Part No. 208700-B September 2001 4401 Great America Parkway Santa Clara, CA 95054 Using the Business Policy Switch 2000 Version 1.
Copyright © 2001 Nortel Networks All rights reserved. Printed in the USA. September 2001. The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document.
Achtung: Dieses ist ein Gerät der Funkstörgrenzwertklasse A. In Wohnbereichen können bei Betrieb dieses Gerätes Rundfunkstörungen auftreten, in welchen Fällen der Benutzer für entsprechende Gegenmaßnahmen verantwortlich ist. Attention: Ceci est un produit de Classe A. Dans un environnement domestique, ce produit risque de créer des interférences radioélectriques, il appartiendra alors à l’utilisateur de prendre les mesures spécifiques appropriées.
Règlement sur le brouillage radioélectrique du ministère des Communications Cet appareil numérique (Business Policy Switch 2000) respecte les limites de bruits radioélectriques visant les appareils numériques de classe A prescrites dans le Règlement sur le brouillage radioélectrique du ministère des Communications du Canada.
Nortel Networks NA Inc. Software License Agreement NOTICE: Please carefully read this license agreement before copying or using the accompanying software or installing the hardware unit with pre-enabled software (each of which is referred to as “Software” in this Agreement). BY COPYING OR USING THE SOFTWARE, YOU ACCEPT ALL OF THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT. THE TERMS EXPRESSED IN THIS AGREEMENT ARE THE ONLY TERMS UNDER WHICH NORTEL NETWORKS WILL PERMIT YOU TO USE THE SOFTWARE.
4. Limitation of liability. IN NO EVENT WILL NORTEL NETWORKS OR ITS LICENSORS BE LIABLE FOR ANY COST OF SUBSTITUTE PROCUREMENT; SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES; OR ANY DAMAGES RESULTING FROM INACCURATE OR LOST DATA OR LOSS OF USE OR PROFITS ARISING OUT OF OR IN CONNECTION WITH THE PERFORMANCE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Sample ASCII configuration file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 IP manager list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Policy-enabled networks with QoS metering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Support for the GBIC MDA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 EAPOL-based security . . . . . . . . . . . . . . . . . .
Contents 9 Chapter 2 Network configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Compatibility with BayStack 450 switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Network configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Desktop switch application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Segment switch application . . . . . .
Contents Before you configure trunks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 MultiLink Trunking configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 How the MultiLink Trunk reacts to losing distributed trunk members . . . . . . . . . 134 Spanning tree considerations for MultiLink Trunks . . . . . . . . . . . . . . . . . . . . . . . 135 Additional tips about the MultiLink Trunking feature . . . . . . . . . . . . . . . . .
Contents 11 VLAN Port Configuration screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 VLAN Display by Port screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Port Configuration screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 High Speed Flow Control Configuration screen . . . . . . . . . . . . . . . . . . . . . . . . . 204 Choosing a high speed flow control mode . . . . . . . . . . . . . . . . . . .
Contents Chapter 4 Policy-enabled networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 Summary of packet classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 Summary of actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents 13 Verifying DSCP mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320 Assigning 802.1p user priority mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323 Verifying DSCP queue assignments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 Chapter 6 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 Interpreting the LEDs . . . . . . . . . . . . . . .
Contents Compatible software versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 Using cascade modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344 Using the console interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 Troubleshooting problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 Appendix C Media dependent adapters . . . . . . . . . . . . . . .
Contents 15 Appendix F Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387 Appendix G Sample BootP Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 Using the Business Policy Switch 2000 Version 1.
Contents 208700-B
Figures 17 Figures Figure 1 Business Policy Switch 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Figure 2 Business Policy Switch 2000 front panel . . . . . . . . . . . . . . . . . . . . . . . . . 37 Figure 3 Business Policy Switch 2000 LED display panel . . . . . . . . . . . . . . . . . . . 39 Figure 4 Business Policy Switch 2000 back panel . . . . . . . . . . . . . . . . . . . . . . . . . 43 Figure 5 Removing the cascade module filler panel . . . . . . . . . . . . .
Figures Figure 33 VLAN Port Configuration screen example . . . . . . . . . . . . . . . . . . . . . . . 120 Figure 34 VLAN configuration spanning multiple switches . . . . . . . . . . . . . . . . . . . 121 Figure 35 IP Multicast propagation with IGMP routing . . . . . . . . . . . . . . . . . . . . . . 124 Figure 36 Business Policy Switch filtering IP multicast streams (1 of 2) . . . . . . . . . 125 Figure 37 Business Policy Switch filtering IP multicast streams (2 of 2) . . . . . . . . .
Figures Figure 68 19 MAC Address Configuration for MAC-SA Based VLAN screen . . . . . . . 196 Figure 69 VLAN Port Configuration screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 Figure 70 VLAN Display by Port screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Figure 71 Port Configuration screen (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Figure 72 Port Configuration screen (2 of 2) . . . . . . . . . . . . . . . . . . . . . .
Figures Figure 103 Interface Configuration page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 Figure 104 Interface Group Assignment page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 Figure 105 IP Classification page (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 Figure 106 IP Classification page (2 0f 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 Figure 107 IP Classification Group page . . . . . . . . . .
Figures 21 Figure 138 Installing a GBIC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 Figure 139 Removing a GBIC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 Figure 140 Installing an MDA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 Figure 141 Configuring 802.1Q VLANs (1 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 Figure 142 Configuring 802.
Figures 208700-B
Tables Table 1 Business Policy Switch 2000 front-panel description . . . . . . . . . . . . . . . . 37 Table 2 Business Policy Switch 2000 LED descriptions . . . . . . . . . . . . . . . . . . . . 39 Table 3 Business Policy Switch 2000 back-panel descriptions . . . . . . . . . . . . . . . 43 Table 4 International power cord specifications . . . . . . . . . . . . . . . . . . . . . . . . . . 45 Table 5 SNMP MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Tables Table 30 High Speed Flow Control Configuration Screen Fields . . . . . . . . . . . . . 205 Table 31 MultiLink Trunk Configuration Menu screen options . . . . . . . . . . . . . . . . 208 Table 32 MultiLink Trunk Configuration screen fields . . . . . . . . . . . . . . . . . . . . . . 210 Table 33 MultiLink Trunk Utilization screen fields . . . . . . . . . . . . . . . . . . . . . . . . . 212 Table 34 Port Mirroring Configuration screen fields . . . . . . . . . . . . . . . . . . . . . . .
Tables 25 Table 65 Interface options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 Table 66 MDA models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 Table 67 1000BASE-SX MDA components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 Table 68 1000BASE-LX MDA components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 Table 69 100BASE-FX MDA components . . . . . . . . . . . . . .
Tables 208700-B
Preface This guide describes the Nortel Networks* Business Policy Switch 2000* features and uses. The terms “Business Policy Switch 2000,” “Business Policy Switch,” and “BPS 2000” are used synonymously in this document. The Business Policy Switch introduces policy-enabled networking features to optimize consistent performance and behavior for your network traffic. The Differentiated Services (DiffServ) network architecture offers varied levels of service for different types of data traffic.
Preface Before you begin This guide is intended for network managers and administrators with the following background: • • • • Basic knowledge of networks, Ethernet bridging, and IP and IPX routing Familiarity with networking concepts and terminology Specific knowledge about the networking devices, protocols, topologies, and interfaces that comprise your network Experience with windowing systems, graphical user interfaces (GUIs), or Web browsers Related publications For more information about using th
Preface 29 • Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2 (part number 209570-B) Describes how to use the Web-based management tool to configure switch features. • Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1.2 (part number 212160-A) Describes how to use Command Line Interface (CLI) commands to configure and manage the BPS 2000.
Preface • Reference Note: Gigabit Ethernet Physical Layer Considerations (part number 201540-B) Provides information about gigabit transmission over fiber optic cable and mode conditioning. • Release Notes for Optivity Quick2Config for the Business Policy Switch 2000 2.2.1 (part number 310621-A) Documents important Quick2Config changes that are not covered in other related publications. • Configuring Business Policy Switches with Optivity Quick2Config 2.
Preface 31 If you purchased a Nortel Networks service program, contact one of the following Nortel Networks Technical Solutions Centers: Technical Solutions Center Telephone Europe, Middle East, and Africa (33) (4) 92-966-968 North America (800) 4NORTEL or (800) 466-7835 Asia Pacific (61) (2) 9927-8800 China (800) 810-5000 An Express Routing Code (ERC) is available for many Nortel Networks products and services.
Preface 208700-B
Chapter 1 The Business Policy Switch 2000 This chapter introduces the Business Policy Switch 2000 and covers the following topics: • • • • • • • “General description,” next “Stacking compatibility” on page 33 “Software version 1.
• Hybrid—This stack has a combination of BPS 2000 switches and BayStack* 450 and/or BayStack 410 switches. It is sometimes referred to as a mixed stack. The stack operational mode for this type of stack is Hybrid Mode. When you work with the BPS 2000 in standalone mode, you should ensure that the stack operational mode shows Pure BPS 2000 Mode, and does not show Hybrid Mode.
Software version 1.2 compatibility with BayStack 450 switches The BPS 2000 software version 1.2 is compatible with BayStack 450 software version 4.1. When you are using a local console to access the BPS 2000 software version 1.2 features with a Hybrid, or mixed, stack (BPS 2000 and BayStack 450 and 410 switches in the same stack), you must plug your local console into a BPS 2000 unit.
Physical description Figure 1 depicts the front and side views of the Business Policy Switch. Figure 1 Business Policy Switch 2000 9713FA Front panel Figure 2 shows the front-panel configuration for the Business Policy Switch 2000. Descriptions of the front-panel components follow the figure. For descriptions of the back-panel Business Policy Switch components, see “Back panel” on page 43. Using the Business Policy Switch 2000 Version 1.
Figure 2 Business Policy Switch 2000 front panel 1 2 3 4 Console Port Business Policy Switch 2000 Uplink/Expansion Module 1 3 5 7 9 11 13 15 17 19 21 23 2 4 6 8 10 12 14 16 18 20 22 24 25 26 27 28 Cas Pwr 1 3 5 7 9 11 13 15 17 19 21 23 2 4 6 8 10 12 14 16 18 20 22 24 Up Status Dwn RPSU Base 10/100 Activity 10/100 Activity Business Policy Switch 2000 9712EA Table 1 Business Policy Switch 2000 front-panel description 1 Console port 2 Uplink/expa
The console port default settings are: 9600 baud with 8 data bits, 1 stop bit, and no parity as the communications format, with flow control set to enabled. Uplink/Expansion slot The Uplink/Expansion slot allows you to attach optional media dependent adapters (MDAs) that support a range of media types (see Appendixes for more information about MDA types available from Nortel Networks). Port connectors The Business Policy Switch uses 10BASE-T/100BASE-TX RJ-45 (8-pin modular) port connectors.
See Appendixes for more information about the RJ-45 port connectors. LED display panel Figure 3 shows the Business Policy Switch LED display panel. See Table 2 for a description of the LEDs.
Table 2 Business Policy Switch 2000 LED descriptions (continued) Label Type Color State Meaning RPSU RPSU status Green On The switch is connected to the RPSU and can receive power if needed. Off The switch is not connected to the RPSU or RPSU is not supplying power. Off The switch is in standalone mode. Green On The switch is connected to the upstream unit’s Cascade A In connector. Amber On This unit has detected a problem with the switch connected to the cascade up connector.
Table 2 Business Policy Switch 2000 LED descriptions (continued) Label Type Color State Meaning Base Base mode Green On The switch is configured as the stack base unit. Off The switch is not configured as the stack base unit (or is in standalone mode). Blinking Stack configuration error: indicates that multiple base units or no base units are configured in the stack. Amber On This unit is operating as the stack configuration’s temporary base unit.
Table 2 Business Policy Switch 2000 LED descriptions (continued) Label Type Color State Meaning Link Link status Green On Valid communications link established. Off The communications link connection is bad or there is no connection to this port. Blinking The corresponding port is management disabled. Blinking Indicates network activity for the corresponding port. A high level of network activity can cause the LEDs to appear to be on continuously.
Back panel The switch back panel is shown in Figure 4. Figure 4 Business Policy Switch 2000 back panel 2 1 3 9719EA Table 3 Business Policy Switch 2000 back-panel descriptions 1 AC power receptacle 2 RPSU connector 3 Cascade Module slot Cascade Module slot The Cascade Module slot allows you to attach an optional BayStack 400-ST1 Cascade Module to the switch (see “Stack configurations” on page 98). You can connect up to eight switches into a redundant stack configuration.
Figure 5 Removing the cascade module filler panel 9744FA Cooling fans Three cooling fans are located on one side of the Business Policy Switch to provide cooling for the internal components. (See Figure 1 on page 36.) When you install the switch, be sure to allow enough space on both sides of the switch for adequate air flow. See Installing the Business Policy Switch 2000 for detailed information. AC power receptacle The AC power receptacle accepts the AC power cord (supplied).
Table 4 International power cord specifications Country/Plug description Specifications Continental Europe: • CEE7 standard VII male plug • Harmonized cord (HAR marking on the outside of the cord jacket to comply with the CENELEC Harmonized Document HD-21) 220 or 230 VAC 50 Hz Single phase U.S.
Redundant power supply unit (RPSU) and uninterruptible power supply (UPS) The redundant power supply connector allows you to connect a backup power supply unit to the Business Policy Switch. Nortel Networks provides an optional redundant power supply unit (RPSU) for this purpose. The BayStack 10 Power Supply Unit is a hot-swappable power supply unit that provides uninterrupted operation to as many as four Business Policy Switches in the event that any of the switch power supplies fail.
Features The Business Policy Switch 2000 provides wire-speed switching that allows high-performance, low-cost connections to full-duplex and half-duplex 10/100/1000 Mb/s Ethernet local area networks (LANs). The Business Policy Switch provides the features detailed in the following sections: • • • Introduced with software version 1.
— “SNMP MIB support” on page 81 — “SNMP trap support” on page 83 CLI management system With software version 1.2, the BPS 2000 offers a Command Line Interface (CLI) management system. You can issue CLI commands through the serial port of the switch or through a Telnet session. (The SNMPv3 and RMON features are not supported.) You can work with the CLI interactively, when you use the CLI command to configure the switch command-by-command.
Refer to “Virtual Local Area Networks (VLANs)” on page 63 for a more complete description of VLANs. For information on configuring VLANs, refer to Chapters 2 and 3, Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2, Reference for the Business Policy Switch 2000 Management Software Version 1.2, and Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1.2.
The STG, or bridge group, forms a loop-free topology that includes one or more virtual LANs (VLANs). With software version 1.2, the BPS 2000 supports multiple instances (8) of STGs running simultaneously. As noted in “Increased VLANs,” the BPS 2000 with software version 1.2 supports a maximum of 256 VLANs. With a maximum of 8 STGs, on average, each STG will have 32 VLANs. In the default configuration of the BPS 2000, a single STG with the ID of 1 includes all ports on the switch.
STG configuration guidelines This section provides important information on configuring STGs: • • • • • • • • • • An STG must be created in the following order: — Create the STG — Add the existing VLAN and port memberships — Enable the STG When you create a VLAN, that VLAN automatically belongs to STG 1, the default STG. If you want the VLAN in another STG, you must move the VLAN by assigning it to another STG.
• • • Because some STP-compliant devices do not support tagging, you can configure whether to send tagged or untagged BPDUs, even from tagged ports, with the BPS 2000 with software version 1.2. The VLAN ID for the tagged BPDUs will be 4000+STG ID. An untagged port cannot span multiple STGs. When you add a port to a VLAN that belongs to an STG, the port is also added to the STG.
Spanning Tree Fast Learning Spanning Tree Fast Learning is an enhanced port mode supported by the BPS 2000. If you enable Spanning Tree Fast Learning on a port with no other bridges, the port is brought up more quickly following the switch initialization or a spanning tree change.
Use a text editor to edit the ASCII configuration; the command format is the same as that of the CLI. You can initiate the ASCII configuration file download using CLI commands only while connected to the base unit, and the ASCII configuration script will execute to completion. When you initiate downloading the ASCII configuration file from the console interface, the console does not display output.
! ------------------------------------------------------! ! create vlan portbased vlan create 100 name vlan100 type port ! ! add Mlts created above to this VLAN vlan members add 100 17 ! ! create vlan ip protocol based vlan create 150 name vlan150 type protocol-ipEther2 ! ! add ports to this VLAN ! in this case all ports vlan members add 150 ALL vlan ports ALL priority 3 ! ! create vlan MACSA based vlan create 90 name MAC90 type macsa ! add ports to this VLAN ! in this case all ports vlan members add 90
speed auto duplex auto ! ! ! ------------------------------------------------------! SNMP configuration ! ------------------------------------------------------snmp host 192.168.100.125 private snmp community private ! ! exit end ! ------------------------------------------------------! Finished ! ------------------------------------------------------- Note: To add comments to the ASCII configuration file, add an exclamation point (!) to the beginning of the line.
You must change the Telnet access field through direct access to the interface; you cannot change the Telnet access field through Telnet. You must set the Telnet feature after the first power-up. Note: To avoid locking a user out of the switch, Nortel Networks recommends that you configure ranges of IP addresses that you allow access. When you configure the access, you are setting access for the next session. The current session any user has open is unaffected.
The BayStack 450-1GBIC MDA supports the following GBICs: • • • • 1000BASE-SX—This GBIC uses shortwave 850 nm fiber optic connectors to connect devices over multimode (550 m or 1,805 ft) fiber optic cable. 1000BASE-LX—This GBIC uses longwave 1,300 nm fiber optic connectors to connect devices over single mode (5 km or 3.1 mi) or multimode (550 m or 1,805 ft) fiber optic cable.
Automatic PVID With software version 1.1, the BPS 2000 provides the Automatic PVID feature for configuring virtual local area networks (VLANs). Refer to “Virtual Local Area Networks (VLANs)” on page 63 for more complete information on VLANs. Refer to Chapter 3 for information on configuring Automatic PVID using the Console Interface (CI) menus. Refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.
Figure 6 VLAN broadcast domains within the switch S1 VLAN 3 VLAN 2 Port 2 Port 4 Port 10 PVID = 2 VLAN 1 Port 8 PVID = 3 V2 V2 V2 Port 6 Port 11 PVID = 1 V3 V1 V2 Key VLAN 1 (PVID = 1) VLAN 2 (PVID = 2) VLAN 3 (PVID = 3) BS45019A In Figure 6 the ports have the following PVID/VLAN associations: • Ports 8, 6, and 11 are untagged members of VLAN 1. The PVID/VLAN association for ports 6 and 11 is: PVID = 1. • Ports 2, 4, 10, and 8 are untagged members of VLAN 2.
Refer to Chapter 3 for information on configuring Automatic PVID using the Console Interface (CI) menus. Refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2 for information on configuring this feature using the Web-based management system. And, refer to Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1.2 for information on configuring Automatic PVID with CLI commands.
BootP menu item for a stack of only BPS 2000 switches In a stack consisting only of BPS 2000 switches, you can perform BootP using the MAC address of the base unit. Refer to “BootP automatic IP configuration/MAC address” on page 79 for more information on BootP and MAC addresses. You must use the console interface (CI) menus to choose this option. Refer to Chapter 3 for information on using the base unit MAC address for BootP.
Refer to Chapter 4, “Chapter 4, “Policy-enabled networks.” For information on configuring QoS using the Console Interface (CI) menus, refer to Chapter 3. To configure this feature using the Web-based management system, refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2. To use Device Manager (DM) to configure QoS, refer to Reference for the Business Policy Switch 2000 Management Software Version 1.2.
In software version 1.1, automatic PVID automatically sets the PVID when you configure a port-based VLAN. The PVID value will be the same value as VLAN. The user can also manually change the PVID value. The default setting for AutoPVID is Off; you must enable this feature. • Protocol-based VLANs A protocol-based VLAN is a VLAN in which you assign your switch ports as members of a broadcast domain, based on the protocol information within the packet.
OR • Independent VLAN Learning (IVL) mode—Each VLAN uses a unique forwarding database. The IVL mode is only an option when using the Business Policy Switch 2000; you must use the SVL mode when operating a hybrid stack. Business Policy Switches support up to 64 VLANs (port-, protocol-, or MAC SA-based), including VLAN #1 which is always port-based. With software version 1.2, the switch supports up to 256 VLANs. (The maximum number of available MAC SA-based VLANs is always 48.
If you are working with more than 64 VLANs in a Pure BPS 2000 Stack and you change to a Hybrid Stack, you lose all VLANs. However, if you have up to 64 VLANs in the Pure BPS 2000 Stack and you change to a Hybrid Stack, you will retain all the VLANs. To have more than 64 VLANs available, you must be operating in Pure BPS 200 Stack mode; you cannot be in Hybrid mode. The 256 VLANs are supported on either a standalone BPS 2000 with software version 1.
• EAPOL-based security—allows the exchange of authentication information between any end station or server connected to the switch and authentication server (such as a RADIUS server) Figure 7 shows a typical campus configuration using the RADIUS-based and MAC address-based security features for the Business Policy Switch. This example assumes that the switch, the teachers’ offices and classrooms, and the library are physically secured. The student dormitory may (or may not be) physically secure.
Figure 7 Business Policy Switch 2000 security feature RADIUS server To Network Center RADIUS-based security Switch Teachers’ offices and classrooms Student Dormitory Legend = Secure locked area Library BS45077A In this configuration example, the following security measures are implemented: • The switch — RADIUS-based security is used to limit administrative access to the switch through user authentication (see “RADIUS-based network security” on page 70).
• — MAC address-based security is used to allow up to 448 authorized stations (MAC addresses) access to one or more switch ports (see “MAC address-based security” on page 70). — The switch is located in a locked closet, accessible only by authorized Technical Services personnel. Student dormitory Dormitory rooms are typically occupied by two students and have been prewired with two RJ-45 jacks.
RADIUS-based network security The RADIUS-based security feature allows you to set up network access control, using the Remote Authentication Dial-In User Services (RADIUS) security protocol. The RADIUS-based security feature uses the RADIUS protocol to authenticate local console and Telnet logins. You will need to set up specific user accounts (user names and passwords, and Service-Type attributes) on your RADIUS server before the authentication process can be initiated.
• Specify optional actions to be exercised by your switch if the software detects a security violation. The response can be to send a trap, turn on destination address (DA) filtering, disable the specific port, or any combination of these three options. The MAC address-based security feature is based on Nortel Networks BaySecure™ LAN Access for Ethernet, a real-time security system that safeguards Ethernet networks from unauthorized surveillance and intrusion.
The following example illustrates how the BPS 2000, configured with the EAPOL-based security feature, reacts to a new network connection: • • The switch detects a new connection on one of its ports. — The switch requests a user ID from the new client. — EAPOL encapsulates the user ID and forwards it to the RADIUS server. — The RADIUS server responds with a request for the user’s password. The new client forwards an encrypted password to the switch, within the EAPOL packet.
The Authenticator determines the controlled port’s operational state. After the RADIUS server notifies the Authenticator PAE about the success or failure of the authentication, it changes the controlled port’s operational state accordingly. The Authenticator PAE functionality is implemented for each controlled port on the switch. At system initialization, or when a supplicant is initially connected to the switch’s controlled port, the controlled port’s state is set to Blocking.
When the EAPOL-based security is disabled on a port that was previously authorized, the port’s VLAN configuration values are restored directly from the switch’s non-volatile random access memory (NVRAM). The following exceptions apply to dynamic VLAN assignments: • • • The dynamic VLAN configuration values assigned by EAPOL are not stored in the switch’s NVRAM.
— Attribute Value: value 0 (zero) to 7 (this value is used to indicate the port priority value assigned to the specified user) System requirements The following are minimum system requirements for the EAPOL-based security feature: • • • At least one of the following supported switches: — BayStack 350/410-24T/450 switch (software version V4.0, or later) — Business Policy Switch 2000 (software version V1.
• • You cannot configure EAPOL-based security on ports that are currently configured for: — Shared segments — MultiLink Trunking — MAC address-based security — IGMP (Static Router Ports) — Port mirroring You can connect only a single client on each port that is configured for EAPOL-based security. (If you attempt to add additional ports to a port, that port goes to Blocking mode.) EAPOL-based security uses the RADIUS protocol to authenticate local console, Telnet, and EAPOL-authorized logins.
Configuration parameters storage All configuration parameters are stored in flash memory. These parameters are updated every 10 seconds (if a change occurs) or whenever a reset command is executed. Note: Do not power off the switch within 10 seconds of changing any configuration parameters. Powering down the switch within 10 seconds of changing configuration parameters can cause the changed configuration parameters to be lost.
For information on configuring MultiLink Trunks using the CI menus, refer to Chapter 3. To configure this feature using the Web-based management system, refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2. To use Device Manager (DM) to configure this feature, refer to Reference for the Business Policy Switch 2000 Management Software Version 1.2.
Chapter 1 The Business Policy Switch 2000 79 • The term autonegotiation refers to a standardized protocol (IEEE 802.3u) that exists between two IEEE 802.3u-capable devices. Autonegotiation allows the switch to select the best of both speed and duplex modes. Autosensing is used when the attached device is not capable of autonegotiation or is using a form of autonegotiation that is not compatible with the IEEE 802.3u autonegotiation standard.
Chapter 1 The Business Policy Switch 2000 For information on a stack MAC address, see Chapter 2. For more information and an example of a BootP configuration file, see Appendixes. Configuration and switch management The Business Policy Switch is shipped directly from the factory ready to operate in any 10BASE-T or 100BASE-TX standard network. You must assign an IP address to the switch or stack, depending on the mode of operation.
Chapter 1 The Business Policy Switch 2000 81 With software version 1.2 and higher, the CLI is used to automate general management and configuration of the BPS 2000. Use the CLI through a Telnet connection or through the serial port on the console. Refer to Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1.2 for complete information on using the CLI. • Any generic SNMP-based network management software.
Chapter 1 The Business Policy Switch 2000 to detailed management statistics. With SNMP management, you can configure SNMP traps (on individual ports) to generate automatically for conditions such as an unauthorized access attempt or changes in a port’s operating status. Table 5 lists supported SNMP MIBs. Table 5 SNMP MIB support Application Standard MIBs Proprietary MIBs S5 Chassis MIB s5cha127.mib S5 Agent MIB s5age140.mib RMON rfc2819.
Chapter 1 The Business Policy Switch 2000 83 SNMP trap support The Business Policy Switch supports an SNMP agent with industry-standard SNMPv1 traps, as well as private SNMPv1 trap extensions (Table 6). Table 6 Supported SNMP traps Trap name Configurable Sent when linkUp Per port A port’s link state changes to up. linkDown Per port A port’s link state changes to down. authenticationFailure System wide There is an SNMP authentication failure. coldStart Always on The system is powered on.
Chapter 1 The Business Policy Switch 2000 Standards The following IEEE Standards contain information germane to the Business Policy Switch 2000: • • • • IEEE 802.1D (Standard for Spanning Tree Protocol) IEEE 802.3 (Ethernet) IEEE 802.1Q (VLAN Tagging) IEEE 802.
Chapter 1 The Business Policy Switch 2000 85 Using the Business Policy Switch 2000 Version 1.
Chapter 1 The Business Policy Switch 2000 208700-B
Chapter 2 Network configuration Use Business Policy Switches to connect workstations, personal computers (PCs), and servers to each other by connecting these devices directly to the switch, through a shared media hub connected to the switch or by creating a virtual LAN (VLAN) through the switch.
Chapter 2 Network configuration To find out which version of the BPS 2000 software is running, use the console interface (CI) menus or the Web-based management system: • • CI menus—From the main menu of the console, choose Systems Characteristics menu. The software currently running is displayed in sysDescr. Web-based management system—Open the System Information page, which is under Administration on the main menu. The software currently running is displayed in the sysDescription field.
Chapter 2 Network configuration 89 Desktop switch application Figure 8 shows a Business Policy Switch used as a desktop switch, where desktop workstations are connected directly to switch ports. This configuration provides dedicated 100 Mb/s connections to the network center, the server, and as many as 26 users. This configuration uses the optional BPS2000-4TX MDA (10BASE-T/100BASE-TX MDA).
Chapter 2 Network configuration Figure 9 Business Policy Switch used as a segment switch After Before Server Business Policy Switch 2000 10BASE-T hubs Up to 22 users Server Up to 23 users Up to 23 users Up to 23 users To Network Center Up to 88 users Key 10 Mb/s 100 Mb/s 200 Mb/s - 88 users share 10 Mb/s (10/88 Mb/s per user) - Server bottleneck (10 Mb/s bandwidth) - Network center bottleneck (10 Mb/s bandwidth) -Total of 88 users To Network Center Up to 23 users - Four sets of 23 users; eac
Chapter 2 Network configuration 91 High-density switched workgroup application Figure 10 shows an example of using a Business Policy Switch with a high-speed (gigabit) connection to a Nortel Networks Passport™ 1100 switch. BayStack 303 and BayStack 304 switches are also shown in this example of a high-density switched workgroup.
Chapter 2 Network configuration Figure 10 Configuring power workgroups and a shared media hub Business Policy Switch 2000 F BayStack 303 switch F Server CPU PS1 PS2 FAN Accelar 1100 switch 100BASE-TX hub BayStack 304 switch Key 10 Mb/s 100 Mb/s 1000 Mb/s (Gigabit) 9841EA Fail-safe stack application Figure 11 shows an example of eight Business Policy Switches that are stacked together as a single managed unit.
Chapter 2 Network configuration 93 Figure 11 Fail-safe stack example Up to 24 users Business Policy Switch 2000 Up to 28 users F Up to 28 users F Up to 28 users CPU PS1 PS2 FAN Accelar switch Up to 28 users Up to 28 users Up to 28 users Up to 28 users Key 100 Mb/s 1000 Mb/s 9842EA Business Policy Switch stack operation BPS 2000 switches configured with Business Policy Switch software version 1.0 provide fail-safe stackability when you install the optional BayStack 400-ST1 Cascade Module.
Chapter 2 Network configuration • • “Stack configurations” on page 98 “Redundant cascade stacking feature” on page 102 Note: If you are implementing a mixed stack with the Business Policy Switch and BayStack 450 and BayStack 410 switches, refer to Appendixes for configuration and interoperability information. BayStack 400-ST1 Cascade Module The front-panel components of the BayStack 400-ST1 Cascade Module are shown in Figure 12. Component descriptions follow the figure.
Chapter 2 Network configuration 95 Unit Select switch The Unit Select switch (up = Base) determines the base unit for the stack configuration (see “Base unit”). The Unit Select switch status is displayed on the Business Policy Switch LED display panel. When the Unit Select switch is in the Base (up) position, all other Unit Select switches in the stack configuration must be set to Off (down).
Chapter 2 Network configuration Base unit Note: For stacking three or more units (maximum 8 units per stack), order the optional 1 meter (39.27 inch) cascade max-return cable (order number AL2018001). The base unit is the unique stack unit that you configure with the Unit Select switch on the front panel of the BayStack 400-ST1 Cascade Module.
Chapter 2 Network configuration 97 Stack MAC address When the switch is participating in a stack configuration, a stack MAC address is automatically assigned during the stack initialization. The base unit’s MAC address, with a software offset, is used for the stack MAC address.
Chapter 2 Network configuration Removing a unit from the stack If a unit is removed from the stack (therefore operating in standalone mode), the following switch configuration settings revert back to the settings configured before the unit became a member of the stack: • IP address • Password: console, Web, Telnet, SNMP (including DM) • Stack operational mode • SNMP community strings Stack configurations As shown in Figure 14, the cascade connectors and cables on the BayStack 400-ST1 Cascade Mo
Chapter 2 Network configuration 99 Figure 14 Stack up configuration example Out 1 Unit 8 Unit 7 Unit 6 Unit 5 Unit 4 Unit 3 Unit 2 Unit 1 2 In 3 4 9813EA Table 7 describes the stack up configuration illustration references. Table 7 Stack up configuration description 1 Last unit 2 Base unit 3 Cascade Cable (part number 303978-A) 4 Cascade Cable (part number 303979-A) Using the Business Policy Switch 2000 Version 1.
Chapter 2 Network configuration Stack down configurations In Figure 15, data flows from the base unit (unit 1) to the next switch, which is assigned as unit 2, and continues until the last switch in the stack is assigned as unit 8. The physical order of the switches is from top to bottom (unit 1 to unit 8).
Chapter 2 Network configuration 101 Table 8 describes the stack down configuration illustration references. Table 8 Stack down configuration description 1 Base unit 2 Last unit 3 Cascade cable (part number 303978-A) 4 Cascade max-return cable (part number 303979-A) Certain network management station (NMS) applications assume a stack down configuration for the graphical user interface (GUI) that represents the stack (see Figure 15).
Chapter 2 Network configuration Redundant cascade stacking feature Business Policy Switches allow you to connect up to 8 units into a redundant cascade stack. If any single unit fails or if a cable is accidently disconnected, other units in the stack remain operational, without interruption. Figure 16 shows an example of how a stack configuration reacts to a failed or powered-down unit in the stack configuration: 1 As shown in Figure 16, unit 3 becomes nonoperational.
Chapter 2 Network configuration 103 Figure 16 Redundant cascade stacking feature Cascade A Out Cascade A In 1 Unit 1 Unit 2 A Unit 3 B Unit 4 Unit 5 2 3 4 9815EA Table 9 describes the redundant cascade stacking illustration references. Table 9 Redundant cascade stacking descriptions 1 Base unit 2 Last unit 3 Cascade cable (part number 303978-A) 4 Cascade max-return cable (part number 303979-A) Using the Business Policy Switch 2000 Version 1.
Chapter 2 Network configuration IEEE 802.1Q VLAN workgroups Note: For guidelines on configuring VLANs, STGs, and MLT, refer to Chapter 1. Business Policy Switches support up to 64 VLANs (maximum of 48 MAC source address-based VLANs) with IEEE 802.1Q tagging available per port. With software version 1.2, the BPS 2000 supports up to 256 VLANs (maximum of 48 MAC source addressed-based VLANs.) Note: Only standalone or pure stacks of BPS 2000 support 256 VLANs.
Chapter 2 Network configuration 105 Figure 17 Port-based VLAN example VLAN 1 VLAN 2 Business Policy Switch 2000 9798EA IEEE 802.1Q tagging Business Policy Switches operate in accordance with the IEEE 802.1Q tagging rules. Important terms used with the 802.1Q tagging feature are: • • VLAN identifier (VID)—the 12-bit portion of the VLAN tag in the frame header that identifies an explicit VLAN.
Chapter 2 Network configuration • • • • • • • • Untagged frame— a frame that does not carry any VLAN tagging information in the frame header. VLAN port members— a set of ports that form a broadcast domain for a specific VLAN. A port can be a member of one or more VLANs. Untagged member—a port that has been configured as an untagged member of a specific VLAN. When an untagged frame exits the switch through an untagged member port, the frame header remains unchanged.
Chapter 2 Network configuration 107 Figure 18 Default VLAN settings 802.1Q Switch VLAN 1 Port 1 Port 2 Port 3 Port 4 Port 5 Port 6 Port 7 Port 8 PVID = 1 DA CRC SA Incoming untagged packet Data Outgoing untagged packet (unchanged) CRC Data SA DA Key By default: All ports are assigned PVID = 1 All ports are untagged members of VLAN 1 BS45010A When you configure VLANs, you configure the switch ports as tagged or untagged members of specific VLANs (see Figure 19 through Figure 24).
Chapter 2 Network configuration Figure 19 Port-based VLAN assignment Data SA Port 4 CRC DA Port 2 Port 3 Tagged member of VLAN 2 Port 5 Port 1 PVID = 2 Untagged packet 802.1Q Switch Before Port 6 Port 7 Port 8 Untagged member of VLAN 2 BS45011A As shown in Figure 20, the untagged packet is marked (tagged) as it leaves the switch through port 5, which is configured as a tagged member of VLAN 2.
Chapter 2 Network configuration 109 Figure 21 Policy-based VLAN assignment Data SA Port 4 CRC Port 1 DA Port 2 Port 3 802.1Q Switch Before Port 6 Port 7 Tagged member of VLAN 3 Port 5 Policy VLAN = 3 PVID = 2 Untagged packet Port 8 Untagged member of VLAN 3 BS45011B As shown in Figure 22, the untagged packet is marked (tagged) as it leaves the switch through port 5, which is configured as a tagged member of VLAN 3.
Chapter 2 Network configuration In Figure 23, tagged incoming packets are assigned directly to VLAN 2 because of the tag assignment in the packet. Port 5 is configured as a tagged member of VLAN 2, and port 7 is configured as an untagged member of VLAN 2. Figure 23 802.1Q tag assignment CRC Data Tag Before SA DA Port 4 Tagged packet Port 2 Port 3 802.
Chapter 2 Network configuration 111 As shown in Figure 24, the tagged packet remains unchanged as it leaves the switch through port 5, which is configured as a tagged member of VLAN 2. However, the tagged packet is stripped (untagged) as it leaves the switch through port 7, which is configured as an untagged member of VLAN 2. Figure 24 802.1Q tagging (after 802.1Q tag assignment) Port 4 Port 1 Port 2 802.
Chapter 2 Network configuration VLANs spanning multiple 802.1Q tagged switches Figure 25 shows VLANs spanning two Business Policy Switches. The 802.1Q tagging is enabled on S1, port 2 and on S2, port 1 for VLAN 1 and VLAN 2. Both ports are tagged members of VLAN 1 and VLAN 2. Figure 25 VLANs spanning multiple 802.
Chapter 2 Network configuration 113 Refer to Chapter 1 for additional guidelines on configuring VLANs and spanning tree groups. Figure 26 VLANs spanning multiple untagged switches VLAN 1 S1 VLAN 2 Business Policy Switch 2000 Untagged ports S2 Non-802.1Q tagging switch 9800EA When the STP is enabled on these switches, only one link between each pair of switches will be forwarding traffic. Because each port belongs to only one VLAN at a time, connectivity on the other VLAN is lost.
Chapter 2 Network configuration Figure 27 Possible problems with VLANs and Spanning Tree Protocol Station A Business Policy Switch 2000 S1 VLAN 1 No Communications Forwarding VLAN 2 Blocking Business Policy Switch 2000 S2 VLAN 1 VLAN 2 Station B 9801EA As shown in Figure 27, with STP enabled, only one connection between Switch S1 and Switch S2 is forwarding at any time. Communications failure occurs between VLAN 2 of S1 and VLAN 2 of S2, blocking communications between Stations A and B.
Chapter 2 Network configuration 115 Figure 28 Multiple VLANs sharing resources Business Policy Switch 2000 S1 V2 V2 V1 V3 V2 V1 Key VLAN 1 (PVID=1) VLAN 2 (PVID=2) VLAN 3 (PVID=3) 9803EA In the above configuration, all of the switch ports are set to participate as VLAN port members. This arrangement allows the switch to establish the appropriate broadcast domains within the switch (Figure 29). Refer to Chapter 1 for additional guidelines on configuring VLANs and spanning tree groups.
Chapter 2 Network configuration Figure 29 VLAN broadcast domains within the switch S1 VLAN 3 VLAN 2 Port 2 Port 4 Port 10 PVID = 2 VLAN 1 Port 8 PVID = 3 V2 V2 V2 V3 Port 6 Port 11 PVID = 1 V1 V2 Key VLAN 1 (PVID = 1) VLAN 2 (PVID = 2) VLAN 3 (PVID = 3) BS45019A For example, to create a broadcast domain for each VLAN shown in Figure 29, configure each VLAN with a port membership, and each port with the appropriate PVID/VLAN association: • • • • • • Ports 8, 6, and 11 are untagged membe
Chapter 2 Network configuration 117 To configure the VLAN port membership for VLAN 1: 1 Select Switch Configuration from the Business Policy Switch Main Menu (or press w). 2 From the Switch Configuration Menu, select VLAN Configuration (or press v). 3 From the VLAN Configuration Menu select VLAN Configuration (or press v).
Chapter 2 Network configuration Ports 2, 4, 6, 8, 10, and 11 are now untagged members of VLAN 3 as shown in Figure 29 on page 116.
Chapter 2 Network configuration 119 Figure 32 Default VLAN Port Configuration screen example VLAN Port Configuration Unit: Port: Filter Tagged Frames: Filter Untagged Frames: Filter Unregistered Frames: Port Name: PVID: Port Priority: Tagging: [ 1 ] [ 1 ] [ No ] [ No ] [ No ] [Port 1] [ 1 ] [ 0 ] [ Untagged Access ] AutoPVID (all ports): [ Disabled ] Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu.
Chapter 2 Network configuration Figure 33 VLAN Port Configuration screen example VLAN Port Configuration Unit: Port: Filter Tagged Frames: Filter Untagged Frames: Filter Unregistered Frames: Port Name: PVID: Port Priority: Tagging: [ 1 ] [ 8 ] [ No ] [ No ] [ No ] [ Student port ] [ 3 ] [ 0 ] [Untagged Access] AutoPVID (all ports): [ Disabled ] Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu.
Chapter 2 Network configuration 121 Figure 34 VLAN configuration spanning multiple switches Business Policy Switch 2000 Non-802.1Q tagging switch S4 S2 Both ports are tagged members of VLAN 1 and VLAN 2 Untagged ports (STP disabled) Business Policy Switch 2000 S1 V1 Non-802.1Q tagging switch S3 V2 V2 V1 V3 V2 Key VLAN 1 (PVID=1) VLAN 2 (PVID=2) VLAN 3 (PVID=3) 9802EA Using the Business Policy Switch 2000 Version 1.
Chapter 2 Network configuration VLAN configuration rules VLANs operate according to specific configuration rules. When creating VLANs, consider the following rules that determine how the configured VLAN reacts in any network topology: • • • • • • • You must be in the Pure BPS 2000 Stack mode and using software version 1.2 to be able to configure between 65 and 256 VLANs. (You can configure up to 64 VLANs in Hybrid mode.
Chapter 2 Network configuration 123 Multicast stream from exiting any other port that does not connect to another host member, thus conserving bandwidth. The following section describes how Business Policy Switches provide the same benefit as IP Multicast routers, but in the local area. IGMP is used by IP Multicast routers to learn about the existence of host group members on their directly attached subnets (see RFC 2236).
Chapter 2 Network configuration Figure 35 IP Multicast propagation with IGMP routing IGMP Host Host membership query Host membership query Internet Designated router #1 Designated router #2 Non-IP Multicast filtering switch Multicast stream Host membership report Non-IP Multicast filtering switch Host membership report BS45021B The Business Policy Switch can automatically set up IP Multicast filters so the IP Multicast traffic is only directed to the participating end nodes (see Figure 36).
Chapter 2 Network configuration 125 One client, connected to S2, responds with a host membership report. Switch S2 intercepts the report from that port, and generates a proxy report to its upstream neighbor, S1. Also, two clients connected to S4 respond with host membership reports, causing S4 to intercept the reports and to generate a consolidated proxy report to its upstream neighbor, S1.
Chapter 2 Network configuration After the switches learn which ports are requesting access to the IP Multicast stream, all other ports not responding to the queries are blocked from receiving the IP Multicast (Figure 37).
Chapter 2 Network configuration 127 IGMP snooping configuration rules The IGMP snooping feature operates according to specific configuration rules. When configuring your switch for IGMP snooping, consider the following rules that determine how the configuration reacts in any network topology: • • • • • • • • • A port that is configured for port mirroring cannot be configured as a static router port.
Chapter 2 Network configuration IEEE 802.1p prioritizing For more information on prioritizing traffic, refer to Chapter 4, “Policy-enabled networks.” You can use the VLAN Configuration screens to prioritize the order in which the switch forwards packets, on a per-port basis. For example, if messages from a specific segment are crucial to your operation, you can set the switch port connected to that segment to a higher priority level (by default, all switch ports are set to low priority).
Chapter 2 Network configuration 129 MultiLink Trunks Note: For guidelines on configuring VLANs, STGs, and MLT, refer to Chapter 1. MultiLink Trunks allow you to group up to four switch ports together to form a link to another switch or server, thus increasing aggregate throughput of the interconnection between the devices (up to 800 Mb/s in full-duplex mode). You can configure up to six MultiLink Trunks.
Chapter 2 Network configuration Figure 39 Switch-to-switch trunk configuration example Business Policy Switch 2 S1 T1 F F Business Policy Switch 2000 S2 T2 Business Policy Switch 2 S3 9804EA You can configure each of the trunks shown in Figure 39 with up to four switch ports to provide up to 800 Mb/s aggregate bandwidth through each trunk, in full-duplex mode.
Chapter 2 Network configuration 131 Figure 40 Switch-to-server trunk configuration example FS1 FS2 T1 S1 Business Policy Switch 2000 9805EA Client/server configuration using MultiLink Trunks Figure 41 shows an example of how MultiLink Trunking can be used in a client/server configuration. In this example, both servers connect directly to Switch S1. FS2 is connected through a trunk configuration (T1). The switch-to-switch connections are through trunks (T2, T3, T4, and T5).
Chapter 2 Network configuration Figure 41 Client/server configuration example FS1 FS2 T1 S1 Business Policy Switch 2000 F F T2 T3 Business Policy Switch 2000S3 T4 Business Policy Switch 2000S4 T5 Business Policy Switch 200 S2 9806EA For detailed information about configuring trunks, see Chapter 3. Before you configure trunks When you create and enable a trunk, the trunk members (switch ports) take on certain settings necessary for correct operation of the MultiLink Trunking feature.
Chapter 2 Network configuration 133 Ensure that the chosen switch ports are set to Enabled, using either the Port Configuration screen (see Chapter 3) or other network management system. Trunk member ports must have the same VLAN configuration. 3 All network cabling should be complete and stable before configuring any trunks, to avoid configuration errors.
Chapter 2 Network configuration • • • • • When you set any trunk member to Disabled (not active) through the Port Configuration screen or through network management, the trunk member is removed from the trunk. The trunk member has to be reconfigured to rejoin the trunk through the Trunk Configuration screen on the CI menus, or another management system. A screen prompt precedes this action when you are using CI menus. A trunk member cannot be disabled if there are only two trunk members on the trunk.
Chapter 2 Network configuration 135 Figure 42 Loss of distributed trunk members Business Policy Switch 2000 BPS2000 MDA Unit 1 Unit 2 Unit 3 BPS2000 MDA Unit 4 BPS2000 MDA Unit 5 Unit 6 BPS2000 MDA T1 Accelar 1150/1150R Routing Switch (XLR1102SR I/O Modules) Unit 7 Unit 8 CPU PS1 PS2 FAN 9843EA However, until you correct the cause of the failure or change the trunk Status field to Disabled, you will be unable to modify any of the following parameters for the affected trunk: • • • • • • VLAN confi
Chapter 2 Network configuration LAN speed, in Mb/s). Another three-port trunk (T2) is configured with an aggregate bandwidth of 210 Mb/s, with a comparable Path Cost of 4. When the Path Cost calculations for both trunks are equal, the software chooses the trunk with the larger aggregate bandwidth (T1) to determine the most efficient path. Also, the trunk cannot span multiple spanning tree groups.
Chapter 2 Network configuration 137 Figure 44 Example 1: correctly configured trunk S1 Port Configuration screen Business Policy Switch 2 S1 T1 Business Policy Switch 2000 S2 S2 Port Configuration screen 9808EA If Switch S2’s trunk member port 11 is physically disconnected and then reconnected to port 13, the Spanning Tree Port Configuration screen for Switch S1 changes to show port 6 in the Blocking state (Figure 45). Using the Business Policy Switch 2000 Version 1.
Chapter 2 Network configuration Figure 45 Example 2: detecting a misconfigured port [Blocking] S1 Port Configuration screen Business Policy Switch 2 S1 T1 Business Policy Switch 2000 S2 S2 Port Configuration screen 9809EA Additional tips about the MultiLink Trunking feature When you create a MultiLink Trunk, the individual trunk members (the specific ports that make up the trunk) logically connect and react as a single entity.
Chapter 2 Network configuration 139 All configured trunks are indicated in the Spanning Tree Configuration screen. The Trunk field lists the active trunks, adjacent to the port numbers that correspond to the specific trunk member for that trunk. When a trunk is active, you can disable spanning tree participation using the Trunk Configuration screen or using the Spanning Tree Configuration screen.
Chapter 2 Network configuration • • Port-based mirroring Address-based mirroring A sample Port Mirroring Configuration screen accompanies each network configuration example. Note that the displayed screens do not show all of the screen prompts that precede some actions.
Chapter 2 Network configuration 141 Figure 46 Port-based mirroring configuration example StackProbe Port X (port 25) S1 Business Policy Switch 2 T1 F Monitor port (port 23) Port Y (port 24) F Business Policy Switch 2000 S2 T2 S3 Business Policy Switch 2 9810EA In the configuration example shown in Figure 46, the designated monitor port (port 23) can be set to monitor traffic in any of the following modes: • • • • • • Monitor all traffic received by port X.
Chapter 2 Network configuration As shown in the Port Mirroring Configuration screen example (Figure 47), port 23 is designated as the Monitor Port for ports 24 and 25 in Switch S1. Note: The Unit value (in the Unit/Port field) is not configurable when the switch is operating standalone. For detailed information about the Port Mirroring screen fields, see Chapter 3.
Chapter 2 Network configuration 143 Address-based mirroring configuration Figure 48 shows an example of an address-based mirroring configuration where port 23, the designated monitor port for Switch S1, is monitoring traffic occurring between address A and address B.
Chapter 2 Network configuration • Monitor all traffic between address A and address B (conversation between the two stations). Figure 49 shows the Port Mirroring Configuration screen setup for this example. In this example, port 23 becomes the designated Monitor Port for Switch S1 when you press Enter in response to the [Yes] screen prompt. Note: The screen data displayed at the bottom of the screen changes to show the new currently active port mirroring configuration after you press Enter.
Chapter 2 Network configuration 145 Figure 49 Port Mirroring Configuration address-based screen example Port Mirroring Configuration Monitoring Mode: Monitor Unit/Port: [ [ Address A /23 ] Unit/Port X: Unit/Port Y: [ [ / / Address A: Address B: -> Address B ] ] ] [ 00-44-55-44-55-22 ] [ 00-33-44-33-22-44 ] Is your port mirroring configuration complete? [ Yes ] Currently Active Port Mirroring Configuration --------------------------------------------Monitoring Mode: -> Address A or Address B ->
Chapter 2 Network configuration • • VLAN configuration settings for any ports configured for port-based mirroring cannot be changed. Use the Port Mirroring Configuration screen to disable port mirroring (or reconfigure the port mirroring ports), then change the VLAN configuration settings. For port-based monitoring of traffic, use one of the following modes for monitoring broadcast, IP Multicast, or unknown DA frames: — Monitor all traffic received by port X.
Chapter 3 Using the console interface This chapter describes how to configure and manage the Business Policy Switch using the menu-driven console interface (CI). This chapter covers the following topics: • • • • “Compatibility with BayStack 450 switches,” next “Accessing the CI menus and screens” on page 148 “Using the CI menus and screens” on page 149 “Main Menu” on page 151 Compatibility with BayStack 450 switches The BPS 2000 software version 1.2 is compatible with BayStack 450 software version 4.
Chapter 3 Using the console interface You can use 256 port-, protocol-, and MAC SA-based VLANs for the stack with a Pure BPS 2000 stack running software version 1.2. (The maximum number of MAC SA-based VLANs is 48.) If you are working with a mixed, or hybrid, stack, you can use 64 VLANs for the entire stack. When you change from a Pure BPS 2000 Stack mode to a Hybrid Stack mode: • • If you have up to 64 VLANs on the Pure BPS 2000 Stack, they will be retained when you change to a Hybrid Stack.
Chapter 3 Using the console interface 149 Using the CI menus and screens The CI menus and screens provide options that allow you to configure and manage Business Policy Switches. Help prompts at the bottom of each menu and screen explain how to enter data in the highlighted field and how to navigate the menus and screens. The Console Port default settings are: 9600 baud with eight data bits, one stop bit, and no parity as the communications format, with flow control set to disabled.
Chapter 3 Using the console interface • • • • To go to the next screen in a series, press [Ctrl]-N. To return to the main menu at any time, press [Ctrl]-C. Press [Backspace] to delete entered text. Options that appear in brackets (for example, [Enabled]) are user-settable options. Screen fields and descriptions Figure 50 shows a map of the CI screens. The remainder of this chapter describes the CI screens and their fields, beginning with the main menu.
Chapter 3 Using the console interface 151 The CI screens for your specific switch model will show the correct model name in the main menu screen title and the correct number of ports and port types in the Port Configuration screen. Note: The field values shown in the CI screens in this section are provided as examples only. Main Menu This section describes the options available from the CI main menu (Figure 51). The CI screens and submenus for these options are described in the following sections.
Chapter 3 Using the console interface Figure 51 Console interface main menu Business Policy Switch 2000 Main Menu IP Configuration/Setup... SNMP Configuration... System Characteristics... Switch Configuration... Console/Comm Port Configuration... Identify Unit Numbers Renumber Stack Units... Display Hardware Units... Spanning Tree Configuration... TELNET/SNMP/Web Access Configuration... Software Download... Configuration File...
Chapter 3 Using the console interface 153 Table 10 Console interface Main Menu options (continued) Option Description Switch Configuration... Displays the Switch Configuration Menu screen (see “Switch Configuration Menu screen” on page 164).
Chapter 3 Using the console interface Table 10 Console interface Main Menu options (continued) Option Description Reset to Default Settings Resets the switch to the factory default configuration settings. This option is followed by a screen prompt that precedes the action.
Chapter 3 Using the console interface 155 IP Configuration/Setup screen The IP Configuration/Setup screen (Figure 52) allows you to set or modify the Business Policy Switch IP configuration parameters. Data that you enter in the user-configurable fields takes effect as soon as you press [Enter]. To open the IP Configuration/Setup screen: ➨ Choose IP Configuration/Setup (or press i) from the main menu.
Chapter 3 Using the console interface Table 11 IP Configuration/Setup screen fields Field Description BootP Request Mode One of four modes of operation for BootP. (See “Choosing a BootP request mode” on page 157 for details about the four modes.) Default Value BootP Disabled Range BootP Disabled, BootP When Needed, BootP Always, BootP or Last Address Configurable Column header for the user-configurable IP configuration fields in this screen.
Chapter 3 Using the console interface 157 Table 11 IP Configuration/Setup screen fields (continued) Field Description In-Band Subnet Mask The subnet address mask associated with the in-band IP address shown on the screen (see In-Band Switch IP Address field). Network routers use the subnet mask to determine the network or subnet address portion of a host’s IP address.
Chapter 3 Using the console interface • BootP or Last Address Note: Whenever the switch is broadcasting BootP requests, the BootP process will eventually time out if a reply is not received. When the process times out, the BootP request mode automatically changes to BootP Disabled mode. To restart the BootP process, change the BootP request mode to any of the three following modes: • • • BootP When Needed BootP Always BootP or Last Address.
Chapter 3 Using the console interface 159 If an IP address is not currently in use, these actions take effect immediately. If an IP address is currently in use, these actions take effect only after the switch is reset or power cycled. BootP Disabled Allows the switch to be managed only by using the IP address set from the console terminal. When selected, this mode operates as follows: • • The switch does not broadcast BootP requests, regardless of whether an IP address is set from the console terminal.
Chapter 3 Using the console interface SNMP Configuration screen The SNMP Configuration screen (Figure 53) allows you to set or modify the SNMP configuration parameters. To open the SNMP Configuration screen: ➨ Choose SNMP Configuration (or press m) from the main menu. Figure 53 SNMP Configuration screen SNMP Configuration Read-Only Community String: Read-Write Community String: [ public ] [ private ] Trap #1 IP Address: Community String: [ 0.0.0.0 ] [ ] Trap #2 IP Address: Community String: [ 0.
Chapter 3 Using the console interface 161 Table 12 describes the SNMP Configuration screen fields. Table 12 SNMP Configuration screen fields Field Description Read-Only Community String The community string used for in-band read-only SNMP operations. Read-Write Community String Trap #1 IP Address1 Community String Authentication Trap Autotopology Default Value public Range Any ASCII string of up to 32 printable characters The community string used for in-band read-write SNMP operations.
Chapter 3 Using the console interface System Characteristics screen The System Characteristics screen (Figure 54) allows you to view system characteristics and contains three user-configurable fields: sysContact, sysName, and sysLocation. To open the System Characteristics screen: ➨ Choose System Characteristics (or press s) from the main menu.
Chapter 3 Using the console interface 163 Table 13 describes the System Characteristics screen fields. Table 13 System Characteristics screen fields Field Description Operation Mode Read-only field that indicates the operation mode of the unit, for example: • When the unit is part of a stack configuration, the (read-only) field indicates the unit is operational in a stack, and lists the current unit number of this switch. In this example (see Figure 54 on page 162), the current unit number is Unit 2.
Chapter 3 Using the console interface Table 13 System Characteristics screen fields (continued) Field Description sysContact The name and phone number of the person responsible for the switch. sysName sysLocation Default Value Zero-length string Range Any ASCII string of up to 56 printable characters1 A name that uniquely identifies the switch. Default Value Zero-length string Range Any ASCII string of up to 56 printable characters1 The physical location of the switch.
Chapter 3 Using the console interface 165 Figure 55 Switch Configuration Menu screen Switch Configuration Menu MAC Address Table MAC Address Security Configuration... EAPOL Security Configuration… VLAN Configuration... Port Configuration... High Speed Flow Control Configuration... MultiLink Trunk Configuration... Port Mirroring Configuration... Rate Limiting Configuration... IGMP Configuration... Display Port Statistics Clear All Port Statistics Stack Operational Mode...
Chapter 3 Using the console interface Table 14 Switch Configuration Menu screen options (continued) Option Description EAPOL Security Configuration... Displays the EAPOL Security Configuration menu (see “EAPOL Security Configuration screen” on page 183). This screen allows you to set up Extensible Authentication Protocol over LAN (EAPOL)based security. VLAN Configuration... Displays the VLAN Configuration Menu (see “VLAN Configuration Menu screen” on page 187).
Chapter 3 Using the console interface 167 Table 14 Switch Configuration Menu screen options (continued) Option Description Clear All Port Statistics Allows you to clear all port statistics.
Chapter 3 Using the console interface Figure 56 MAC Address Table Screen MAC Address Table Aging Time: Find an Address: Select VLAN ID: Number of addresses: 00-00-81-65-20-02 00-00-81-C1-9B-81 00-00-81-C1-F6-81 00-03-4B-40-2B-F4 00-08-C7-02-C4-C0 00-08-C7-20-CC-AE 00-08-C7-90-2E-E5 00-20-AF-9E-9E-FD 00-60-08-95-A6-F5 00-60-97-22-54-7C 00-80-2D-08-0B-5F 00-80-2D-22-4E-01 00-80-2D-22-93-F6 Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: Unit: 2 2 2 2 2 2 2 2 2 2 2 2 2 Port: Po
Chapter 3 Using the console interface 169 Table 15 MAC Address Table screen fields (continued) Field Description Find an Address Allows the user to search for a specific MAC address. Select VLAN ID Default Value 00-00-00-00-00-00 (no MAC address assigned) Range 00-00-00-00-00-00 to FF-FF-FF-FF-FF-FF Enter the VLAN ID number you want to display the MAC addresses for.
Chapter 3 Using the console interface Figure 57 MAC Address Security Configuration Menu screen MAC Address Security Configuration Menu MAC Address Security Configuration... MAC Address Security Port Configuration... MAC Address Security Port Lists... MAC Address Security Table... Return to Switch Configuration Menu Use arrow keys to highlight option, press or to select option. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface 171 MAC Address Security Configuration screen The MAC Address Security Configuration screen (Figure 58) allows you to enable or disable the MAC address security feature and to specify the appropriate system responses to any unauthorized network access to your switch. ➨ Choose MAC Address Security Configuration from the MAC Address Security Configuration Menu to open the MAC Address Security Configuration screen.
Chapter 3 Using the console interface Table 17 describes the MAC Address Security Configuration screen fields. Table 17 MAC Address Security Configuration fields Field Description MAC Address Security When this field is set to enabled, the software checks source MAC addresses of packets that arrive on secure ports against MAC addresses listed in the MAC Address Security Table for allowed membership.
Chapter 3 Using the console interface 173 Table 17 MAC Address Security Configuration fields (continued) Field Description DA Filtering on Intrusion Detected When set to enabled, this field isolates the intruding node by filtering (discarding) packets sent to that MAC address.
Chapter 3 Using the console interface To open the MAC Address Security Port Configuration screen: ➨ Choose MAC Address Security Port Configuration from the MAC Address Security Configuration Menu.
Chapter 3 Using the console interface 175 Figure 59 MAC Security Port Configuration screen (1 of 2) MAC Security Port Configuration Port ---1 2 3 4 5 6 7 8 9 10 11 12 13 14 Trunk ----- Security -----------[ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] [ Disabled ] More... Press Ctrl-N to display choices for additional ports..
Chapter 3 Using the console interface Table 18 describes the MAC Security Port Configuration screen fields. Table 18 MAC Security Port Configuration screen fields Field Description Port Displays a numbered port list. Trunk Displays the trunk number if the port is a member of that trunk. Default Security blank field This field value determines whether or not security is enabled or disabled on the port level or switch level.
Chapter 3 Using the console interface 177 Figure 61 MAC Address Security Port Lists screens MAC Address Security Port Lists Entry ----S1 Screen 1 Port List --------[ ] S2 [ ] S3 ] S4 [ Entry ----S8 [ S5 S9 [ ] [ ] S6 S10 [ ] ] S7 S11 [ ] Entry[ ----S15 [ ] MAC Address Security Port Lists Screen 2 Port List --------[ ] ] Screen 3 MAC Address Security Port Lists Port List --------[ ] More...
Chapter 3 Using the console interface Figure 62 MAC Address Security Port Lists screen MAC Address Security Port Lists Entry ----S1 S2 S3 S4 S5 S6 S7 Port List --------[ 1/1-7,2/1-7,2/9,3/1-4,4/12 ] [ 2/1-7,2/9,4/3-5 ] [ 1/3,2/7,3/1-4 ] [ 4/12 ] [ 1/NONE,2/NONE,3/NONE,4/NONE ] [ 1/ALL,2/ALL,3/ALL,4/ALL ] [ 3/ALL ] More... Press Ctrl-N to display next screen. PortT Enter unit/port, “1/NONE”, “1/ALL”, “2/3,4/7-9”. Press or when done. Press Ctrl-R to return to previous menu.
Chapter 3 Using the console interface 179 A unit/port number list is composed of one or more list items, each of which can be a single number or a range of numbers (where the numbers represents one or more ports). If a list item is preceded by a number and then a slash (/), the number represents a stack unit. For example, 1/1-7,2/1-7,2/9,3/1-4,4/12 is a valid unit/port number list (see entry S1 in Figure 62 on page 178).
Chapter 3 Using the console interface As an alternative method instead, you can highlight the field and then enter +2/9 [Return]. The existing field keeps the previous list and adds the new port number (2/9) between ports 2/7 and 3/14. (If you choose to add port 2/8 to the existing port number list, the field accepts the new port 2/8 but shows the new port number list field as: 1/3,2/7-8,3/1-4.
Chapter 3 Using the console interface 181 MAC Address Security Table screens The MAC Address Security Table screens allow you specify the ports that each MAC address is allowed to access. You must also include the MAC addresses of any routers that are connected to any secure ports. There are 16 available MAC Address Security Table screens (Figure 63) that you can use to create up to 448 MAC address entries (28 per screen).
Chapter 3 Using the console interface Figure 64 MAC Address Security Table screen MAC Address Security Table [ [ [ [ [ [ [ [ [ [ [ [ [ [ MAC Address ----------44-33-22-44-55-44 22-44-33-55-66-55 22-55-33-44-33-22 44-22-33-55-44-22 22-33-44-55-33-44 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Find an Address: Allowed Source -------------] [ S1 ] ] [ S2 ] ] [ S3 ] ] [ S4 ] ] [ S3 ] ] [ ] ] [ ] ] [ ] ] [ ] ] [ ] ] [ ] ] [ ] ] [ ] ] [ ] [ [ [ [ [ [ [ [ [ [ [ [ [ [ MAC Addr
Chapter 3 Using the console interface 183 Table 20 MAC Address Security Table Screen Fields (continued) Field Description Allowed Source Allows you to specify the ports that each MAC address is allowed to access. The options for the Allowed Source field include a single unit/port number or a port list value that you have previously configured in the MAC Address Security Port Lists screen. Default Range - (Blank field) A single unit/port or a port list value (for example, 1/3, 1/6, 3/4, S1, S5, etc.).
Chapter 3 Using the console interface To open the EAPOL Security Configuration screen: ➨ Choose EAPOL Security Configuration (or press e) from the Switch Configuration Menu.
Chapter 3 Using the console interface 185 Table 21 EAPOL security configuration screen options (continued) Option Port Description Default 1 Range 1,2,3,4,5,6,7,8,ALL Allows you to select a specified unit’s (see preceding Unit field) port number to view or configure. To view or configure another port, type its port number and press [Enter], or press the spacebar to toggle the port numbers.
Chapter 3 Using the console interface Table 21 EAPOL security configuration screen options (continued) Option Description Range Operational Traffic Control Re-authenticate Now Re-authentication Re-authentication Period Quiet Period Transmit Period Supplicant Timeout 208700-B Incoming and Outgoing,Incoming Only A read-only field that indicates the current administrative traffic control configuration for the specified unit/port (see preceding field description).
Chapter 3 Using the console interface 187 Table 21 EAPOL security configuration screen options (continued) Option Description Server Timeout Allows you to specify how long the switch waits for the RADIUS server to respond to all EAP packets. Maximum Requests Default 30 seconds Range 1 to 65535 seconds Allows you to specify the number of times the switch attempts to resend EAP packets to a supplicant.
Chapter 3 Using the console interface When you create VLANs, you can assign various ports (and therefore the devices attached to these ports) to different broadcast domains. Creating VLANs increases network flexibility by allowing you to reassign devices to accommodate network moves, additions, and changes, eliminating the need to change physical cabling. Note: Refer to Chapters 1 and 2 for detailed information about configuring VLANs.
Chapter 3 Using the console interface 189 Table 22 describes the VLAN Configuration Menu screen options. Table 22 VLAN Configuration Menu Screen options Option Description VLAN Configuration... Displays the VLAN Configuration screen (see “VLAN Configuration screen” on page 189). This screen allows you to set up VLAN workgroups. MAC Addresses for MAC-SA Based VLAN Allows you to configure MAC source address-based VLANs.
Chapter 3 Using the console interface You can add or remove port members from a VLAN in accordance with the IEEE 802.1Q tagging rules. Refer to Chapter 2 for a description of important terms used with 802.1Q VLANs. You can also use this screen to create and to delete specific VLANs, to assign VLAN names, and to assign any VLAN as the management VLAN. To open the VLAN Configuration screen: ➨ Choose VLAN Configuration (or press v) from the VLAN Configuration Menu screen.
Chapter 3 Using the console interface 191 Figure 67 VLAN Configuration screen VLAN Configuration Create VLAN: Delete VLAN: VLAN Name: Management VLAN: IVL/SVL: Unit #1 Unit #2 [ 1 ] [ ] [ VLAN #1 ] [ Yes ] Now: 1 [ IVL ] VLAN Type: Protocol Id (PID): User-Defined PID: VLAN State: 1-6 ------ Port Membership 7-12 13-18 19-24 ---------------- TUUUUU UUUUUU UUUUUU UUUUUU UUUUUU UUUUUU [ [ [ [ Port-Based None ] 0x0000 ] Active ] ] UUUUUU UUUUUU KEY: T= Tagged Port Member, U = Untagged Port Member, -
Chapter 3 Using the console interface Table 23 VLAN Configuration screen fields (continued) Field Description The specified VLAN is deleted as soon as you press [Return]. The software does not prompt you to reconsider this action. If you delete a VLAN, all configuration parameters that are associated with that VLAN are deleted also. You cannot delete VLAN 1. By default, all switch ports are assigned as untagged members of VLAN 1 with all ports configured as PVID = 1. See Chapter 1 for more information.
Chapter 3 Using the console interface 193 Table 23 VLAN Configuration screen fields (continued) Field Description Range User-Defined PID VLAN State Port Membership None, IP Ether2, Ipx 802.3, Ipx 802.2, Ipx Snap, Ipx Ether2, AplTk Ether2Snap, Declat Ether2, DecOth Ether2, Sna 802.2, Sna Ether2, NetBios 802.2, Xns Ether2,Vines Ether2, Ipv6 Ether2, User-Defined, Rarp Ether2 Allows you to create your own user-defined VLAN where you specify the Protocol Identifier (PID) for the VLAN.
Chapter 3 Using the console interface Predefined Protocol Identifier (PID) description Table 24 defines the standard protocol-based VLANs and PID types that are supported by the Business Policy Switch and BayStack 450 and BayStack 410 switches. Table 24 Predefined Protocol Identifier (PID) PID Name Encapsulation PID Value (hex) VLAN Type IP Ether2 Ethernet type 2 0800, 0806 Standard IP on Ethernet Type 2 frames Ipx 802.3 Ethernet 802.2 FF FF Novell IPX on Ethernet 802.3 frames Ipx 802.
Chapter 3 Using the console interface 195 User-Defined Protocol Identifier Description In addition to the standard predefined protocols, user-defined protocol-based VLANs are supported. For user-defined protocol-based VLANs, you specify the protocol identifier (PID) for the VLAN. Any frames that match the specified PID in any of the following ways are assigned to that user-defined VLAN: • • • The ethertype for Ethernet type 2 frames The PID in Ethernet SNAP frames The DSAP or SSAP value in Ethernet 802.
Chapter 3 Using the console interface MAC Address Configuration for MAC-SA-Based VLAN screen The MAC Address Configuration for MAC-SA Based VLAN screen (Figure 68) allows you to configure specific MAC SA-based VLANs. This screen allows you to select a MAC SA-based VLAN.
Chapter 3 Using the console interface 197 Gigabit ports restriction Gigabit ports and BayStack 410 ports do not have the ability to assign incoming untagged frames to a protocol-based VLAN. To allow Gigabit ports to participate in protocol-based VLANs, you must set the Tagging field value in the VLAN Port Configuration screen to Tagged Trunk. Incoming untagged frames will be assigned to the PVID VLAN.
Chapter 3 Using the console interface Figure 69 VLAN Port Configuration screen VLAN Port Configuration Unit: Port: Filter Tagged Frames: Filter Untagged Frames: Filter Unregistered Frames: Port Name: PVID: Port Priority: Tagging: [ [ [ [ [ [ [ [ [ AutoPVID (all ports): [ 1 ] 1 ] No ] No ] No ] Unit 1, Port 1 ] 1 ] 0 ] Tagged Trunk ] Disabled ] Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface 199 Table 27 VLAN Port Configuration screen fields (continued) Field Description Filter Unregistered Frames Sets this port to filter (discard) all received unregistered packets. The Business Policy Switch does not support the Yes option. Port Name PVID Port Priority Tagging Default No Range No, Yes The default port name (with associated stack unit number when configured) assigned to this port.
Chapter 3 Using the console interface Table 27 VLAN Port Configuration screen fields (continued) Field Description AutoPVID Automatically associates this PVID specific VLAN. Default Disabled Range Enabled, Disabled VLAN Display by Port screen The VLAN Display by Port screen (Figure 70) allows you to view VLAN characteristics associated with a specified switch port. Choose VLAN Display by Port (or press d) from the VLAN Configuration Menu screen to open the VLAN Display by Port screen.
Chapter 3 Using the console interface 201 Table 28 VLAN Display by Port screen fields Field Description Unit Allows you to select a switch in your stack. To view another switch, type its switch number and press [Enter], or press the spacebar to toggle the switch numbers. Port Allows you to select the number of the port you want to view. To view another port, type its port number and press [Enter], or press the spacebar on your keyboard to toggle the port numbers.
Chapter 3 Using the console interface Figure 71 Port Configuration screen (1 of 2) Port ---1 2 3 4 5 6 7 8 9 10 11 12 13 14 Trunk Status ----- -----[ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] [ Enabled ] Link ---Down Down Down Down Up Down Down Down Up Down Down Down Down Down Port Configuration Unit: [ 1 ] LnkTrap Autonegotiation ------- --------------[ On ] [ Enabled ] [ On ] [ Enabled ]
Chapter 3 Using the console interface 203 Note: When a Gigabit MDA is installed, only the Status field for that MDA port is configurable. See “High Speed Flow Control Configuration screen” on page 204 to set the autonegotiation field for the Gigabit MDA port. Gigabit MDAs only support 1000 Mb/s in full-duplex mode. Table 29 describes the Port Configuration screen fields.
Chapter 3 Using the console interface Table 29 Port Configuration screen fields (continued) Field Description Speed/Duplex1 Allows you to manually configure any port to support an Ethernet speed of 10 Mb/s or 100 Mb/s, in half- or full-duplex mode. This field is set (by default) to 1000 Mb/s, full-duplex for Gigabit ports only.
Chapter 3 Using the console interface 205 Figure 73 High Speed Flow Control Configuration High Speed Flow Control Configuration Unit: [ 1 ] Autonegotiation: Flow Control: Preferred Phy: [ Enabled ] Disabled [ Right ] Active Phy: Right Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu. Table 30 describes the High Speed Flow Control Configuration screen fields.
Chapter 3 Using the console interface Table 30 High Speed Flow Control Configuration Screen Fields (continued) Field Description Note: The following two fields only appear when a single MAC MDA (450-1LR-MDA or 450-1SR MDA) with a separate redundant Phy port is installed. Preferred Phy Active Phy Allows you to choose a preferred Phy port; the other Phy port reverts to backup. Default Value Right Range Right, Left Indicates the operational Phy port.
Chapter 3 Using the console interface 207 In this mode, the Gigabit MDA port is disabled from transmitting pause frames to its link partner. Use this mode when the Gigabit MDA port is connected to a buffered repeater device. MultiLink Trunk Configuration Menu screen The MultiLink Trunk Configuration Menu screen (Figure 74) allows you to select the appropriate screen to configure up to six MultiLink Trunks (you can group up to four switch ports together to form each trunk).
Chapter 3 Using the console interface Figure 74 MultiLink Trunk Configuration Menu screen MultiLink Trunk Configuration Menu MultiLink Trunk Configuration... MultiLink Trunk Utilization... Return to Switch Configuration Menu Use arrow keys to highlight option, press or to select option. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu. Table 31 describes the MultiLink Trunk Configuration Menu screen options.
Chapter 3 Using the console interface 209 Any mix of up to eight Business Policy Switches and BayStack 450 and BayStack 410 switches can be stacked to provide a total of 224 ports (when all MDA slots are configured with the maximum port availability). See Appendix B, for more information about a mixed stack configuration. When the trunks are enabled, the trunk members take on default settings necessary for correct operation of the MultiLink Trunking feature.
Chapter 3 Using the console interface Table 32 describes the MultiLink Trunk Configuration screen fields. Table 32 MultiLink Trunk Configuration screen fields Field Description Trunk Column header for the read-only fields in this screen. The read-only data displayed in the Trunk column indicates the trunk (1 to 6) that corresponds to the switch ports specified in the user-configurable Trunk Members fields.
Chapter 3 Using the console interface 211 MultiLink Trunk Utilization screen The MultiLink Trunk Utilization screen (Figure 76 and Figure 77) allows you to monitor the percentage of bandwidth used by configured trunk members. You can choose the type of traffic to monitor. Figure 76 shows an example of bandwidth utilization rates for trunk member ports. Because two screens are necessary to show all of the configured trunks (up to six), the screen prompts you to Press [Ctrl]-N to view trunks five and six.
Chapter 3 Using the console interface Figure 77 MultiLink Trunk Utilization screen (2 of 2) MultiLink Trunk Utilization Trunk ----5 6 Traffic Type ------------[ Rx and Tx ] [ [ [ [ Rx Rx Rx Rx and and and and Tx Tx Tx Tx Unit/Port --------8/22 8/23 ] ] ] ] Last 5 Minutes -------------45.0% 55.0% 3/2 1/2 7/2 5/6 65.0% 45.0% 25.0% 75.0% Last 30 Minutes --------------35.0% 25.0% 30.0% 50.0% 40.0% 80.0% Last Hour -------50.0% 70.0% 55.0% 35.0% 50.0% 55.
Chapter 3 Using the console interface 213 Table 33 MultiLink Trunk Utilization screen fields (continued) Field Description Last 30 Minutes This read-only field indicates the percentage of packets (of the type specified in the Traffic Type field) utilized by the port in the last 30 minutes. This field provides a running average of network activity and is updated every 15 seconds.
Chapter 3 Using the console interface Figure 78 Port Mirror Configuration screen Port Mirroring Configuration Monitoring Mode: Monitor Unit/Port: Unit/Port X: Unit/Port Y: Address A: Address B: [ -> Port X [ 3/12 ] [ 4/5 [ 4/6 or Port Y -> ] ] ] [ 00-00-00-00-00-00 ] [ 00-00-00-00-00-00 ] Currently Active Port Mirroring Configuration --------------------------------------------Monitoring Mode -> Port X or Port Y -> Monitor Unit: 3 Port: 12 Unit X: 4 Port X: 5 Unit Y: 4 Port Y: 6 Use space bar to
Chapter 3 Using the console interface 215 Table 34 Port Mirroring Configuration screen fields (continued) Field Description Unit/Port X Indicates one of the ports (of the specified unit) that will be monitored by the designated port monitor when one of the port-based monitoring modes is selected. This port will be monitored according to the value of Port X in the Monitoring Mode field (see Table 35).
Chapter 3 Using the console interface Table 35 Monitoring modes Field Description Port-based: Disabled Default value for this feature. -> Port X Monitor all traffic received by Port X. Port X -> Monitor all traffic transmitted by Port X. <-> Port X Monitor all traffic received and transmitted by Port X. -> Port X or Port Y -> Monitor all traffic received by Port X or transmitted by Port Y.
Chapter 3 Using the console interface 217 To open the Rate Limiting Configuration screen: ➨ Choose Rate Limiting Configuration (or press l) from the Switch Configuration Menu screen.
Chapter 3 Using the console interface Figure 80 Rate Limiting Configuration screen (2 of 2) Port Packet Type ---------------15 [ Both ] 16 [ Both ] 17 [ Multicast ] 18 [ Both ] 19 [ Both ] 20 [ Both ] 21 [ Broadcast ] 22 [ Both ] 23 [ Both ] 24 [ Multicast ] 25 [ Both ] 26 [ Both ] 27 [ Both ] 28 [ Both ] Switch[ Both ] Stack [ Both ] Rate Limiting Configuration Unit: [ 1 ] Limit Last 5 Minutes Last Hour ----------------------------[ None ] 44.0% 56.0% [ None ] 67.0% 34.0% [ 10% ] 65.0% 48.
Chapter 3 Using the console interface 219 Table 36 Rate Limiting Configuration screen fields Field Description Port Indicates the switch port numbers that correspond to the field values in that row of the screen (for example, the field values in row 2 apply to switch port 2). Note that the values applied in the Switch or Stack row (last 2 rows) affect all standalone switch ports or all switch ports in a stack. Packet Type Allows you to select the packet types for rate-limiting or viewing.
Chapter 3 Using the console interface To open the IGMP Configuration Menu screen: ➨ Choose IGMP Configuration (or press g) from the Switch Configuration Menu screen. Figure 81 IGMP Configuration Menu screen IGMP Configuration Menu IGMP Configuration... Display Multicast Group Membership Return to Switch Configuration Menu Use arrow keys to highlight option, press or to select option. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface 221 Table 37 IGMP Configuration Menu screen options Option Description IGMP Configuration... Displays the IGMP Configuration screen (see “IGMP Configuration screen” on page 221). This screen allows you to set up IGMP VLAN configurations. Display Multicast Group Membership... Displays the Multicast Group Membership screen (see“Multicast Group Membership screen” on page 224. This screen allows you to view all IP Multicast addresses that are active in the current LAN.
Chapter 3 Using the console interface Figure 82 IGMP Configuration screen IGMP Configuration VLAN: Snooping: Proxy: Robust Value: Query Time: Set Router Ports: Unit #1 Unit #2 1-6 -----------X---X Static 7-12 ------X--------- [ [ [ [ [ [ 1 ] Enabled ] Enabled ] 2 ] 125 seconds ] Version 1 ] Router Ports 13-18 19-24 -----------X------------------- KEY: X = IGMP Port Member (and VLAN Member), - = Not an IGMP Member Use space bar to display choices, press or to select choice.
Chapter 3 Using the console interface 223 Table 38 IGMP Configuration screen fields (continued) Field Description Proxy Allows the switch to consolidate IGMP Host Membership Reports received on its downstream ports and to generate a consolidated proxy report for forwarding to its upstream neighbor. This field affects all VLANs (for example, if you disable proxy on the VLAN specified in the screen’s VLAN field, ALL VLANs are disabled for proxy).
Chapter 3 Using the console interface Table 38 IGMP Configuration screen fields (continued) Field Description Static Router Ports Allows a user to assign switch ports to any port that has a path to a multicast router. When the unit is part of a stack configuration, the screen displays the unit numbers of the switches configured in the stack, along with the corresponding ports. The configured ports do not filter any IP Multicast traffic.
Chapter 3 Using the console interface 225 Figure 83 Multicast Group Membership screen Multicast Group Membership VLAN: [ Multicast Group Address ------------------------277.37.32.6 277.37.32.5 277.37.32.4 277.37.32.3 277.37.32.2 277.37.32.1 1 ] Port ---------------Unit: 1 Port: Unit: 1 Port: Unit: 1 Port: Unit: 1 Port: Unit: 1 Port: Unit: 1 Port: Press Ctrl-R to return to previous menu. Main Menu. 1 1 1 1 1 1 Press Ctrl-C to return to Table 39 describes the Multicast Group Membership screen options.
Chapter 3 Using the console interface Port Statistics screen The Port Statistics screen (Figure 84) allows you to view detailed information about any switch or port in a stacked or standalone configuration. The screen is divided into two sections (Received and Transmitted) so that you can compare and evaluate throughput or other port parameters. All screen data is updated approximately every 2 seconds.
Chapter 3 Using the console interface 227 Figure 84 Port Statistics screen Port Statistics Unit: [ 2 ] Port: [ 1 ] Received Transmitted --------------------------------------------------------------------Packets: 0 Packets: 0 Multicasts: 0 Multicasts: 0 Broadcasts: 0 Broadcasts: 0 Total Octets: 0 Total Octets: 0 Lost Packets: 0 Packets 64 bytes: 0 Packets 64 bytes: 0 65-127 bytes 0 65-127 bytes 0 128-255 bytes 0 128-255 bytes 0 256-511 bytes 0 256-511 bytes 0 512-1023 bytes 0 512-1023 bytes 0 1024-1518 by
Chapter 3 Using the console interface Table 40 Port Statistics screen fields Field Description Unit Only appears if the switch is participating in a stack configuration. The field allows you to select the number of the unit you want to view or configure. To view or configure another unit, type its unit number and press [Enter], or press the spacebar on your keyboard to toggle the unit numbers. Port Allows you to select the number of the port you want to view or reset to zero.
Chapter 3 Using the console interface 229 Table 40 Port Statistics screen fields (continued) Field Description 128-255 bytes Received column: Indicates the total number of 128-byte to 255-byte packets received on this port. Transmitted column: Indicates the total number of 128-byte to 255-byte packets transmitted successfully on this port. 256-511 bytes Received column: Indicates the total number of 256-byte to 511-byte packets received on this port.
Chapter 3 Using the console interface Table 40 Port Statistics screen fields (continued) Field Description The following field values appear only when the port selected in the Unit/Port field is configured with a Gigabit MDA. Pause Frames Transmitted column: Indicates the total number of pause frames transmitted on this port. Pause frames cause the transmitting port to temporarily suspend the transmission of packets when the receiving port’s frame buffer is full (Gigabit ports only).
Chapter 3 Using the console interface 231 Table 41 describes the Stack Operational Mode screen fields. Table 41 Stack Operational Mode screen fields Field Description Current Stack Operational Mode A read-only field that indicates the current mode of your stack. This field identifies a stack that contains only Business Policy Switches or a stack that contains a variety of switches. Default Range Next Stack Operational Mode Allows you to set the configuration modes of your stack.
Chapter 3 Using the console interface Figure 86 Console/Comm Port Configuration screen Console/Comm Port Configuration Comm Port Data Bits: Comm Port Parity: Comm Port Stop Bits: Console Port Speed: 8 Data Bits No Parity 1 Stop Bit [ 2400 Baud Console Switch Password Type: Console Stack Password Type: Telnet Switch Password Type: Telnet Stack Password Type: [ [ [ [ Console Console Console Console [ [ [ [ Read-Only Switch Password: Read-Write Switch Password: Read-Only Stack Password: Read-Write St
Chapter 3 Using the console interface 233 Table 42 Console/Comm Port Configuration screen fields (continued) Field Description Achtung: Bei Auswahl einer Baud rate, die nicht mit der Baudrate des Konsolenterminals übereinstimmt, geht die Kommunikation mit der Konsolenschnittstelle verloren, wenn Sie die Eingabetaste drücken. Stellen Sie in diesem Fall das Konsolenterminal so ein, daß es mit der neuen Einstellung der Service-Schnittstelle übereinstimmt.
Chapter 3 Using the console interface Table 42 Console/Comm Port Configuration screen fields (continued) Field Description Console Stack Password Type Enables password protection for accessing the console interface (CI) of any participating switch in a stack configuration through a console terminal. If you set this field to Required, you can use the Logout option to restrict access to the CI of any stack unit.
Chapter 3 Using the console interface 235 Table 42 Console/Comm Port Configuration screen fields (continued) Field Description Default Value: secure Range: Any ASCII string of up to 15 printable characters Caution: If you change the system-supplied default passwords, be sure to write the new passwords down and keep them in a safe place. If you forget the new passwords, you cannot access the console interface. In that case, contact Nortel Networks for help.
Chapter 3 Using the console interface Table 42 Console/Comm Port Configuration screen fields (continued) Field Description Console Read-Only Stack Password When the Console Switch Password field is set to Required (for Telnet, for Console, or for Both), this field allows read-only password access to the CI of any participating switch in a stack configuration.
Chapter 3 Using the console interface 237 Table 42 Console/Comm Port Configuration screen fields (continued) Field Description Attenzione: In caso di modifica delle password predefinite nel sistema, assicurarsi di annotare le nuove password e di conservarle in un luogo sicuro. Nel caso in cui le nuove password vengano dimenticate, non sarà possibile accedere all'interfaccia della console. In tal caso, contattare la Nortel Networks per avere assistenza.
Chapter 3 Using the console interface Renumber Stack Units screen The Renumber Stack Units screen (Figure 87) allows you to renumber the units configured in the stack. When selected, this option identifies the unit number of each unit in the stack configuration by lighting the corresponding number of (100 Mb/s port) LEDs on each unit for approximately 10 seconds. For example, unit 3 will display three LEDs.
Chapter 3 Using the console interface 239 Table 43 describes the Renumber Stack Units screen options. Table 43 Renumber Stack Units screen options Option Description Current Unit Number Read-only fields listing the current unit number of each of the configured stack units. The entries in this column are displayed in order of their current physical cabling with respect to the base unit, and can show nonconsecutive unit numbering if one or more units were previously moved or modified.
Figure 88 Hardware Unit Information screen Hardware Unit Information Unit #1 Unit #2 Switch Model ---------------BPS 2000 BPS 2000 MDA Model --------None None Press Ctrl-R to return to previous menu. Menu. Cascade MDA ----------400-ST1 400-ST1 Software Version ---------------v.1.2.0.0 v.1.2.0.0 Press Ctrl-C to return to Main Spanning Tree Configuration Menu screen Note: Before configuring spanning tree groups, refer to Chapters 1 and 2 for guidelines and interactions with VLANs and MLT.
Chapter 3 Using the console interface 241 Figure 89 Spanning Tree Configuration Menu Spanning Tree Configuration Menu Spanning Tree Group Configuration Spanning Tree Port Configuration... Display Spanning Tree Switch Settings Display Spanning Tree VLAN Membership Return to Main Menu Use arrow keys to highlight option, press or to select option. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface Note: Because multiple STGs are available only in Pure BPS 2000 Stack mode, the first and fourth menu items do not appear when you work in Hybrid Stack, or mixed stack, mode. Spanning Tree Group Configuration screen The Spanning Tree Group Configuration screen allows you to create and configure spanning tree groups (STGs). Multiple STGs, up to 8, are available with software version 1.2 and higher. The STGs are available only in Pure BPS 2000 Stack mode.
Chapter 3 Using the console interface 243 Figure 90 Spanning Tree Group Configuration Spanning Tree Group Configuration Create STP Group: Delete STP Group: Bridge Priority: Bridge Hello Time: Bridge Max. Age Time: Bridge Forward Delay Time: Add VLAN Membership: Delete VLAN Membership: Tagged BPDU on tagged port: STP Group State: [ [ [ [ [ [ [ [ [ [ 1 ] ] 8000 ] 2 seconds ] 20 seconds ] 15 seconds ] 1 ] ] No ] Active ] Use space bar to display choices, press or to select choice.
Chapter 3 Using the console interface Table 45 Spanning Tree Group Configuration parameters (continued) Parameter Description Bridge Priority For the STP Group, indicates the management-assigned priority value of the bridge ID in hexadecimal notation, which is the most significant byte of the bridge ID. The STA uses this parameter to determine the root bridge (or designated bridge). For example, the bridge with the lowest bridge ID becomes the root bridge, with Bridge Priority values.
Chapter 3 Using the console interface 245 Table 45 Spanning Tree Group Configuration parameters (continued) Parameter Description Delete VLAN Membership Allows you to delete a VLAN from the specified spanning tree group. Tagged BPDU on tagged port STP Group State Default Value Blank Range 1 to 4094; but only configured ones are available NOTE: You cannot remove VLAN 1 from STP Group 1. Allows you to choose to send either tagged or untagged BPDUs from a tagged port.
Chapter 3 Using the console interface Figure 91 Spanning Tree Port Configuration Spanning Tree Port Configuration Port ---1 2 3 4 5 6 7 8 9 10 11 12 13 14 STP Group: [ 1 ] Trunk Participation ----------------------[ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] [ Normal Learning ] Unit: Prior
Chapter 3 Using the console interface 247 Table 46 describes the Spanning Tree Port Configuration screen fields. Table 46 Spanning Tree Port Configuration screen fields Field Description STP Group The field allows you to select the number of the spanning tree group (STG) you want to view. To view another STG, type that STG ID number and press [Enter], or press the spacebar on your keyboard to to toggle the STP Group numbers.
Chapter 3 Using the console interface Table 46 Spanning Tree Port Configuration screen fields (continued) Field Description Path Cost This read-only field is a bridge spanning tree parameter that determines the lowest path cost to the root. Default Value 10 or 100 (1 for Gigabit port) Path Cost = 1000/LAN speed (in Mb/s) The higher the LAN speed, the lower the path cost. See also Priority.
Chapter 3 Using the console interface 249 Figure 92 Spanning Tree Switch Settings Spanning Tree Switch Settings STP Group: [ 1 ] Bridge Priority: Designated Root: Root Port: Root Path Cost: Hello Time: Maximum Age Time: Forward Delay: Bridge Hello Time: Bridge Maximum Age Time: Bridge Forward Delay: 8000 8000000342F6DE21 Unit: 2 Port: 2 30 2 seconds 20 seconds 15 seconds 2 seconds 20 seconds 15 seconds Use space bar to display choices, press or to select choice.
Chapter 3 Using the console interface Table 47 describes the Spanning Tree Switch Settings parameters. Table 47 Spanning Tree Switch Settings parameters Parameter Description STP Group The field allows you to select the number of the spanning tree group (STG) you want to view. To view another STG, type that STG ID number and press [Enter], or press the spacebar on your keyboard to to toggle the STP Group numbers.
Chapter 3 Using the console interface 251 Table 47 Spanning Tree Switch Settings parameters (continued) Parameter Description Maximum Age Time For STP Group, indicates the Maximum Age Time parameter value that the root bridge is currently using. This value specifies the maximum age that a Hello message can attain before it is discarded.
Chapter 3 Using the console interface Table 47 Spanning Tree Switch Settings parameters (continued) Parameter Description The Forward Delay parameter value specifies the amount of time that the bridge ports remain in the Listening and Learning states before entering the Forwarding state. Note that all bridges participating in the spanning tree network use the root bridge’s Forward Delay parameter value. See also Forward Delay.
Chapter 3 Using the console interface 253 Figure 93 Spanning Tree VLAN Membership screen Spanning Tree VLAN Membership STP Group: [ 1 ] Total VLAN Membership: 3 1 | 2 | 3 | Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu. Table 48 describes the Spanning Tree VLAN Membership parameters.
Chapter 3 Using the console interface TELNET/SNMP/Web Access Configuration screen The TELNET/SNMP/Web Access Configuration screen (Figure 94) allows a user at a remote console terminal to communicate with the Business Policy Switch as if the console terminal were directly connected to it. You can have up to 4—or 10, if you are running software version 1.2 or higher—active Telnet sessions at one time.
Chapter 3 Using the console interface 255 Table 49 describes the TELNET/SNMP/Web Access Configuration screen fields. Table 49 TELNET/SNMP/Web Access Configuration screen fields Field Description TELNET Access Allows a user remote access to the management systems through a Telnet session. Login Timeout Login Retries Inactivity Timeout Event Logging Default Value: Enabled Range: Enabled, Disabled Specifies the amount of time a user has to enter the correct password at the console-terminal prompt.
Chapter 3 Using the console interface Table 49 TELNET/SNMP/Web Access Configuration screen fields (continued) Field Description TELNET Access Specifies if Telnet access is allowed and only to those on the list. SNMP Access WEB Access Default Value: Access: Enabled; Use List: Yes Range: Access: Enabled, Disabled; Use List: Yes, No Specifies if SNMP access is allowed and only to those on the list. (SNMP access includes the DM system.
Chapter 3 Using the console interface 257 Software Download screen The Software Download screens (Figure 95 and Figure 96) allow you to revise the Business Policy Switch software image that is located in nonvolatile flash memory. Caution: Do not interrupt power to the device during the software download process. If the power is interrupted, the firmware image can become corrupted. Achtung: Unterbrechen Sie die Stromzufuhr zum Gerät nicht, während die Software heruntergeladen wird.
Chapter 3 Using the console interface To download the software image, you need a properly configured Trivial File Transfer Protocol (TFTP) server in your network, and an IP address for the switch (or stack, if configured). To learn how to configure the switch or stack IP address, refer to “IP Configuration/Setup screen” on page 155. To open the Software Download screen: ➨ Choose Software Download (or press f) from the main menu.
Chapter 3 Using the console interface 259 Figure 95 Software Download screen for Pure BPS 2000 Stack mode Software Download BPS 2000 Image Filename: BPS 2000 Diagnostics Filename: [ [ ] ] TFTP Server IP Address: [ 0.0.0.0 ] Start TFTP Load of New Image: [ No ] Enter text, press or when complete. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface Table 50 describes the Software Download screen fields. Table 50 Software Download screen fields Field Description BPS 2000 Image The Business Policy Switch software image load file name. Filename NOTE: Certain software releases may require you to download two images: the boot code image and the agent image. For proper operation of the switch, the new boot code image must be downloaded before the agent image is downloaded.
Chapter 3 Using the console interface 261 LED Indications during the download process The software download process automatically completes without user intervention. The process erases the contents of flash memory and replaces it with a new software image. Be careful not to interrupt the download process until after it runs to completion (the process can take up to 10 minutes, depending on network conditions). Note: If problems occur during the software download process, refer to Chapter 6.
Chapter 3 Using the console interface Figure 97 Configuration File Menu screen Configuration File Menu Configuration File Download/Upload... Ascii Configuration File Download... Return to Main Menu Use arrow keys to highlight option, press or to select option. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu. Table 51 describes the Configuration File Menu screen options.
Chapter 3 Using the console interface 263 Choose Configuration File Download/Upload from the Configuration File Menu to open the Configuration File Download/Upload screen. Figure 98 Configuration File Download/Upload screen Configuration File Download/Upload Configuration Image Filename: TFTP Server IP Address: Copy Configuration Image to Server: Retrieve Configuration Image from Server: [ ] [ 132.245.164.4 ] [ No ] [ No ] Enter text, press or when complete.
Chapter 3 Using the console interface Table 52 Configuration File Download/Upload screen fields Field Description Configuration Image Filename The file name you have chosen for the configuration file. Choose a meaningful file name that will allow you to identify the file for retrieval when required. The file must already exist on your TFTP server and must be read/write enabled.
Chapter 3 Using the console interface 265 Requirements The following requirements apply to the Configuration File feature: • The Configuration File feature can only be used to copy standalone switch configuration parameters to other standalone switches or to copy stack configuration parameters to other stack configurations. For example, you cannot duplicate the configuration parameters of a unit in a stack configuration and use it to configure a standalone switch.
Chapter 3 Using the console interface Table 53 describes Configuration File parameter information.
Chapter 3 Using the console interface 267 Figure 99 ASCII Configuration File Download screen ASCII Configuration File Download ASCII Configuration Filename: TFTP Server IP Address: Retrieve Configuration File from Server: Last Manual Configuration Status: [ ] [ 132.245.164.4 ] [ No ] Passed Last Auto Configuration Status: Auto Configuration on Reset: Passed [ Disabled ] Enter text, press or when complete. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Chapter 3 Using the console interface Table 54 ASCII Configuration File Download screen fields Field Description ASCII Configuration Filename Enter the file name you have chosen for the ASCII configuration file. Choose a meaningful file name that will allow you to identify the file for retrieval when required. The file must already exist on your TFTP server and must be read/ write enabled.
Chapter 3 Using the console interface 269 System Log screen The System Log screen (Figure 100) displays or clears messages obtained from system nonvolatile random access memory (NVRAM) or dynamic random access memory (DRAM) and NVRAM. When the switch is part of a stack configuration, the System screen displays only the data for the Business Policy Switch you are connected to through the Console/Comm port.
Chapter 3 Using the console interface Figure 100 System Log screen System Log Display Unit: Display Messages From: Display configuration complete?: Clear Messages From: Idx --1. 2. 3. 4. 5.
Chapter 3 Using the console interface 271 Table 55 System Log screen fields Field Description Unit This field only appears if the switch is participating in a stack configuration. The field allows you to select the unit number of the Business Policy Switch you want to view. To view the log messages of another Business Policy Switch, type its unit number and press [Enter], or press the spacebar on your keyboard to toggle the unit numbers.
Chapter 3 Using the console interface 208700-B
Chapter 4 Policy-enabled networks This chapter provides an overview of Differentiated Services Quality of Service (QoS) network architecture. The BPS 2000 provides a Web-based management interface, a Command Line Interface (CLI), and the graphical user interface Device Manager (DM) to configure QoS. Refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2, Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1.
Chapter 4 Policy-enabled networks Summary Policy-enabled networks allow system administrators to prioritize the network traffic, thereby providing better service for selected applications. Using Quality of Service (QoS), the system administrators can establish service level agreements (SLAs) with customers of the network. In general, QoS helps with two network problems: bandwidth and time-sensitivity.
Chapter 4 Policy-enabled networks 275 • — Layer 4 destination port number — Ingress port number Layer 2 packets — VLAN ID number — IEEE 802.1q tag presence — EtherType, which is the Layer 3 protocol type (such as AppleTalk) — IEEE 802.
Chapter 4 Policy-enabled networks Figure 101 Schematic of QoS policy Ports Packets Filter Classifier Action Meter Queues Marker P o r t Dropper 802.1p DSCP Loss-Sensitivity 10451EA Differentiated Services (DiffServ) overview Differentiated services (DiffServ) is a Quality of Service (QoS) network architecture that offers varied levels of service for different types of data traffic.
Chapter 4 Policy-enabled networks 277 DiffServ Concepts DiffServ is described in IETF RFCs 2474 and 2475. This architecture is flexible and allows for either end-to-end QoS or intradomain QoS by implementing complex classification and mapping functions at the network boundary or access points. Within a DiffServ domain, the packet treatment is regulated by this classification and mapping.
Chapter 4 Policy-enabled networks • • Platinum, Gold, Silver, and Bronze classes use the Assured Forwarding PHB. These classes are used for real-time, delay-tolerant traffic and non-real-time, mission-critical traffic.
Chapter 4 Policy-enabled networks 279 Table 56 Service classes (continued) Traffic category Service class Application type Required treatment Non-real time, mission critical, non-interactive Bronze For example, E-mail, FTP, SNMP. Lower-priority scheduling providing guaranteed minimum provisioned bandwidth. Competes for additional bandwidth. Non-real time, non-mission critical Standard Bulk transfer (such as large Best effort delivery. Uses FTP transfers, after-hours remaining available bandwidth.
Chapter 4 Policy-enabled networks Each group of filters is associated with actions that are executed when the packet matches the filters in the group. The filter group and the associated actions, meters, and interface groups are referenced by a policy, which dictates the overall traffic treatment. Filters are associated with an interface group, action, and metering through a policy.
Chapter 4 Policy-enabled networks 281 • Change IEEE 802.1p and drop precedence of matching packets. If a layer 2 filter is installed on a trusted port, then it cannot change the DSCP of the matching IP traffic or the IEEE 802.1p for all types of traffic. If a layer 2 filter is installed on an untrusted port, then the associated action must change the DSCP (if matching IP traffic), IEEE 802.1p, and drop precedence of all matching traffic.
Chapter 4 Policy-enabled networks For example, to configure a policy that changes the IEEE 802.1p priority and drop precedence of traffic belonging to VLAN 100 received on untrusted ports that are associated with a specific role combination (or interface group), you would need the following two filters: • • A layer 2 filter that changes the DSCP, IEEE 802.1p priority, and drop precedence of IP traffic in VLAN 100 A layer 2 filter that changes IEEE 802.
Chapter 4 Policy-enabled networks 283 The classifications of trusted, untrusted, and unrestricted actually apply to groups of ports (interface groups). Because a port can belong to only one interface group, a port will be classified as trusted, untrusted, or unrestricted. These types are also referred to as interface classes. So, you have three classes of interface groups: Trusted, untrusted, and unrestricted. By default, all ports are untrusted. You must configure the ports to be trusted.
Chapter 4 Policy-enabled networks If a packet is received from a trusted port and either it does not match any of the filters installed by the user on this port or it does match a filter but is not dropped, the BPS 2000 uses a default layer 2 filter to change the packet IEEE 802.1p and drop precedence based on the DSCP of the packet. Filters that you install on untrusted ports must specify an action to change the DSCP, IEEE 802.1p priority, and drop precedence of IP traffic received from these ports.
Chapter 4 Policy-enabled networks 285 Table 58 Default mapping of DSCP to QoS class and IEEE 802.1p (continued) Incoming or re-marked DSCP (hex values) Number of queues 2 4 QoS class AF41(22), AF42(24), AF43(26), CS4(20) Platinum AF31(1A), AF32(1C), AF33(1E), CS3(18) Gold AF21(12), AF22(14), AF23(16), CS2(10) Silver AF11(A), AF12(C), AF13(E), CS1(8) Bronze DE(0), CS0(0) Standard 2 2 Outgoing IEEE 802.
Chapter 4 Policy-enabled networks There are 2 sets of external ports. The first set contains 24 10/100 Mb/s ports. Each port in this set has a set of 4 queues. The first queue holds the highest priority and is serviced in an absolute priority fashion, meaning that this queue is serviced first until all the queued packets are transmitted. The other three queues are serviced using a WRR scheduler. The second set contains the MDA front panel ports. There are two types of MDAs.
Chapter 4 Policy-enabled networks 287 When the power is turned on, ports are assigned to the default interface group (role combination), which is named allBPSIfcs. So, if you install a filter without creating or specifying another interface group, that filter will, by default, be installed in the default interface group, which applies to all ports. Note: You must remove all ports from an interface group in order to delete it.You cannot delete an interface group that is referenced by a policy.
Chapter 4 Policy-enabled networks You can also configure policies without metering. In this case, using the Web-based management system, you choose No Meter Data in the Data Specification field of the Meter page. Refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.
Chapter 4 Policy-enabled networks 289 • Interface groups The policies, by connecting these user-defined configurations, control the traffic on the switch. Ports are assigned to interface groups that are linked to policies. The policies determine the traffic treatment of the flows. Packet flow using QoS Using DiffServ and QoS, you can designate a specific performance level for packets. This system allows you to prioritize network traffic.
Chapter 4 Policy-enabled networks Meters, operating at ingress, keep the sorted packets within certain parameters. You configure a committed rate of traffic, allowing a certain size for a temporary burst, as In-Profile traffic. All other traffic is configured as Out-of-Profile traffic. (If you do not wish to configure In-Profile traffic, you must still configure the Out-of-Profile traffic.) Actions determine how the traffic is treated.
Chapter 4 Policy-enabled networks 291 COPS overview Common Open Policy Services (COPS) is important as a stateful protocol between a policy server and a network device such as the BPS 2000. COPS is implemented by using the Optivity Policy Services* (OPS), Version 1.2 or later, which is a comprehensive network management application. OPS provides a centralized management point for DiffServ policies. The policy server distributes policies to edge devices and border routers.
Chapter 4 Policy-enabled networks 208700-B
Chapter 5 Sample QoS configuration You can configure QoS using the Common Open Policy Services (COPS), the CLI, the Web-based management system, SNMP, or Device Manager. This section presents a sample QoS configuration using the Web-based management system using the QoS Advanced pages. For more information on configuring QoS with the Web-based management system, refer to Using Web-based Management for the Business Policy Switch 2000 Software Version 1.2.
Chapter 5 Sample QoS configuration It is important that you refer to Using Web-based Management for the Business Policy Switch 2000 for details to access the Web-based management interface, directory and page navigation information, and field descriptions. Note: Nortel Networks recommends that you configure filter and interface parameters in the order in which the screens are presented in this example.
Chapter 5 Sample QoS configuration 295 The QoS Advanced menu option expands to display: • • • • • • 2 Devices Rules Actions Meters Policies Agent Click Devices. The Devices menu option expands (Figure 102) to display: • • • • • Interface Config Priority Q Assign Priority Mapping DSCP Q Assign DSCP Mapping Figure 102 3 Web-based management menu page Click Interface Config. The Interface Configuration page opens (Figure 103). Using the Business Policy Switch 2000 Version 1.
Chapter 5 Sample QoS configuration Figure 103 Interface Configuration page The Interface Group Creation section of this page allows you to define groups of interfaces. You can view your interface configurations in the read-only Interface Queue Table and the Interface Group Table. 4 Use the Interface Group Creation section to create a new Role Combination. In the Role Combination field, enter Webbrowsing. (Remember, this is an example. You can enter any string in this field.
Chapter 5 Sample QoS configuration 297 5 In the Interface Class field, choose untrusted. By selecting untrusted, incoming DSCP values will be changed. (Refer to Chapter 4 for more information on trusted, untrusted, and unrestricted interfaces classes.) By using system defaults or manual configurations, you configure whether the DSCP value is changed.
Chapter 5 Sample QoS configuration . Note: If you delete a role combination, you must remove all ports in the Interface Group Assignment page first. A role combination cannot be deleted if it is referenced by an installed meter. Accepting default mapping values If you choose to accept the default values for IEEE 802.1p priority and DSCP values, skip this section and precede to “Setting up filters and filter groups.
Chapter 5 Sample QoS configuration 299 Note: When you choose the value Ignore, the system matches all fields for that parameter. Defining an IP filter You create IP filters for IP packets that are to be forwarded through the BPS 2000 on specific ingress ports. In each IP packet, there is a differentiated services (DiffServ) field in the packet header that you can mark for specific treatment. This field is called the DiffServ code point (DSCP).
Chapter 5 Sample QoS configuration Figure 105 IP Classification page (1 of 2) Figure 106 IP Classification page (2 0f 2) 2 In the Destination Address box, click Network Address. a 208700-B In the Network Address field, enter 134.177.69.0.
Chapter 5 Sample QoS configuration 301 This address is used to match the destination IP address in the packet’s IP header. b 3 In the Subnet Mask field, enter 255.255.255.0. In the Source Address box, click Network Address. a In the Network Address field, enter 134.177.0.0. This is the IP address to match against the packet’s source IP address. b 4 In the Subnet Mask field, enter 255.255.0.0. In the DSCP field, choose 0x20 from the list.
Chapter 5 Sample QoS configuration Figure 107 IP Classification Group page 2 In the Filter Group Name field, enter IPacket. This unique identification label distinguishes this filter group from other filter groups. Note: Do not leave spaces in your naming entry. 3 Click the Group check box in the Filter Group Table to include the entry in the filter group. 4 Enter the Order number 1. This step establishes the evaluation order of filters in the group. 5 Click Submit.
Chapter 5 Sample QoS configuration 303 Figure 108 IP Group Modification page 6 Click Back. The system returns you to IP Classification page. The new filter appears in the IP Filter Table, and the new filter group appears in the IP Filter Group Table (Figure 109 and Figure 110). Using the Business Policy Switch 2000 Version 1.
Chapter 5 Sample QoS configuration Figure 109 IP Classification page (1 of 2) Figure 110 IP Classification page (2 0f 2) 208700-B
Chapter 5 Sample QoS configuration 305 Defining a layer 2 filter You configure layer 2 filters by defining IEEE 802-based parameters and selective layer 3 and layer 4 parameters. Layer 2 filter groups are defined by specifying the layer 2 filter to be included in the given filter group. To configure a layer 2 filter: 1 Click the Application > QoS > QoS Advanced > Rules > Layer 2 Classification menu option. The Layer2 Classification page opens (Figure 111 and Figure 112).
Chapter 5 Sample QoS configuration Figure 111 Layer 2 Classification page (1 of 2) Figure 112 Layer 2 Classification page (2 of 2) 2 In the VLAN field, choose VLAN # 1. This filter matches packets in VLAN 1. 3 In the VLAN Tag field, choose Tagged. Only packets that have an IEEE 802.1p tag match this layer 2 filter. 4 208700-B In the EtherType field, click Ignore.
Chapter 5 Sample QoS configuration 307 All EtherTypes are ignored. 5 In the 802.1p Priority field, click Priority and 0, 1, 2. Only packets that have IEEE 802.1p user priority 0, 1, 2 will match this filter. 6 In the DSCP field, accept the default Ignore. Any values that are in the DSCP field are ignored. 7 In the Protocol field, select Ignore. All IP protocols are matched against the packet’s IP protocol field. 8 In the Destination IP Layer4 Port Range field, click Ignore.
Chapter 5 Sample QoS configuration Figure 113 Layer 2 Classification page Creating a Layer2 Filter Group Table entry Now you can create a layer 2 filter group in the Layer2 Filter Group Table section of the Layer2 Classification page. To create a layer 2 filter group entry: 1 Click Create Filter Group in the Layer2 Filter Group Table section of the Layer 2 Classification page (Figure 111 and Figure 112). The Layer2 Group page opens (Figure 114).
Chapter 5 Sample QoS configuration 309 Figure 114 Layer2 Group page 2 In the Filter Group Name field, enter layer2filter. This entry is a unique identification label to distinguish this filter group from other filter groups. Note: Do not leave spaces in your naming entry. 3 Click the Group check box in the Filter Group Table to include the entry in the filter group. 4 Enter the Order number 1. This entry establishes the evaluation order of filters in the group. 5 Click Submit.
Chapter 5 Sample QoS configuration Figure 115 Layer 2 Group Modification page 6 Click Back. The system returns you to Layer 2 Classification page. The new filter group appears in the Layer2 Filter Group Table (Figure 116).
Chapter 5 Sample QoS configuration 311 Figure 116 Layer 2 Classification page Configuring actions When you assign actions to filters, you specify the type of behavior you want a policy to apply to a flow of IP and IEEE 802 packets. Actions applied to filters establish packet-specific criteria that determine how a packet is to be processed. You specify the actions associated with specific IP and layer 2 filter groups. When filters match incoming packets, the actions are performed on those packets.
Chapter 5 Sample QoS configuration Figure 117 Actions page 2 In the Action Name field of the Action Creation section, enter Generic. 3 In the Transmit/Drop Frame field, choose Transmit. 4 In the Update DSCP field, choose 47,0x2F. This entry changes the DSCP value to the decimal value 47 in the match packet. 5 In the Set Drop Precedence field, choose Not Loss Sensitive. 6 In the Update 802.1p Priority field, select Priority 1. Priority 1 specifies a low priority. 7 Click Submit.
Chapter 5 Sample QoS configuration 313 Figure 118 Action page with new entry in Action Table In summary, you have configured a new action named Generic. This action specifies a high drop precedence, a low user priority, and a DSCP value of 0x2F for packets that match a filter associated with this action. Configuring meters Metering, or QoS traffic policing, operates at ingress and provides different levels of service to data streams through user-configurable parameters.
Chapter 5 Sample QoS configuration Note: You must create a meter, using the Meter page, even if the traffic is not being metered (choose No Meter Data). The actions are defined using the meters, so you must configure the Meter page to configure QoS. To configure a meter: 1 Click the Application > QoS > QoS Advanced > Meters menu option. The Meters page opens (Figure 117). Figure 119 Meters page 2 In the Name field of the Meter Creation section, enter Practice.
Chapter 5 Sample QoS configuration 315 Figure 120 Meter page with new entry in Meter Table In summary, you have configured a new meter named Practice. This meter specifies no meter data and the in-profile action Generic for packets that match a filter associated with this meter. Configuring policies Now you are ready to configure a policy. A policy is an interface group, a group of filters (filter set) and the associated meter and action.
Chapter 5 Sample QoS configuration 1 Click the Application > QoS > QoS Advanced > Policies menu option. The Policies page opens (Figure 121). Figure 121 Policies page 2 In the Policy Name field of the Policy Creation area, enter IPpolicy. This entry is a unique name to identify this target. Note: You cannot have spaces in the naming field. 3 In the Filter Group Type, choose IP Filter Group. This entry is the filter group that will be associated with this policy.
Chapter 5 Sample QoS configuration 317 This entry is the unique Role Combination that you created. 6 In the Order field, enter 1. Note: Nortel Networks recommends that you consider an order numbering strategy (for the values in the Order field) as you configure policies. The policies in the Policy Table are arranged in ascending order according to value in the Order column.
Chapter 5 Sample QoS configuration Figure 122 Policies page with new entry In summary, you configured a QoS policy called Ippolicy. This policy applies a combination of packet filtering (matching) criteria and actions to individual interfaces (ports) in the hardware. You specified that this policy will use the IPacket filter group with the elements that you specified. Ippolicy will use the Role Combination Webbrowsing and Practice meter.
Chapter 5 Sample QoS configuration 319 To manually configure the mapping among 802.1p priority values, priority, and DSCP mapping, you must use with the following QoS Advanced pages: • • • • “Assigning 802.1p priority queue assignment” on page 319 “Verifying DSCP mapping” on page 320 “Assigning 802.1p user priority mapping” on page 323 “Verifying DSCP queue assignments” on page 324 Assigning 802.1p priority queue assignment You assign IEEE 802.1p priority values to a queue for specific queue set.
Chapter 5 Sample QoS configuration Figure 123 802.1p Priority Queue Assignment page 2 In the Queue Set field in the 802.1p Priority Assignment (View By) section, select 1. This value is the queue set you want to modify. 3 Click Submit. The 802.1p Priority Assignment Table is updated with the queue set you requested. 4 Change the value of Priority 5 from 2 to 1. Note: Clicking Submit in the 802.1p Priority Assignment Table section results in a system reset.
Chapter 5 Sample QoS configuration 321 ➨ Click the Application > QoS > QoS Advanced > Devices > DSCP Mapping menu option. The DSCP Mapping page opens (Figure 124). Figure 124 DSCP Mapping page To change the DSCP to an 802.1p priority: 1 Click the Application > QoS > QoS Advanced > Devices > DSCP Mapping menu option. The DSCP Mapping page opens (Figure 124). 2 Click the Modify icon of DSCP 0x1. The DSCP Mapping page opens (Figure 125) for DSCP 0x1. Using the Business Policy Switch 2000 Version 1.
Chapter 5 Sample QoS configuration Figure 125 DSCP Mapping page 3 In the 802.1 User Priority field, choose 1. 4 In the Drop Precedence field, choose Not Loss Sensitive. 5 In the Service Class field, choose Standard. 6 Click Submit. The DSCP Mapping page opens with the updated information (Figure 126).
Chapter 5 Sample QoS configuration 323 Figure 126 DSCP Mapping page Assigning 802.1p user priority mapping Now, you want to map the 802.1p priority to a specific DSCP. To configure IEEE 802.1p user priority to DSCP mapping: 1 Click the Application > QoS > QoS Advanced > Devices > Priority Mapping menu option. The 802.1p Priority Mapping page opens (Figure 127). Using the Business Policy Switch 2000 Version 1.
Chapter 5 Sample QoS configuration Figure 127 802.1p Priority Mapping page 2 Change the DSCP value for 802.1. Priority 2 to 0x0. 3 Click Submit. Verifying DSCP queue assignments Next, view the DSCP queue assignments. To view DSCP queue assignments: 1 Click the Application > QoS > QoS Advanced > Devices > DSCP Q Assign menu option. The DSCP Queue Assignment page opens (Figure 128).
Chapter 5 Sample QoS configuration 325 Figure 128 DSCP Queue Assignment page 2 Choose Queue Set 1. 3 Click Submit. 4 View the queue assignment. Using the Business Policy Switch 2000 Version 1.
Chapter 5 Sample QoS configuration 208700-B
Chapter 6 Troubleshooting This chapter describes how to isolate and diagnose problems with your Business Policy Switch and covers the following topics: • Interpreting the LEDs • Diagnosing and correcting the problem — Normal power-up sequence — Port connection problems The chapter topics lead you through a logical process for troubleshooting the Business Policy Switch.
Chapter 6 Troubleshooting Figure 129 LED display panel Business Policy Switch 2000 Cas Pwr 1 3 5 7 9 11 13 15 17 19 21 23 Up Status Dwn 10/100 Activity 2 4 6 8 10 12 14 16 18 20 22 24 RPSU Base 10/100 Activity 9714EA Table 59 Business Policy Switch LED descriptions Label Type Color State Meaning Pwr Power status Green On DC power is available to the switch’s internal circuitry. Off No AC power to switch or power supply failed.
Chapter 6 Troubleshooting 329 Table 59 Business Policy Switch LED descriptions (continued) Label Type Color State Meaning Green On The switch is connected to the upstream unit’s Cascade A In connector. Amber On This unit has detected a problem with the switch connected to the cascade up connector. In order to maintain the integrity of the stack, this unit has bypassed its upstream neighbor and has wrapped the stack backplane onto an alternate path.
Chapter 6 Troubleshooting Table 59 Business Policy Switch LED descriptions (continued) Label Type Color State Meaning Base Base mode Green On The switch is configured as the stack base unit. Off The switch is not configured as the stack base unit (or is in standalone mode). Blinking Stack configuration error: indicates that multiple base units or no base units are configured in the stack. Amber On This unit is operating as the stack configuration’s temporary base unit.
Chapter 6 Troubleshooting 331 Diagnosing and correcting problems Before you perform the problem-solving steps in this section, cycle the power to the Business Policy Switch (disconnect and then reconnect the AC power cord); then verify that the switch follows the normal power-up sequence. Warning: To avoid bodily injury from hazardous electrical current, never remove the top cover of the device. There are no user-serviceable components inside.
Chapter 6 Troubleshooting Normal power-up sequence In a normal power-up sequence, the LEDs appear as follows: 1 After power is applied to the switch, the Pwr (Power) LED turns on within 5 seconds. 2 The switch initiates a self-test, during which the port LEDs display various patterns to indicate the progress of the self-test. 3 Upon successful completion of the self-test (within 10 seconds after power is applied), the Status LED turns on.
Chapter 6 Troubleshooting 333 Table 60 Corrective actions (continued) Symptom Probable cause Corrective action The Status LED is blinking. A nonfatal error occurred during the self-test. Cycle the power to the switch (disconnect and then reconnect the AC power cord). If the problem persists, contact the Nortel Networks Technical Solutions Center.
Chapter 6 Troubleshooting In both situations, the Business Policy Switch “autosenses” the speed of the connected station and, by default, reverts to half-duplex mode. If the connected station is operating in full-duplex mode, it cannot communicate with the switch. To correct this mode mismatch problem: 1 Use the Port Configuration screen to disable autonegotiation for the suspect port (see Chapter 3).
Appendix A Technical specifications This appendix provides technical specifications for the Business Policy Switch 2000. Environmental Table 61 lists environmental specifications.
Appendix A Technical specifications Table 62 Electrical parameters (continued) Input current 1.5 A @ 100 VAC .6 A @ 240 VAC Maximum thermal output 500 BTU/hr Physical dimensions Table 63 lists physical dimensions. Table 63 Physical dimensions Parameter Specifications Height 7.04 cm (2.77 in.) Width 43.82 cm (17.25 in.) Depth 38.35 cm (15.1 in) Weight 4.8 kg (10.60 lb) Performance specifications Table 64 lists performance specifications.
Appendix A Technical specifications 337 Data rate The data rate is 10 Mb/s Manchester encoded or 100 Mb/s 4B/5B encoded. Interface options Table 65 lists interface options. Table 65 Interface options Option Description 10BASE-T/100BASE-TX RJ-45 (8-pin modular) connectors for MDI-X interface 100BASE-FX Fiber SC and MT-RJ connectors for switched 100 Mb/s (100BASE-FX) connections over 50/125 and 62.
Appendix A Technical specifications Electromagnetic emissions The module meets the following standards: • US. CFR47, Part 15, Subpart B, Class A • Canada. ICES-003, Issue 2, Class A • Australia/New Zealand. AS/NZS 3548:1995, Class A • Japan. V-3/97.04:1997, Class A • Taiwan. CNS 13438, Class A • EN55022:1995, Class A • EN61000-3-2:1995 • EN61000-3-3:1994 Electromagnetic immunity The module meets the EN50082-1:1997 standard.
Appendix B Interoperability in a mixed stack configuration This appendix presents important interoperability guidelines when you implement a mixed stack configuration. A mixed stack consists of a combination of Business Policy Switches and BayStack 450 and/or BayStack 410 switches.
Appendix B Interoperability in a mixed stack configuration You can use 256 port-, protocol-, and MAC SA-based VLANs for the stack with a Pure BPS 2000 stack running software version 1.2. (The maximum number available of MAC SA-based is 48). If you are working with a mixed, or hybrid, stack, you can use 64 VLANs for the entire stack.
Appendix B Interoperability in a mixed stack configuration 341 Base unit In a mixed stack configuration, a Business Policy Switch must be configured as the base unit (Unit Select switch set to On on the cascade module). All other units in the stack must have their Unit Select switch set to Off. The base unit switch is the unique stack switch that you configure with the Unit Select switch on the front panel of the BayStack 400-ST1 Cascade Module.
Appendix B Interoperability in a mixed stack configuration 7 Add the newly configured Business Policy Switch to your existing stack. Figure 130 Stack Operational Mode screen Stack Operational Mode Current Stack Operation Mode: Pure BPS 2000 Stack Next Stack Operation Mode: [ Hybrid Stack ] Stack BootP Mac Address Type: [ Stack Mac Address ] Use space bar to display choices, press or to select choice. Press Ctrl-R to return to previous menu. Press Ctrl-C to return to Main Menu.
Appendix B Interoperability in a mixed stack configuration 343 Temporary base unit In a mixed stack containing only one Business Policy Switch If there is only one Business Policy Switch in your mixed stack configuration and it fails, the next upstream BayStack 410 or BayStack 450 switch from the failed base unit will become the temporary base unit and will continue stack operation. The base unit change is indicated by the base LED on the temporary base unit’s LED display panel turning on (amber).
Appendix B Interoperability in a mixed stack configuration You can verify the software version and the ISVN in the sysDescr field (see Figure 131) in the System Characteristics screen. Figure 131 System Characteristics screen System Characteristics Operation Mode: Size Of Stack: Base Unit: Stack, Unit # 1 2 1 MAC Address: 00-80-2C-8D-23-DF Reset Count: Last Reset Type: Power Status: Local MDA Type: sysDescr: 16 Management Reset Primary Power None Business Policy Switch 2000 HW:AB3 FW:Vx.x SW:v1.0.
Appendix B Interoperability in a mixed stack configuration 345 Using the console interface Console/Comm port In order to use all the Business Policy Switch management features (for example, downloading software), you must connect your console terminal into a Business Policy Switch port within your mixed stack. For more information about the console/comm port, see Chapter 1.
Appendix B Interoperability in a mixed stack configuration 208700-B
Appendix C Media dependent adapters This appendix describes the optional media dependent adapters (MDAs) that are available from Nortel Networks. The MDAs can support high-speed connections to servers, shared Fast Ethernet hubs, or backbone devices. Note: The MDAs are not hot-swappable. Power down the switch before installing or removing an MDA. Table 66 describes available MDA models.
Appendix C Media dependent adapters 1000BASE-SX: 450-1SR MDA and 450-1SX MDA Warning: This is a Class 1 Laser/LED product. It contains a laser light source that can injure your eyes. Never look into an optical fiber or connector port. Always assume that the fiber optic cable or connector is connected to a laser light source. Vorsicht: Dieses Laser/LED-Produkt der Klasse 1 enthält eine Laserlichtquelle, die zu Augenverletzungen führen kann.
Appendix C Media dependent adapters 349 There are two 1000BASE-SX (shortwave gigabit) MDA models: • The 450-1SR MDA is a single MAC MDA with a separate redundant Phy (backup Phy port). Only one Phy port can be active at any time. If the active Phy port fails, the redundant Phy port automatically becomes the active port. • The 450-1SX MDA is a single Phy MDA. Both models (Figure 132) conform to the IEEE 802.
Appendix C Media dependent adapters For installation instructions, see “Installing an MDA” on page 363. Table 67 1000BASE-SX MDA components Item 1 Label Description Link Communication link LEDs (green): On: Valid communications link. Off: The link connection is bad or there is no connection to this port. Blinking: The corresponding port is management disabled. 2 Phy (or) Phy Select Phy status LEDs (green): On: The corresponding Phy port is active.
Appendix C Media dependent adapters 351 Avertissement: Ceci est un appareil Laser/DEL de Classe 1. Cet appareil contient une source lumineuse à rayons laser dangereuse pour les yeux. Ne regardez jamais directement une fibre optique ou un port de connexion. Agissez toujours comme si le câble de fibres optiques ou le connecteur était relié à une source lumineuse à rayons laser. Advertencia: Éste es un producto láser/LED de Clase 1. Contiene una fuente de luz láser que puede causar lesiones en los ojos.
Appendix C Media dependent adapters Both models (Figure 133) conform to the IEEE 802.3z 1000BASE-LX standard and use longwave 1300 nm fiber optic connectors to connect devices over single mode (3 kilometer) or multimode (550 meters) fiber optic cable. Note: The optical performance of this transceiver cannot be guaranteed when connected to a multimode fiber plant without the use of the special offset SMF/MMF mode conditioning patch cord (see “1000BASE-LX multimode applications” on page 367).
Appendix C Media dependent adapters 353 For installation instructions, see “Installing an MDA” on page 363. Table 68 1000BASE-LX MDA components Item 1 Label Description Link Communication link LEDs (green): On: Valid communications link. Off: The communications link connection is bad or there is no connection to this port. Blinking: The corresponding port is management disabled. 2 Phy (or) Phy Select Phy status LEDs (green): On: The corresponding Phy port is active.
Appendix C Media dependent adapters Figure 134 BPS2000-4TX MDA front panel 1 BPS2000-4TX MDA 2 3 9792EA The RJ-45 ports are configured as media-dependent interface-crossover (MDI-X) connectors. These ports connect over straight cables to the network interface card (NIC) in a node or server, similar to a conventional Ethernet repeater hub. If you are connecting to another Ethernet hub or switch, use a crossover cable unless an MDI connection exists on the associated port of the attached device.
Appendix C Media dependent adapters 355 100BASE-FX: BPS2000-2FX MDA and BPS2000-4FX MDA Warning: Fiber optic equipment can emit laser or infrared light that can injure your eyes. Never look into an optical fiber or connector port. Always assume that fiber optic cables are connected to a light source. Vorsicht: Glasfaserkomponenten können Laserlicht bzw. Infrarotlicht abstrahlen, wodurch Ihre Augen geschädigt werden können. Schauen Sie niemals in einen Glasfaser-LWL oder ein Anschlußteil.
Appendix C Media dependent adapters There are two 100BASE-FX models (Figure 135): • • The BPS2000-2FX MDA uses two longwave 1300 nm SC connectors to attach devices over 62.5/125 or 50/125 micron multimode fiber optic cable. The BPS2000-4FX MDA uses four longwave 1300 nm MT-RJ connectors to attach devices over 62.5/125 or 50/125 micron multimode fiber optic cable. Figure 135 100BASE-FX MDA front panels 1 BPS2000-4FX MDA 2 3 1 BPS2000-2FX MDA 2 3 9791EA Both models conform to the IEEE 802.
Appendix C Media dependent adapters 357 For installation instructions, see “Installing an MDA” on page 363. Table 69 100BASE-FX MDA components Item Label Description 1 Link LINK status LED (green) On: Indicates 100 Mb/s LINK activity. Off: Indicates no LINK activity. 2 Activity Activity LED (green) On: Indicates active traffic: Receiving or transmitting. A high level of network activity can cause LEDs to appear to be on continuously. Off: Indicates no active traffic.
Appendix C Media dependent adapters Avertissement: Ceci est un appareil Laser/DEL de Classe 1. Cet appareil contient une source lumineuse à rayons laser dangereuse pour les yeux. Ne regardez jamais directement une fibre optique ou un port de connexion. Agissez toujours comme si le câble de fibres optiques ou le connecteur était relié à une source lumineuse à rayons laser. Advertencia: Éste es un producto láser/LED de Clase 1. Contiene una fuente de luz láser que puede causar lesiones en los ojos.
Appendix C Media dependent adapters 359 For instructions on installing the 450-1GBIC MDA, see “Installing an MDA” on page 363. For instructions on installing GBICs to your 450-1GBIC MDA’s Host port, see “Installing GBICs” on page 360.
Appendix C Media dependent adapters Table 70 450-1GBIc MDA description Item Label Description 1 Link Communication link LEDs (green): On: Valid communications link. Off: The communications link connection is bad or there is no connection to this port. Blinking: The corresponding port is management disabled. 2 Phy Phy status LEDs (green); On: The corresponding Phy port is active. Off: The corresponding Phy port is in backup mode or there is no connection to this port.
Appendix C Media dependent adapters 361 Table 71 Available GBIC models (continued) Model number Description Part number 1000BASE-XD Uses single-mode fiber to connect devices over distances up to 50 km (31 mi) depending on the quality of the cable. AA1419003 1000BASE-ZX Uses single-mode fiber to connect devices over AA1419004 distances up to 70 km (43 mi) depending on the quality of the cable. The ports operate in full-duplex mode only. The GBICs are available in different case styles (Figure 137).
Appendix C Media dependent adapters . Note: The MDAs are not hot-swappable. Power down the switch before installing or removing an MDA. To install a GBIC: 1 Remove the GBIC from its protective packaging. 2 Insert the GBIC into the Host port on the MDA (Figure 138). GBICs are keyed to prevent improper insertion. If the GBIC resists pressure, do not force it. Remove it, turn it over, and reinsert it. Figure 138 Installing a GBIC 9825FA 3 Press on the front of the GBIC until it snaps into place.
Appendix C Media dependent adapters 363 Figure 139 Removing a GBIC 9826FA 2 If the GBIC has an extractor handle, grasp the handle and pull firmly to remove the GBIC from the MDA’s Host port. Cabling Specifications for GBICs For more information about supported GBICs and for details about cabling specifications, refer to the Gigabit Interface Converter (GBIC) Installation Guide (part number 208723-A).
Appendix C Media dependent adapters 2 Loosen the thumb screws and remove the filler panel (or previously installed MDA) from the Uplink/Expansion Module slot. Note: If you are replacing an installed MDA with another type of MDA, see “Replacing an MDA with a different model” on page 366.
Appendix C Media dependent adapters 365 3 Insert the MDA into the Uplink/Expansion Module card guides (Figure 140). Make sure the MDA slides in on the card guides. Failure to align the MDA to the card guides could damage the pins. Figure 140 Installing an MDA 9793FA 4 Press the MDA firmly into the Uplink/Expansion Module slot. Be sure that the MDA is fully seated into the mating connector. 5 Secure the MDA by tightening the thumb screws on the MDA front panel. 6 Attach devices to the MDA ports.
Appendix C Media dependent adapters Replacing an MDA with a different model When replacing an installed MDA with another type of MDA, complete the following steps to clear the switch NVRAM: 1 Power down the switch. Remove the AC power cord from the power source. 2 Remove the installed MDA. Loosen the thumbscrews and remove the MDA. 3 Cycle the switch power. Power up the switch and wait for the Nortel Networks logo screen to appear (approximately 10 seconds); then power down the switch.
Appendix C Media dependent adapters 367 1000BASE-LX multimode applications For 1000BASE-LX multimode applications, the longwave gigabit transceivers must be mode conditioned externally via a special offset SMF/MMF patch cord. The offset SMF/MMF patch cord allows the same transceiver to be used for both multimode and single-mode fiber. See your Nortel Networks sales representative for more information about the SMF/MMF patch cord.
Appendix C Media dependent adapters 208700-B
Appendix D Quick steps to features If you are a system administrator with experience configuring Business Policy Switch 2000 VLANs, MultiLink Trunking, Port Mirroring, IGMP Snooping, and EAPOL authentication processes, use the flowcharts on the following pages as quick configuration guides. The flowcharts refer you to the “configuration rules” appropriate for each feature. The flowcharts cover the following features: • • • • • 802.
Appendix D Quick steps to features Figure 141 Configuring 802.1Q VLANs (1 of 3) Start Key VLAN Configuration screen 3 Off-page reference On-page reference Select the appropriate value for the Create VLAN field. Select the appropriate value for the VLAN Type field. Yes Select the appropriate PID value for the PID field. Is VLAN Type Port-Based? Is the PID user-defined? No Is VLAN Type ProtocolBased? No Yes No Yes Enter the user-defined PID value. Activate VLAN State.
Appendix D Quick steps to features 371 Figure 142 Configuring 802.1Q VLANs (2 of 3) 1 VLAN Port members Configured? No Configure Port Members as Tagged Port Member, Untagged Port Member, or Not a Member of VLAN (see "VLAN Configuration Rules" for more information). Yes Press [Ctrl]-R to return to previous menu. Choose VLAN Port Configuration (or press c) to open the VLAN Port Configuration screen. Set the Port field, as appropriate for your configuration. Is PVID correct? No Set PVID.
Appendix D Quick steps to features Figure 143 Configuring 802.1Q VLANs (3 of 3) 2 Is VLAN tag correct? No Set Tagging field on VLAN Port Configuration screen. Yes Is filtering correct? No Set tagged, untagged, unregistered filters, if necessary. Yes Is Port Priority correct? No Set Port Priority. See also the Traffic Class Configuration screen, if necessary.
Appendix D Quick steps to features 373 Configuring MultiLink Trunks To create or modify a MultiLink Trunk, follow the flowchart in Figure 144. To open the MultiLink Trunk Configuration screen: ➨ Choose MultiLink Trunk Configuration (or press t) from the MultiLink Trunk Configuration Menu screen Figure 144 Configuring MultiLink Trunks MultiLink Trunk Configuration screen Are all trunk members configured? No Configure trunk members (see "MultiLink Trunking Configuration Rules").
Appendix D Quick steps to features Configuring Port Mirroring To create or modify port-mirroring ports, follow the flowcharts in Figure 145 and Figure 146). To open the Port Mirroring Configuration screen: ➨ Choose Port Mirroring Configuration (or press i) from the Switch Configuration Menu screen Figure 145 Configuring Port Mirroring (1 of 2) Port Mirroring Configuration screen Is Monitoring Mode field set? No Set Monitoring Mode field.
Appendix D Quick steps to features 375 Figure 146 Configuring Port Mirroring (2 of 2) 1 2 Are Address A and B configured? No Configure Addresses. Yes Is Port Mirroring Enabled? No Enable Port Mirroring (see "Port Mirroring Configuration Rules"). Yes Key Done Off-page reference On-page reference BS45052A Configuring IGMP Snooping To create or modify IGMP Snooping ports, follow the flowcharts in Figures Figure 147 to Figure 149.
Appendix D Quick steps to features Figure 147 Configuring IGMP Snooping (1 of 3) IGMP Configuration screen Are VLANs created/port members configured? No Go to VLAN flowchart. Create VLANs/ configure port members, as required. Yes Is the Snooping field set correctly? No Set the correct value for the Snooping field. Yes Is Snooping field set? No 2 Yes Is the Proxy field set correctly? No Set the correct value for the Proxy field.
Appendix D Quick steps to features 377 Figure 148 Configuring IGMP Snooping (2 of 3) 2 Is the Robust Value field set correctly? No Set the correct value for the Robust Value field. No Set the correct value for the Query Timer field. Yes Is the Query Timer field set correctly? Yes Is the Set Router Ports field set correctly? No Set the correct value for the IGMP version in the Set Router Ports field. Yes Is the Proxy field set correctly? No Set the correct value for the Proxy field.
Appendix D Quick steps to features Figure 149 Configuring IGMP Snooping (3 of 3) 3 Are all IGMP members configured? No Configure all IGMP members (see "IGMP Configuration Rules"). Yes All VLANs on this port are now configured as IGMP router ports. Is the Port a trunk member? No Yes All trunk members for that trunk are automatically configured as IGMP Static Router Ports.
Appendix D Quick steps to features 379 To open the EAPOL Security Configuration screen: ➨ Choose EAPOL Security Configuration from the Switch Configuration Menu screen. Figure 150 Authenticaton process flowchart (1 of 2) Login screen Authentication successful? No Access denied. See System Administrator. Yes Authentication server sent VLAN ID? Switch restores VLAN ID and PVID values from NVRAM. No A Yes Does VLAN exist? No Switch sets VLAN ID and PVID values to VLAN 1.
Appendix D Quick steps to features Figure 151 Authenticaton process flowchart (2 of 2) A Authentication server sent Port Priority value? No Switch restores Port Priority value from NVRAM. Yes Is Port Priority value range 0 to 7? No Switch sets Port Prioity value to 0. Yes Switch sets Port Priority value to preconfigured values stored in the Authentication server.
Appendix E Connectors and pin assignments This appendix describes the Business Policy Switch 2000 port connectors and pin assignments. RJ-45 (10BASE-T/100BASE-TX) port connectors The RJ-45 port connectors (Figure 152) are wired as MDI-X ports to connect end stations without using crossover cables. (See “MDI and MDI-X devices” on page 382 for information about MDI-X ports.) For 10BASE-T connections, use Category 3 (or higher) UTP cable. For 100BASE-TX connections, use only Category 5 UTP cable.
Appendix E Connectors and pin assignments Table 72 lists the RJ-45 (8-pin modular) port connector pin assignments.
Appendix E Connectors and pin assignments 383 MDI-X to MDI cable connections Business Policy Switch switches use MDI-X ports that allow you to connect directly to end stations without using crossover cables (Figure 153).
Appendix E Connectors and pin assignments Figure 154 MDI-X to MDI-X cable connections Business Policy Switch 2000 1 8 T R 8 1 8 Switch or hub 8 1 1 1 RX+ 1 1 RX+ 1 2 RX- 2 2 RX- 2 3 TX+ 3 3 TX+ 3 4 4 4 4 5 5 5 5 6 TX- 6 6 7 7 7 7 8 8 8 8 MDI-X port Crossover cable TX- T R 6 MDI-X port BS45057A DB-9 (RS-232-D) Console/Comm Port connector The DB-9 Console/Comm Port connector (Figure 155) is configured as a data communications equipment (DCE) connector.
Appendix E Connectors and pin assignments 385 Table 73 lists the DB-9 Console connector pin assignments.
Appendix E Connectors and pin assignments 208700-B
Appendix F Default Settings Table 74 lists the factory default settings for the Business Policy Switch 2000 according to the console interface (CI) screens and fields for the settings. Table 74 Factory default settings Field Default setting Appears in this CI screen BootP Request Mode BootP Disabled “IP Configuration/Setup screen” on page 155 In-Band Stack IP Address 0.0.0.0 (no IP address assigned) In-Band Switch IP Address 0.0.0.0 (no IP address assigned) In-Band Subnet Mask 0.0.0.
Appendix F Default Settings Table 74 Factory default settings (continued) Field Default setting Appears in this CI screen Aging Time 300 seconds “MAC Address Table screen” on page 167 Find an Address 00-00-00-00-00-00 (no MAC address assigned) Port Mirroring Address A: 00-00-00-00-00-00 (no MAC address assigned) Port Mirroring Address B: 00-00-00-00-00-00 (no MAC address assigned) MAC Address Security Disabled MAC Address Security SNMP-Locked Disabled Partition Port on Intrusion Detected
Appendix F Default Settings 389 Table 74 Factory default settings (continued) Field Default setting Appears in this CI screen Create VLAN 1 “VLAN Configuration screen” on page 189 Delete VLAN blank field VLAN Name VLAN # (VLAN number) Management VLAN Yes, VLAN #1 IVL/SVL IVL VLAN Type Port-based Protocol ID (PID) None User-Defined PID 0x0000 VLAN State Inactive Subnet Addr 0.0.0.0. Subnet Mask 0.0.0.0.
Appendix F Default Settings Table 74 Factory default settings (continued) Field Default setting Appears in this CI screen Unit 1 “VLAN Display by Port screen” on page 200 Port 1 PVID 1 (read only) Port Name Unit 1, Port 1 (read only) Unit 1 Status Enabled (for all ports) Autonegotiation Enabled (for all ports) Speed/Duplex 100Mbs/Half (when Autonegotiation is Disabled) Trunk 1 to 6 (depending on configuration status) Trunk Members (Unit/Port) Blank field STP Learning Normal Tru
Appendix F Default Settings 391 Table 74 Factory default settings (continued) Field Default setting Appears in this CI screen Monitoring Mode Disabled “Port Mirroring Configuration screen” on page 213 Monitor/Unit Port Zero-length string Unit/Port X Zero-length string Unit/Port Y Zero-length string Address A 00-00-00-00-00-00 (no MAC address assigned) Address B 00-00-00-00-00-00 (no MAC address assigned) Packet Type Both Limit None VLAN 1 Snooping Enabled Proxy Enabled Robust Value
Appendix F Default Settings Table 74 Factory default settings (continued) Field Default setting Appears in this CI screen Note: The following two fields only appear when the switch is a participant in a stack configuration.
Appendix F Default Settings 393 Table 74 Factory default settings (continued) Field Default setting Event Logging All Allowed Source IP Address (10 user-configurable fields) First field: 0.0.0.0 (no IP address assigned) Appears in this CI screen Remaining nine fields: 255.255.255.255 (any address is allowed) Using the Business Policy Switch 2000 Version 1.
Appendix F Default Settings Table 74 Factory default settings (continued) Field Default setting Allowed Source Mask (10 user-configurable fields) First field: 0.0.0.0 (no IP address assigned) Appears in this CI screen Remaining nine fields: 255.255.255.255 (any address is allowed) Image Filename Zero-length string TFTP Server IP Address 0.0.0.0 (no IP address assigned) Start TFTP Load of New Image No Configuration Image Filename Zero-length string TFTP Server IP Address 0.0.0.
Appendix G Sample BootP Configuration File This appendix provides a sample BootP configuration file. The BootP server searches for this file, called bootptab (or BOOTPTAB.TXT, depending on your operating system), which contains the site-specific information (including IP addresses) needed to perform the software download and configuration. You can modify this sample BootP configuration file or create one of your own.
Appendix G Sample BootP Configuration File # Caution # # Omitting a Forward slash (/) when the entry is continued to the next # line, can cause the interruption of the booting process or the # incorrect image file to download. Always include forward slashes # where needed. # # Important Note: # # If a leading zero (0) is used in the IP address it is calculated as an # octal number. If the leading character is "x" (upper or lower case), # it is calculated as a hexadecimal number.
Index Numbers Authentication Trap field 161 256 VLANs 48 Auto Configuration on Reset field 268 450 Image Filename field 260 automatic PVID 59, 200 802.1p Priority Mapping page 323 802.
Index Bridge Hello Time field 244, 251 VLANs 51, 133, 145 Bridge Max.
Index Deferred Packets field 229 Filter Group Name 301, 308 Delete STP Group field 243 Filter Group Table 301, 308 Delete VLAN field 191 Filtered Packets field 229 Delete VLAN Membership field 245 Find an Address field 169, 182 Designated Root field 250 flash memory for software image upgrades 76 Differentiated Services 273 Flooded Packets field 229 DiffServ 273 Flow Control field 205 Display Messages From field 271 Forward Delay field 251 Display Port Statistics screen 166 Frame Errors fie
Index In-Band IP Address field 156 In-Band Subnet Mask field 157 Initialize field 185 Interface Configuration page 295 Interface Group Assignment page 297 Interface Queue Table 295 LEDs descriptions 39, 328 display panel 39, 328 Link field 203 Link Trap field 203 Local MDA Type field 163 log messages 269 interoperability issues base unit 341 cascade modules 344 compatible software versions 343 configuration requirements 340 merging into a mixed stack 341 setting up your configuration 340 temporary b
Index main menu, console interface 151 Next Stack Operational Mode field 231 management 48, 80 Number of addresses field 169 Management VLAN field 192 NVRAM 269 401 Maximum Age Time field 251 Maximum Requests field 187 O media dependent adapters (MDAs) 57, 347, 363 1000BASE-LX MDAs 350 1000BASE-SX MDAs 348 100BASE-FX MDAs 355 10BASE-T/100BASE-TX MDAs 353 Operational Mode field 163 Meter page 314 Oversized Packets field 229 Meter Table 314 Operational Status field 185 Operational Traffic Contro
Index port lists 183 configuration 293 data specification 314 default mapping values 298 DSCP 298 filter group precedence 301, 308 filter groups 279, 302, 309 filters 279, 298 IEEE 802.
Index configuration 216 Single Collisions field 229 Rate Limiting Configuration screen 166, 217 Size of Stack field 163 Read-Only Community String field 161 SNMP 81, 84 Read-Write Community String field 161 SNMP Access field 256 Re-authenticate Now field 186 SNMP Configuration screen 152, 160 Re-authentication field 186 snooping 122 Re-authentication Period field 186 Reset Count field 157, 163 software download process 261 image upgrades 76 interoperability 34 versions 47, 239, 343 Reset scre
Index stack MAC address 97 stacking considerations 98 temporary base unit 97 standards 84 Start Ping field 157 Start TFTP Load of New Image field 260 State field 248 tagged frame 105 tagged member 106 unregistered packet/frame 106 untagged frame 106 untagged member 106 user_priority 106 VLAN identifier (VID) 105 VLAN port members 106 Status field 203 TELNET 56 STGs 240 TELNET Access field 255 STP 49, 247, 250, 253 TELNET Stack Password Type field 234 STP Group State field 245 TELNET Switch Pa
Index Trunk Members field 210 Trunk Name field 210 Trunk Status field 210 tutorial IEEE 802.1Q tagging 105 IEEE 802.
