Manualshelf

User guide

ManualsBrandsAlcatel ManualsComputer equipmentOS6855-24
41424344454647484950
September 2009
Page 44 of 79 OmniSwitch 6400/6850/6855/9000/9000E—Release 6.4.2.R01
Ingress and Egress Bandwidth Shaping
Bandwidth shaping is configured on a per port basis by specifying a maximum bandwidth value for
ingress and egress ports. However, on the OmniSwitch 6850 and 9000/9000E switches, configuring
minimum and maximum egress bandwidth is supported on a per COS queue basis for each port.
Quarantine Manager and Remediation (QMR)
Quarantine Manager and Remediation (QMR) is a switch-based application that interacts with the
OmniVista Quarantine Manager (OVQM) application to restrict the network access of quarantined
clients and provide a remediation path for such clients to regain their network access. This
functionality is driven by OVQM, but the following QMR components are configured through QoS
CLI commands:
Quarantined MAC address group. This is a reserved QoS MAC address group that contains the MAC
addresses of clients that OVQM has quarantined and that are candidates for remediation.
Remediation server and exception subnet group. This is a reserved QoS network group,
called “alaExceptionSubnet”, that is configured with the IP address of a remediation server
and any subnets to which a quarantined client is allowed access. The quarantined client is
redirected to the remediation server to obtain updates and correct its quarantined state.
Remediation server URL. This is the URL for the remediation server. Note that this done in
addition to specifying the server IP address in the “alaExceptionSubnet” network group.
Quarantined Page. When a client is quarantined and a remediation server URL is not
configured, QMR can send a Quarantine Page to notify the client of its quarantined state.
HTTP proxy port group. This is a known QoS service group, called “alaHTTPProxy”, that
specifies the HTTP port to which quarantined client traffic is redirected for remediation. The
default HTTP port used is TCP 80 and TCP 8080.
Note: Configuring QMR and QoS inner VLAN or inner 802.1p policies is mutually exclusive.
QMR overlays the inner VLAN tag, thus creating a conflict with related QoS policies. This is
also true with QMR and VLAN Stacking services.
QMR is activated when OVQM populates the MAC address group on the LDAP server with quaran-
tined MAC addresses. If VLAN Stacking services or QoS inner VLAN/802.1p policies are configured
on the switch, QMR will not activate.
Note: This feature is designed to work in conjunction with OmniVista’s Quarantine Manager
application. Refer to the OmniVista documentation for a detailed overview of the Quarantine
Manager application.
Within OmniVista’s Quarantine Manager application, if a MAC is added or removed from the
quarantined group, or when an IP address is added or removed from the IP DA remediation, OmniVista
will trigger the configured switches to perform a “recache” action. The switches will then query
OmniVista’s LDAP database and “pull” the addresses from the database, these addresses will then be
added or removed from the switch’s quarantined or remediation group.
Remote Port Mirroring (802.1Q Based)
This feature provides a remote port mirroring capability where traffic from a local port can be carried
across the network to an egress port where a sniffer can be attached. This features makes use of an
802.1q tag to send the mirrored traffic over the network using tagged VLANs.
There must not be any physical loop present in the remote port mirroring VLAN.
Spanning Tree must be disabled for the remote port mirroring VLAN.
BPDU mirroring will be disabled by default on OS6400/6850/68555 switches.