Manuals
/
Brands
/
Computer Equipment
/
Switch
/
Juniper Networks
/
Computer Equipment
/
Switch
Juniper Networks
EX2500
- page 92
1
92
102
102
Download
102 pages, 1.06 Mb
EX2500 Ethernet Switch Configuration Guide
78
Monitoring UFD
Contents
Main
Configuration Guide
Release 3.0
ii
Table of Contents
Part 1 EX2500 Ethernet Switch Applications
Page
Page
Part 2 Appendixes
Part 3 Indexes
List of Figures
Page
List of Tables
Page
About This Guide
Objectives
Audience
Supported Platforms
xii
Documentation Conventions
Table 1: Notice Icons Icon Meaning Description
Table 2: EX2500 Text and Syntax Conventions Convention Usage Examples
List of Technical Publications
Documentation Feedback
Requesting Technical Support
Self-Help Online Tools and Resources
Opening a Case with JTAC
Part 1
EX2500 Ethernet Switch Applications
Page
Chapter 1
Accessing the Switch
Configuring the Management Interface
Dynamic Host Configuration Protocol
Using Telnet
Using the EX2500 Web Device Manager
Configuring EX2500 Web Device Manager Access via HTTP
Configuring EX2500 Web Device Manager Access via HTTPS
Using SNMP
SNMPv1, SNMPv2
SNMPv3
Default Configuration
User Configuration
Configuring SNMP Trap Hosts
SNMPv1 Trap Host Configuration
SNMPv2 Trap Host Configuration
SNMPv3 Trap Host Configuration
Securing Access to the Switch
RADIUS Authentication and Authorization
How RADIUS Authentication Works
Configuring RADIUS on the Switch
RADIUS Authentication Features in the EX2500 Switch
Switch User Accounts
RADIUS Attributes for EX2500 User Privileges
TACACS+ Authentication
How TACACS+ Authentication Works
TACACS+ Authentication Features in the EX2500 Switch
Page
Command Authorization and Logging
Configuring TACACS+ Authentication on the Switch
Secure Shell
Configuring SSH Features on the Switch
SSH Encryption of Management Messages
Generating RSA Host and Server Keys for SSH Access
SSH Integration with RADIUS and TACACS+ Authentication
End User Access Control
Considerations for Configuring End User Accounts
User Access Control
Listing Current Users
Logging In to an End User Account
Chapter 2
VLANs
VLAN Overview
VLANs and Port VLAN ID Numbers VLAN Numbers
PVID Numbers
VLAN Tagging
Page
Figure 2: Port-Based VLAN Assignment
r
o
f
B
VLAN Topologies and Design Considerations
VLAN Configuration Rules
Multiple VLANs Configuration Example
Page
Private VLANs
Private VLAN Ports
Private VLAN Configuration Guidelines
Private VLAN Configuration Example
Chapter 3
Spanning Tree Protocol
Spanning Tree Overview
Bridge Protocol Data Units (BPDUs)
Determining the Path for Forwarding BPDUs
Bridge Priority
Port Priority
Port Path Cost
Spanning Tree Group Configuration Guidelines
Changing the Spanning Tree Mode
Assigning a VLAN to a Spanning Tree Group
Creating a VLAN
Rules for VLAN Tagged Ports
Adding and Removing Ports from STGs
Rapid Spanning Tree Protocol
Port State Changes
Port Type and Link Type
Edge Port
Link Type
RSTP Configuration Guidelines
RSTP Configuration Example
Per VLAN Rapid Spanning Tree
Default Spanning Tree Configuration
Why Do We Need Multiple Spanning Trees?
PVRST Configuration Guidelines
Configuring PVRST
Multiple Spanning Tree Protocol
MSTP Region
Common Internal Spanning Tree
MSTP Configuration Guidelines
Multiple Spanning Tree Groups Configuration Example
Fast Uplink Convergence
Configuration Guidelines
Configuring Fast Uplink Convergence
Chapter 4
Ports and Trunking
Trunking Overview
Statistical Load Distribution
Built-In Fault Tolerance
Before Configuring Static Trunks
Trunk Group Configuration Rules
Port Trunking Configuration Example
Page
Configurable Trunk Hash Algorithm
Link Aggregation Control Protocol
Page
LACP Configuration Guidelines
Configuring LACP
Optionally Reducing LACP Timeout
Page
Chapter 5
Quality of Service
QoS Overview
Using ACL Filters
Ports
ACL Filter Permit/Deny
Classify Packets
Perform Actions
MAC Extended ACLs
IP Standard ACLs
IP Extended ACLs
Understanding ACL Priority
Port 1 access group ACL IP Extended 128:
Port number = 80 Action = permit ACL IP Extended 129:
Port number = 23 Action = deny ACL IP Extended 130:
Port number = less than 100 Action = permit
Assigning ACLs to a Port
Viewing ACL Statistics
ACL Configuration Examples
ACL Example 1Blocking Traffic to a Host
ACL Example 2Blocking Traffic from a Source to a Destination
ACL Example 3Blocking HTTP Traffic
ACL Example 4Blocking All Except Certain Packets
Using Storm Control Filters
Broadcast Storms
Configuring Storm Control
Using DSCP Values to Provide QoS
Differentiated Services Concepts
7 6 5 4 3 2 1 0
Per Hop Behavior
EX2500 Ethernet Switch Configuration Guide
62
QoS Levels
ex2500# qos dscp transmit-queue <DSCP value (0-63)> <COSq (0-7)>
DSCP Mapping
Use the following command to turn on DSCP re-marking globally:
ex2500# qos dscp enable
Using 802.1p Priority to Provide QoS
7 6 5 4 3 2 1 0
7 6 5 4 3 2 1 0
Queuing and Scheduling
Chapter 6
Remote Monitoring
RMON Overview
RMON Group 1Statistics
RMON Group 2History
History MIB Object ID
Configuring RMON History
RMON Group 3Alarms
Alarm MIB Objects
Configuring RMON Alarms
RMON Group 9Events
Page
Chapter 7
IGMP
IGMP Snooping
FastLeave
IGMPv3 Snooping
IGMP Snooping Configuration Example
Static Multicast Router
Chapter 8
High Availability Through Uplink Failure Detection
High Availability Overview
Failure Detection Pair
Spanning Tree Protocol with UFD
UFD Configuration Guidelines
UFD Configuration Example
Monitoring UFD
Page
Page
Page
Appendix A
Monitoring Ports with Port Mirroring
Port Mirroring Overview
Configuring Port Mirroring
Page
Page
Index
Numerics
A
B
C
H
I
J
L
M
Q
R
S
T
U
V
W