Manuals
/
Brands
/
Computer Equipment
/
Personal Computer
/
Blade ICE
/
Computer Equipment
/
Personal Computer
Blade ICE
G8124-E, G8124 manual
1
1
388
388
Download
388 pages, 3.16 Mb
2051 Mission College Blvd.
Santa Clara, CA 95054
www.bladenetwork.net
BLADEOS
™
6.5
Application Guide
RackSwitch
™
G8124/G8124-E
Part Number: BMD00220, October 2010
Contents
Main
Page
Contents
Part 1: Getting Started 23
Part 2: Securing the Switch 53
Page
Part 3: Switch Basics 85
Page
Part 4: Advanced Switching Features 145
Page
Part 5: IP Routing 217
Page
Page
Part 6: High Availability Fundamentals 315
Part 7: Network Management 343
Part 8: Monitoring 367
Part 9: Appendices 379
Page
Preface
Who Should Use This Guide
What Youll Find in This Guide
Part 1: Getting Started
Part 2: Securing the Switch
Part 3: Switch Basics
Part 4: Advanced Switching Features
Part 5: IP Routing
Part 6: High Availability Fundamentals
Part 7: Network Management
Part 8: Monitoring
Part 9: Appendices
Additional References
Typographic Conventions
How to Get Help
Page
Page
CHAPTER 1
Switch Administration
Administration Interfaces
Command Line Interface
Browser-Based Interface
Establishing a Connection
Using the Switch Management Ports
Page
Using the Switch Data Ports
Using Telnet
Using Secure Shell
Using SSH to Access the Switch
Using a Web Browser
Configuring HTTP Access to the BBI
Configuring HTTPS Access to the BBI
Page
BBI Summary
Using Simple Network Management Protocol
BOOTP/DHCP Client IP Address Services
Global BOOTP Relay Agent Configuration
Domain-Specific BOOTP Relay Agent Configuration
Switch Login Levels
Page
Page
CHAPTER 2
Initial Setup
Information Needed for Setup
Default Setup Options
Stopping and Restarting Setup Manually
Stopping Setup
Restarting Setup
Setup Part 1: Basic System Configuration
Setup Part 2: Port Configuration
Page
Setup Part 3: VLANs
Setup Part 4: IP Configuration
IP Interfaces
Page
Default Gateways
IP Routing
Setup Part 5: Final Steps
Optional Setup for Telnet Support
Page
Page
Page
CHAPTER 3
Securing Administration
Secure Shell and Secure Copy
Configuring SSH/SCP Features on the Switch
To Enable or Disable the SSH Feature
To Enable or Disable SCP Apply and Save
Configuring the SCP Administrator Password
Using SSH and SCP Client Commands
To Log In to the Switch
To Copy the Switch Configuration File to the SCP Host
To Load a Switch Configuration File from the SCP Host
To Apply and Save the Configuration
To Copy the Switch Image and Boot Files to the SCP Host
To Load Switch Configuration Files from the SCP Host
SSH and SCP Encryption of Management Messages
Generating RSA Host and Server Keys for SSH Access
SSH/SCP Integration with Radius Authentication
SSH/SCP Integration with TACACS+ Authentication
SecurID Support
Using SecurID with SSH
Using SecurID with SCP
End User Access Control
Considerations for Configuring End User Accounts
Strong Passwords
User Access Control
Setting up User IDs
Defining a Users Access Level
Validating a Users Configuration Enabling or Disabling a User
Listing Current Users
Logging into an End User Account
CHAPTER 4
Authentication & Authorization Protocols
RADIUS Authentication and Authorization
How RADIUS Authentication Works
Configuring RADIUS on the Switch
RADIUS Authentication Features in BLADEOS
Switch User Accounts
RADIUS Attributes for BLADEOS User Privileges
TACACS+ Authentication
How TACACS+ Authentication Works
TACACS+ Authentication Features in BLADEOS
Authorization
Accounting
Command Authorization and Logging
Configuring TACACS+ Authentication on the Switch
LDAP Authentication and Authorization
Configuring the LDAP Server
Configuring LDAP Authentication on the Switch
CHAPTER 5
Access Control Lists
Summary of Packet Classifiers
Page
Summary of ACL Actions
Assigning Individual ACLs to a Port
ACL Order of Precedence
ACL Metering and Re-Marking
Metering
Re-Marking
ACL Port Mirroring
Viewing ACL Statistics
ACL Configuration Examples
ACL Example 1
ACL Example 2
ACL Example 3
VLAN Maps
Page
Using Storm Control Filters
Broadcast Storms
Configuring Storm Control
Page
Page
CHAPTER 6
VLANs
VLANs Overview
VLANs and Port VLAN ID Numbers
VLAN Numbers
PVID Numbers
VLAN Tagging
Page
92 Chapter 6: VLANs BMD00220, October 2010
Figure 2 Port-based VLAN assignment
r
o
f
B
Figure 4 802.1Q tag assignment
r
o
f
B
VLAN Topologies and Desi gn Considerations
VLAN Configuration Rules
Multiple VLANs with Tagging Adapters
Page
VLAN Configuration Example
Private VLANs
Private VLAN Ports
Page
Page
CHAPTER 7
Ports and Trunking
Trunking Overview
Before You Configure Static T runks
Trunk Group Configuration Rules
Port Trunking Example
Page
Configurable Trunk Hash Algorithm
Link Aggregation Control Protocol
Configuring LACP
CHAPTER 8
Spanning T ree Protocols
Spanning Tree Protocol Modes
Global STP Control
STP/PVST+ Mode
Port States
Bridge Protocol Data Units
Bridge Protocol Data Units Overview
Determining the Path for Forwarding BPDUs
Bridge Priority
Port Priority
Fast Uplink Convergence
Fast Uplink Configuration Guidelines
Configuring Fast Uplink Convergence
Port Fast Forwarding
Simple STP Configuration
x
Page
Per-VLAN Spanning Tree Groups
Using Multiple STGs to Eliminate False Loops
STP/PVST+ Defaults and Guidelines
Adding a VLAN to a Spanning Tree Group
Creating a VLAN
Rules for VLAN Tagged Ports
Adding and Removing Ports from STGs
Switch-Centric Configuration
Configuring Multiple STGs
Page
Rapid Spanning Tree Protocol
Port State Changes
RSTP Configuration Guidelines
RSTP Configuration Example
Per-VLAN Rapid Spanning Tree Groups
Configuring PVRST
Multiple Spanning T ree Pro tocol
MSTP Region
Common Internal Spanning Tree
MSTP Configuration Guidelines
MSTP Configuration Example 1
MSTP Configuration Example 2
Blocking VLAN 1 Passing VLAN 2
Passing VLAN 1 Blocking VLAN 2
Page
Port Type and Link Type
Edge Port
Link Type
Page
CHAPTER 9
Quality of Service
QoS Overview
ACL Filter Permit/Deny
COS Queue
Using ACL Filters
Summary of ACL Actions
ACL Metering and Re-Marking
Metering
Re-Marking
Using DSCP Values to Provide QoS
Differentiated Services Concepts
7 6 5 4 3 2 1 0
Per Hop Behavior
QoS Levels
DSCP Re-Marking and Mapping
DSCP Re-Marking Configuration Example
Using 802.1p Priority to Provide QoS
7 6 5 4 3 2 1 0
7 6 5 4 3 2 1 0
Queuing and Scheduling
Page
Page
Page
CHAPTER 10
Deployment Profiles
Available Profiles
Page
Selecting Profiles
Automatic Configuration Changes
Page
CHAPTER 11
Virtualization
Page
CHAPTER 12
Virtual NICs
Defining Server Ports
Enabling the vNIC Feature
vNIC IDs
vNIC IDs on the Switch
vNIC Interface Names on the Server
vNIC Bandwidth Metering
vNIC Groups
Page
vNIC Teaming Failover
Servers
Primary Switch
To Backup Switch
Virtual Pipes
Page
BMD00220, October 2010 Chapter 12: Virtual NICs 161
vNIC Configuration Example
Consider the following example configuration: Figure 21 Multiple vNIC Groups
Switch 1 Servers
VNIC Group 1 VLAN 1000
VNIC Group 2 VLAN 1774
Page
Page
vNICs for iSCSI on Emulex Eraptor 2
CHAPTER 13
VMready
VE Capacity
Defining Server Ports
VM Group Types
Local VM Groups
Configuring a Local VM Group
Page
Distributed VM Groups
VM Profiles
Initializing a Distributed VM Group
Assigning Members
Synchronizing the Configuration
Removing Member VEs
Virtualization Management Servers
Assigning a vCenter
vCenter Scans
Deleting the vCenter
Exporting Profiles
VMware Operational Commands
Pre-Provisioning VEs
VLAN Maps
Page
VM Policy Bandwidth Control
VM Policy Bandwidth Control Commands
Bandwidth Policies vs. Bandwidth Shaping
VMready Information Displays
Local VE Information
To view additional detail regarding any specific VE, see vCenter VE Details on page183).
vCenter Hypervisor Hosts
vCenter VEs
vCenter VE Details
VMready Configuration Example
Page
Page
CHAPTER 14
FCoE and CEE
Page
Fibre Channel over Ethernet
The FCoE Topology
Fibre Channel LAN
Page
FCoE Requirements
Converged Enhanced Ethernet
!
Turning CEE On or Off
Effects on Link Layer Discovery Protocol
Effects on 802.1p Quality of Service
Effects on Flow Control
FCoE Initialization Protocol Snooping
Global FIP Snooping Settings
FIP Snooping for Specific Ports
Port FCF and ENode Detection
FCoE Connection Timeout
FCoE ACL Rules
FCoE VLANs
Viewing FIP Snooping Information
Operational Commands
FIP Snooping Configuration
Priority-Based Flow Control
Global Configuration
PFC Configuration Example
Page
Enhanced Transmission Selection
802.1p Priority Values
Page
Priority Groups
PGID
Assigning Priority Values to a Priority Group
Deleting a Priority Group
Allocating Bandwidth
Allocated Bandwidth for PGID 0 Through 7
Unlimited Bandwidth for PGID 15
Configuring ETS
Page
Data Center Bridging Capability Exchange
DCBX Settings
Enabling and Disabling DCBX
Peer Configuration Negotiation
Page
Configuring DCBX
Page
Page
Part 5: IP Routing
Page
CHAPTER 15
Basic IP Routing
IP Routing Benefits
Routing Between IP Subnets
Page
Example of Subnet Routing
Using VLANs to Segregate Broadcast Domains
Page
Page
ECMP Static Routes
OSPF Integration
ECMP Route Hashing
Configuring ECMP Static Routes
Dynamic Host Configuration Protocol
DHCP Relay Agent
Page
CHAPTER 16
Internet Protocol Version 6
IPv6 Limitations
IPv6 Address Format
IPv6 Address T ype s
Unicast Address
Multicast
Anycast
IPv6 Address Autoconfiguration
IPv6 Interfaces
Neighbor Discovery
Neighbor Discovery Overview
Host vs. Router
Supported Applications
Page
Configuration Guidelines
IPv6 Configuration Examples
IPv6 Example 1
IPv6 Example 2
Page
Page
CHAPTER 17
Routing Information Protocol
Distance Vector Protocol
Stability
Routing Updates
RIPv1
RIPv2
RIPv2 in RIPv1 Compatibility Mode
RIP Features
Poison
Triggered Updates
Multicast
Default
Metric
Authentication
RIP Configuration Example
3. Turn on RIP globally and enable RIP for each interface.
2. Add IP interfaces with IPv4 addresses to VLANs.
Page
CHAPTER 18
Internet Group Management Protocol
IGMP Snooping
IGMP Groups
FastLeave
IGMPv3 Snooping
Page
IGMP Snooping Configuration Example
Static Multicast Router
Configure a Static Multicast Router
IGMP Querier
IGMP Filtering
Configuring the Range
Configuring the Action
Configure IGMP Filtering
Page
CHAPTER 19
Border Gateway Protocol
Internal Routing Versus Exte rnal Routing
Forming BGP Peer Routers
What is a Route Map?
Incoming and Outgoing Route Maps
Access Lists (alist)
Network Filter (nwf)
Route Maps (rmap)
Precedence
Configuration Overview
Page
Aggregating Routes
Redistributing Routes
BGP Attributes
Local Preference Attribute
Metric (Multi-Exit Discriminator) Attribute
Selecting Route Paths in BGP
BGP Failover Configuration
Page
Default Redistribution and Route Aggregation Example
Page
Page
CHAPTER 20
OSPF
OSPFv2 Overview
Types of OSPF Areas
Backbone Area 0
Stub Area Not-So-Stubby Area (NSSA)
Transit Area
Types of OSPF Routing Devices
OSPF Autonomous System
Area 3
Area 2
Neighbors and Adjacencies
The Link-State Database
The Shortest Path First Tree
Internal Versus External Routing
OSPFv2 Implementation in BLADEOS
Configurable Parameters
Defining Areas
Assigning the Area Index
Using the Area ID to Assign the OSPF Area Number
Attaching an Area to a Network
Interface Cost
Electing the Designated Router and Backup
Summarizing Routes
Default Routes
The OSPF default route configuration can be removed with the command:
Virtual Links
Router ID
Authentication
Configuring Plain Text OSPF Passwords
Configuring MD5 Authentication
Host Routes for Load Balancing
OSPF Features Not Supported in This Release
OSPFv2 Configuration Examples
Example 1: Simple OSPF Domain
Page
Example 2: Virtual Links
Configuring OSPF for a Virtual Link on Switch #1
Page
Configuring OSPF for a Virtual Link on Switch #2
Other Virtual Link Options
Example 3: Summarizing Routes
Page
Verifying OSPF Configuration
OSPFv3 Implementation in BLADEOS
OSPFv3 Differences from OSPFv2
OSPFv3 Requires IPv6 Interfaces
OSPFv3 Uses Independent Command Paths
OSPFv3 Identifies Neighbors by Router ID
Other Internal Improvements
OSPFv3 Limitations
OSPFv3 Configuration Example
BLADE Switch
Page
Page
CHAPTER 21
Protocol Independent Multicast
PIM Overview
Supported PIM Modes and Features
Basic PIM Settings
Globally Enabling or Disabling the PIM Feature
Defining a PIM Network Component
Defining an IP Interface for PIM Use
PIM Neighbor Filters
Additional Sparse Mode Settings
Specifying the Rendezvous Point
Influencing the Designated Router Selection
Specifying a Bootstrap Router
Using PIM with Other Features
PIM with ACLs or VMAPs
PIM with IGMP
PIM Configuration Examples
Example 1: PIM-SM with Dynamic RP
Example 2: PIM-SM with Static RP
Example 3: PIM-DM
Page
Page
Page
Page
CHAPTER 22
Basic Redundancy
Trunking for Link Redundancy
Hot Links
Forward Delay
Preemption
FDB Update
Configuring Hot Links
Active MultiPath Protocol
Health Checks
FDB Flush
Configuring an Aggregator Switch
Configuring an Access Switch
Verifying AMP Operation
Page
CHAPTER 23
Layer 2 Failover
Monitoring Trunk Links
Setting the Failover Limit
Manually Monitoring Port Links
Monitor Port State
Control Port State
L2 Failover with Other Features
LACP
Spanning Tree Protocol
Configuration Guidelines
Configuring Layer 2 Failover
Page
CHAPTER 24
Virtual Router Redundancy Protocol
VRRP Overview
VRRP Components
Virtual Router
Virtual Router MAC Address
Owners and Renters
VRRP Operation
Selecting the Master VRRP Router
Failover Methods
Active-Active Redundancy
Virtual Router Group
Active (subnet A and C)
Active (subnet B and D)
BLADEOS Extensions to VRRP
Virtual Router Deployment Considerations
Assigning VRRP Virtual Router ID
Configuring the Switch for Tracking
High Availability Configurations
Task 1: Configure G8124 1
1. Configure client and server interfaces.
3. Turn on VRRP and configure two Virtual Interface Routers.
2. Configure the default gateways. Each default gateway points to a Layer 3 router.
Page
Task 2: Configure G8124 2
1. Configure client and server interfaces.
3. Turn on VRRP and configure two Virtual Interface Routers.
2. Configure the default gateways. Each default gateway points to a Layer 3 router.
Page
Page
Page
CHAPTER 25
Link Layer Discovery Protocol
LLDP Overview
Enabling or Disabling LLDP
Global LLDP Setting
Transmit and Receive Control
LLDP Transmit Fea tures
Scheduled Interval
Minimum Interval
Time-to-Live for Transmitted Information
Trap Notifications
Changing the LLDP Transmit State
Types of Information Tr ansmitted
Page
LLDP Receive Features
Types of Information Received
Viewing Remote Device Information
Time-to-Live for Received Information
LLDP Example Configuration
Page
CHAPTER 26
Simple Network Management Protocol
SNMP Version 1
SNMP Version 3
Default Configuration
User Configuration Example
Configuring SNMP Trap Host s
SNMPv1 Trap Host
5. Use the community table to specify which community string is used in the trap.
SNMPv2 Trap Host Configuration
Note BLADEOS 6.5 supports only IPv4 addresses for SNMP trap hosts.
SNMPv3 Trap Host Configuration
SNMP MIBs
Page
Page
Switch Images and Configuration Files
Loading a New Switch Image
Loading a Saved Switch Configuration
Saving the Switch Configuration
Saving a Switch Dump
Page
Page
CHAPTER 27
Remote Monitoring
RMON Overview
RMON Group 1Statistics
Example Configuration
RMON Group 2History
History MIB Object ID
Configuring RMON History
RMON Group 3Alarms
Alarm MIB objects
Configuring RMON Alarms
RMON Group 9Events
CHAPTER 28
sFLOW
sFlow Statistical Counters
sFlow Network Sampling
sFlow Example Configuration
CHAPTER 29
Port Mirroring
Configuring Port Mirroring
Page
Page
APPENDIX A
Glossary
Page
Index
Symbols
Numerics
A
B
D
E
F
G
H
I
J
L
M
N
P
Q
R
S
T
U
V
W