Manuals
/
Juniper Networks
/
Computer Equipment
/
Switch
Juniper Networks
EX2500
manual
Models:
EX2500
1
92
102
102
Download
102 pages
52.15 Kb
89
90
91
92
93
94
95
96
Rmon Group 3-Alarms
Default Vlan Settings
Configuration Guide
Accessing the Switch
Authorization
Quality of Service
Switch User Accounts
Using Telnet
Set the Lacp mode
Page 92
Image 92
EX2500 Ethernet Switch Configuration Guide
78
Monitoring UFD
Page 91
Page 93
Page 92
Image 92
Page 91
Page 93
Contents
Configuration Guide
North Mathilda Avenue Sunnyvale, CA
Ii „
Table of Contents
Chapter VLANs
Chapter Ports and Trunking
Rmon Overview Rmon Group 1-Statistics Rmon Group 2-History
Indexes
Port Mirroring Overview Configuring Port Mirroring
Appendixes
Default Vlan Settings
Port-Based Vlan Assignment
Page
List of Tables
EX2500 Ethernet Switch Configuration Guide „ List of Tables
About This Guide
Objectives
Audience
Supported Platforms
Documentation Conventions
Icon Meaning Description
Requesting Technical Support
List of Technical Publications
Documentation Feedback
Self-Help Online Tools and Resources
Opening a Case with Jtac
EX2500 Ethernet Switch Applications
Page
Accessing the Switch
Configuring the Management Interface
Dynamic Host Configuration Protocol
Configure the default gateway. Enable the gateway
Using Telnet
Using the EX2500 Web Device Manager
Configuring EX2500 Web Device Manager Access via Http
Configuring EX2500 Web Device Manager Access via Https
Using Snmp
SNMPv1, SNMPv2
SNMPv3
Default Configuration
User Configuration
Configuring Snmp Trap Hosts
SNMPv1 Trap Host Configuration
SNMPv2 Trap Host Configuration
Configure an entry in the notify table
Securing Access to the Switch
SNMPv3 Trap Host Configuration
Radius Authentication and Authorization
How Radius Authentication Works
Configuring Radius on the Switch
Configure the Radius secret
Radius Authentication Features in the EX2500 Switch
Switch User Accounts
Radius Attributes for EX2500 User Privileges
TACACS+ Authentication Features in the EX2500 Switch
TACACS+ Authentication
How TACACS+ Authentication Works
„ starttime „ stoptime „ elapsedtime „ disccause
Configure the TACACS+ secret and second secret
Command Authorization and Logging
Configuring TACACS+ Authentication on the Switch
Configuring SSH Features on the Switch
Generating RSA Host and Server Keys for SSH Access
Secure Shell
SSH Encryption of Management Messages
End User Access Control
SSH Integration with Radius and TACACS+ Authentication
Considerations for Configuring End User Accounts
User Access Control
Listing Current Users
Logging In to an End User Account
VLANs
Vlan Overview
„ Port configuration
VLANs and Port Vlan ID Numbers
Vlan Numbers
Pvid Numbers
Illustrates the default Vlan settings on the switch
Vlan Tagging
Default Vlan Settings
Port-Based Vlan Assignment
Vlan Configuration Rules
Vlan Topologies and Design Considerations
Multiple VLANs Configuration Example
Multiple VLANs example in is described in Table
Enable tagging on uplink ports that support multiple VLANs
Private VLANs
Private Vlan Ports
Private Vlan Configuration Guidelines
Private Vlan Configuration Example
Configure a secondary Vlan and map it to the primary Vlan
Verify the configuration
Spanning Tree Protocol
Spanning Tree Overview
Bridge Priority
Bridge Protocol Data Units BPDUs
Determining the Path for Forwarding BPDUs
Spanning Tree Group Configuration Guidelines
Changing the Spanning Tree Mode
Port Priority
Port Path Cost
Adding and Removing Ports from STGs
Creating a Vlan
Rules for Vlan Tagged Ports
Rapid Spanning Tree Protocol
Port State Changes
Rstp Configuration Guidelines
Rstp Configuration Example
Port Type and Link Type
Edge Port
Per Vlan Rapid Spanning Tree
Default Spanning Tree Configuration
Why Do We Need Multiple Spanning Trees?
Pvrst Configuration Guidelines
Configuring Pvrst
Mstp Configuration Guidelines
Multiple Spanning Tree Protocol
Mstp Region
Common Internal Spanning Tree
Multiple Spanning Tree Groups Configuration Example
Implementing Multiple Spanning Tree Groups
Fast Uplink Convergence
Vlan
Configuration Guidelines
Configuring Fast Uplink Convergence
Statistical Load Distribution
Ports and Trunking
Trunking Overview
Trunk Group Configuration Rules
Built-In Fault Tolerance
Before Configuring Static Trunks
Port Trunking Configuration Example
Port Trunk Group Configuration Example
Follow these steps on the EX2500 switch Define a trunk group
Configurable Trunk Hash Algorithm
Link Aggregation Control Protocol
„ Destination MAC Dmac
„ Destination IP DIP
48 „ Link Aggregation Control Protocol
Lacp Configuration Guidelines
Configuring Lacp
Optionally Reducing Lacp Timeout
Set the Lacp mode
Ex2500config-if# lacp timeout short ex2500config-if# exit
Quality of Service
QoS Overview
Using ACL Filters
COS
MAC Extended ACLs
IP Standard ACLs
To delete a MAC Extended ACL
To delete an IP Standard ACL
IP Extended ACLs
To delete an IP Extended ACL
Understanding ACL Priority
TCP/UDP
ACL Configuration Examples
Assigning ACLs to a Port
Viewing ACL Statistics
ACL Example 1-Blocking Traffic to a Host
ACL Example 3-Blocking Http Traffic
Add the ACL to a port
ACL Example 4-Blocking All Except Certain Packets
Assign the ACLs to a port
Broadcast Storms
Using Storm Control Filters
Configuring Storm Control
Using Dscp Values to Provide QoS
Differentiated Services Concepts
Per Hop Behavior
Assured Forwarding Drop Precedence Class
Dscp Mapping
Use the following command to perform Dscp mapping
QoS Levels
Using 802.1p Priority to Provide QoS
Shows the priority bits in a VLAN-tagged packet
Queuing and Scheduling
Remote Monitoring
Rmon Overview
Configure the Rmon statistics on a port
Rmon Group 1-Statistics
Configuring Rmon History
Configure the Rmon History parameters for a port
This configuration enables Rmon History collection on port
Rmon Group 2-History
Rmon Group 3-Alarms
Alarm MIB Objects
Configuring Rmon Alarms
Configure the Rmon Alarm parameters to track Icmp messages
Ex2500config# rmon event 110 type log-only
Rmon Group 9-Events
Page
Igmp
Igmp Snooping
FastLeave
Igmp Snooping Configuration Example
IGMPv3 Snooping
Static Multicast Router
Ex2500# show ip igmp groups
High Availability Through Uplink Failure Detection
High Availability Overview
Spanning Tree Protocol with UFD UFD Configuration Guidelines
Failure Detection Pair
UFD Configuration Example
Monitoring UFD
Page
Appendixes
EX2500 Ethernet Switch Configuration Guide 80 „ Appendixes
„ Port Mirroring Overview on „ Configuring Port Mirroring on
Port Mirroring Overview
Configuring Port Mirroring
Indexes
„ Index on
EX2500 Ethernet Switch Configuration Guide 84 „ Indexes
Index
Numerics
Management interface, configuring
Multi-links between switches, port trunking
Physical. See switch ports
Internet Group Management Protocol. See Igmp
Quality of Service. See QoS
QoS
Security
Segmentation. See IP subnets Segments. See IP subnets
Virtual Local Area Networks. See VLANs
Example showing multiple VLANs
Top
Page
Image
Contents
