Manuals / Znyx Networks / Computer Equipment / Switch

Znyx Networks bh5700 manual Options with any of these Zaction parameters, Zaction Examples

Models: bh5700

1 359

Download 359 pages 3.51 Kb

Page 64

--drop	Drops the packet
--accept	Accepts the packet

--set-prio <val>Set the 802.1p priority to <val> --use-prio <val>Use queue priority <val>

--copy-cpu Send the packet to the CPU. This will force the full installed chains traversal in software

--set-eport <val>	Redirect the packet to port <val>
--set-mport <val> Mirror the packet to port
<val>

--set-tos <val> Set the IP-Precedence bits in the TOS field of the IP header to <val>

--set-dscp <val>Set the 6-bit DSCP in the TOS field of the IP header to <val>.

Options with any of these ZACTION parameters:


--counter		<val>		Increment classifier hit counter <val>
--arp		Not	an	action,	match only ARP packets.
-i option		can be used to			specify ingress port or VLAN,
-d	specifies		target IP address,
-p	specifies		arp operation as request (1) or response (2).

For arp response, the -ofield can be used to specify the egress port.

ZACTION Examples

Send all tcp packets arriving on zhp5 out port 2:

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --set-eport 2

Send all tcp packets arriving on zhp5 to the CPU (software).

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --copy-cpu

Set the 802.1p priority to 3 on all tcp packets arriving on zhp5.

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --set-prio 3

Extensions to the default matches

These are described in the Linux packet filtering HOWTO at:

http://netfilter.org/documentation/index.html#documentation-howto

Ethernet Switch Blade User's Guide

release 3.2.2j

page 64

Image 64

Znyx Networks bh5700 Options with any of these Zaction parameters, Zaction Examples, Extensions to the default matches

Contents

HP bh5700 Atca 14-Slot Blade Server Ethernet Switch Blade Manufacturing Part Number AD171-9603A June Ethernet Switch Blade Users Guide Release 3.2.2j Legal Notices About the Ethernet Switch Blade Manual Table of Contents Specifying Source and Destination IP Addresses Ethernet Switch Blade Users Guide Release 3.2.2j 100 Network File System NFS Client Configuration Network Time Protocol NTP Client ConfigurationCombining Queuing Disciplines Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j Fabric Switch Elements Table of Figures Index of Tables Init Script Flow Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j Overview of the Ethernet Switch Blade High Performance Embedded Switching OpenArchitect Switch Management Powerful CarrierClass FeaturesExtensible Customization of Routing Policies Ethernet Port Layout Ethernet Switch Blade Port Configuration Base switch Quick ReferenceFabric Switch Quick Reference Inter-switch Link ISL OpenArchitect Switch Environment OpenArchitect Software Structure Ethernet Switch Blade Users Guide Release 3.2.2j OpenArchitect Software Structure Port Cabling and LED Indicators Connecting the CablesConnecting to the Console Port Console Port Cabling Out of Band Ports OOB Ports LED Reference LED Reference Ethernet Switch Blade Users Guide Release 3.2.2j High Availability Networking Surviving Partner Zlmd Switch Replacement and Reconfiguration Example HA Switch Configuration Modifying zsp.conf on the Base switch Siblingaddresses zhp1 = 10.0.0.30, 10.0.0.31 netmask #vrrpmode blockcrossconnect Siblingaddresses zhp1=10.0.0.30master, 10.0.0.31 netmask Modifying zspvlan.conf on the Fabric Switch You will see output similar to this Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j # zre names cannot be mixed on the same line ARP Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j Configuring Surviving Partner Central Authority Secondary Can be modified to Fabric Switch Configuration Two switches, two consolesConnecting to the Fabric Switch Console OpenArchitect Configuration Procedure Example Configuration Scripts Default Configuration ScriptsChanging the Shell Prompt Overview of OpenArchitect Vlan Interfaces Tagging and Untagging VLANs Switch Port Interfaces Address. The S50layer2 script does the following Reboot the switch Using the S50layer2 ScriptRapid Spanning Tree Create a bridge device from the zhp device To Enable Rapid Spanning TreePort Path Cost Layer 3 Switch Configuration Usr/sbin/zl3d zhp0..47 Using the S55gatedRip1 Script Layer 3 Routing Protocols with GateD Defines the netmask used in the interface Sets the RIP1 protocol to open To Modify the GateD Scripts Or for RIP2 Class of Service COS Egress QueuesIngress Classification Or for Ospf Marking and Re-marking SchedulingRunning zfilterd Ztmd Explained Restrictions on Implementation Iptables and filtering Introduction Firewall Flow Packet Walk Filter Rules Specifications Specifying Source and Destination IP AddressesSpecifying Protocol Specifying an Icmp Message Type Specifying TCP flags Specifying an InterfaceFilter Rule Targets Supported Targets Extensions to the default matches Options with any of these Zaction parametersZaction Examples Send all tcp packets arriving on zhp5 out port Fifo Queues pfifo and bfifo disciplines Forwarding Chain supports all of themOutput should display the following Root HandlePfifo limit Prio and WRR queues Ethernet Switch Blade Users Guide Release 3.2.2j U32 Filter Combining Queuing Disciplines Cops Common Open Policy Service Handle Semantics Protocol Architecture OpenArchitect PEP Using pepd Sample configuration file is listed below Setting the Root Password Fabric Switch AdministrationAdding Additional Users Setting up a Default Route Name Service Resolution Network File System NFS Client Configuration Network Time Protocol NTP Client Configuration NFS Server Configuration Removing the # sign Connecting to the Switch Using Tftp Connecting to the Switch Using FTPTftpd Server Configuration Snmp Agent Supported Mibs Supported Traps Supported MIBs Supported Traps Snmp and OpenArchitect Interface DefinitionsOpenArchitect, defines three types of devices Link and Snmp Status Snmp ConfigurationIfStackTable Entries Port Mirroring Snmp ApplicationsResponse You can alter this behavior by specifying Link and LED Control Link Event MonitoringTo check the status of a link To check the status of all links Fabric Switch Maintenance Overview of the OpenArchitect switch boot process Boot Flow Chart Modifying Files and Updating the Switch Recovering from a System FailureSystem Boots with a Console Cable Saving Changes Booting with the -ioption System Hangs During Boot Booting the Duplicate Flash ImageReboot the system Upgrading the OpenArchitect Image Upgrading the Switch Driver Upgrading or Adding FilesExcluding Saving Files to Flash Image file will be something named similar to the following Using apt-get Connecting to the Base Switch Console Base Switch ConfigurationOpenArchitect Configuration Procedure Default Configuration Scripts Example Configuration ScriptsChanging the Shell Prompt Files into flash for reloading Overview of OpenArchitect Vlan Interfaces Multiple VLANs Then, bring up the interface with ifconfig1M Linux Rapid Spanning Tree Layer 3 Switch Configuration Zconfig zhp1 vlan2=zre5..8 zconfig zre5..8=untag2 Layer 3 Switch Layer 3 Switch Using Multiple VLANs Using the S50multivlan Script Multiple Vlan Configuration Layer 3 Routing Protocols with GateD 10.0.0.42-10.0.3.42, assigns the netmask and brings them up Shuts off sending and receiving packets from all interfaces To Modify the GateD Scripts Egress Queues Class of Service COSIngress Classification Marking and Re-marking ZcosScheduling Running zfilterd Restrictions on ImplementationOutput Port Field values Iptables and filtering Action that will take place. For example, the rules Firewall Flow Specifying Source and Destination IP Addresses Icmp-type ping Zaction Tc Traffic Control Strict Priority QdiscThese are described in the Linux packet filtering Howto at Znyx Forwarding Chain supports all of them Weighted Round Robin Qdisc Fifo Qdiscs Using Filters to Direct Packets to a COS QueueProtocol ip Protocol all Protocol arpMatching Specific Ingress Ports Advanced Filtering Policing Examples Policing ActionsSpanning tree Bpdu packets go in COS queue 6, no limit 82+ U32 match selectors used in filtersTo mirror only in-profile packets to port 3, use Match selectors U Match Selectors Ztmd zqosd Ethernet Switch Blade Users Guide Release 3.2.2j U32 Filter Cops Common Open Policy Service Protocol Architecture Using pepd OpenArchitect PEP Where Pepid Setting the Root Password Base Switch AdministrationAdding Additional Users Setting up a Default Route Name Service Resolution Network File System NFS Client Configuration NFS Server Configuration Connecting to the Switch Using FTP Tftpd Server Configuration Connecting to the Switch Using TftpSnmp Agent Supported Mibs Snmp and OpenArchitect Interface Definitions Physical Link Status on Base Switch Snmp Configuration Port Mirroring Snmp Applications Link and LED Control Link Event Monitoring Base Switch Maintenance Overview of the OpenArchitect switch boot process Booting up Process Flow Modifying Files and Updating the Switch Recovering from a System FailureSystem Boots with a Console Cable Saving Changes Booting with the -i option ∙ Reboot the system Booting the Duplicate Flash Image System Hangs During BootUpgrading the OpenArchitect Image Upgrading the Switch Driver Upgrading or Adding Files Using apt-get Ethernet Interfaces Base Interface Hub SystemManagement Interfaces Fabric Interface Hub System Console port. An RS-232 to RJ-45 adapter is required Base Interface Out-of-Band Ethernet Connection Fabric Interface Serial Ports Fabric Interface Out of Band Ethernet Connection Diagnosing a Failed Ethernet Switch Blade Activation Ethernet Switch Blade Activation States FRU State HotSwap Healthy Solution LED Status Accessing the ShMM Verifying Communications Between the ShMM and SwitchFRU State HotSwap Healthy Solution Troubleshooting States Analyzing Mstate information for the switch Checking the ekey Status From the Shelf Manager Clia board -v Troubleshooting a Failed OpenArchitect Load OpenArchitect Boot Process Recovering from a System Failure Booting Without the Overlay File Properly attach the console cable Booting the Duplicate Flash Image Network Configuration Problems Ethernet Switch Blade Backplane Interfaces zre PortsInterface Overview Physical Interfaces Port, Layer 2 Switching, single Vlan Default Base Interface ConfigurationAdditional Interfaces Default Base Interface Network Diagram Default Fabric Interface Configuration Ifconfig Default Screen Output for the Base Interface Linux Networking Environment Interfaces Problem Solution Configuration TroubleshootingDetermining ekey status for a specific slot Link Port Status Link Speed Pause Faults Auto Enable Internal Fault1000fd Disable External Fault Zre Querying Base Interface ekey Status Link Status for a single portExample Output Link Status for a range of ports Querying Fabric Interface ekey Status Ethernet Switch Blade Users Guide Release 3.2.2j Network Connectivity Troubleshooting No Connection Connecting to Devices with Fixed Port SpeedsExternal Fault LED Diminished Network Throughput Ping Test Network Tests Traceroute Test Isolating Hardware Failures Switch Chip U59 Isolation Transformer Zone 3 Atca Connector Switch Chip U60Isolation Transformer ZMC Daughter Board Inside View Hardware Subsystem Testing the FlashROMs Link Status for a single port Testing the Switch FabricLink Status for a range of ports Testing the onboard RAM Testing the Control Processor Hardware Fault INT FLT LED activity Ethernet Switch Blade Users Guide Release 3.2.2j Spontaneous Failover Activity High Availability TroubleshootingUnexpected Fail-back Activity Switch Firmware Overview Checking the switch firmware versionFollowing output is shown for the 3.0 Base Interface Base Interface Fabric Interface BootLoader Firmware Upgrade Updating the Switch FirmwareOpenArchitect Firmware Upgrade Ipmc Firmware Upgrade Restoring the Factory Default Configuration Before Calling Support ROM Devices in OpenArchitect Appendix a Fabric Switch Command Man Pages Vrrpconfig Vrrpconfig Configure and control the running vrrpd See Also Vrrpd Vrrpd Virtual Router Redundancy Protocol Daemon Change the virtual MAC address from Vrrpconfig Zbootcfg Zbootcfg -d 1 Zconfig Zconfig Configures the OpenArchitect switch Global Statements Global Statement SyntaxTrunk Interface Statements Trunk interface syntax Zrl0=ip sourceaddress, ip destinationaddress Is the same as Examples of trunk interface statementsThis statement creates a trunk containing three ports Teardown statement uses a colon instead of an equals sign Network interface actions may include Examples of Network Interface Statements Port Interface Statements Examples of Port Interface Statements Wildcards This statement is equivalent to the following three lines This is equivalent to Zl3d Zcos class of service queue control Zcos Hostname Prio RR WRR DRR port list Zcos -n 50,50,50,50,75,75,75,75 zre0..19 Zdog Options Zfilterd Zflash Zbootcfg Zl2, zl2mc, zl3host, zl3net, zvlan Zl2 -m 00c095450000 Following command deletes the above entry Following command displays all entries of the zl2 table Zgvrpd Zgvrpd -t zhp0 Zl2d Zl2d Layer 2 daemon for the OpenArchitect switchStart stop Operations Zl3d Layer 3 daemon for the OpenArchitect switch Zl3d Zl3d zhp1 zhp2 zhp3 Zlc Zlc − link and LED control To query the settings of a particular port Ifconfig8 Zlmd Zlmd − monitor link changes or hot swap events Zlmd zre1..4=/usr/sbin/prtchange Zlogrotate To start zlogrotate with the default valuesZlogrotate − Rotates log files Zmirror Zmirror Set packet mirroring on an ingress or egress port Zmirror is cumulative Zmnt Zmnt − Expands the read/write files onto the RAM disk Restored overlay will be used upon the next reboot Zpeer On the fabric switch the following command would returnPeer is not properly functioning Healthy state, the query will return the backup state Set debug level to level Display complete status of zpeer Be also reset Zqosd Ztmd, tc8, zfilterd Zrc Zrc Packet rate control Zreg Operands Zrld Zrld Znyx redirector daemon Zsnoopd Zsnoopd Zspconfig Zspconfig configure and start surviving partner Configuration File Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j Rain link zhp1, zre1..4 Output Files Zconfig, ifconfig, vrrpd, dhclient, dhcpd Zstack Configures the OpenArchitect switch stacking Zstack Stack Creation Stack Port Association Stack Configuration Statements Stack Control Statements Are supported Zre lists. Example of stack0..3 representing stacks 0, 1, 2 Switch Blade Ztats − Display statistics and information about switchZtats Zsync Zsync − Saves changes to the flash Restored overlay will be loaded upon the next reboot To zsync only the hosts file Ztmd Zqosd, iptables8, tc8, zfilterd Brctl Bridge and Spanning Tree Protocol administration Brctl8 Setportprio bridge zre# priority Brctl8 replaces the older brcfg tool Zconfig, zl2d Appendix B Base Switch Command Man Pages = Master Examples Following options are supported by vrrpd Lower Case ‘m’ the time is specified in milliseconds. See Also Specifies the ROM device from which to boot. The dev Zbootcfg -d ZhpN for example, zhp0 Trunk interface actions Examples of trunk interface statements Network interface actions may include Zhp0 vlan100 = zre1,zre10,zre11,zre13 Tag are given the Vlan tag with the VID number 1, enter This is equivalent to See Also Zcos Limit on dynamic pool usage, in bytes, reset % port list Prio RR WRR DRR port list Examples Zdog Options Zffpcounter First example queries all FFP counter values Now using zffpcounter to displayNext example clears all FFP counter values Next example queries ports 2-7, 15, Counter 19 Counter 20 Counter 21 Zfilterd -d level -p port -f -l -i pid -o pid Zflash Zbootcfg Zgmrpd Std 802.1D, 1998 Edition Zgmrpd -t zhp0 Zgr Following command displays all entries of the zl2 table See Also Level Sets the level of debugging output required by zgvrpd. Enable Gvrp on the set Start stop Operations Zl3d -h hostname -t msecs -b -e -l -n -d level iface Zl3d zhp1 zhp2 zhp3 Zlc Global Settings Zlmd Examples Zlogrotate Zmirror Zmirror zre1 zre10 zmirror zre2 zre11 See Also Expanded, or the file to which the tar image is saved Restored overlay will be used upon the next reboot Zpeer Options See Also Zqosd Ztmd, tc8, zfilterd Number of packets per time period above which Zreg Echo 0x80000640 zreg -w Zrld Zsnoopd No router multicast traffic. Default is 260 seconds Zpeer peer state query Time to wait in seconds before giving up on Configuration File Ethernet Switch Blade Users Guide Release 3.2.2j Ethernet Switch Blade Users Guide Release 3.2.2j RAINlink zhp1, zre1..4 Boardsynchronizationmode basic Zconfig, ifconfig, vrrpd, dhclient, dhcpd, zpeer Ethernet Switch Blade Users Guide Release 3.2.2j Specifies the remote hostname to configure. By Stack0 ppa0 local Stack1 ppa1 local Stack Configuration Statements Wildcards See Also Zsync Files Ztmd Zqosd, iptables8, tc8, zfilterd Important This option must only be executed by zl2d Ethernet Switch Blade Users Guide Release 3.2.2j Zconfig, zl2d Appendix C Intelligent Platform Management Interface ISwitch-ShMC InteractionStates PMC Controller Support Command Code Sensor # Status Peripheral Management Controller Functional SupportTable C.1. Ipmi M States Table C.2 PMC Controller Support Sensor Reading Example Standard Ipmi Command GetSensorReadingTable C.3 GetSensorReading Standard Ipmi Response GetSensorReading Table C.4 GetSensorResonse Structure of Standard Ipmi Commands From BMC to PMC Structure of Standard Ipmi Responses From PMC to BMC Field Replaceable Unit Inventory Device Event GeneratorIpmb Event message format Table C.8 Seeprom Space Spare Seeprom Space AllocationIpmb Override Status Data Table C.9. Ipmb Override Status Data Index Dhcp NFS NTP Tc 62 Ztmd 301 Zvlan 179 ZX4920.MIB 333