent Procedure Page Table 20-9. LGMP Server Configuration Web Page Parameters CLI Command Viewing the LGMP Server Statistics Web Agent Procedure CLI Command Viewing the LGMP Server Statistics per VLAN Web Agent Procedure CLI Command command: > show lgmp server statistics vlan {all | <vlan-id> | name <vlan-name>} Table 20-10. LGMP Server Display per VLAN Web Page Parameters Managing the LGMP Client Table 20-11. LGMP Client Configuration Web Page Parameters Enabling the LGMP Client Web Agent Procedure CLI Command Viewing LGMP Clients Statistics Web Agent Procedure Viewing LGMP Clients per VLAN statistics Web Agent Procedure CLI Command Managing CGMP Snooping Enabling CGMP Snooping Web Agent Procedure CLI Command from Configure mode: (configure)# set cgmp enable Table 20-13. CGMP Snooping Web Page Parameters Viewing CGMP Snooping Web Agent Procedure CLI Command Page 21 Multiservice Switch Interpreting Front Panel LED Displays Checking Active Alarms Web Agent Procedure CLI Command Using the Event Subsystem Configuring Event Notification Web Agent Procedure Page Page CLI Command Configuring Notification of Protocol Events Overview Web Agent Procedure Page CLI Command Setting Log Size Web Agent Procedure CLI Command Viewing the Event and Shutdown Logs Web Agent Procedure CLI Command Clearing the Event Log Web Agent Procedure CLI Command Viewing Event Statistics Web Agent Procedure Configuring Syslog Event Reporting Configuring Syslog Web Agent Procedure CLI Command Configuring Utilization Monitoring Enabling Utilization Monitoring Enabling Event Logging of Utilization Setting a Utilization Threshold Viewing Utilization Settings Viewing CPU Utilization Statistics Viewing Statistics for Forwarding Engine Utilization N 22 the Forwarding Cache Contents 10-Gigabit Module and Forwarding Cache Configuring the Forwarding Cache Web Agent Procedure 3. Click: CLI Command Monitoring the Forwarding Cache Statistics Displaying Frame Forwarding Statistics Web Agent Procedure Page Displaying and Searching the L3 Forwarding Cache for an Entry Web Agent Procedure Page Page CLI Command Displaying the Forwarding Cache Web Agent Procedure Page Table 22-4. Active FE Cache Web Page Fields Parameter Defines... Page 23 Statistics to Analyze Network Performance Viewing Network Statistics Web Agent Procedure Page Page Page Page Page CLI Command Setting Up Port Mirroring Setting Up a Port Mirror on a Switch in Fabric Mode 1 Restrictions Web Agent Procedure Page Note: Table 23-3. Port Mirroring Configuration Web Page Parameters CLI Command Setting Up Port Mirroring on a Switch in Fabric Mode 2 Restrictions Page Table 23-4. Port Ranges for Fabric Mode 2 Port Mirroring Page Page CLI Command Removing a Fabric Mode 2 Port Mirror Viewing Information about a Fabric Mode 2 Port Mirror 24 on 50-Series Modules How Queues Work Managing Buffers and Queues Web Agent Procedure Page Table 24-1. Buffer Management Web Page Parameters Page Table 24-2. Buffer Detail Configuration Web Page Parameters Parameter Definition... CLI Command Page 25 Why implement QoS? Purpose of QoS Prerequisites Implementation Example How Does QoS Work? QoS Process for Ingress Traffic Process Example QoS Process for Egress Traffic Process Example Diagram of QoS Process Classification of Traffic Default Priority Classifying Traffic by Layer 2 Characteristics Classifying Traffic by Layer 3 or Layer 4 Characteristics ACL Rules Using a Default ACL Rule Diffserv Precedence of Priorities Supported Number of Queues Tabl e 25-3 specifies the number of ingress and egress queues that are available on each module. Table 25-2. Precedence of Priorities Layer Precedence of Priority Priority Used for Classification Table 25-3. Modules and Available Queues Module Ingress Queues Egress Queues Setting the Priority of a Physical Port CLI Command Setting a Physical Port to Ignore Tag Priority CLI Command Table 25-6. Keywords, Arguments, or Options Keyword, Argument or Table 25-7. Examples: set port ignore-tag-priority To... Enter... Setting the Priority of a MAC Address CLI Command Table 25-8. Keywords, Arguments, and Options Keyword, Argument or Table 25-9. Examples: set aft entry Displaying the Priority of a MAC Address CLI Command address or destination MAC address. The syntax of the command is: > show aft entry [mac <wildcard-mac-address>] [VLAN {<VLAN-id> | Table 25-9. Examples: set aft entry Setting a Physical Port to Use DiffServ CLI Command Example Setting a Physical Port to Mask DiffServ Bits CLI Command Example Assigning a Priority to a DSCP CLI Command Example Displaying the DiffServ Table CLI Command Displaying the QoS Settings for a Physical Port CLI Command Setting Up an ACL Rule CLI Command Standard ACL Extended ACL Keywords, Arguments, and Options Table 25-14. Keywords, Arguments, and Options Keyword, Argument or Examples: Standard ACL Rules Table 25-14. Keywords, Arguments, and Options Keyword, Argument or Table 25-15. Examples: Standard ACL Rules To... Enter... Examples: Extended ACL Rules Table 25-15. Examples: Standard ACL Rules To... Enter... Table 25-16. Examples: Extended ACL Rules To... Enter... Setting Up a Default ACL Rule CLI Command Displaying ACL Rules CLI Command Ingress Policing Setting Up Policing Table 25-17. Keywords, Arguments, and Options Keyword, Argument or Displaying the Policing Settings Queue-Servicing Algorithms WFQ How WFQ Works Example Strict Priority Queueing CBQ CBWFQ Burst Thresholds Management Traffic Setting Up WFQ Setting Up Strict Priority Queueing CLI Command Example Setting Up CBQ Setting Up CBWFQ Table 25-23. Keywords, Arguments, and Options Keyword, Argument or Page Displaying the Queue-Service Settings CLI Command Example QoS Statistics Queue Statistics Table 25-25. Ingress Queue Statistics for 10/100 Modules Egress Port Statistics for 10/ 100 Modules Egress Port Statistics for Gigabit Modules Table 25-27. Egress Port Statistics for 10/100 Modules Table 25-28. Egress Port Statistics for Gigabit Modules Buffer Statistics for Egress Queues Table 25-28. Egress Port Statistics for Gigabit Modules This section contains procedures for the following tasks: Table 25-29. Buffer Statistics for Egress Queues Displaying QoS Statistics Resetting the QoS Statistics Displaying the Buffer Settings for Egress Queues A Software Backing Up the Current Software Web Agent Procedure CLI Command Backing Up the Previous Configuration Web Agent Procedure Page CLI Command Downloading Application Software Web Agent Procedure CLI Command Setting the Startup Image Web Agent Procedure CLI Command Synchronizing the Active and Standby Supervisor Modules Resetting the Active Supervisor Web Agent Procedure CLI Command Resetting the Standby Supervisor Web Agent Procedure CLI Command Verifying the Upgrade Upgrading a Switch with Multiple VLANs Statically Bound to Hunt Group Ports B Accessing BOOT Mode Accessing BOOT Mode During Power Up Accessing BOOT Mode with Corrupted Operational Images Password Recovery Syntax Description Downloading New Operational Code Page C AppleTalk Standard MIB Private MIB Application Software Management Private MIB ATM Uplink Standard MIB Private MIB Bridging Standard MIBs IP Standard MIBs Private MIBs IPX Private MIBs Monitoring Standard MIBs Private MIBs SNMP Standard MIBs D Page Index Numerics A Page Page B C invalid combinations D Page Page E F G H I Page Page Page Page Page Page J K L Page M configuring a mirror port N O Page P Q R Page S Page Page T U V viewing W X Z