User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentVHSIM2-A6DP

401

402

403

404

405

406

407

408

409

410

Table Of Contents

Title
Notice
Contents
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- A
- B
Figures
Tables
About This Guide
- Using This Guide
- Structure of This Guide
- Related Documents
- Document Conventions
- Typographical and Keystroke Conventions
Introduction
- 1.1 Overview
  - 1.1.1 The Management Agent
  - 1.1.2 In-Band vs. Out-of-Band
- 1.2 Navigating Local Management Screens
- 1.3 Local Management Requirements
- 1.4 Local Management Screen Elements
- 1.5 Local Management Keyboard Conventions
- 1.6 Getting Help
Local Management Requirements
- 2.1 Management Terminal Setup
  - 2.1.1 Console Cable Connection
  - 2.1.2 Management Terminal Setup Parameters
- 2.2 Telnet Connections
- 2.3 Monitoring an Uninterruptible Power Supply
Accessing Local Management
- 3.1 Navigating Local Management Screens
- 3.2 Password Screen
- 3.3 Main Menu Screen
- 3.4 Module Selection Screen
  - 3.4.1 Selecting a Module
- 3.5 Module Menu Screen
- 3.6 Overview of Security Methods
- 3.7 Security Menu Screen
- 3.8 Passwords Screen
  - 3.8.1 Setting the Module Login Password
- 3.9 Radius Configuration Screen
  - 3.9.1 Setting the Last Resort Authentication
  - 3.9.2 Setting the Local and Remote Servers
- 3.10 Name Services Configuration Screen
- 3.11 System Authentication Configuration Screen
- 3.12 EAP (Port) Configuration Screen
- 3.13 EAP Statistics Menu Screen
- 3.14 MAC Port Configuration Screen
- 3.15 MAC Supplicant Configuration Screen
Chassis Menu Screens
- 4.1 Chassis Menu Screen
- 4.2 Chassis Configuration Screen
- 4.3 SNMP Configuration Menu Screen
- 4.4 SNMP Community Names Configuration Screen
  - 4.4.1 Establishing Community Names
- 4.5 SNMP Traps Configuration Screen
  - 4.5.1 Configuring the Trap Table
- 4.6 Chassis Environmental Information Screen
- 4.7 Redirect Configuration Menu Screen (Chassis)
- 4.8 Port Redirect Configuration Screen
  - 4.8.1 Changing Source and Destination Ports
- 4.9 VLAN Redirect Configuration Screen
  - 4.9.1 Changing Source VLAN and Destination Ports
Module Configuration Menu Screens
- 5.1 Module Configuration Menu Screen
- 5.2 General Configuration Screen
- 5.3 SNMP Configuration Menu Screen
- 5.4 SNMP Community Names Configuration Screen
  - 5.4.1 Establishing Community Names
- 5.5 SNMP Traps Configuration Screen
  - 5.5.1 Configuring the Trap Table
- 5.6 Access Control List Screen
  - 5.6.1 Entering IP Addresses
  - 5.6.2 Enable/Disable ACL
- 5.7 System Resources Information Screen
  - 5.7.1 Setting the Reset Peak Switch Utilization
- 5.8 FLASH Download Configuration Screen
Port Configuration Menu Screens
- 6.1 Port Configuration Menu Screen
- 6.2 Ethernet Interface Configuration Screen
- 6.3 Ethernet Port Configuration Screen
  - 6.3.1 Selecting Field Settings
  - 6.3.2 Setting the Advertised Ability
- 6.4 HSIM/VHSIM Configuration Screen
- 6.5 Redirect Configuration Menu Screen
- 6.6 Port Redirect Configuration Screen
  - 6.6.1 Changing Source and Destination Ports
- 6.7 VLAN Redirect Configuration Screen
  - 6.7.1 Changing Source VLAN and Destination Ports
- 6.8 Link Aggregation Screen (802.3ad Main Menu Screen)
- 6.9 Broadcast Suppression Configuration Screen
  - 6.9.1 Setting the Threshold
  - 6.9.2 Setting the Reset Peak
802.1 Configuration Menu Screens
- 7.1 802.1 Configuration Menu Screen
- 7.2 Spanning Tree Configuration Menu Screen
- 7.3 Spanning Tree Configuration Screen
  - 7.3.1 Configuring a VLAN Spanning Tree
- 7.4 Spanning Tree Port Configuration Screen
  - 7.4.1 Enabling/Disabling the Default Spanning Tree Ports
  - 7.4.2 Viewing Status of Spanning Tree Ports
- 7.5 PVST Port Configuration Screen
802.1Q VLAN Configuration Menu Screens
- 8.1 Summary of VLAN Local Management
  - 8.1.1 Preparing for VLAN Configuration
- 8.2 802.1Q VLAN Configuration Menu Screen
- 8.3 Static VLAN Configuration Screen
- 8.4 Static VLAN Egress Configuration Screen
  - 8.4.1 Setting Egress Types on Ports
  - 8.4.2 Displaying the Next Group of Ports
- 8.5 Current VLAN Configuration Screen
- 8.6 Current VLAN Egress Configuration Screen
- 8.7 VLAN Port Configuration Screen
  - 8.7.1 Changing the Port Mode
  - 8.7.2 Configuring the VLAN Ports
- 8.8 VLAN Classification Configuration Screen
- 8.9 Protocol Port Configuration Screen
  - 8.9.1 Assigning Ports to a VID/Classification
802.1p Configuration Menu Screens
- 9.1 802.1p Configuration Menu Screen
- 9.2 Port Priority Configuration Screen
  - 9.2.1 Setting Switch Port Priority Port-by-Port
  - 9.2.2 Setting Switch Port Priority on All Ports
- 9.3 Traffic Class Information Screen
- 9.4 Traffic Class Configuration Screen
  - 9.4.1 Assigning the Traffic Class to Port Priority
- 9.5 Transmit Queues Configuration Screen
  - 9.5.1 Setting the Current Queueing Mode
- 9.6 Priority Classification Configuration Screen
- 9.7 Protocol Port Configuration Screen
  - 9.7.1 Assigning Ports to a PID/Classification
  - 9.7.2 Example, Prioritizing Traffic According to Classification Rule
    - 9.7.2.1 Solving the Problem
- 9.8 Rate Limiting Configuration Screen
Layer 3 Extensions Menu Screens
- 10.1 Layer 3 Extensions Menu Screen
- 10.2 IGMP/VLAN Configuration Screen
  - 10.2.1 IGMP/VLAN Configuration Procedure
Module Statistics Menu Screens
- 11.1 Module Statistics Menu Screen
- 11.2 Switch Statistics Screen
- 11.3 Interface Statistics Screen
  - 11.3.1 Displaying Interface Statistics
- 11.4 RMON Statistics Screen
  - 11.4.1 Displaying RMON Statistics
- 11.5 Chassis Environmental Statistics Configuration Screen
Network Tools Screens
- 12.1 Network Tools
- 12.2 Built-in Commands
- 12.3 Example, Effects of Aging Time on Dynamic Egress
- 12.4 Example, Using Dynamic Egress to Control Traffic
- 12.5 Special Commands
VLAN Operation and Network Applications
- 13.1 Defining VLANs
- 13.2 Types of VLANs
  - 13.2.1 802.1Q VLANs
  - 13.2.2 Other VLAN Strategies
- 13.3 Benefits and Restrictions
- 13.4 VLAN Terms
- 13.5 VLAN Operation
  - 13.5.1 Description
  - 13.5.2 VLAN Components
- 13.6 Configuration Process
- 13.7 VLAN Switch Operation
  - 13.7.1 Receiving Frames from VLAN Ports
  - 13.7.2 Forwarding Decisions
    - 13.7.2.1 Broadcasts, Multicasts, and Unknown Unicasts
    - 13.7.2.2 Known Unicasts
- 13.8 VLAN Configuration
- 13.9 Summary of VLAN Local Management
  - 13.9.1 Preparing for VLAN Configuration
- 13.10 Quick VLAN Walkthrough
- 13.11 Examples
- 13.12 Example 1, Single Switch Operation
  - 13.12.1 Solving the Problem
  - 13.12.2 Frame Handling
- 13.13 Example 2, VLANs Across Multiple Switches
  - 13.13.1 Solving the Problem
  - 13.13.2 Frame Handling
- 13.14 Example 3, Filtering Traffic According to a Layer 4 Classification Rule
  - 13.14.1 Solving the Problem
- 13.15 Example 4, Securing Sensitive Information According to Subnet
  - 13.15.1 Solving the Problem
- 13.16 Example 5, Using Dynamic Egress to Control Traffic
- 13.17 Example 6, Locking a MAC Address to a Port Using Classification Rules
  - 13.17.1 Solving the Problem
Generic Attribute Registration Protocol (GARP)
- A.1 Operation
- A.2 How It Works
About IGMP
- B.1 IGMP Overview
- B.2 Supported Features and Functions
- B.3 Detecting Multicast Routers
Index
- Numerics
- A
- B
- C
- D
- E
- F
- G
- H
- I
- K
- L
- M
- N
- P
- Q
- R
- S
- T
- U
- V
- W

Example 2, VLANs Across Multiple Switches

13-24 VLAN Operation and Network Applications

13.12.2 Frame Handling

This section describes the operations of the switch when two frames are received. The first frame

is a broadcast sent by station R1.

1. Station R1 transmits the broadcast frame. The switch receives this frame on Port 1. As the frame

is received, the switch classifies it. The frame is untagged, so the switch classifies it as belonging

to the VLAN that Port 1 is assigned to, the Red VLAN.

2. At the same time, the switch adds the source MAC address of the frame and the VLAN

associated with port 1 to its Source Address Table in FDB ID 2. In this fashion it learns that

station R1 is located out Port 1.

3. Once the frame is classified, its destination MAC address is examined. The switch discovers that

the frame is a broadcast, and treats it as it would any other unknown destination MAC address.

The switch forwards the frame out all ports in the Red VLAN’s Forwarding List except for the

one that received the frame. In this case, the frame is sent to Ports 2 and 3.

The second frame is a unicast, where station R2 responds to station R1’s broadcast.

4. Station R2, having received and recognized the broadcast from R1, transmits a unicast frame as

a response. The switch receives this frame on Port 2. The switch classifies this new untagged

frame as belonging to the Red VLAN.

5. The switch adds the source MAC address and VLAN for station R2 to its Source Address Table

in FDB ID 2, and checks the Source Address Table for the destination MAC address given in

the frame. The switch finds the MAC address and VLAN in this table, and recognizes that the

MAC address and VLAN match for R1 is located out Port 1.

6. The switch examines its VLAN configuration information and determines that the frame for Red

VLAN is allowed to be forwarded out Port 1 and that it must be sent in an untagged format.

7. The switch forwards the frame out Port 1. Any other unicast transmissions between stations R1

and R2 will be handled identically.

13.13 EXAMPLE 2, VLANs ACROSS MULTIPLE SWITCHES

This second example investigates the steps that must be taken to set up VLANs across multiple

802.1Q VLAN switches. This includes the configuration and operation of trunk ports (port set for

TAGGED frames only) between 802.1Q VLAN switches.

As shown in Figure 13-12, two companies, “Redco” and “Blue Industries,” share floors 2 and 4 in

a building where the network infrastructure is supplied by the building owner. The objective is to

completely isolate the network traffic of the two companies by limiting the user’s traffic through

the ports of two switches, thus maintaining security and shielding the network traffic from each

company. This example will show the use and configuration of a trunk connection and the creation

of VLANs across multiple switches.