Design Reference

ManualsBrandsExtreme Networks ManualsComputers & AccessoriesFabric-enabled multi-service edge switches

111

112

113

114

115

116

117

118

119

120

Table Of Contents

Contents
Chapter 1: Introduction
- Purpose
- Related resources
- Support
Chapter 2: New in Release 4.0.50
- Features
- Other changes
Chapter 3: New in Release 4.0.40
- Features
- Other changes
Chapter 4: New in Release 4.0
- Features
- Other changes
Chapter 5: Network design fundamentals
Chapter 6: Hardware fundamentals and guidelines
- Supported hardware
- Platform considerations
- Hardware compatibility
- Supported optical devices
- Dispersion considerations for long reach
- 10/100BASE-X and 1000BASE-TX reach
- 10/100/1000BASE-TX Auto-Negotiation recommendations
- Auto MDIX
- CANA
Chapter 7: Optical routing design
- Optical routing system components
Chapter 8: Platform redundancy
- Power redundancy
- Input/output port redundancy
- Configuration redundancy
- Link redundancy
Chapter 9: Link redundancy
- Physical layer redundancy
- MultiLink Trunking
- 802.3ad-based link aggregation
Chapter 10: Layer 2 loop prevention
- Loop prevention and detection
- SLPP example scenarios
Chapter 11: Spanning tree
- Spanning tree and protection against isolated VLANs
- MSTP and RSTP considerations
Chapter 12: Layer 3 network design
- VRF Lite
- Virtual Router Redundancy Protocol
- Open Shortest Path First
- Border Gateway Protocol
- IP routed interface scaling
Chapter 13: SPBM design guidelines
- 802.1aq standard
- VLANs without member ports
- Provisioning
- Implementation options
- Reference architectures
- Solution-specific reference architectures
- Best practices
- SPBM restrictions and limitations
- IP multicast over SPBM restrictions
Chapter 14: IP multicast network design
- Multicast and VRF-Lite
- Multicast and MultiLink Trunking considerations
- Multicast scalability design rules
- IP multicast address range restrictions
- Multicast MAC address mapping considerations
- Dynamic multicast configuration changes
- IGMPv3 backward compatibility
- IGMP Layer 2 Querier
- TTL in IP multicast packets
- Multicast MAC filtering
- Guidelines for multicast access policies
- Multicast for multimedia
Chapter 15: System and network stability and security
- DoS protection mechanisms
- Damage prevention
- Data plane security
- Control plane security
- Additional information
Chapter 16: QoS design guidelines
- QoS mechanisms
- QoS interface considerations
- Network congestion and QoS design
- QoS examples and recommendations
Chapter 17: Layer 1, 2, and 3 design examples
- Layer 1 example
- Layer 2 example
- Layer 3 example
Chapter 18: Software scaling capabilities
Chapter 19: Supported standards, RFCs, and MIBs
- Supported IEEE standards
- Supported RFCs
- Quality of service
- Network management
- MIBs
- Standard MIBs
- Proprietary MIBs
Glossary

Control plane security

The control plane physically separates management traffic using the in-band interface. The control

plane facilitates High Secure mode, management access control, access policies, authentication,

SSH and Secure Copy, and SNMP.

Management port

Avaya Virtual Services Platform 4000 Series requires one port to be configured as the management

port. This port separates user traffic from management traffic in highly sensitive environments, such

as brokerages and insurance agencies. By using this dedicated network (see

Figure 54: Dedicated

Ethernet management link on page 119) to manage the switch, and by configuring access policies

(if you enable routing), you can manage the switch in a secure fashion. You can also use terminal

servers to access the console port on the CP module (see

Figure 55: Terminal server access on

page 120).

Figure 54: Dedicated Ethernet management link

Control plane security

December 2014 Network Design Reference for Avaya VSP 4000 Series 119

Comments? infodev@avaya.com