Manuals / Blade ICE / Computer Equipment / Computer Accessories

Blade ICE G8000 manual RMON group 9-Events, Configure RMON events, Example

Models: G8000

1 145

Download 145 pages 21.85 Kb

Page 118

1.Configure the RMON Alarm parameters to track ICMP messages.

RackSwitch G8000 Application Guide

Example 2

1.Configure the RMON Alarm parameters to track ICMP messages.

RS G8000 (config)# rmon alarm 1 oid 1.3.6.1.2.1.5.8.0

RS G8000			alarm-type rising rise-event				110
RS G8000		(config)# rmon alarm 1				interval-time 60	200
RS G8000		(config)# rmon alarm 1				rising-threshold	200
RS	G8000	(config)#	rmon	alarm	1	sample-type delta	icmpInEchos"
RS	G8000	(config)#	rmon	alarm	1	owner "Alarm for	icmpInEchos"

This configuration creates an RMON alarm that checks icmpInEchos on the switch once every minute. If the statistic exceeds 200 within a 60 second interval, an alarm is generated that triggers event index 110.

RMON group 9—Events

The RMON Event Group allows you to define events that are triggered by alarms. An event can be a log message, an SNMP trap, or both.

When an alarm is generated, it triggers a corresponding event notification. Use the following commands to correlate an Event index to an alarm:

RS G8000 (config)# rmon alarm <alarm number> rise-event<event number> RS G8000 (config)# rmon alarm <alarm number> fall-event<event number>

RMON events use SNMP and syslogs to send notifications. Therefore, an SNMP trap host must be configured for trap event notification to work properly.

RMON uses a syslog host to send syslog messages. Therefore, an existing syslog host must be configured for event log notification to work properly. Each log event generates a syslog of type RMON that corresponds to the event.

Configure RMON events

1.Configure the RMON event parameters.

RS G8000		(config)# rmon event 110				type log-only
RS	G8000	(config)#	rmon	event	110	description “SYSLOG_this_alarm”
RS	G8000	(config)#	rmon	event	110	owner “log icmpInEchos alarm”

This configuration creates an RMON event that sends a syslog message each time it is trig- gered by an alarm.

118 Chapter 7: Remote Monitoring

BMD00041, November 2008

Image 118

Blade ICE G8000 manual RMON group 9-Events, Configure RMON events, Example, Configure the RMON event parameters

Contents

Version RackSwitch G8000Application Guide Part Number BMD00041, NovemberRackSwitch G8000 Application Guide Chapter 2 Port-based Network Access Control ContentsChapter 1 Accessing the Switch PrefaceChapter 4 Ports and Trunking Chapter 5 Spanning TreeChapter 6 Quality of Service Chapter 7 Remote MonitoringChapter 9 IGMP Appendix A TroubleshootingChapter 8 Basic IP Routing Chapter 10 High AvailabilityFigures RackSwitch G8000 Application Guide BMD00041, NovemberTables RackSwitch G8000 Application Guide BMD00041, NovemberPreface Who Should Use This GuideWhat You’ll Find in This Guide Symbol Typographic ConventionsRackSwitch G8000 Application Guide Table 1 Typographic ConventionsHow to Get Help „ “Configuring an IP Interface” on page „ “Using Telnet” on page Accessing the SwitchCHAPTER „ “Using the Browser-Based Interface” on page „ “Using SNMP” on page4. Configure the default gateway. Enable the gateway Configuring an IP Interface1. Log on to the switch 2. Enter IP interface mode Command ReferenceUsing Telnet Configuring BBI access via HTTP Using the Browser-Based InterfaceConfiguring BBI access via HTTPS The BBI is organized at a high level as follows SNMP v1 Using SNMPDefault configuration SNMPUser configuration RS G8000 config# snmp-server group 5 group-name admingrp RackSwitch G8000 Application GuideRS G8000 config# snmp-server group 5 user-name admin 22 „ Chapter 1 Accessing the SwitchSNMPv1 trap host Configuring SNMP Trap HostsSNMPv2 trap host configuration 1. Configure an entry in the notify tableSNMPv3 trap host configuration „ “TACACS+ Authentication” on page Securing Access to the Switch„ “RADIUS Authentication and Authorization” on page „ “End User Access Control” on pageRADIUS Authentication and Authorization How RADIUS authentication worksConfiguring RADIUS 2. Configure the RADIUS secret and enable the featureRADIUS authentication features in Blade OS Vendor-supplied Switch User AccountsRADIUS Attributes for G8000 user privileges Vendor-suppliedTACACS+ Authentication How TACACS+ authentication worksAuthorization TACACS+ authentication features in Blade OSRS G8000 config# tacacs-server privilege-mapping Accounting Command authorization and loggingRS G8000 config# tacacs-server command-authorization 2. Configure the TACACS+ secret and second secret Configuring TACACS+ AuthenticationRS G8000 config# tacacs-server command-logging 4. Configure the number of retry attempts, and the timeout periodSecure Shell Configuring SSH features on the switchSSH encryption of management messages RS G8000 config# ssh generate-host-key Generating RSA Host and Server Keys for SSH accessSSH Integration with RADIUS/TACACS+ Authentication RS G8000 config# ssh generate-server-keyUser Access Control End User Access ControlConsiderations for configuring End User Accounts Setting up User IDsLogging into an End User account Defining a User’s access levelListing current Users Enabling or Disabling a User38 „ Chapter 1 Accessing the Switch RackSwitch G8000 Application GuideBMD00041, November „ “802.1X authentication process” on page Port-based Network Access Control„ “Extensible Authentication Protocol over LAN” on page „ “Configuration guidelines” on pageExtensible Authentication Protocol over LAN Port Unauthorized 802.1X authentication processPort Authorized EAPoL message exchange „ Authorized 802.1X port states„ Unauthorized „ Force Unauthorized44 „ Chapter 2 Port-based Network Access Control Supported RADIUS attributesRackSwitch G8000 Application Guide Table 2 Support for RADIUS AttributesConfiguration guidelines 46 „ Chapter 2 Port-based Network Access Control RackSwitch G8000 Application GuideBMD00041, November „ “VLANs and Port VLAN ID Numbers” on page „ “VLAN Tagging” on page VLANsCHAPTER „ “VLAN Topologies and Design Considerations” on pageOverview VLAN numbers VLANs and Port VLAN ID NumbersViewing VLANs Viewing and Configuring PVIDs PVID numbersVLAN Tagging Figure 3-1 Default VLAN settings BS45010AFigure 3-3 802.1Q tagging after port-based VLAN assignment Figure 3-2 Port-based VLAN assignmentBefore untagged packet Figure 3-4 802.1Q tag assignmentFigure 3-5 802.1Q tagging after 802.1Q tag assignment 16 bitsVLAN configuration rules VLAN Topologies and Design ConsiderationsComponent Multiple VLANs with Tagging AdaptersDescription Component Description2. Enable tagging on uplink ports that support multiple VLANs VLAN configuration example1. Enable VLAN tagging on server ports that support multiple VLANs 3. Configure the VLANs and their member portsPrivate VLANs Private VLAN portsConfiguration guidelines Configuration example1. Select a VLAN and define the Private VLAN type as primary RackSwitch G8000 Application Guide 2. Configure a secondary VLAN and map it to the primary VLAN3. Verify the configuration enable62 „ Chapter 3 VLANs RackSwitch G8000 Application GuideBMD00041, November CHAPTER Ports and Trunking„ “Configurable Trunk Hash Algorithm” on page „ ““Overview” on page 64” „ “Port Trunking Example” on pageStatistical load distribution Built-In fault toleranceOverview Before you configure static trunks Static trunk group configuration rules„ All trunk members must be in the same Spanning Tree Group STG and can belong to only one Spanning Tree Group STG. However if all ports are tagged, then all trunk ports can belong to multiple STGs Trunk 1 Ports 1, 7, and Port Trunking ExampleTrunk 3 Ports 2, 23, and 1. Follow these steps on the G80004. Examine the trunking information on each switch 2. Repeat the process on the other switch3. Connect the switch ports that will be members in the trunk group RS G8000 config# portchannel 1 member 1,7,32Configurable Trunk Hash Algorithm Link Aggregation Control Protocol Admin keyEach port on the switch can have one of the following LACP modes Configuring LACP LACP configuration guidelines3. Set the LACP mode „ “Overview” on page „ “Rapid Spanning Tree Protocol” on page Spanning TreeCHAPTER „ “Per VLAN Rapid Spanning Tree” on pageOverview Table 5-1 Ports, Trunk Groups, and VLANsDetermining the Path for Forwarding BPDUs Bridge Protocol Data Units BPDUsBridge Priority Port Priority Spanning Tree Group configuration guidelinesChanging the Spanning Tree mode Port Path CostAssigning a VLAN to a Spanning Tree Group Rules for VLAN Tagged ports Creating a VLANAdding and removing ports from STGs BMD00041, November RackSwitch G8000 Application GuideChapter 5 Spanning Tree „ Rapid Spanning Tree Protocol Port state changesEdge Port RSTP configuration guidelinesPort Type and Link Type Link Type1. Configure port and VLAN membership on the switch RSTP configuration exampleConfigure Rapid Spanning Tree 2. Set the Spanning Tree mode to Rapid Spanning TreeDefault Spanning Tree configuration Per VLAN Rapid Spanning TreeFigure 5-1 Two VLANs on one Spanning Tree Group Why do we need multiple Spanning Trees?Figure 5-2 Two VLANs, each on a different Spanning Tree Group Configuring PVRST PVRST configuration guidelines1. Set the Spanning-tree mode to PVRST+ MSTP Region Multiple Spanning Tree ProtocolCommon Internal Spanning Tree MSTP configuration guidelines RackSwitch G8000 Application Guide Passing VLANBlocking VLAN Blocking VLANConfiguring Multiple Spanning Tree Groups 2. Configure Multiple Spanning Tree Protocolmember RackSwitch G8000 Application Guideenable memberConfiguring Fast Uplink Convergence Configuration GuidelinesFast Uplink Convergence 92 „ Chapter 5 Spanning Tree RackSwitch G8000 Application GuideBMD00041, November „ “Using Storm Control Filters” on page Quality of Service„ “Overview” on page „ “Using ACL Filters” on page „ “Using DSCP Values to Provide QoS” on pageCOS Queue Permit/DenyFilter OverviewUsing ACL Filters MAC Extended ACLsIP Standard ACLs IP Extended ACLsRS G8000 config# no access-list ip extended RackSwitch G8000 Application GuideRS G8000 config# access-list ip extended Table 6-1 Well-known protocol typesPort 1 access group ACL IP Extended Understanding ACL priorityAssigning ACLs to a port ACL IP ExtendedViewing ACL statistics 1. Configure an Access Control List ACL configuration examplesExample 3. Verify the configurationExample Use this configuration to block traffic from a network destined for a specific host address. All traffic that ingresses port 10 with source IP from the class 100.10.1.0/24 and destination IP 200.20.2.2 is denied1. Configure an Access Control List 2. Assign the ACL to portRackSwitch G8000 Application Guide 1. Configure an Access Control List1. Configure an Access Control List config# ip access-list ip extended4. Configure a MAC ACL to deny all other traffic 2. Configure IP ACLs to deny all other trafficExample RS G8000 config-if# RackSwitch G8000 Application GuideRS G8000 config# interface port ip access-group 1103 inConfiguring storm control Using Storm Control FiltersBroadcast storms Differentiated Services Concepts Using DSCP Values to Provide QoS7 6 5 4 The switch can perform the following actions to the DSCP Per Hop Behavior RackSwitch G8000 Application Guide QoS LevelsDefault QoS Service Levels Service LevelDSCP-to-802.1p mapping Using 802.1p Priority to Provide QoS Figure 6-3 Layer 2 802.1q/802.1p VLAN tagged packetQueuing and Scheduling 802.1p configuration example1. Configure a port’s default 802.1p priority value to Overview Remote MonitoringCHAPTER 1. Enable RMON on a port Configuring RMON statisticsRMON group 1-Statistics 2. Configure the RMON statistics on a portHistory MIB Object ID RMON group 2-HistoryRS G8000# show rmon history 1. Enable RMON on a port RMON group 3-AlarmsConfiguring RMON History 2. Configure the RMON History parameters for a portConfiguring RMON Alarms Alarm MIB objectsExample 1. Configure the RMON Alarm parameters to track ICMP messages Configure RMON eventsRMON group 9-Events 1. Configure the RMON event parametersCHAPTER Basic IP Routing„ “Dynamic Host Configuration Protocol” on page „ “IP Routing Benefits” on pageIP Routing Benefits Routing Between IP Subnets Figure 8-1 The Router Legacy Network„ Traffic to the router increases, increasing congestion Example of Subnet Routing Figure 8-2 Switch-Based Routing Topology2. Assign an IP interface for each subnet attached to the switch Using VLANs to segregate Broadcast DomainsConfiguration example Table 8-1 Subnet Routing Example IP Address Assignmentsenable 4. Add the switch ports to their respective VLANsRackSwitch G8000 Application Guide enable8. Verify the configuration 6. Configure the default gateway to the routers’ addresses7. Enable IP routing 5. Assign a VLAN to each IP interfaceDynamic Host Configuration Protocol 128 „ Chapter 8 Basic IP Routing RackSwitch G8000 Application GuideBMD00041, November „ “IGMP Snooping” on page „ “IGMPv3 Snooping” on page IGMPCHAPTER „ “Static Multicast Router” on pageIGMP Snooping RS G8000 config# no ip igmp floodIGMPv3 Snooping FastLeaveRS G8000 config# ip igmp fastleave VLAN number RS G8000 config# no ip igmp snoop igmpv3 exclude IGMP Snooping configuration exampleConfigure IGMP Snooping RS G8000 config# ip igmp snoop igmpv3 sourcesRS G8000# show ip igmp groups RackSwitch G8000 Application Guide5. View dynamic IGMP information RS G8000# show ip igmp mrouterStatic Multicast Router Configure a Static Multicast Router2. Verify the configuration „ “Uplink Failure Detection” on page High AvailabilityCHAPTER BMD00041, NovemberUplink Failure Detection Figure 10-1 Uplink Failure Detection exampleConfiguration guidelines Failure Detection PairSpanning Tree Protocol with UFD „ Link to Monitor LtM1. Configure Network Adapter Teaming on the servers Configuring UFDMonitoring UFD 2. Assign the Link to Monitor LtM ports„ “Monitoring Ports” on page TroubleshootingAPPENDIX A BMD00041, NovemberMonitoring Ports Figure A-1 Monitoring Ports2. Enable port mirroring Configuring Port MirroringPort Mirroring behavior 3. View the current configuration142 „ Appendix A Troubleshooting RackSwitch G8000 Application GuideBMD00041, November Index SymbolsNumerics