Design Reference

ManualsBrandsExtreme Networks ManualsComputers & AccessoriesFabric-enabled multi-service edge switches

151

152

153

154

155

156

157

158

159

160

Table Of Contents

Contents
Chapter 1: Introduction
- Purpose
- Related resources
- Support
Chapter 2: New in this release
- VOSS 4.2.1
  - Features
  - Other changes
- VOSS 4.2
  - Features
  - Other changes
Chapter 3: Network design fundamentals
Chapter 4: Hardware fundamentals and guidelines
- Supported hardware
- Platform considerations
- Hardware compatibility for VSP 4000
- Supported optical devices
- Dispersion considerations for long reach
- 10/100BASE-X and 1000BASE-TX reach
- 10/100/1000BASE-TX Auto-Negotiation recommendations
- Auto MDIX
- CANA
Chapter 5: Optical routing design
- Optical routing system components
Chapter 6: Platform redundancy
- Power redundancy
- Input/output port redundancy
- Configuration redundancy
- Link redundancy
Chapter 7: Link redundancy
- Physical layer redundancy
- MultiLink Trunking
- 802.3ad-based link aggregation
Chapter 8: Layer 2 loop prevention
- Loop prevention and detection
- SLPP example scenarios
Chapter 9: Layer 2 switch clustering and SMLT
- Split MultiLink Trunk configuration
Chapter 10: Layer 3 switch clustering and RSMLT
- Routed SMLT
- Switch clustering topologies and interoperability with other products
Chapter 11: Layer 3 switch clustering and multicast SMLT
- General guidelines
- Multicast triangle topology
- Square and full-mesh topology multicast guidelines
- SMLT and multicast traffic issues
Chapter 12: Spanning tree
- Spanning tree and protection against isolated VLANs
- MSTP and RSTP considerations
Chapter 13: Layer 3 network design
- VRF Lite
- Virtual Router Redundancy Protocol
- Open Shortest Path First
- Border Gateway Protocol
- IP routed interface scaling
- IPv6
Chapter 14: SPBM design guidelines
- 802.1aq standard
- VLANs without member ports
- Provisioning
- Implementation options
- Reference architectures
- Solution-specific reference architectures
- Best practices
- SPBM restrictions and limitations
- IP multicast over Fabric Connect restrictions
Chapter 15: IP multicast network design
- Multicast and VRF-Lite
- Multicast and MultiLink Trunking considerations
- Multicast scalability design rules
- IP multicast address range restrictions
- Multicast MAC address mapping considerations
- Dynamic multicast configuration changes
- IGMPv3 backward compatibility
- IGMP Layer 2 Querier
- TTL in IP multicast packets
- Multicast MAC filtering
- Guidelines for multicast access policies
- Split-subnet and multicast
- Protocol Independent Multicast-Sparse Mode guidelines
- Protocol Independent Multicast-Source Specific Multicast guidelines
- Multicast for multimedia
Chapter 16: System and network stability and security
- DoS protection mechanisms
- Damage prevention
- Data plane security
- Control plane security
- Additional information
Chapter 17: QoS design guidelines
- QoS mechanisms
- QoS interface considerations
- Network congestion and QoS design
- QoS examples and recommendations
Chapter 18: Layer 1, 2, and 3 design examples
- Layer 1 example
- Layer 2 example
- Layer 3 example
Glossary

If you must access the switch, Avaya recommends that you use the console port. The switch is

always reachable, even if an issue occurs with the in-band network management interface.

Management access control

The following table shows management access levels. For more information, see Security for Avaya

Virtual Services Platform 4000 Series, NN46251-601.

Note:

If you enable enhanced secure mode, the following access levels do not apply. If enhanced

secure mode is enabled, the system supports role-based access levels. For more information

on enhanced secure mode, see Administration for Avaya Virtual Services Platform 4000 Series,

NN46251-600. Enhanced secure mode is disabled by default.

Table 19: Management access levels

Access level Description

Read only Use this level to view the device configuration. You cannot

change the configuration.

Layer 1 Read Write Use this level to view switch configuration and status

information and change only physical port parameters.

Layer 2 Read Write Use this level to view and edit device configuration related to

Layer 2 (bridging) functionality. The Layer 3 configuration, for

example, OSPF and DHCP, are not accessible. You cannot

change the security and password configuration.

Layer 3 Read Write Use this level to view and edit device configuration related to

Layer 2 (bridging) and Layer 3 (routing). You cannot change the

security and password configuration.

Read Write Use this level to view and edit most device configuration. You

cannot change the security and password configuration.

Read Write All Use this level to do everything. You have all the privileges of

read-write access and the ability to change the security

configuration. The security configuration includes access

passwords and the web-based management user names and

passwords.

Read-Write-All (RWA) is the only level from which you can

modify usernames, passwords, and SNMP community strings,

with the exception of the RWA community string, which cannot

be changed.

High Secure mode

Use High Secure to disable all unsecured applications and daemons, for example, FTP, TFTP, and

rlogin. Avaya strongly recommends that you do not use unsecured protocols. See also

High Secure

mode on page 151.

Use Secure File Transfer Protocol (SFTP) rather than FTP or TFTP.

System and network stability and security

156 Network Design Reference for Avaya VSP 4000 Series June 2015

Comments on this document? infodev@avaya.com