Layer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch XGS-6350-24X4C
Users Manual of XGS-6350-24X4C Trademarks Copyright © PLANET Technology Corp. 2019. Contents are subject to revision without prior notice. PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners.
Users Manual of XGS-6350-24X4C Energy Saving Note of the Device This power required device does not support Standby mode operation. For energy saving, please remove the power cable to disconnect the device from the power circuit. In view of saving the energy and reducing the unnecessary power consumption, it is strongly suggested to remove the power connection for the device if this device is not intended to be active.
Users Manual of XGS-6350-24X4C Contents Chapter 1. INTRODUCTION 1.1 1.2 1.3 18 Packet Contents...................................................................................................................................... 18 Product Features .................................................................................................................................... 21 Product Specifications ...................................................................................................
Users Manual of XGS-6350-24X4C Chapter 5. Network Management Configuration 69 Network Management Configuration ...................................................................................................... 69 SNMP Configuration ...................................................................................................................... 69 Overview ........................................................................................................................................
Users Manual of XGS-6350-24X4C 6.3 6.3.1 6.3.2 6.3.3 6.3.4 Chapter 7. 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10 Web Authentication Configuration ........................................................................................................... 97 Overview ........................................................................................................................................ 97 Configuring Web Authentication...................................................................
Users Manual of XGS-6350-24X4C 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 Chapter 8. User Management ....................................................................................................................... 141 Log Management ......................................................................................................................... 142 Managing the Configuration Files ................................................................................................
Users Manual of XGS-6350-24X4C 12.1.2 Chapter 13. 13.1 13.2 Configuring MAC Address Attribute 160 MAC Address Configuration Task List ................................................................................................... 160 MAC address Configuration Task.......................................................................................................... 160 13.2.1 Configuring Static Mac Address ...........................................................................................
Users Manual of XGS-6350-24X4C Chapter 17. GVRP Configuration 175 Configuring GVRP ................................................................................................................................ 175 Introduction ........................................................................................................................................... 175 Configuring Task List .................................................................................................................
Users Manual of XGS-6350-24X4C Chapter 21. 21.1 LLDP Configuration 228 FlexLinkLite Configuration 232 FlexLinkLite Configuration .................................................................................................................... 232 24.1.1 FlexLinkLite Overview .................................................................................................................. 232 24.1.2 FlexLinkLite Configuration ..........................................................................
Users Manual of XGS-6350-24X4C MEAPS Introduction .............................................................................................................................. 248 27.1.1 MEAPS Overview ........................................................................................................................ 248 27.1.2 Basic Concepts of MEAPS .......................................................................................................... 249 27.1.3 Types of EAPS Packets ............
Users Manual of XGS-6350-24X4C 33.1.4 Chapter 34. Configuration Example ................................................................................................................ 318 CFM and Y1731 Configuration 322 34.1 Overview ............................................................................................................................................... 322 34.1.1 Stipulations .......................................................................................................
Users Manual of XGS-6350-24X4C 39.1.3 39.1.4 Chapter 40. 40.1 350 DoS Attack Prevention Configuration 362 DoS Attack Prevention Configuration .................................................................................................... 362 41.1.1 DoS Attack Overview ................................................................................................................... 362 41.1.2 DoS Attack Prevention Configuration Task List.............................................................
Users Manual of XGS-6350-24X4C 44.1 Applying the IP Access Control List ...................................................................................................... 406 44.1.1 Applying ACL on Ports ................................................................................................................. 406 Chapter 45. Routing Configuration 407 45.1 Configuring RIP ........................................................................................................................
Users Manual of XGS-6350-24X4C 48.3 48.2.3 MCE Configuration ...................................................................................................................... 462 MCE Configuration Example ................................................................................................................. 465 48.3.1 Configuring S11 ........................................................................................................................... 465 48.3.2 Configuring MCE-S1 .....
Users Manual of XGS-6350-24X4C 50.5 50.4.3 PIM-DM State-Refresh Configuration Example ........................................................................... 503 Configuring PIM-SM .............................................................................................................................. 503 50.5.1 PIM-SM Introduction .................................................................................................................... 503 50.5.2 Configuring PIM-SM ....................
Users Manual of XGS-6350-24X4C Overview ............................................................................................................................................... 537 BFD Configuration Tasks ...................................................................................................................... 537 55.2.1 Activating Port BFD ..................................................................................................................... 537 55.2.
Users Manual of XGS-6350-24X4C Chapter 1. INTRODUCTION Thank you for purchasing PLANET L3 100G Managed Switch, XGS-6350-24X4C. The description of this model is as follows: XGS-6350-24X4C Layer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch The term “Managed Switch” mentioned in this user’s manual refers to the XGS-6350-24X4C. 1.1 Packet Contents Open the box of the Managed Switch and carefully unpack it.
Users Manual of XGS-6350-24X4C switching capacity, the XGS-6350-24X4C can handle extremely large amounts of data in a secure topology linking to backbone or high capacity servers where audio, video streaming and multicast applications are utilized. Extractive Power Supply Design to Increase Flexibility The XGS-6350-24X4C is equipped with one extractive 100~240V AC power supply unit, so it is easy to replace the power for users.
Users Manual of XGS-6350-24X4C Powerful Security The ACL policies supported can classify the traffic by source/destination IP addresses, source/destination MAC addresses, IP protocols, TCP/UDP, IP precedence, time ranges and ToS. Moreover, various policies can be conducted to forward the traffic. The XGS-6350-24X4C also provides IEEE 802.1x port based access authentication, which can be deployed with RADIUS, to ensure the port level security and block illegal users.
Users Manual of XGS-6350-24X4C 1.
Users Manual of XGS-6350-24X4C Provides port mirror (many-to-1) Quality of Service 8 priority queues on all switch ports Supports strict priority and WRR (Weighted Round Robin) CoS policies Traffic classification - IEEE 802.1p CoS/ToS - IPv4/IPv6 DSCP - Port-based WRR Strict priority and WRR CoS policies Multicast Supports IPv4 IGMP snooping v1, v2 and v3, and IPv6 MLD v1 and v2 snooping Querier mode support Supports Multicast VLAN Register (MVR) Security IEEE 802.
Users Manual of XGS-6350-24X4C User privilege levels control Syslog server for IPv4 and IPv6 Four RMON groups 1, 2, 3, 9 (history, statistics, alarms and events) Supports ping, trace route function for IPv4 and IPv6 23
Users Manual of XGS-6350-24X4C 1.3 Product Specifications Product XGS-6350-24X4C Hardware Specifications QSFP28 Slots SFP+ Slots 4 with each supporting native 100/40 Gigabit Ethernet and 4 x 10 Gigabit Ethernet modes 24 10GBASE-SR/LR SFP+ interfaces Compatible with 1000BASE-SX/LX/BX SFP transceiver Console 1 x RJ45-to-DB9 serial port (9600, 8, N, 1) Management 1 x RJ45 (10/100/1000BASE-T) USB 1 x USB 2.
Users Manual of XGS-6350-24X4C Supports RMON 1, 2, 3, 9 groups Supports the RADIUS authentication for IPv4/IPv6 Telnet user name and password Supports IPv4/IPv6 SSH The right configuration for users to adopt RADIUS server’s shell management Supports CLI, console, Telnet Supports SNMPv1, v2c and v3 Supports Security IP safety net management function: avoid unlawful landing at non-restrictive area Supports Syslog server for IPv4 and IPv6 Supports TACACS+ Layer 3 Function Routing Protocol Static routing, RI
Users Manual of XGS-6350-24X4C Link Aggregation IEEE 802.3ad LACP/static trunk Supports 32 groups with 8 ports per trunk group 8 priority queues on all switch ports Supports strict priority and Weighted Round Robin (WRR) CoS policies QoS Traffic classification: - IEEE 802.
Users Manual of XGS-6350-24X4C RFC 2233 if MIB RFC 2452 TCP6 MIB RFC 2454 UDP6 MIB RFC 2465 IPv6 MIB RFC 2466 ICMP6 MIB RFC 2573 SNMPv3 notification RFC 2574 SNMPv3 VACM RFC 2674 Bridge MIB Extensions Standard Conformance Regulatory Compliance FCC Part 15 Class A, CE IEEE 802.3z Gigabit 1000BASE-SX/LX IEEE 802.3ae 10Gb/s Ethernet IEEE 802.3x flow control and back pressure IEEE 802.3ad port trunk with LACP IEEE 802.1D Spanning Tree Protocol IEEE 802.1w Rapid Spanning Tree Protocol IEEE 802.
Users Manual of XGS-6350-24X4C Relative Humidity: 5 ~ 95% (non-condensing) 28
Users Manual of XGS-6350-24X4C Chapter 2. INSTALLATION This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented.To install your Managed Switch on a desktop or shelf, simply complete the following steps. In this paragraph, we will describe how to install the Managed Switch and the installation points attended to it. 2.1 Hardware Description 2.1.
Users Manual of XGS-6350-24X4C The management port is designed for accessing to the Web UI of Managed Switch for configuration. 2.1.2 LED Indications The front panel LEDs indicates instant status of port links, data activity, system operation, stack status and system power. XGS-6350-24X4C LED Indication Figure 2-2 XGS-6350-24X4C LED Panel ■ System LED Color Green PWR Off SYS Green Function Lights to indicate that the Switch has power. Power is off.
Users Manual of XGS-6350-24X4C to 240V AC, 50-60Hz. Figure 2-3 shows the rear panel of this Managed Switch. XGS-6350-24X4C Rear Panel Figure 2-3 Rear Panel of XGS-6350-24X4C ■ AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts to line power in the range of 100-240VAC and 50/60 Hz. Plug the female end of the power cord firmly into the receptacle on the rear panel of the Managed Switch.
Users Manual of XGS-6350-24X4C Step 1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side. Step 2: Attach the rack-mount bracket to each side of the Managed Switch with supplied screws attached to the package. You must use the screws supplied with the mounting brackets. Damage caused to the parts by using incorrect screws would invalidate the warranty. Step 3: Secure the brackets tightly.
Users Manual of XGS-6350-24X4C transceivers. The following list of approved PLANET SFP/SFP+/QSFP28 100G SFP transceiver is correct at the time of publication: Gigabit Ethernet Transceiver (1000BASE-XSFP) Model Speed (Mbps) Connector Interface Fiber Mode Distance Wavelength (nm) Operating Temp.
Users Manual of XGS-6350-24X4C 10Gbps SFP+ (10G Ethernet/10GBASE) Connector Model Speed (Mbps) Fiber Mode Distance Wavelength (nm) Operating Temp. Interface MTB-SR 10G LC Multi Mode Up to 300m 850nm 0 ~ 60 degrees C MTB-LR 10G LC Single Mode 10km 1310nm 0 ~ 60 degrees C 10Gbps SFP+ (10GBASE-BX, Single Fiber Bi-directional SFP) Connector Model Speed (Mbps) Fiber Mode Distance Wavelength (TX) Wavelength (RX) Operating Temp.
Users Manual of XGS-6350-24X4C SFP/SFP+ transceiver is operating correctly. 4. Check the Link mode of the SFP/SFP+ port if the link fails. To function with some fiber-NICs or media converters, user has to set the port Link mode to “10GForce” or “1000M Force”. Remove the Transceiver Module 1. Make sure there is no network activity anymore. 2. Remove the Fiber-optic Cable gently. 3. Lift up the lever of the MGB module and turn it to a horizontal position. 4.
Users Manual of XGS-6350-24X4C Chapter 3. 3.1 Switch Management Management Options After purchasing the switch, the user needs to configure the switch for network management. Switch provides two management options: in-band management and out-of-band management. 3.1.1 Out-Of-Band Management Out-of-band management is the management through Console interface. Generally, the user will use out-of-band management for the initial switch configuration, or when in-band management is not available.
Users Manual of XGS-6350-24X4C Open the HyperTerminal included in Windows after the connection is established. The example below is based on the HyperTerminal included in Windows XP. 1) Click Start menu -- All Programs -- Accessories -- Communication -- HyperTerminal. Figure 3-2 Opening Hyper Terminal 2) Type a name for opening HyperTerminal, such as “Switch”.
Users Manual of XGS-6350-24X4C Figure 3-3 Opening HyperTerminal 3) In the “Connect using” drop-list, select the RS-232 serial port used by the PC, e.g., COM1, and click “OK”. Figure3-4 Opening HyperTerminal 4) COM1 property appears and select “9600” for “Baud rate”, “8” for “Data bits”, “none” for “Parity checksum”, “1” for stop bit and “none” for traffic control; or you can also click “Restore default” and click “OK”.
Users Manual of XGS-6350-24X4C Figure3-5 Opening HyperTerminal Step 3: Entering switch CLI interface Power on the switch and the following appears in the HyperTerminal windows, that is the CLI configuration mode for Switch. Jan 18 21: 48: 00 User admin logout on console 0 System Bootstrap, Version 0.1.1, Serial No: A98005YM01012076 Copyright (c) 2018 PLANET PLANET Technology Corporation XGS-6350-24X4C Current time: 1970-1-1 0: 00: 00 SDRAM Fast Test...........................PASS! Flash Fast Test.
Users Manual of XGS-6350-24X4C Jan 1 00:00:52 %MEM-6-EXT_REGION_CREATE 14c99c4: Create extend region for region 1 rank 0, 1417805 blocks 56712246 bytes User Access Verification Username: admin Password: Welcome to PLANET XGS-6350-24X4C Ethernet Switch Switch> The user can now enter commands to manage the switch. For a detailed description of the commands, please refer to the following chapters. 3.1.
Users Manual of XGS-6350-24X4C Figure3-6 Manage the Switch by Telnet Step 1: Configure the IP addresses for the switch and start the Telnet Serverfunction on the switch.First is the configuration of host IP address. This should be within the same network segment as the switch VLAN1 interface IP address. Suppose the switch VLAN1 interface IP address is 10.1.128.251/24. Then, a possible host IP address is 10.1.128.252/24. Run “ping 10.1.128.251” from the host and verify the result.
Users Manual of XGS-6350-24X4C Figure3-7 Run telnet client program included in Windows Step 3: Log in to the switch. Log in to the Telnet configuration interface. Valid login name and password are required, otherwise, the switch will reject Telnet access. This is the method to protect the switch from unauthorized access. Enter valid login name and password in the Telnet configuration interface, Telnet user will be able to enter the switch’s CLI configuration interface.
Users Manual of XGS-6350-24X4C 3) If 2) is not met, HTTP client should connect to an IPv4/IPv6 address of the switch via other devices, such as a router. Similar to management the switch via Telnet, as soon as the host succeeds to ping/ping6 an IPv4/IPv6 address of the switch and to type the right login password, it can access the switch via HTTP. The configuration list is shown below: Step 1: Configure the IP addresses for the switch and start the HTTP server function on the switch.
Users Manual of XGS-6350-24X4C Logging to the Web configuration interface. Valid login name and password are required, otherwise, the switch will reject HTTP access. This is the method to protect the switch from unauthorized access. The Web login interface of XGS-6350-24X4C is shown below: Figure3-10Web Login Interface Input the right username and password and then the main Web configuration interface is shown below.
Users Manual of XGS-6350-24X4C should be in the same segment; 3) If 2) is not met, the client should be able to reach an IP address of the switch through devices like routers; 4) SNMP should be enabled. The host with SNMP network management software should be able to ping the IP address of the switch, so that when running, SNMP network management software will be able to find it and implement read/write operation on it.
Users Manual of XGS-6350-24X4C Switch> enter Password: Switch# config Switch_config# interface f0/1 Switch_config_f0/1# quit Switch_config# quit Switch# 3.1.3 Help Function Use the question mark (?) and the direction mark to help you enter commands: Enter a question mark. The currently available command list is displayed. Switch> ? Enter several familiar characters and press the space key. The available command list starting with the entered familiar characters is displayed.
Users Manual of XGS-6350-24X4C Chapter 4. 4.1 Basic Configuration System Management Configuration 4.1.1 File Management Configuration 4.1.1.1 Managing the file system The filename in flash is no more than 20 characters and filenames are case insensitive. 4.1.1.2 Commands for the file system The boldfaces in all commands are keywords. Others are parameters. The content in the square brakcet “[ ]” is optional. Command Description format Formats the file system and delete all data.
Users Manual of XGS-6350-24X4C 4.1.1.4 Updating software User can use this command to download switch system software locally or remotely to obtain version update or the custom-made function version (like data encryption and so on). There are two ways of software update in monitor mode. a) Through TFTP monitor#copy tftpflash [ip_addr] The previous commad is to copy file from the tftp server to the flash in the system.
Users Manual of XGS-6350-24X4C Parameter description Parameter Description local_filename Filename stored in the flash Users must enter the filename. Example The terminal program can be the Hyper Terminal program in WINDOWS 95, NT 4.0 or the terminal emulation program in WINDOWS 3.X. monitor#download c0 switch.bin Prompt: speed [9600]?115200 Then, modify the rate to 115200. After reconnection, select send file in the transfer menu of hyper terminal (terminal emulation).
Users Manual of XGS-6350-24X4C 4.1.1.6 Using ftp to perform the update of software and configuration config #copy ftpflash [ip_addr|option] Use ftp to perform the update of software and configuration in formal program management. Use the copy command to download a file from ftp server to switch, also to upload a file from file system of the switch to ftp server. After you enter the command, the system will prompt you to enter the remote server name and remote filename.
Users Manual of XGS-6350-24X4C Prompt: Remote-server ip address[]?192.168.20.1 Prompt: Destination file name[main.bin]?switch.bin or config#copy ftp: //login-nam: login-password@192.168.20.1/main.bin flash: switch.bin ###################################################################### ###################################################################### FTP: successfully receive 3377 blocks ,1728902 bytes config# 1. When the ftp server is out of service, the wait time is long.
Users Manual of XGS-6350-24X4C monitor#ip route default 192.168.1.1 4.1.2.3 Using ping to test network connection state monitor#ping This command is to test network connection state. Parameter description Parameter Description ip_address Destination IP address Example monitor#ping 192.168.20.100 PING 192.168.20.100: 56 data bytes 64 bytes from 192.168.20.100: icmp_seq=0. time=0. ms 64 bytes from 192.168.20.100: icmp_seq=1. time=0. ms 64 bytes from 192.168.20.100: icmp_seq=2.
Users Manual of XGS-6350-24X4C Ip http port number Modifies the port number of the http service. c) Configuring the access passward of the http service Http uses enable as the access password. You need to set the password enable if you want to perform authentication for http access. The password enable is set in global configuration mode using the following command: d) Command Function Enable password {0|7} line Sets the password enable.
Users Manual of XGS-6350-24X4C Line Type CON(CTY) Interface Console Description Numbering To log in to the system for configuration. 0 To connect Telnet, X.25 PAD, VTY Virtual and asynchronous HTTP and Rlogin of synchronous ports (such as Ethernet and serial port) on 32 numbers starting from 1 the system 4.2.2.1 Relationship between line and interface a) Relationship between synchronous interface and VTY line The virtual terminal line provides a synchronous interface to access to the system.
Users Manual of XGS-6350-24X4C management side and agent. SNMP management side can be part of the network management system (NMS, like CiscoWorks). Agent and MIB are stored on the system. You need to define the relationship between network management side and agent before configuring SNMP on the system. SNMP agent contains MIB variables. SNMP management side can check or modify value of these variables. The management side can get the variable value from agent or stores the variable value to agent.
Users Manual of XGS-6350-24X4C SNMPv1 uses group-based security format. Use IP address access control list and password to define the management side group that can access to agent MIB. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are: Message integrity—Ensuring that a packet has not been tampered with in-transit. Authentication—Determining the message is from a valid source.
Users Manual of XGS-6350-24X4C [exclude | include] MIB to the name of the SNMP view, and specifies the access right of the object identifier in the name of the SNMB view. Exclude: decline to be accessed Include: allow to be accessed The subsets that can be accessed in the SNMP view are the remaining objects that “include” MIB objects are divided by “exclude” objects. The objects that are not configured are not accessible by default.
Users Manual of XGS-6350-24X4C packet. Use the following command in global configuration mode: Command Function snmp-server packetsizebyte-count Sets the maximum length of the data packet. e) Monitoring SNMP state You can run the following command in global configuration mode to monitor SNMP output/input statistics, including illegal community character string items, number of mistakes and request variables. f) Command Function show snmp Monitores the SNMP state.
Users Manual of XGS-6350-24X4C snmp-server trap-source Specifies the source interface where traps interface originate and sets the source IP address for the message. snmp-server queue-length Creates the queue length of the message for length each host that has traps. Default value: 10 snmp-server Defines the frequency to resend traps in the trap-timeoutseconds resending queue.
Users Manual of XGS-6350-24X4C remote control station, a remote user has to be configured if the control station performs ID authentication. Username and password of the remote user must be the same as those on the control station. Otherwise, the control station cannot receive traps. Command Function snmp-server user username Configures a remote SNMPv3 user.
Users Manual of XGS-6350-24X4C snmp-server user notifier getter remote 90.0.0.3 v3 auth md5 abcdefghi snmp-server host 90.0.0.3 informs version v3 auth notifier snmp-server view v-write internet included The above example shows how to use SNMPv3 to manage devices. Group getter can browse device information, while group setter can set devices. User get-user belongs to group getter while user set-user belongs to group setter.
Users Manual of XGS-6350-24X4C absolute is used to directly monitor the value of MIB object. delta is used to monitor the value change of the MIB objects between two sampling. value is the threshold value when an alarm is generated. eventnumber is the index of an event that is generated when a threshold is reached. eventnumber is optional. owner string is to describe the information about the alarm. exit Enter the management mode again. write Save the configuration.
Users Manual of XGS-6350-24X4C to the log table. If the trap attribute is set to the rMon event, a trap message is sent out in name of community. If you run rmon event many times to configure event items with the same index, only the last configuration is effective. You can run no rmon event index to cancel event items whose indexes are index. c) Configuring rMon statistics for switch The rMon statistics group is used to monitor the statistics information on every port of the device.
Users Manual of XGS-6350-24X4C seconds. owner string is used to describe some information about the history item. 4. exit Enter the global office mode again. 5. exit Enter the management mode again. 6. write Save the configuration. After a rMon history item is added, the device will obtain statistics values from the specified port every second seconds. The statistics value will be added to the history item as a piece of information.
Users Manual of XGS-6350-24X4C Our switches can detect neighboring devices through PDP, but cannot require neighboring devices through SNMP. Therefore, these switches have to be located at the verge of networks. Otherwise, the complete network topology cannot be obtained. PDP on switches can be configured on all SANPs, such as Ethernet. 4.3.3.
Users Manual of XGS-6350-24X4C pdp run e) Enables the PDP on the switch. Enabling PDP on the port of the switch PDP is not enabled in the default configuration. You can run the following command in interface configuration mode to enable PDP on the port after PDP is enabled on the switch. f) Command Purpose pdp enable Enables PDP on the port of the switch.
Users Manual of XGS-6350-24X4C including des, 3des and blowfish. 4.3.4.2 SSH client SSH client is an application running under the ssh protocol. SSH client can provide authentication and encryption, so SSH client gurantees secure communication between communication devices or devices supporting SSH server even if these devices run in unsafe network conditions. SSH client supports the encryption algorithms including des, 3des and blowfish. 4.3.4.3 Function SSH server and SSH client supports version 1.5.
Users Manual of XGS-6350-24X4C Run the following command in global configuration mode to configure the maximum times for retrying authentication: Command Purpose Ip sshd auth-retries <0-65535> Configures the maximum times for retrying authentication. 4.3.5.5 Enabling SSH server SSH server is disabled by default. When SSH server is enabled, the device will generate a rsa password pair, and then listen connection requests from the client. The process takes one or two minutes.
Users Manual of XGS-6350-24X4C Chapter 5. 5.1 Network Management Configuration Network Management Configuration 5.1.1 SNMP Configuration 5.1.2 Overview The SNMP system includes the following 3 parts: SNMP management server (NMS) SNMP agent (agent) MIB SNMP is a protocol for the application layer.It provides the format for the packets which are transmitted between NMS and agent. SNMP management server is a part of the network management system, such as CiscoWorks.
Users Manual of XGS-6350-24X4C Setting the acknowledgement time-delay Setting the maximum numbers of acknowledgement Showing LLC2 link information Debugging LLC2 link information 5.2 LLC2 Configuration Tast 5.2.1 Configuring Idle Time Value The command is used for controlling the frequency of query at the idle time (no data exchanged) The command “no” can be used for restoring to the default value.
Users Manual of XGS-6350-24X4C Configuration mode: Interface configuration When the local end sends I frame, it will wait for remote acknowledgement. If no acknowledgement is received within a given time, the I-frame will be resent. The relative big value should be set on the network where the data is transmitted at a slow rate. Example: Setting 12 seconds as the time value of waiting for acknowledgement. int ethernet1/1 llc2 t1-time 12 5.2.
Users Manual of XGS-6350-24X4C default is 1 second. Configuration Mode: Interface Configuration A LLC2 connective end sometimes needs to know the status of opposite end. For this purpose, a command frame that requires a response from the opposite end needs to be sent. When the opposite end receives the command frame, it will reply a response frame. If the error occurs in the process, the send end will keep waiting. In order to avoid the situation, a clock needs to be enabled.
Users Manual of XGS-6350-24X4C 5.2.6 Configuring the Redial Times The command is Command Purpose [no] llc2 n2 retry-count Used for controlling the times of re-sending the frame. The command “no” can be used for restoring to the default value. retry-count: The times of resending frame. The maximum is 255, the minimum is 1 and the default is 8. Configuration mode: Interface configuration When one end of LLC2 sends the data to the opposite end, it will wait for the acknowledgement of the opposite end.
Users Manual of XGS-6350-24X4C Example: Setting the size of send window as 12. int ethernet 1/1 llc2 local-window 12 5.2.8 Configuring the Size of Accumulated Data Packet The command is Command Purpose [no] llc2 holdqueue Used for controlling the maximum local [packet-count] accumulated size of data packet when I frame (the remote end is busy) cannot be sent. The command “no” can be used for restoring to the default value.
Users Manual of XGS-6350-24X4C clearing the network timeout perceived by the opposite end. The command below can be used for setting the value. Command Purpose llc2 ack-maxnumber Setting the acknowledgement time-delay. 5.2.11 Showing LLC2 Link Information Command Purpose show llc interface [type number] Used for showing the related information of LLC2 link connection. Configuration Mode: Interface, configuration and global Showing the related information of LLC2 link connection.
Users Manual of XGS-6350-24X4C response will be transmitted as the time-delay timer is activated. interface interface e1/1 llc2 ack-max 3 llc2 ack-delay-time 800 In this connection, as it is told that all the frames are received, the counter that calculates the maximum number of information frame is reset as 0. 5.2.14 Configuring SDLC as Two-Way and Concurrent Mode SDLC two-way and concurrent mode allows master SDLC link station to use a full duplex serial circuit.
Users Manual of XGS-6350-24X4C sdlc n2retry-count Configuring the times of software of retrying a timeout operation. 5.2.16 Configuring the Number of SDLC Frame and Information Frame The maximum length of input frame and the maximum number of the information frame (or the size of window) received before router sends response to the receive end can be configured. When the configured value is relative big, the network overhead can be reduced.
Users Manual of XGS-6350-24X4C The communication efficiency between master station and single slave station can be improved by increasing the limit value of polling, but it may delay the polling to other slave stations. One or more commands below can be used under interface configuration mode for controlling the polling of slave station: Command Purpose sdlc poll-pause-timer milliseconds Configuring the waiting time interval of router’s polling to two slave stations on some single serial port.
Users Manual of XGS-6350-24X4C defined at the time of configuring the maximum length of LLC2 information frame. The command below can be used under interface configuration mode for configuring the maximum value of SDLC information frame: Command Purpose sdlc sdlc-largest-frameaddress Configuring the maximum length of information size frame that can be sent or received by the designated SDLC station. 5.2.
Users Manual of XGS-6350-24X4C Chapter 6. 6.1 Security Configuration AAAConfiguration 6.1.1 AAA Overview Access control is the way to control access to the network and services. Authentication, authorization, and accounting (AAA) network security services provide the primary framework through which you set up access control on your router or access server. 6.1.1.
Users Manual of XGS-6350-24X4C be defined through AAA. As with authentication, you configure AAA authorization by defining a named list of authorization methods, and then applying that list to various interfaces. For information about configuring authorization using AAA, refer to the chapter "Configuring Authorization.
Users Manual of XGS-6350-24X4C a listed authentication method or the authentication method list is exhausted, in which case authentication fails. The software attempts authentication with the next listed authentication method only when there is no response from the previous method.
Users Manual of XGS-6350-24X4C 6.1.2.1 Overview of the AAA Configuration Process Configuring AAA is relatively simple after you understand the basic process involved. To configure security on a Cisco router or access server using AAA, follow this process: If you decide to use a separate security server, configure security protocol parameters, such as RADIUS, TACACS+, or Kerberos. Define the method lists for authentication by using an AAA authentication command.
Users Manual of XGS-6350-24X4C list-name}method1 [method2...] line [ console | vty ] line-number [ending-line-number] Enters line configuration mode for the lines to which you want to apply the authentication list. login authentication {default | Applies the authentication list to a line list-name} or set of lines. The list-name is a character string used to name the list you are creating. The method argument refers to the actual method the authentication algorithm tries.
Users Manual of XGS-6350-24X4C (3) Login Authentication Using Local Password Use the aaa authentication login command with the local method keyword to specify that the Cisco router or access server will use the local username database for authentication.
Users Manual of XGS-6350-24X4C line Uses the line password for authentication. none Uses no authentication. 6.1.4.3 Configuring Message Banners for AAA Authentication AAA supports the use of configurable, personalized login and failed-login banners. You can configure message banners that will be displayed when a user logs in to the system to be authenticated using AAA and when, for whatever reason, authentication fails. 6.1.4.
Users Manual of XGS-6350-24X4C aaa authentication username-prompt text-string String of text that will be displayed when the user is prompted to enter an username. 6.1.4.8 AAA authentication password-prompt To change the text displayed when users are prompted for a password, use the aaa authentication password-prompt command in global configuration mode. To return to the default password prompt text, use the no form of this command.
Users Manual of XGS-6350-24X4C enable password { [encryption-type] encrypted-password} [level level] no enable password [level level] 6.1.5 AAA Authentication Configuration Example 6.1.5.1 RADIUS Authentication Example This section provides one sample configuration using RADIUS.
Users Manual of XGS-6350-24X4C Command Purpose aaa authorization exec {default | list-name}method1 [method2...] line [console | vty ] line-number [ending-line-number] Establishes global authorization list. Enters the line configuration mode for the lines to which you want to apply the authorization method list. Applies the authorization list to a line login authorization {default | list-name} or set of lines(in line configuration mode).
Users Manual of XGS-6350-24X4C username exec1 password 0 abc privilege 15 username exec2 password 0 abc privilege 10 username exec3 nopassword username exec4 password 0 abc user-maxlinks 10 username exec5 password 0 abc autocommand telnet 172.16.20.1 ! The lines in this sample RADIUS authorization configuration are defined as follows: : The aaa authentication login default local command defines the default method list of login authentication.
Users Manual of XGS-6350-24X4C aaa accounting connection {default | list-name} {start-stop | stop-only | Establishes global accounting list. none} group groupname The keyword list-name is used to name any character string of the establishing list. The keyword method specifies the actual method adopted during accounting process. The following table lists currently supported connection accounting methods: Keyword Description group WORD Enables named server group for accounting.
Users Manual of XGS-6350-24X4C 6.1.10.3 AAA Accounting Update To enable periodic interim accounting records to be sent to the accounting server, use the aaa accounting update command in global configuration mode. To disable interim accounting updates, use the no form of this command. Command aaa accounting update [newinfo] [periodicnumber] Purpose Enables AAA accounting update.
Users Manual of XGS-6350-24X4C server that contains all user authentication and network service access information. RADIUS has been implemented in a variety of network environments that require high levels of security while maintaining network access for remote users. Use RADIUS in the following network environments that require access security: : Networks with multiple-vendor access servers, each supporting RADIUS.
Users Manual of XGS-6350-24X4C password. The ACCEPT or REJECT response is bundled with additional data that is used for EXEC or network authorization. You must first complete RADIUS authentication before using RADIUS authorization. The additional data included with the ACCEPT or REJECT packets consists of the following: Services that the user can access, including Telnet, rlogin, or local-area transport (LAT) connections, and PPP, Serial Line Internet Protocol (SLIP), or EXEC services.
Users Manual of XGS-6350-24X4C To configure RADIUS to use the AAA security commands, you must specify the host running the RADIUS server daemon and a secret text (key) string that it shares with the router.
Users Manual of XGS-6350-24X4C 6.2.4.3 Specifying RADIUS Authentication After you have identified the RADIUS server and defined the RADIUS authentication key, you must define method lists for RADIUS authentication. Because RADIUS authentication is facilitated through AAA, you must enter the aaa authentication command, specifying RADIUS as the authentication method. For more information, refer to the chapter "Configuring Authentication." 6.2.4.
Users Manual of XGS-6350-24X4C radius-server host command defines the IP address of the RADIUS server host.; radius-server key command defines the shared secret text string between the network access server and the RADIUS server host. aaa authentication login admins group radius local command defines the authentication method list "dialins," which specifies that RADIUS authentication and then (if the RADIUS server does not respond) local authentication will be used on serial lines using PPP.
Users Manual of XGS-6350-24X4C The roles that the network devices take during the Web authentication are shown in Figure 6-2: Client: It is ausercomputer that accesses network through the switch. The user computer need be configured the network browser, the function of DHCP client and the function to originate DNS query. DHCP server: It is to distribute the IP address for users. AAA server: Switch: It is a switch having Web authentication.
Users Manual of XGS-6350-24X4C online notification. If the notification is not received in the preset time, the switch considers that the user abnormally logs off, notifies the AAA server to stop charging and withdraws the network access right from the user. The above steps may vary a little with configuration strategies and user’s operations. For example, if user directly accesses the portal server of the switch before the authentication is approved, DNS-related processes will not be enabled.
Users Manual of XGS-6350-24X4C Different operation strategies adopt different authentication modes. The supported maximum number of users that simultaneously access the network varies with the authentication mode. For the username/password authentication mode, the switch supports simultaneously accessed users as many as its performance permits. For the VLAN ID authentication mode, the maximum number of simultaneously accessed users equals the number of VLAN that the switch supports. 2.
Users Manual of XGS-6350-24X4C Run the following command in global configuration mode to configure the authentication duration (Unit: second): 3. Run... To... web-auth authtime <60-65535> Configure the authentication duration. Configuring the transmission period of the online notification Through the online notification sent by the browser, the switch checks whether the user is online. Run the following command in global configuration mode to configure the transmission period (unit: second): Run...
Users Manual of XGS-6350-24X4C list named default is applied on each interface. Run the following command in interface configuration mode to configure the authentication method list: 3. Run... To... web-auth authentication WORD Configure the authentication method list. Configuring the accounting method list Different accounting method lists can be applied on each interface. By default, the accounting method list named default is applied on each interface.
Users Manual of XGS-6350-24X4C Run... To... web-auth kick-out user-IP Mandatorily kick out a user. 6.3.4 Web Authentication Configuration Example Network topology See Figure 6-5: internet DNS server DHCP server AAA server (192.168.20.1) (192.168.20.
Users Manual of XGS-6350-24X4C Configuration of the layer-2 interface interface FastEthernet0/1 switchport pvid 1 ! interface FastEthernet0/2 switchport pvid 2 ! interface FastEthernet0/3 switchport pvid 3 ! interface FastEthernet0/4 switchport pvid 4 Configuration of the routing interface interface VLAN1 no ip directed-broadcast ip helper-address 192.168.20.1 web-auth accounting acct-weba web-auth authentication auth-weba web-auth mode vlan-id web-auth enable ! interface VLAN2 ip address 192.168.20.
Users Manual of XGS-6350-24X4C Chapter 7. 7.1 Web Configuration HTTP Switch Configuration 7.1.1 HTTP Configuration Switch configuration can be conducted not only through command lines and SNMP but also through Web browser. The switches support the HTTP configuration, the abnormal packet timeout configuration, and so on. 7.1.1.1 Choosing the Prompt Language Up to now, switches support two languages, that is, English and Chinese, and the two languages can be switched over through the following command.
Users Manual of XGS-6350-24X4C Command Purpose ip http http-access enable Sets the HTTP access mode. 7.1.1.5 Setting the Maximum Number of VLAN Entries on Web Page A switch supports at most 4094 VLANs and in most cases Web only displays parts of VLANs, that is, those VLANs users want to see. You can use the following command to set the maximum number of VLANs. The default maximum number of VLANs is 100.
Users Manual of XGS-6350-24X4C 7.2 Configuration Preparation 7.2.1 Accessing the Switch through HTTP When accessing the switch through Web, please make sure that the applied browser complies with the following requirements: HTML of version 4.0 HTTP of version 1.1 JavaScript TM of version 1.5 What's more, please ensure that the main program file, running on a switch, supports Web access and your computer has already connected the network in which the switch is located. 7.2.1.
Users Manual of XGS-6350-24X4C 1. Connect the console port of the switch with the accessory cable, or telnet to the management address of the switch through the computer. 2. Enter the global configuration mode of the switch through the command line, the DOS prompt of which is similar to “Switch_config#”. 3. If the management address of the switch is not configured, please create the VLAN interface and configure the IP address. 4.
Users Manual of XGS-6350-24X4C Figure 2: Web homepage The whole homepage consists of the top control bar, the navigation bar, the configuration area and the bottom control bar. 7.2.3.1 Top Control Bar Figure 3: Top control bar Save All Write the current settings to the configuration file of the device. It is equivalent to the execution of the write command. The configuration that is made through Web will not be promptly written to the configuration file after validation.
Users Manual of XGS-6350-24X4C 7.2.3.2 Navigation Bar Figure 4 Navigation bar The contents in the navigation bar are shown in a form of list and are classified according to types. By default, the list is located at “Runtime Info”. If a certain item need be configured, please click the group name and then the sub-item. For example, to browse the flux of the current port, you have to click “Interface State" and then “Interface Flow”.
Users Manual of XGS-6350-24X4C 7.2.3.4 Bottom Control Bar Figure 6: Bottom control bar If you click the About button on the top control bar, the bottom control bar appears. The main function of the bottom control bar is to realize the automatic refreshing of the configuration display area. For example, if you click “Interface Flow” in the navigation bar and then click “Refresh”, the flow of the interface can be continuously monitored.
Users Manual of XGS-6350-24X4C 7.3.1 Hostname Configuration If you click Basic Config -> Hostname Config in the navigation bar, the Hostname Configuration page appears, as shown in figure 2. Figure 2 Hostname configuration The hostname will be displayed in the login dialog box. The default name of the device is “Switch”. You can enter the new hostname in the text box shown in figure 8 and then click “Apply”. 7.3.2 Time Management If you click System Manage -> Time Manage, the Time Setting page appears.
Users Manual of XGS-6350-24X4C 7.4 Configuration of the Physical Interface Figure 1: Physical port configuration list 7.4.1 Configuring Port Description If you click Physical port config -> Port description Config in the navigation bar, the Port description Configuration page appears, as shown in figure 2.
Users Manual of XGS-6350-24X4C You can modify the port description on this page and enter up to 120 characters. The description of the VLAN port cannot be set at present. 7.4.2 Configuring the Attributes of the Port If you click Physical port config -> Port attribute Config in the navigation bar, the Port Attribute Configuration page appears, as shown in figure 3.
Users Manual of XGS-6350-24X4C 7.4.4 Port mirroring If you click Physical port Config -> Port Mirror in the navigation bar, the Port Mirror Config page appears, as shown in figure 5. Figure 5: Port mirror configuration Click the drop-down list on the right side of "Mirror Port" and select a port to be the destination port of mirror. Click a checkbox and select a source port of mirror, that is, a mirrored port. RX The received packets will be mirrored to the destination port.
Users Manual of XGS-6350-24X4C 7.4.6.2 MAC Binding Configuration If you click Physical port Config -> Port Security -> MAC bind in the navigation bar, the Configure the MAC-Binding Info page appears, as shown in figure 9. Figure 9: MAC binding configuration Click “Detail” and then you can conduct the binding of the source MAC address for each physical port. In this way, the MAC address that is allowed to visit the port will be limited. Figure 10: Setting the binding of the source MAC address 7.4.6.
Users Manual of XGS-6350-24X4C Figure 14: Setting the dynamic MAC filtration mode You can set the dynamic MAC filtration mode and the allowable maximum number of addresses on this page. By default, the dynamic MAC filtration mode is disabled and the maximum number of addresses is 1. 7.4.7 Storm control In the navigation bar, click Physical port Config -> Storm control. The system then enters the page, on which the broadcast/multicast/unknown unicast storm control can be set. 7.4.7.
Users Manual of XGS-6350-24X4C Through the drop-down boxes in the Status column, you can decide whether to enable multicast storm control on a port. In the Threshold column you can enter the threshold of the multicast packets. The legal threshold range for each port is given behind the threshold. 7.4.7.3 Unknown Unicast Storm Control Figure 17: Unknown unicast storm control In the Threshold column you can enter the threshold of the broadcast packets.
Users Manual of XGS-6350-24X4C 7.5 Layer 2 Configuration Figure 1: Layer-2 configuration list 7.5.1 VLAN Settings 7.5.1.1 VLAN List If you click Layer 2 Config -> VLAN Config in the navigation bar, the VLAN Config page appears, as shown in figure 2. Figure 2: VLAN configuration The VLAN list will display VLAN items that exist in the current device according to the ascending order.
Users Manual of XGS-6350-24X4C VLAN. If you select the checkbox before a VLAN and then click “Delete”, the selected VLAN will be deleted. By default, a VLAN list can display up to 100 VLAN items. If you want to configure more VLANs through Web, please log on to the switch through the Console port or Telnet, enter the global configuration mode and then run the “ip http web max-vlan” command to modify the maximum number of VLANs that will be displayed. 7.5.1.
Users Manual of XGS-6350-24X4C Figure 4: Configuring the global attributes of PDP You can choose to enable PDP or disable it. When you choose to disable PDP, you cannot configure PDP. The “HoldTime” parameter means the time to be saved before the router discards the received information if other PDP packets are not received. The protocol version cannot be read currently through the command line “show run”, so the protocol version is not handled on the Web. 7.5.2.
Users Manual of XGS-6350-24X4C The “HoldTime” parameter means the ttl value of the packet that is transmitted by LLDP, whose default value is 120s. The “Reinit” parameter means the delay of successive packet transmission of LLDP, whose default value is 2s. 7.5.3.2 Configuring the Attributes of the LLDP Port If you click Layer 2 Config -> LLDPConfig-> LLDP port Config in the navigation bar, the Setting the attributes of the LLDP port page appears, as shown in figure 7.
Users Manual of XGS-6350-24X4C An aggregation group is selectable when it is created but is not selectable when it is modified. When a member port exists on the aggregation group, you can choose the aggregation mode to be static, LACP active or LACP passive. You can click “>>” and “<<” to delete and add a member port in the aggregation group. 7.5.5 STP Configuration 7.5.5.
Users Manual of XGS-6350-24X4C The configuration of the attributes of the port is irrelative of the global STP mode. For example, if the protocol status is set to “Disable” and the STP mode is also changed, the port will not run the protocol in the new mode. The default value of the path cost of the port is 0, meaning the path cost is automatically calculated according to the speed of the port. If you want to change the path cost, please enter another value. 7.5.6 GMP Snooping Configuration 7.5.6.
Users Manual of XGS-6350-24X4C Figure 14: Static routing port of IGMP VLAN When an IGMP snooping VLAN is created, its VLAN ID can be modified; but when the IGMP snooping VLAN is modified, its VLAN ID cannot be modified. You can click “>>” and “<<” to delete and add a routing port. 7.5.6.3 Static Multicast Address If you click Static multicast address, the Setting the static multicast address page appears.
Users Manual of XGS-6350-24X4C Figure 16: Multicast List On this page the multicat groups, which exist in the current network and are in the statistics of IGMP snooping, as well as port sets on which members in each group are belong to are dislayed. Click “Refresh” to refresh the contents in the list. By default, a multicast list can display up to 15 VLAN items.
Users Manual of XGS-6350-24X4C Figure 19: EAPS Ring List In the list shows the currently configured EAPS ring, including the status of the ring, the forwarding status of the port and the status of the link. Click “New” to create a new EAPS ring. Click the “Operate” option to configure the “Time” parameter of the ring. 1. The system can support 8 EAPS rings. 2. After a ring is configured, its port, node type and control VLAN cannot be modified.
Users Manual of XGS-6350-24X4C Enter a value between 1 and 4094 in the text box on the right of “Control VLAN” as the control VLAN ID. When a ring is established, the control VLAN will be automatically established too. Please note that if the designated control VLAN is 1 and the VLAN of the control device is also 1 the control device cannot access the control VLAN. Additionally, please do not enter a control VLAN ID that is same as that of another ring.
Users Manual of XGS-6350-24X4C 7.6.1 Configuring the VLAN Interface If you click Layer 3 Config -> VLAN interface Config, the Configuring the VLAN interface page appears. Figure 2: Configuring the VLAN interface Click New to add a new VLAN interface. Click Cancel to delete a VLAN interface. Click Modify to modify the settings of a corresponding VLAN interface.
Users Manual of XGS-6350-24X4C Figure 4: Displaying the static route Click Create to add a static route. If you click Edit, you can modify the current static route. If you click Cancel, you can cancel the chosen static route. Figure 5: Setting the static route 7.6.3 IGMP Proxy 7.6.3.1 Enabling the IGMP Proxy If you click Layer-3 Config -> IGMP proxy, the IGMP proxypage appears. Figure 6: Enabling the IGMP agent On this page you can enable or disable the IGMP proxy.
Users Manual of XGS-6350-24X4C 7.7 Advanced Configuration Figure 1: A list of advanced configuration 7.7.1 QoS Configuration 7.7.1.1 Configuring QoS Port If you click Advanced Config -> QoS -> Configure QoS Port, the Port Priority Config page appears. Figure 2: Configuring the QoS Port You can set the CoS value by clicking the dropdown box on the right of each port and selecting a value. The default CoS value of a port is 0, meaning the lowest priority.
Users Manual of XGS-6350-24X4C the highest. 7.7.1.2 Global QoS Configuration If you click Advanced Config -> QoS Config -> Global QoS Config, the Port’s QoS parameter configuration page appears. Figure 3: Configuring global QoS attributes In WRR schedule mode, you can set the weights of the QoS queues. There are 4 queues, among which queue 1 has the lowest priority and queue 4 has the highest priority.n 7.7.2 MAC Access Control List 7.7.2.
Users Manual of XGS-6350-24X4C 7.7.2.2 Setting the Rules of the MAC Access Control List If you click Modify, the corresponding MAC access control list appears and you can set the corresponding rules for the MAC access control list. Figure 6: Specific MAC access control list configuration Click New to add a rule of the MAC access control list. Click Cancel to delete a rule of the MAC access control list. Figure 7: Setting the Rules of the MAC Access Control List 7.7.2.
Users Manual of XGS-6350-24X4C Figure 9: IP access control list configuration Click New to add a name of the IP access control list. Click Cancel to delete an IP access control list. Figure 10: Creating a name of the IP access control list If you click Modify, the corresponding IP access control list appears and you can set the corresponding rules for the IP access control list. 7.7.3.
Users Manual of XGS-6350-24X4C for the IP access control list. Figure 14: Setting the Rules of the extended IP access control list 7.7.3.3 Applying the IP Access Control List If you click Advanced Config -> IP access control list -> Applying the IP access control list, the Applying the IP access control list page appears.
Users Manual of XGS-6350-24X4C 7.8 Network Management Configuration Figure 1: Network management configuration list 7.8.1 SNMP Configuration If you click Network management Config -> SNMP management in the navigation bar, the SNMP management page appears, as shown in figure 2. 7.8.1.1 SNMP Community Management Figure 2: SNMP community management On the SNMP community management page, you can know the related configuration information about SNMP community.
Users Manual of XGS-6350-24X4C of SNMP community, which include Read only and Read-Write. 7.8.1.2 SNMP Host Management Figure 4: SNMP host management On the SNMP community host page, you can know the related configuration information about SNMP host. You can create, modify or cancel the SNMP host information, and if you click New or Edit, you can switch to the configuration page of SNMP host.
Users Manual of XGS-6350-24X4C interface, it will replace that of the previous application interface. At present, the monitor statistic information can be obtained through the command line “show rmon statistics”, but the Web does not support this function. 7.8.2.2 RMON History Information Configuration If you click Network Management Config -> RMON -> RMON history -> New, the RMON history page appears.
Users Manual of XGS-6350-24X4C The MIB node corresponds to OID. If the alarm type is absolute, the value of the MIB object will be directly minitored; if the alarm type is delta, the change of the value of the MIB object in two sampling will be monitored. When the monitored MIB object reaches or exceeds the rising threshold, the event corresponding to the index of the rising event will be triggered.
Users Manual of XGS-6350-24X4C 7.9 Diagnosis Tools Figure 1: Diagnosis tool list 7.9.1 Ping 7.9.1.1 Ping If you click Diagnosis Tools -> Ping, the Ping page appears. Figure 2: Ping Ping is used to test whether the switch connects other devices. If a Ping test need be conducted, please enter an IP address in the “Destination address” textbox, such as the IP address of your PC, and then click the “PING” button.
Users Manual of XGS-6350-24X4C 7.10 System Management Figure 1: Navigation list of system management 7.10.1 User Management 7.10.1.1 User List If you click System Manage -> User Manage, the User Management page appears. Figure 2: User list You can click “New” to create a new user. To modify the permission or the login password, click “Edit” on the right of the user list. 1. Please make sure that at least one system administrator exists in the system, so that you can manage the devices through Web. 2.
Users Manual of XGS-6350-24X4C 7.10.1.2 Establishing a New User If you click “New” on the User Management page, the Creating User page appears. Figure 3: Creating new users In the “User name” text box, enter a name, which contains letters, numbers and symbols except “?”, “\”, “&”, “#” and the "Space". In the “Password” textbox enter a login password, and in the “Confirming password” textbox enter this login password again. In the “User permission” dropdown box set the user's permission.
Users Manual of XGS-6350-24X4C 7.10.3.1 Exporting the Configuration Information Figure 5: Exporting the configuration file The current configuration file can be exported, saved in the disk of PC or in the mobile storage device as the backup file. To export the configuration file, please click the “Export” button and then select the “Save” option in the pop-up download dialog box. The default name of the configuration file is “startup-config”, but you are suggested to set it to an easily memorable name.
Users Manual of XGS-6350-24X4C 7.10.4.1 Backing up the IOS Software Figure 7: Backing up IOS On this page the currently running software version is displayed. If you want to backup IOS, please click “Backuping IOS”; then on the browser the file download dialog box appears; click “Save” to store the IOS file to the disk of the PC, mobile storage device or other network location. The default name of the IOS file is "Switch.
Users Manual of XGS-6350-24X4C Figure 9: Rebooting the device If the device need be rebooted, please first make sure that the modified configuration of the device has already been saved, and then click the “Reboot” button.
Users Manual of XGS-6350-24X4C Chapter 8. 8.1 Interface Configuration Introduction This section helps user to learn various kinds of interface that our switch supports and consult configuration information about different interface types. For detailed description of all interface commands used in this section, refer to Interface configuration command. For files of other commands appeared in this section, refer to other parts of the manual.
Users Manual of XGS-6350-24X4C null interface aggregation interface vlan interface 8.1.2 Interface Configuration Introduction The following description applies to the configuration process of all interfaces. Take the following steps to perform interface configuration in global configuration mode. (1) Run the interface command to enter the interface configuration mode and start configuring interface.
Users Manual of XGS-6350-24X4C interface GigaEthernet0/1 The switch prompts “config_g1/1”. There is no need to add blank between interface type and interface number. For example, in the above line, g 1/1 or g 1/1 is both rights. (1) You can configure the interface configuration commands in interface configuration mode. Various commands define protocols and application programs to be executed on the interface.
Users Manual of XGS-6350-24X4C The bandwidth is just a routing parameter, which doesn’t influence the communication rate of the actual physical interface. 8.2.1.3 Configuring Time Delay The upper protocol uses time delay information to perform operation decision. Use the following command to configure time delay for the interface in the interface configuration mode. Command Description delaytensofmicroseconds Configures time delay for the currently configured interface.
Users Manual of XGS-6350-24X4C via dynamic routing protocol. Use the following command to shutdown or enable an interface in the interface configuration mode: Command Description shutdown Shuts down an interface. no shutdown Enables an interface. You can use the show interface command and the show running-config command to check whether an interface has been shut down. An interface that has been shut down is displayed as ‘administratively down’ in the show interface command display.
Users Manual of XGS-6350-24X4C interface can be re-routed to the switch and be handled locally. For messages that are routed to the loopback interface but whose destination is not the IP address of the loopback interface, they will be dropped. This means that the loopback interface functions as the null interface.
Users Manual of XGS-6350-24X4C no means to delete Super VLAN interface. [no] subvlan[setstr] [add Configure SubVLAN in Super VLAN. The added Sub VLAN cannot addstr][removeremstr] possess a management interface or cannot belong to other Super VLANs. In original state, Super VLAN does not contain any Sub VLAN. Only one sub command can only be used every time. setstr means to set the Sub VLAN list. For example, List 2,4-6 indicate VLAN 2, 4, 5 and 6. add means to add VLAN list in the original SubVLAN list.
Users Manual of XGS-6350-24X4C Chapter 9. 9.1 Interface Range Configuration Interface Range Configuration Task 9.1.1 Understanding Interface Range In the process of configuring interface tasks, there are cases when you have to configure the same attribute on ports of the same type. In order to avoid repeated configuration on each port, we provide the interface range configuration mode. You can configure ports of the same type and slot number with the same configuration parameters.
Users Manual of XGS-6350-24X4C Chapter 10. Port Physical Characteristics Configuration 10.1 Configuring the Ethernet Interface The section describes how to configure the Ethernet interface. The switch supports the10Mbps Ethernet and the 100Mbps fastEthernet. The detailed configuration is shown as follows. The step described in section 1.1.1 is mandatory. Steps described in other sections are optional. 10.1.
Users Manual of XGS-6350-24X4C 802.3X. When the interface is in half-duplex mode, the flow control is achieved through back pressure. Run… To… flow-control on/off Enable or disable the flow control on the interface. no flow-control Resume the default settings. The default settings have no flow control.
Users Manual of XGS-6350-24X4C Chapter 11. Port Additional Characteristics Configuration Interface Configuration 11.1 Configuring the Ethernet Interface The switch supports the 10Mbps/100Mbps Ethernet interfaces. See the following content for detailed configuration. Among the configuration, the first step is mandatory while others are optional. 11.1.1 Configuring Flow Control for the Port You can control the flow rate on the incoming and outgoing ports through configuration.
Users Manual of XGS-6350-24X4C The storm control mechanism of the port is therefore generated. Command Purpose storm-control {broadcast | multicast | Performs the storm control to the unicast} threshold count broadcast/multicast/unicast message. no storm-control {broadcast | Cancels the storm control. multicast | unicast} threshold 11.2 Secure Port Configuration 11.2.
Users Manual of XGS-6350-24X4C interface g0/1 Enters the to-be-configured port. [no] switchport port-security Configures the secure port mode. mode static {accept | reject} exit Goes back to the global configuration mode. exit Goes back to the EXEC mode. write Saves the configuration. 11.3.
Users Manual of XGS-6350-24X4C Chapter 12. Configuring Port Mirroring Configuring Port Mirroring Task List Configuring port mirroring Displaying port mirroring information 12.1 Configuring Port Mirroring Task 12.1.1 Configuring Port Mirroring Through configuring port mirroring, you can use one port of a switch to observe the traffic on a group of ports.
Users Manual of XGS-6350-24X4C Chapter 13. Configuring MAC Address Attribute 13.1 MAC Address Configuration Task List Configuring Static Mac Address Configuring Mac Address Aging Time Configring VLAN-shared MAC Address Displaying Mac Address Table Clearing Dynamic Mac Address 13.2 MAC address Configuration Task 13.2.1 Configuring Static Mac Address Static MAC address entries are MAC address entries that do not age by the switch and can only be deleted manually.
Users Manual of XGS-6350-24X4C 0 indicates no-age of the MAC address. Valid value is from 10 to 1000000 in seconds. exit Returns to the management mode. write Saves configuration. 13.2.3 Displaying MAC Address Table Since debugging and management are required in operation process, we want to know content of the switch MAC address table. Use the show command to display content of the switch MAC address table.
Users Manual of XGS-6350-24X4C Chapter 14. Configuring MAC List 14.1 MAC List Configuration Task 14.1.1 Creating MAC List To apply the MAC list on the port, you must first create the MAC list. After the MAC list is successfully created, you log in to the MAC list configuration mode and then you can configure items of the MAC access list. Perform the following operations to add and delete a MAC list in privilege mode: Run… To… configure Log in to the global configuration mode. Add or delete a MAC list.
Users Manual of XGS-6350-24X4C exit Enter the management mode again. write Save configuration. MAC list configuration example Switch_config#mac acce 1 Switch-config-macl#permit host 1.1.1 any Switch-config-macl#permit host 2.2.2 any The above configuration is to compare the source MAC address, so the mask is the same. The configuration is successful. Switch_config#mac acce 1 Switch-config-macl#permit host 1.1.1 any Switch-config-macl#permit any host 1.1.
Users Manual of XGS-6350-24X4C Chapter 15. Configuring 802.1x 15.1 802.1x Configuration Task List Configuring 802.1x port authentication Configuring 802.1x multiple port authentication Configuring maximum times for 802.1x ID authentication Configuring 802.1x re-authentication Configuring 802.1x transmission frequency Configuring 802.1x user binding Configuring authentication method for 802.1x port Selecting authentication type for 802.1x port Configuring 802.
Users Manual of XGS-6350-24X4C Run the following command to start up the 802.1x authentication: Run… To… dot1x port-control auto Configure the 802.1x protocol control method on the port. aaa authentication dot1x {default Configure the AAA authentication of |list name} method 802.1x. Run one of the following commands in port configuration mode to select 802.1x control method: Run… To… dot1x port-control auto Start up the 802.1x authentication method on the port.
Users Manual of XGS-6350-24X4C Run the following command in interface configuration command to set the maximum times for ID authentication request: Run… To dot1x max-req count Set the maximum times for ID authentication request. 15.2.4 Configuring 802.1x Re-authentication After first authentication is approved, the client will be authenticated every a certain time to ensure the legality of the client. In this case, the re-authentication function needs to be enabled.
Users Manual of XGS-6350-24X4C authentication: Run… To… dot1x authentication method yyy Configure the method of the 802.1x authentication. 15.2.8 Selecting Authentication Type for 802.1x Port You can select the type for the 802.1x authentication. The 802.1x authentication type determines whether AAA uses Chap authentication or Eap authentication. Eap authentication supports the md5-challenge mode and the eap-tls mode.
Users Manual of XGS-6350-24X4C the accounting method: Run… To… dot1xaccounting enable Enable the dot1x accounting. dot1x accounting method {method Configure the accounting method. Its name} default value is default. 15.2.10 Configuring 802.1x guest-vlan Guest-vlan gives releavant ports some access rights (such as downloading client software) when the client does not respond. Guest-vlan can be any configured vlan in the system.
Users Manual of XGS-6350-24X4C 15.2.13 Monitoring 802.1x Authentication Configuration and State To monitor the configuration and state of 802.1x Authentication and decide which 802.1x parameter needs to be adjusted, run the following command in management mode: Run… To… show dot1x {interface ….} Monitor the configuration and state of 802.1x authentication. 15.3 802.1x Configuration Example Host A connects port F0/10 of the switch. Host B connects port F0/12.
Users Manual of XGS-6350-24X4C dot1x port-control auto dot1x authentication method TST-F0/12 dot1x authentication type eap 170
Users Manual of XGS-6350-24X4C Chapter 16. VLAN Configuration 16.1 VLAN Introduction Virtual LAN (VLAN) refers to a group of logically networked devices on one or more LANs that are configured so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. In 1999 IEEE established IEEE 802.1Q Protocol Standard Draft used to standardize VLAN realization project.
Users Manual of XGS-6350-24X4C Run the following command to configure VLAN Run… To… vlan vlan-id Enter the VLAN configuration mode. name str Name in the vlan configuration mode. Exit Exit vlan configuration mode, and establish vlan. vlan vlan-range Establish multiple VLANs at the same time. no vlan vlan-id | vlan-range Delete one or multiple VLANs. Vlan can perform dynamic addtion and deletion via vlan management protocol GVRP. 16.3.
Users Manual of XGS-6350-24X4C The command to globally enable dot1q-tunnel is as follows: Command Description double-tagging Globally enables double-tagging feature of the switch. 16.3.3 Creating/Deleting VLAN Interface Vlan interface can be established to realize network management or layer 3 routing feature. The vlan interface can be used to specify ip address and mask. Run the following command to configure vlan interface: Run… To… [no] interface vlan vlan-id Create/Delete a VLAN interface. 16.
Users Manual of XGS-6350-24X4C 16.3.5 Monitoring Configuration and State of VLAN Run the following commands in EXEC mode to monitor configuration and state of VLAN: Run… To… show vlan [ idx | interfaceintf ] Display configuration and state of VLAN. show interface {vlan | supervlan} x Display the states of vlan ports. 16.4 Configuration Examples Users PC1~PC6 connect the switch through ports 1~6. The IP addresses of these PCs belong to the network section 192.168.1.0/24.
Users Manual of XGS-6350-24X4C Chapter 17. GVRP Configuration 17.1 Configuring GVRP 17.2 Introduction GVRP (GARP VLAN Registration Protocol GARP VLAN) is a GARP (GARP VLAN Registration Protocol GARP VLAN) application that provides IEEE 802.1Q-compliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk ports.
Users Manual of XGS-6350-24X4C 17.4.3 Monitoring and Maintenance of GVRP Perform the following operations in EXEC mode: Command Description show gvrp statistics [interface Displays GVRP statistics. port_list] show gvrp status Displays GVRP global state information. [ no ] debug gvrp [ packet | event ] Enables/disables GVRP data packet and event debug switches. All debug switches will be enabled/disabled if not specified the concrete switch.
Users Manual of XGS-6350-24X4C (4) Configure VLAN 10, Vlan 20 and Vlan30 on Switch A Switch_config#vlan 10 Switch_config#vlan 20 Switch_config#vlan 30 (5) Configure the interface 9 that Switch A connects to Switch B to trunk: Switch_config_g0/9# switchport mode trunk (6) Enable global GVRP of switch B: Switch_config#gvrp (7) Enable GVRP of interface 9 of Switch B Switch_config_g0/9#gvrp (8) Configure VLAN 40, Vlan 50 and Vlan60 on Switch B Switch_config#vlan 40 Switch_config#vlan 50 Switch_config#
Users Manual of XGS-6350-24X4C Chapter 18. Private VLAN Settings 18.1 Private VLAN Settings 18.2 Overview of Private VLAN Private VLAN has settled the VLAN application problems facing ISPs: If ISP provides each user with a VLAN, the support by each device of 4094 VLANs will restrict the total of ISP-supported users. 18.
Users Manual of XGS-6350-24X4C the same community VLAN can conduct L2 communication each other or with the promiscuous port, but not with the community ports of other VLANs and the isolated ports in the isolated VLANs. 18.3.4 Modifying the Fields in VLAN TAG This functionality supports to modify the VLAN ID and priority in VLAN tag and decides whether the egress packets of private VLAN carry the tag or not. 18.
Users Manual of XGS-6350-24X4C Command Purpose vlan vlan-id Enters the primary VLAN configuration mode. private-vlan association Sets the to-be-associated secondary VLAN. {svlist| addsvlist| removesvlist} no private-vlan association Clears all associations between the current primary VLAN and all secondary VLANs. exit Exits the VLAN configuration mode. 18.5.
Users Manual of XGS-6350-24X4C 18.5.5 Modifying Related Fields of Egress Packets in Private VLAN Run the following commands to modify related fields of the egress packets in private VLAN: Command Purpose Interface interface Enters the interface configuration mode. switchport private-vlan tag-pvid vlan-id Sets the VLAN ID field in the tag of egress packet. switchport private-vlan tag-pripri Sets the priority field in the tag of egress packet.
Users Manual of XGS-6350-24X4C G0/1 and host ports of all sub-VLAN domains, so it is between host ports G0/2 and G0/3 of community VLAN 3, but they cannot conduct L2 communication with other host ports of secondary VLANs. L2 communication cannot go on between ports G0/5 and G0/6 in Isolated VLAN 5, but the two ports can conduct L2 communication with promiscuous port G0/1.
Users Manual of XGS-6350-24X4C Switch_config_vlan3#private-vlan community Switch_config#vlan 4 Switch_config_vlan4#private-vlan community Switch_config#vlan 5 Switch_config_vlan5#private-vlan isolated Switch_config#show vlan private-vlan Primary Secondary Type Ports 2 3 community g0/1, g0/2, g0/3 2 4 community g0/1, g0/4 2 5 isolated g0/1, g0/5, g0/6 183
Users Manual of XGS-6350-24X4C Chapter 19. STP Configuration 19.1 Configuring STP 19.1.1 STP Introduction The standard Spanning Tree Protocol (STP) is based on the IEEE 802.1D standard. A switch stack appears as a single spanning-tree node to the rest of the network, and all stack members use the same bridge ID. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack.
Users Manual of XGS-6350-24X4C (2) Path cost of each port (3) Port identifier for each port of the bridge The bridge with highest priority (the identifier value is the smallest) is selected as the root. Ports of each bridge have the attribute Root Path Cost, that is, the minimum of path cost summation of all ports from the root to the bridge. The designated port of each network segment refers to the port connecting to the network segment and having the minimum path cost.
Users Manual of XGS-6350-24X4C network topology. Follow these steps to disable spanning-tree: Command Purpose no spanning-tree Disables STP. To enable spanning-tree, use the following command: Command Purpose spanning-tree Enables default mode STP (SSTP). spanning-tree mode {sstp | rstp} Enables a certain mode STP. 19.1.3.
Users Manual of XGS-6350-24X4C 19.1.3.6 Configuring the Forward Delay Time Configure sstp forward delay to determine the number of seconds an interface waits before changing from its spanning-tree learning and listening states to the forwarding state. Use the following command to configure sstp forward delay: Command Purpose spanning-tree sstpforward-time Configures sstp Forward time. no spanning-tree sstp forward-time Returns forward time to default value (15s). 19.1.3.
Users Manual of XGS-6350-24X4C function. no spanning-tree designated-auto Disables the auto-designated port function. 19.1.3.10 Monitoring STP State To monitor the STP configuration and state, use the following command in management mode: Command Purpose show spanning-tree Displays spanning-tree information on active interfaces only. show spanning-tree detail Displays a detailed summary of interface information.
Users Manual of XGS-6350-24X4C no spanning-tree vlan-list priority Resumes the STP priority in the VLAN to the default configuration. spanning-tree vlan vlan-list Configures Forward Delay for the forward-time value designated no spanning-tree vlan vlan-list Resumes Forward Delay of the forward-time designated VLAN. VLAN to the default configuration. spanning-tree vlan vlan-list max-age Configures Max-age for the designated value VLAN.
Users Manual of XGS-6350-24X4C Configuring the Port Priority Enabling Protocol Conversation Check 19.1.6 RSTP Configuration Task 19.1.6.1 Enabling/Disabling Switch RSTP Follow these configurations in the global configuration mode: Command Purpose spanning-tree mode rstp Enables RSTP no spanning-tree mode Returns STP to default mode (SSTP) 19.1.6.
Users Manual of XGS-6350-24X4C value (15s). If you configure the Forward Delay Time to a relatively small value, it may leads to a temporary verbose path. If you configure the Forward Delay Time to a relatively big value, the system may not resume connecting for a long time. We recommend user to use the default value. The Forward Delay Time of the bridge is 15 seconds. 19.1.6.
Users Manual of XGS-6350-24X4C values to interfaces that you want selected first and higher cost values to interfaces that you want selected last. If all interfaces have the same cost value, spanning tree puts the interface with the lowest interface number in the forwarding state and blocks the other interfaces. Beginning in interface configuration mode, follow these steps to configure the cost of an interface: Command Purpose spanning-tree rstp costvalue Configures the cost for an interface.
Users Manual of XGS-6350-24X4C Both STP and RSTP only can create sole STP topology. All VLAN messages are forwarded through the only STP. STP converges too slow, so RSTP ensures a rapid and stable network topology through the handshake mechanism. MSTP inherits the rapid handshake mechanism of RSTP. At the same time, MST allows different VLAN to be distributed to different STPs, creating multiple topologies in the network.
Users Manual of XGS-6350-24X4C Figure 2.1 MSTP topology 1. CIST Common and Internal Spanning Tree (CIST) means the spanning tree comprised by all single switches and interconnected LAN. These switches may belong to different MST regions. They may be switches running traditional STP or RSTP. Switches running STP or RSTP in the MST regions are considered to be in their own regions. After the network topology is stable, the whole CIST chooses a CIST root bridge.
Users Manual of XGS-6350-24X4C Root port stands for the path between the current switch and the root bridge, which has minimum root path cost. 2. Alternate port Figure 2.3 Alternate port The alternate port is a backup path between the current switch and the root bridge. When the connection of root port is out of effect, the alternate port can promptly turn into a new root port without work interruption. 3. Designated port Figure 2.
Users Manual of XGS-6350-24X4C Figure 2.5 Backup port When two switch ports directly connect or both connect to the same LAN, the port with lower priority is to be the backup port, the other port is to be the designated port. If the designated port breaks down, the backup port becames the designated port to continue working. 5. Master port Figure 2.6 Master port The Master port is the shortest path between MST region and CIST root bridge.
Users Manual of XGS-6350-24X4C 7. Edge port In the RSTP protocol or MSTP protocol, edge port means the port directly connecting the network host. These ports can directly enter the forwarding state without causing any loop in the network. Figure 2.7 Edge port In original state, MTSP and RSTP do not take all ports as edge ports, ensuring the network topology can be rapidly created. In this case, if a port receives BPDU from other switches, the port is resumed from the edge state to the normal state.
Users Manual of XGS-6350-24X4C CIST Root Identifier 6 – 13 CIST External Root Path 14 – 17 Cost CIST Regional Root 18 – 25 Identifier CIST Port Identifier 26 – 27 Message Age 28 – 29 Max Age 30 – 31 Hello Time 32 – 33 Forward Delay 34 – 35 Version 1 Length 36 Version 3 Length 37 – 38 Format Selector 39 Configuration Name 40 – 71 Revision 72 – 73 Configuration Digest 74 – 89 CIST Internal Root Path 90 – 93 Cost CIST Bridge Identifier 94 – 101 CIST Remaining Hops 102 MSTI Co
Users Manual of XGS-6350-24X4C root. (4) Each MSTI can independently choose a switch as the MSTI regional root. (5) Each switch in the region and the LAN segment can decide the minimum cost path to the MSTI root. (6) The root port of CIST provides the minimum-cost path between the CIST regional root and the CIST root. (7) The designated port of the CIST provided its LAN with the minimum-cost path to the CIST root.
Users Manual of XGS-6350-24X4C Configuring secondary root Configuring bridge priority Configuring time parameters of STP Configuring network diameter Configuring maximum hop count Configuring port priority Configuring path cost for port Configuring port connection type Activating MST-compatible mode 19.2.2.1 Activating MST-Compatible Mode The MSTP protocol that our switches support is based on IEEE 802.1s.
Users Manual of XGS-6350-24X4C 19.2.3 MSTP Configuration Task 19.2.3.1 Default MSTP Configuration Attribute Default Settings STP mode SSTP (PVST, RSTP and MSTP is not started) Area name Character string of MAC address Area edit level 0 MST configuration list All VLANs are mapped in CIST (MST00).
Users Manual of XGS-6350-24X4C address, switches that run MSTP are in different areas in original state. You can run spanning-tree mstp instance instance-id vlan vlan-list to create a new MSTI and map the designated VLAN to it. If the MSTI is deleted, all these VLANs are mapped to the CIST again. Run the following command to set the MST area information: Command Purpose spanning-tree mstp namestring Configures the MST configuration name. string means the character string of the configuration name.
Users Manual of XGS-6350-24X4C selected as the network root. MSTP can set the switch to the network switch through configuration. You can run the command Spanning-tree mstpSpanning-tree mstpinstance-idrootroot to modify the priority value of the switch in a spanning tree instance from the default value to a sufficiently small value, ensuring the switch turns to be the root in the spanning tree instance.
Users Manual of XGS-6350-24X4C or multiple switches to the secondary roots or the backup roots. If the root does not function for certain reasons, the secondary roots will become the network root. Different from the primary root configuration, after the command to configure the primary root is run, MSTP sets the spanning tree priority of the switch to 28672. In the case that the priority value of other switches is the default value 32768, the current switch can be the secondary root.
Users Manual of XGS-6350-24X4C value represents the priority of the bridge. It can be one of the following values: 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440 no spanning-tree mstpinstance-idpriority Resumes the bridge priority of the switch to the default value. instance-id means the number of the spanning tree instance, ranging from 0 to 15. 19.2.3.
Users Manual of XGS-6350-24X4C ranging from 6 to 40 seconds. Its default value is 20 seconds. no spanning-tree mstp max-age Resumes Max Age to the default value. It is recommended to modify STP time parameters by setting root or network diameter, which ensures correct modification of time parameters. The newly-set time parameters are valid even if they do not comply with the previous formula’s requirements. Pay attention to the notification on the console when you perform configuration. 19.2.3.
Users Manual of XGS-6350-24X4C spanning-tree Sets the priority of the STP port. mstpinstance-idport-prioritypriority instance-id stands for the number of the spanning tree instance, ranging from 0 to 15. priority stands for the port priority. It can be one of the following values: 0, 16, 32, 48, 64, 80, 96, 112 128, 144, 160, 176, 192, 208, 224, 240 spanning-tree port-priorityvalue Sets the port priority in all spanning tree instances. value stands for the port priority.
Users Manual of XGS-6350-24X4C no spanning-tree mstpinstance-idcost Resumes the path cost of the port to the default value. no spanning-tree cost Resumes the path cost of the port to the default value in all spanning tree instances. 19.2.3.12 Configuring Port Connection Type If the connection between MSTP-supported switches is the point-to-point direct connection, the switches can rapidly establish connection through handshake mechanism.
Users Manual of XGS-6350-24X4C The main function of the compatible mode is to create the MST area for switches and other MSTP-running switches. In actual networking, make sure that the switch has the same configuration name and the same edit number. It is recommended to configure switches running other MSTP protocols to the CIST root, ensuring that the switch enters the compatible mode by receiving message.
Users Manual of XGS-6350-24X4C Command Purpose show spanning-tree Checks MSTP information. (Information about SSTP, PVST, RSTP and MSTP can be checked) show spanning-tree detail Checks the details of MSTP information. (Information about SSTP, PVST, RSTP and MSTP can be checked)) show spanning-tree interface interface-id Checks the STP interface information. (Information about SSTP, PVST, RSTP and MSTP can be checked)) show spanning-tree mstp Checks all MST instances.
Users Manual of XGS-6350-24X4C Chapter 20. STP Optional Characteristic Configuration 20.1 Configuring STP Optional Characteristic 20.1.1 STP Optional Characteristic Introduction The spanning tree protocol module of the switch supports seven additional features (the so-called optional features). These features are not configured by default.
Users Manual of XGS-6350-24X4C Figure 1.1 Port Fast Instruction: For the rapid convergent spanning tree protocol, RSTP and MSTP, can immediately bring an interface to the forwarding state, and therefore there is no need to use Port Fast feature. 20.1.1.2 BPDU Guard The BPDU guard feature can be globally enabled on the switch or can be enabled per port, but the feature operates with some differences.
Users Manual of XGS-6350-24X4C 20.1.1.3 BPDU Filter The BPDU filtering feature can be globally enabled on the switch or can be enabled per interface, but the feature operates with some differences. In SSTP/PVST mode, if a Port Fast port with BPDU filter configured receives the BPDU, the features BPDU Filter and Port Fast at the port will be automatically disabled, resuming the port as a normal port. Before entering the Forwarding state, the port must be in the Listening state and Learning state.
Users Manual of XGS-6350-24X4C Figure 1.3 Uplink Fast The Uplink Fast feature adjusts to the slowly convergent SSTP and PVST. In RSTP and MSTP mode, new root port can rapidly enter the Forwarding state without the Uplink Fast function. 20.1.1.5 Backbone Fast The Backbone Fast feature is a supplement of the Uplink Fast technology.
Users Manual of XGS-6350-24X4C Figure 1.4 Backbone Fast Suppose the bridge priority of switch C is higher than that of switch B. When L1 is disconnected, switch B is selected to send BPDU to switch C because the bridge priority is used as root priority. To switch C, the information contained by BPDU is not prior to information contained by its own. When Backbone Fast is not enabled, the port between switch C and switch B ages when awaiting the bridge information and then turns to be the designated port.
Users Manual of XGS-6350-24X4C 20.1.1.6 Root Guard The Root Guard feature prevents a port from turning into a root port because of receiving high-priority BPDU. The Layer 2 network of a service provider (SP) can include many connections to switches that are not owned by the SP. In such a topology, the spanning tree can reconfigure itself and select a customer switch as the root switch, as shown in Figure 17-8.
Users Manual of XGS-6350-24X4C level BPDU. 20.1.2 Configuring STP Optional Characteristic 20.1.2.1 STP Optional Characteristic Configuration Task Configuring Port Fast Configuring BPDU Guard Configuring BPDU Filter Configuring Uplink Fast 20.1.2.2 Configuring Port Fast An interface with the Port Fast feature enabled is moved directly to the spanning-tree forwarding state without waiting for the standard forward-time delay.
Users Manual of XGS-6350-24X4C BPDU guard feature puts the port in the error-disabled state. When this happens, the switch shuts down the entire port on which the violation occurred. To prevent the port from shutting down, you can use the errdisable detect cause bpduguard shutdown vlan global configuration command to shut down just the offending VLAN on the port where the violation occurred.
Users Manual of XGS-6350-24X4C spanning-tree portfast bpdufilter Globally enables bpdu filter feature. It is valid to all interfaces. no spanning-tree portfast bpdufilter Globally disables bpdu filter feature. Instruction: Globally enabling port fast feature may result in broadcast storm. The BPDU Guard or BPDU Filter should be configured for protection sake.
Users Manual of XGS-6350-24X4C Command Purpose spanning-tree backbonefast Enables backbone fast feature. no spanning-tree backbonefast Disables backbone fast feature. 20.1.2.7 Configuring Root Guard Root guard enabled on an interface applies to all the VLANs to which the interface belongs. Do not enable the root guard on interfaces to be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure.
Users Manual of XGS-6350-24X4C Follow these steps to enable loop guard in the interface configuration mode.: Command Purpose spanning-tree guard loop Enables loop guard feature on the interface. no spanning-tree guard Disables root guard and loop guard feature on the interface. spanning-tree guard none Disables root guard and loop guard on the interface.
Users Manual of XGS-6350-24X4C Chapter 21. Link Aggregation Configuration 21.1 Configuring Port Aggregation 21.1.1 Overview Link aggregation, also called trunking, is an optional feature available on the Ethernet switch and is used with Layer 2 Bridging. Link aggregation allows logical merge of multiple ports in a single link. Because the full bandwidth of each physical link is available, inefficient routing of traffic does not waste bandwidth. As a result, the entire cluster is utilized more efficiently.
Users Manual of XGS-6350-24X4C Command Description interface port-aggregator id Configures aggregated logical channel. 21.1.3.2 Aggregation of Physical Port To aggregate multiple physical ports into a logical channel, you can use static aggregation or LACP protocol for negotiation.
Users Manual of XGS-6350-24X4C address attributes is to get through a physical port. dst-mac It is to share the data traffic according to the destination MAC address, that is, the message with same MAC address attributes is to get through a physical port. both-mac It is to share the data traffic according to source and destination MAC addresses, that is, the message with same MAC address attributes is to get through a physical port.
Users Manual of XGS-6350-24X4C Chapter 22. PDP Configuration 22.1 PDP Overview 22.1.1 Overview PDP is specially used to discover network equipment, that is, it is used to find all neighbors of a known device. Through PDP, the network management program can use SNMP to query neighboring devices to acquire network topology. Our company’s switches can discover the neighboring devices but they do not accept SNMP queries.
Users Manual of XGS-6350-24X4C 22.1.2.3 Setting the PDP Version To set the PDP version, you can run the following command in global configuration mode. Command Purpose pdp version {1|2} Setts the PDP version. 22.1.2.4 Starting PDP on a Switch To enable PDP, you can run the following commands in global configuration mode. Command Purpose pdp run Starts PDP on a switch. 22.1.2.5 Starting PDP on a Port To enable PDP on a port by default, you can run the following command in port configuration mode.
Users Manual of XGS-6350-24X4C Device-ID Local-Intf Switch Fas0/1 169 Hldtme Port-ID Gig0/1 Platform COMPANY, RISC Capability RS 227
Users Manual of XGS-6350-24X4C Chapter 23. LLDP Configuration 23.1 LLDP 23.1.1 LLDP Introduction The 802.1ABlink layer discovery protocol (LLDP) at 802.1AB helps to detect network troubles easily and maintain the network topology. LLDP is a unidirectional protocol. One LLDP agent transmits its state information and functions through its connected MSAP, or receives the current state information or function information about the neighbor.
Users Manual of XGS-6350-24X4C 23.1.3.2 Configuring holdtime You can control the timeout time of transmitting the LLDP message through modifying holdtime: Run the following command in global configuration mode to configure holdtime of LLDP: Command Purpose lldpholdtimetime Configures the timeout time of LLDP. nolldpholdtime Resumes the timeout time to the default value, 120 seconds. 23.1.3.
Users Manual of XGS-6350-24X4C system-capabilities system-description system-name no lldptlv-selecttlv-type Tlvs or tlv-types which needs to be deleted include: macphy-confg management-address port-description port-vlan system-capabilities system-description system-name 23.1.3.6 Configuring the Transmission or Reception Mode LLDP can work under three modes: transmit-only, receive-only and transmit-and-receive. By default, LLDP works under the transmit-and-receive mode.
Users Manual of XGS-6350-24X4C showlldpneighborsdetail Displays the detailed information about the neighbor. showlldptraffic Displays all received and transmitted statistics information. 23.1.3.8 Configuring the Deletion Commands You can delete the received neighbor lists and all statistics information by running the following command in EXEC mode. Command Purpose clearlldpcounters Deletes all statistics data. clearlldptable Deletes all received neighbor information. 23.1.3.
Users Manual of XGS-6350-24X4C Chapter 24. FlexLinkLite Configuration 24.1 FlexLinkLite Configuration 24.1.1 FlexLinkLite Overview FlexLinkLite is used in a network environment to easily construct two uplink links, which back up each other. If STP is not enabled in this network environment, FlexLinkLite can avoid the loop and conduct fast switchover when a link is out of effect. Figure 1: FlexLinkLite-enabled network FlexLinkLite includes a pair of ports that back up each other.
Users Manual of XGS-6350-24X4C 24.1.2 FlexLinkLite Configuration 24.1.2.1 Run the following commands to set the backup port: Run the following commands to set the FlexLinkLite backup port: Command Purpose Switch# configure Enters the global configuration mode of the switch. Switch_config# interface intf-name Enters the interface configuration mode. Intf-name: stands for the name of a port, such as G0/1 or F0/10.
Users Manual of XGS-6350-24X4C time-sec: means the delay of preempt, whose unit is second. The default value is three seconds. The value ranges between 1 and 600 seconds. switchport backup interface preempt mode role is deemed as the default settings of each backup port pair. 24.1.2.3 Setting the Transmission and Reception of TCN Packets Command Purpose Switch_config_intf# switchport bakcup Allows a port to transmit the TCN interface tcn transmit packets.
Users Manual of XGS-6350-24X4C Switch_config_g0/1# switchport backup interface preempt delay 15 Make the following settings to enable the TCN packets to be transmitted: Switch_config_g0/1# switchport backup interface tcn transmit Switch_config_g0/1# interface g0/2 Switch_config_g0/2# switchport backup interface tcn transmit Switch_config_g0/2# exit Browse the state of the port: Switch_config# show backup interfaces Backup interface pairs: Active Backup State Preemption G0/1 G0/2 Active Up/Backup D
Users Manual of XGS-6350-24X4C Chapter 25. BackupLink Configuration 25.1 BackupLink Overview 25.1.1 Overview Link aggregation, also called trunking, is an optional feature available on the Ethernet switch and is used with Layer 2 Bridging. Link aggregation allows logical merge of multiple ports in a single link. Because the full bandwidth of each physical link is available, inefficient routing of traffic does not waste bandwidth. As a result, the entire cluster is utilized more efficiently.
Users Manual of XGS-6350-24X4C 25.1.2.2 Aggregation of Physical Port To aggregate multiple physical ports into a logical channel, you can use static aggregation or LACP protocol for negotiation.
Users Manual of XGS-6350-24X4C It is to share the data traffic according to the destination MAC address, that is, the message with same MAC address attributes is to get through a physical port. both-mac It is to share the data traffic according to source and destination MAC addresses, that is, the message with same MAC address attributes is to get through a physical port.
Users Manual of XGS-6350-24X4C Chapter 26. EAPS Configuration 26.1 Introduction of Fast Ethernet Ring Protection 26.1.1 Overview The Ethernet ring protection protocol is a special type of link-layer protocol specially designed for constructing the ring Ethernet topology. The Ethernet protection protocol can shut down one link in a complete ring topology, preventing the data loop from forming the broadcast storm. If a link is broken, the protocol immediately resumes the link that is previously shut down.
Users Manual of XGS-6350-24X4C as transit nodes. Master node: It positively knows whether the ring’s topology is complete, removes loopback, control other switches to update topology information. Transit node: It only checks the state of the local port of the ring, and notifies the master node of the invalid link. The role of each node can be specified by user through configuration. The thing is that each switch in the same ring can be set to only one kind of node. In figure 1.
Users Manual of XGS-6350-24X4C VLAN is established, the IP address of the VLAN port cannot be pinged through other devices. The VLANs except the control VLAN are all data VLANs, which are used to transmit the packets of normal services or the management packets. The data VLAN can be used for normal L2/L3 communication. For example, you can establish a VLAN port corresponding to data VLAN and configure dynamic routing protocols. 26.1.2.
Users Manual of XGS-6350-24X4C 26.1.4 Fast Ethernet Ring Protection Mechanism 26.1.4.1 Ring Detection and Control of Master Node The master node transmits the HEALTH packets to the control VLAN through the primary port in a configurable period. In normal case, the HEALTH packets will pass through all other nodes of the ring network and finally arrive at the secondary port of the master node. The secondary port blocks all data VLANs in primitive condition.
Users Manual of XGS-6350-24X4C If a transit mode does not receives the notification of aging address table from the master node, it thinks that the link to the master node is already out of effect, the transit node will automatically set the pre-forwarding port to be a forwarding one. You can configure the related commands through the pre-forward-time node to modify the time for the transit port to keep the pre-forwarding state. 26.2 Fast Ethernet Ring Protection Configuration 26.2.
Users Manual of XGS-6350-24X4C triggered. The physical interface, the fast-Ethernet interface, the gigabit-Ethernet interface and the aggregation interface can all be set to be the ring's interfaces. If link aggregation, 802.1X or port security has been already configured on a physical interface, the physical interface cannot be set to be a ring’s interface any more. The versions of switch software prior to version 2.0.1L and the versions of hi-end switch software prior to version 4.0.
Users Manual of XGS-6350-24X4C node configuration mode. Remarks: The no ether-ring id command is used to delete the node settings and port settings of the Ethernet ring. 26.2.4.2 Configuring the Transit Node Configure a switch to be the transit node of a ring network according to the following steps: Command Purpose Switch#config Enters the switch configuration mode. Switch_config#ether-ring id Sets a node and enters the node configuration mode.
Users Manual of XGS-6350-24X4C 26.2.4.4 Browsing the State of the Ring Protection Protocol Run the following command to browse the state of the ring protection protocol: Command Purpose show ether-ring id Browses the summary information about the ring protection protocol and the port of Ethernet ring. id: ID of Ethernet ring show ether-ring id detail Browses the detailed information about the ring protection protocol and the port of Ethernet ring.
Users Manual of XGS-6350-24X4C The following commands are used to set the time related parameters: S1_config_ring1#hello-time 2 S1_config_ring1#fail-time 6 Exits from the node configuration mode: S1_config_ring1#exit Configures the primary port and the secondary port: S1_config#interface gigaEthernet 0/1 S1_config_g0/1#ether-ring 1 primary-port S1_config_g0/1#exit S1_config#interface gigaEthernet 0/3 S1_config_g0/3#ether-ring 1 secondary-port S1_config_g0/3#exit Establishes the control VLAN: S1_config#v
Users Manual of XGS-6350-24X4C Chapter 27. MEAPS Settings 27.1 MEAPS Introduction 27.1.1 MEAPS Overview EAPS is a protocol specially applied on the link layer of the Ethernet ring. When the Ethernet ring is complete, you should prevent the broadcast storm from occurring on the data loopback. But when a link of an Ethernet ring is broken, you should enable the backup link rapidly to resume the communication of different nodes in the ring. The role of switch is specified by you through configuration.
Users Manual of XGS-6350-24X4C 27.1.2 Basic Concepts of MEAPS 27.1.2.1 Domain The domain specifies the protection range of the Ethernet loopback protection protocol and is marked by ID, which consists of integers; A group of switches that support the same protection data and have the same control VLAN can form a domain after they are connected with each other. One domain may include only one ring or multiple rings that intersect each other. See the following figure.
Users Manual of XGS-6350-24X4C 27.1.2.5 Control VLAN The control VLAN is a concept against the data VLAN, and in MEAPS, the control VLAN is just used to transmit the MEAPS packets. Each MEAPS has two control VLANs, that is, the main control VLAN and the sub control VLAN. You need to specify the main control VLAN when configuring the major ring or the sub ring.
Users Manual of XGS-6350-24X4C 27.1.2.8 Transit Node All switches on the Ethernet except the master node can be called as the transit nodes. The transit node only checks the state of the local port of the ring, and notifies the master node of the invalid link. See the following figure, in which S1, S2, S5 and S6 are all transit nodes. 27.1.2.
Users Manual of XGS-6350-24X4C only the control packets, and blocks the data VLAN. After the transit node receives the notification of the aging address table, it enters the forwarding state. Remarks: A port can be set as the primary port or the transit port of a node and it cannot be reset. 27.1.2.12 Common Port and Edge Port The edge node and the assistant node are the places where the sub ring and the major ring intersect.
Users Manual of XGS-6350-24X4C 27.1.2.14 Complete Flag of Ring Both the master node and the transit node can show whether the current ring network is complete through the state symbol “COMPLETE”. On the master node, only when all links of the ring network are normal, the primary port is in forwarding state and the secondary port is in blocking state can the "COMPLETE” symbol be real; on the transit node, only when its two transit ports are in forwarding state can the “COMPLETE” symbol be true.
Users Manual of XGS-6350-24X4C notify other nodes. If the master node receives the HEALTH packets at the secondary port that is open to data VLANs, the ring network is resumed. In this case, the master node immediately blocks data VLANs on the secondary port, updates the local topology information and reports other nodes to age the MAC address table through RING-UP-FLUSH-FDB packets. As shown in the following figure, the master node, S4, transmits the HELLO packets periodically.
Users Manual of XGS-6350-24X4C packets, holds that the trouble occurs on the loopback, and decides not to wait for the fail-time any more. Figure 4: Link status change notification After the transit port is resumed, it does not immediately transmit the packets of data VLANs, but enters the Pre-Forwarding state. A transit port in pre-forwarding state only transmits and receives the control packets from the control VLAN.
Users Manual of XGS-6350-24X4C S B Sub HELLO S2:Assistant S1:Transit Major HELLO Major Ring P-Primary port S-Secondary port B-Block port S P S3:Master Sub Ring B P S4:Master S5:Edge S6:Transit Figure 5: Intersection of the major ring and the sub ring When trouble occurs on the link of the major ring, and when the channel of the sub-ring protocol packets between the edge node and the assistant node are interrupted, the master node of the sub ring cannot receive the HELLO packets that the mast
Users Manual of XGS-6350-24X4C solve the problem about the dual homing ring. This mechanism is to monitor the status of the channel link on the major ring between the edge node and the assistant node, which requires the help of the edge node and the assistant node. The purpose of this mechanism is to keep the data loop from happening by blocking the edge port of the edge node before the secondary port of the master node on the sub ring opens.
Users Manual of XGS-6350-24X4C Figure 8. Check the channel status on the major ring between the edge node and the assistant node. 2. The edge node blocks the edge port at the interruption of the channel.
Users Manual of XGS-6350-24X4C Figure 9: The edge node blocks the edge port at the interruption of the channel. 3. Channel recovery When the link of the major ring and the communication between the edge node and the assistant node resumes, the channel of the sub-ring protocol packet resumes to the normal function.
Users Manual of XGS-6350-24X4C Figure 10: Channel recovery 27.2 Fast Ethernet Ring Protection Configuration 27.2.1 Requisites before Configuration Before configuring MEAPS, please read the following items carefully: One of important functions of the ring protection protocol is to stop the broadcast storm, so please make sure that before the ring link is reconnected all ring nodes are configured.
Users Manual of XGS-6350-24X4C By default, Pre-Forward-Time of the transit node is triple longer than Hello-time of the master node so that it is ensured that the master node can detect the recovery of the ring network before the transit port enters the pre-forwarding state. If Hello-time configured on the master node is longer than Fre-Forward-Time of the transit node, loopback is easily generated and broadcast storm is then triggered.
Users Manual of XGS-6350-24X4C establishes VLAN “id” and VLAN “id-1”. vlan-id: ID of the control VLAN This step is optional. Configures the cycle for the master node to transmit the HEALTH packets. value: Switch_config_ring1#hello-timevalue It is a time value ranging from 1 to 10 seconds and the default value is 3 seconds. This step is optional. Configures the time for the secondary port to wait for the HEALTH packets.
Users Manual of XGS-6350-24X4C establishes VLAN “id” and VLAN “id-1”. vlan-id: ID of the control VLAN This step is optional. Configures the time of maintaining the pre-forward state on the transit port. Switch_config_ring1#pre-forward-timeva value: It is a time value ranging from 3 to 30 lue seconds and the default value is 9 seconds. Switch_config_ring#exit Saves the current settings and exits the node configuration mode. Switch_config# 27.2.3.
Users Manual of XGS-6350-24X4C Command Purpose Switch# config Enters the switch configuration mode. Sets a node and enters the node configuration mode. id1: instance ID of a node id2: instance ID of a domain (omitted when it is Switch_config#mether-ring id1 domainid2 0) Switch_config_ring1#edge-node[assistant- It is an obligatory step. Sets the node type to be node] an edge node. This step can be omitted. The edge node must Switch_config_ring1#sub-ring be the sub-ring node.
Users Manual of XGS-6350-24X4C | transit-port | common-port | edge-port ] id2: instance ID of a domain (omitted when it is 0) Switch_config_intf#exit Exits from interface configuration mode. Remarks: The command, no mether-ring id1domain id2primary-port [ secondary-port | transit-port | common-port | edge-port ], can be used to cancel the settings of the ring’s port. 27.2.3.
Users Manual of XGS-6350-24X4C block its secondary port. At the same time, the master node will periodically transmit the Hello packets from its primary port. These hello packets will pass through the transit node in sequence and finally return to the master node from its secondary port. The ring in complete state is shown in the following figure. The major ring and two sub rings are all in complete state.
Users Manual of XGS-6350-24X4C x Transit S B S B Sub Ring II Edge Assistant Major Ring P P P-Primary port S-Secondary port B-Block port Master Sub Ring I x Master(Assistant) Master x S B P Edge Transit Major Ring Sub Ring II LINK DOWN LINK DOWN Figure 12: Ring transmitting the trouble and notifying the master node After the master node receives the link-down packet, its state will be changed to the Failed state and at the same time the secondary port will be opened, the FDB table will
Users Manual of XGS-6350-24X4C through; similarly, the transit node on sub ring 2 also changes into the Preforwarding state; when the hello packet on sub ring 1 arrives the edge node, due to the fact that the resumed transit node only allows the control packet of the major to pass through and that the hell packet of sub ring 1 is just like the data packet of the major ring, the hello packet cannot be forwarded.
Users Manual of XGS-6350-24X4C Figure 15: Ring recovery Of course, if the transit node in Preforwarding state does not receive the RING-UP-FLUSH-FDB packet and Fail Time also exceeds, the transit node will open the blocked transit port and resume data communication. 27.3.3 MEAPS configuration 27.3.3.1 Configuration Example MEAPS configuration As shown in figure 2.1, master node S1 and transit node S2 are configured as follows. As to the settings of other nodes, they are the same as S2's settings.
Users Manual of XGS-6350-24X4C Switch_config_ring2#sub-ring Switch_config_ring2#control-vlan 2 The following commands are used to set the time related parameters: Switch_config_ring2#pre-forward-time 12 Exits from the node configuration mode: Switch_config_ring2#quit The following commands are used to set the transit port of node 2: Switch_config#interface gigaEthernet 0/1 Switch_config_g0/1#mether-ring 2 domain 1 transit-port Switch_config_g0/1#switchport mode trunk Switch_config_g0/1#quit Switch_confi
Users Manual of XGS-6350-24X4C Switch_config_ring2#control-vlan 2 The following commands are used to set the time related parameters: Switch_config_ring2#pre-forward-time 12 Exits from the node configuration mode: Switch_config_ring2#quit The following commands are used to set the common port and edge port of node 2: Switch_config#interface gigaEthernet 0/2 Switch_config_g0/2#mether-ring 2 domain 1 common-port Switch_config_g0/2#quit Switch_config#interface gigaEthernet 0/3 Switch_config_g0/3#mether-rin
Users Manual of XGS-6350-24X4C Switch_config_ring4#pre-forward-time 12 Exits from the node configuration mode: Switch_config_ring4#quit The following commands are used to set the common port and edge port of node 2: Switch_config#interface gigaEthernet 0/2 Switch_config_g0/2#mether-ring 4 domain 1 common-port Switch_config_g0/2#quit Switch_config#interface gigaEthernet 0/3 Switch_config_g0/3#mether-ring 4 domain 1 edge-port Switch_config_g0/3#switchport mode trunk Switch_config_g0/3#quit Configuring swi
Users Manual of XGS-6350-24X4C Switch_config_ring2#hello-time 4 Switch_config_ring2#fail-time 12 Exits from the node configuration mode: Switch_config_ring2#quit The following commands are used to set the primary port and secondary port of node 2: Switch_config#interface gigaEthernet 0/1 Switch_config_g0/1#mether-ring 2 domain 1 primary-port Switch_config_g0/1#switchport mode trunk Switch_config_g0/1#quit Switch_config#interface gigaEthernet 0/2 Switch_config_g0/2#mether-ring 2 domain 1 secondary-port Sw
Users Manual of XGS-6350-24X4C The following commands are used to set the time related parameters: Switch_config_ring2#pre-forward-time 12 Exits from the node configuration mode: Switch_config_ring2#quit The following commands are used to set the common port and edge port of node 2: Switch_config#interface gigaEthernet 0/2 Switch_config_g0/2#mether-ring 2 domain 1 common-port Switch_config_g0/2#quit Switch_config#interface gigaEthernet 0/3 Switch_config_g0/3#mether-ring 2 domain 1 edge-port Switch_config
Users Manual of XGS-6350-24X4C Exits from the node configuration mode: Switch_config_ring4#quit The following commands are used to set the common port and edge port of node 4: Switch_config#interface gigaEthernet 0/2 Switch_config_g0/2#mether-ring 4 domain 1 common-port Switch_config_g0/2#quit Switch_config#interface gigaEthernet 0/3 Switch_config_g0/3#mether-ring 4 domain 1 edge-port Switch_config_g0/3#switchport mode trunk Switch_config_g0/3#quit Configuring switch S8: The following commands are used t
Users Manual of XGS-6350-24X4C create the sub-ring edge node or sub-ring assistant node, prompt information will appear (in this case, you can use the show command to browse the MEAPS state; if you find the basic information is complete but the state is init, it indicates that the configuration of the ring’s node has not finished).
Users Manual of XGS-6350-24X4C Chapter 28. ELPS Configuration 28.1 ELPS Overview 28.1.1 Overview If DHCP snooping is enabled in a VLAN, the DHCP packets which are received from all distrusted physical ports in a VLAN will be legally checked. The DHCP response packets which are received from distrusted physical ports in a VLAN will then be dropped, preventing the faked or mis-configured DHCP server from providing address distribution services.
Users Manual of XGS-6350-24X4C distrusted ports in a VLAN. no ip arp inspection vlan vlanid Disables dynamic ARP monitoring on all distrusted ports in a VLAN. Setting an Interface to an ARP-Trusting Interface ARP monitoring is not enabled on those trusted interfaces. The interfaces are distrusted ones by default. Run the following commands in interface configuration mode. Command Purpose arp inspection trust Sets an interface to an ARP-trusting interface.
Users Manual of XGS-6350-24X4C no Ip-source trust Resumes an interface to the one with a distrusted source IP address. Configuring the TFTP Server for Backing up Interface Binding After the switch configuration is rebooted, the previously-configured interface binding will be lost. In this case, there is no binding relationship on this interface. After source IP address monitoring is enabled, the switch rejected forwarding all IP packets.
Users Manual of XGS-6350-24X4C no ip dhcp-relay snooping write Resumes the interval of checking interface binding backup to the default settings. Configuring Interface Binding Manually If a host does not obtain the address through DHCP, you can add the binding item on an interface of a switch to enable the host to access the network. You can run no ip source binding MAC IP to delete items from the corresponding binding list.
Users Manual of XGS-6350-24X4C show ip dhcp-relay snooping binding all Displays all binding items which are generated by DHCP snooping. [ no ] debug ip dhcp-relay [ snooping | binding | Enables or disables the switch of DHCP relay event ] snooping.
Users Manual of XGS-6350-24X4C DHCPR: send packet continue DHCPR: receive l2 packet from vlan 3, diID: 3 DHCPR: DHCP packet len 289 DHCPR: send packet continue DHCPR: receive l2 packet from vlan 3, diID: 1 DHCPR: DHCP packet len 300 DHCPR: update binding on interface FastEthernet0/3 DHCPR: IP address: DHCPR: 192.2.2.
Users Manual of XGS-6350-24X4C Chapter 29. UDLD Configuration 29.1 Unidirectional Link Detection (UDLD) 29.1.1 UDLD Overview UDLD is a L2 protocol that monitors the physical location of the cable through the devices which are connected by optical cable or twisted-pair, and detects whether the unidirectional link exists. Only when the connected device supports UDLD can the unidirectional link be detected and shut down. The unidirectional link can cause a lot of problems, including the STP topology ring.
Users Manual of XGS-6350-24X4C completeness of a link in the physical layer and the logical link layer can be checked. UDLD can provide some functions that FEFI and automatic negotiation cannot conduct, such as checking and caching the neighbor information, shutting down any mis-configured port and checking the faults and invalidation on the logical ports except the point-to-point logical ports. UDLD adopts two basic mechanisms: learn the information about neighbors and save it in the local cache.
Users Manual of XGS-6350-24X4C another synchronization request from an asynchronous neighbor, it will start or restart the detection window of the local terminal and transmit an echo message for full agreement. Because all neighbors are demanded a corresponding action, the echo sender expects an echos message. If the checkup window is over before a legal echo is received, this link is thought to be a unidirectional one.
Users Manual of XGS-6350-24X4C udld port Enables the UDLD module of an interfaces in some [aggressive] mode. If the aggressive parameter is not entered, the UDLD function of the interface is enabled in normal mode; if the aggressive parameter is entered, the UDLD function of the interface is enabled in aggressive mode. In interface configuration mode, run the following command to disable the UDLD function of an interface.
Users Manual of XGS-6350-24X4C It is used to display the running states of the UDLD modules of the current interfaces.
Users Manual of XGS-6350-24X4C …………………… It is used to display the operational state of the UDLD module of the current interface.
Users Manual of XGS-6350-24X4C 29.1.4.2 Network Topology Figure 2 Network topology 29.1.4.
Users Manual of XGS-6350-24X4C Switch_config#show udld interface f0/1 Interface FastEthernet0/1 --Port enable administrative configuration setting: Port enable operational state: Current bidirectional state: Current operational state: Enabled Enabled Unknown Advertisment Message interval: 15 Time out interval: 7 Entry 1 --Expiration time: 43 Cache Device index: 1 Device ID: Port ID: XGS-6350-24X4C FastEthernet0/1 Neighbor echo 1 device: Neighbor echo 1 port: XGS-6350-24X4C FastEthernet0/1 Message
Users Manual of XGS-6350-24X4C Neighbor echo 1 port: FastEthernet0/1 Message interval: 15 Time out interval: 15 UDLD Device name: XGS-6350-24X4C Switch_config# From the information above, you can find the three phases of the link state which UDLD detects: Detection phase: In this phase, the UDLD packets are transmitted every other second. Unknown phase: In this phase, the UDLD packets are transmitted every eight seconds.
Users Manual of XGS-6350-24X4C Chapter 30. IGMP-Snooping Configuration 30.1 IGMP-snooping Configuration 30.1.1 IGMP-snooping Configuration Task The task of IGMP-snooping is to maintain the relationships between VLAN and group address and to update simultaneously with the multicast changes, enabling layer-2 switches to forward data according to the topology structure of the multicast group.
Users Manual of XGS-6350-24X4C In the default configuration, IGMP-snooping of all VLANs is enabled, just as the ip igmp-snooping command is configured. IGMP-snooping can run on up to 16 VLANs. To enable IGMP-snooping on VLAN3, you must first run no ip IGMP-snooping to disable IGMP-snooping of all VLANs, then configure ipIGMP-snooping VLAN 3 and save configuration. 30.1.1.
Users Manual of XGS-6350-24X4C chip through igmp-snooping), the default process method is to send message on all ports of VLAN.Through configuration, you can change the process method and all multicast messages whose destination addresses are not registered to any port will be dropped. Command Description ip igmp-snooping Drops multicast message whose destination fails to be dlf-framesfilter found. no ip igmp-snooping Resumes the fault configuration (forward).
Users Manual of XGS-6350-24X4C response-timetimer_value of no ip igmp-snooping timer response-time Resumes the default value of IGMP-snooping. Response Time of IGMP-snooping. The timer value cannot be too small. Otherwise, the multicast communication will be unstable. The value of Response Time of IGMP-snooping is set to ten seconds. 30.1.1.
Users Manual of XGS-6350-24X4C IGMP-snooping. [ no ] debug ip igmp-snooping [ packet | Enables and disables packet/clock timer | event | error ] debug/event/mistake print switch of IGMP-snooping. If the debug switch is not specified, all debug switches will be enabled or disabled. Display VLAN information about IGMP-snooping running: switch#show ip igmp-snooping igmp-snooping response time: 10 s vlan 1 -----------running Router: 90.0.0.
Users Manual of XGS-6350-24X4C general_query_packets: 5 special_query_packets: join_packets: 6 leave_packets: General query of the packet number 0 Special query of the packet number Number of report packets 0 Number of Leave packets send_query_packets: err_packets: 0 0 Rserved statistics option Number of incorrect packets Debug the message timer of IGMP-snooping: switch#debug ip igmp-snooping packet rx: s_ip: 90.0.0.3, d_ip: 224.0.8.9 type: 16(V2-Report), max resp: rx: s_ip: 90.0.0.
Users Manual of XGS-6350-24X4C Configuring Switch (1) Enable IGMP-snooping of VLAN 1 connecting Private Network A. Switch_config#ip igmp-snooping vlan 1 (2) Enable IGMP-snooping of VLAN 2 connecting Private Network B.
Users Manual of XGS-6350-24X4C Chapter 31. IGMP-Proxy Configuration 31.1 IGMP-proxy Configuration 31.1.1.1 IGMP-proxy Configuration Tasks The IGMP Proxy allows the VLAN where the multicast user is located to receive the multicast source from other VLANs. The IGMP Proxy runs on layer 2 independently without other multicast routing protocols.
Users Manual of XGS-6350-24X4C 31.1.1.3 Adding/Deleting VLAN Agent Relationship Run the following commands in global configuration mode. Command Purpose ip igmp-proxyagent-vlan avlan_map Adds the agent VLAN (avlan_map) to client-vlan map manage the represented vlan cvlan_map (cvlan_map). Deletes the agent relationship.
Users Manual of XGS-6350-24X4C nonsync: display those entries that have been processed but not yet synchronized to the hardware cache.. Sync: display those entries already in the hardware cache. All entries are to be displayed if no filtration conditions are specified. static: only display the entries of static multicast cache. [ no ] debug ip igmp-proxy [error | event | Enables or disables the IGMP-proxy debug packet] switch.
Users Manual of XGS-6350-24X4C (1) Enable IGMP snooping and IGMP proxy. Switch_config#ip igmp-snooping Switch_config#ip igmp-proxy enable (2) Add VLAN 2 as the agent VLAN of the represented VLAN 3.
Users Manual of XGS-6350-24X4C Chapter 32. MLD-Snooping Configuration 32.1 MLD-Snooping Configuration 32.1.1 IPv6 Multicast Overview The task of MLD snooping is to maintain the forwarding relationship of IPv6 group addresses in VLAN and synchronize with the change of the multicast group, enabling the data to be forwarded according to the topology of the multicast group.
Users Manual of XGS-6350-24X4C 32.1.2.2 Enabling/Disabling the Solicitation of Hardware Forward of Multicast Group Run the following commands in global configuration mode. Command Purpose ipv6 mld-snooping solicitation Enables the solicitation of hardware forward of multicast group. no ipv6 mld-snooping Disables the solicitation of hardware solicitation forward of multicast group. 32.1.2.3 Adding/Canceling the Static Multicast Address of VLAN Run the following commands in global configuration mode.
Users Manual of XGS-6350-24X4C response-timetimer_value Resumes the default response time of no ipv6 mld-snooping timer response-time MLD-Snooping. The value of the timer cannot be set too small, or the multicast communication may be unstable. The default response time of MLD snooping is 15 seconds. 32.1.2.6 Setting the Port of the Static Multicast Router Run the following commands in global configuration mode.
Users Manual of XGS-6350-24X4C show ipv6 mld-snooping vlan Displays the configuration of MLD-Snooping in VLAN. show ipv6 mld-snooping mac Displays the multicast MAC addresses recorded by MLD snooping.
Users Manual of XGS-6350-24X4C #show ipv6 mld-snooping timers vlan 1 Querier on port 0 : 251 # Querier on port 0: 251 meaning the router age timer times out. vlan 2 multicast address 3333.0000.0005 response time : This shows the time period from receiving a multicast query packet to the present; if there is no host to respond when the timer times out, the port will be canceled.
Users Manual of XGS-6350-24X4C FF02: 1 3333: FF02: 2 3333: FF02: 1 3333: 1 : 1: ff32: : 1: ff00: : 1: ff00: FF13: 647D 1b9b 1 0 FF32: 1B9B 0002 1 0 FF00: 2 0001 1 2 3333: ff8e: 7000 12 308
Users Manual of XGS-6350-24X4C Chapter 33. OAM Configuration 33.1 OAM Configuration 33.1.1 OAM Overview EFM OAM of IEEE 802.3ah provides point-to-point link trouble/performance detection on the single link. However, EFM OAM cannot be applied to EVC and so terminal-to-terminal Ethernet monitoring cannot be realized. OAM PDU cannot be forwarded to other interfaces. Ethernet OAM regulated by IEEE 802.3ah is a relatively slow protocol.
Users Manual of XGS-6350-24X4C frame the defined threshold in the designated M second. Remote trouble indication It is difficult to check troubles in the Ethernet, especially the case that the network performance slows down while physical network communication continues. OAM PDU defines a flag domain to allow Ethernet OAM entity to transmit the trouble information to the peer.
Users Manual of XGS-6350-24X4C Table 2 Comparing device capacity in active and passive modes Capacity Active Mode Passive Mode Initializing the Ethernet OAM discovery process Yes No Responding to the OAM discovery initialization process Yes Yes Transmitting the Information OAM PDU packet Yes Yes Permitting to transmit the Event Notification OAM PDU Yes Yes Yes No Allowing to transmit Variable Response OAM PDU packet Yes Yes Allowing to transmit the Loopback Control OAM PDU Yes No Y
Users Manual of XGS-6350-24X4C Source address: Source MAC address of the Ethernet OAM packet It is the MAC address of the transmitter terminal's port and also a unicast MAC address. Length/Type: Always adopts the Type encoding. The protocol type of the Ethernet OAM packet is 0x8809. Subtype: The subtype of the protocol for Ethernet OAM packets is 0x03.
Users Manual of XGS-6350-24X4C Procedure Command Purpose Step1 config Enters the global configuration mode. Step2 interface intf-type intf-id Enters the interface configuration mode. Step3 ethernet oam Enables Ethernet OAM on an interface. Step4 ethernet oam [max-rate Configures optional OAM parameters: oampdus | The max-rate parameter is used to min-rate seconds | mode configure the maximum number of {active | passive} | timeout OAMPDUs transmitted per second.
Users Manual of XGS-6350-24X4C default. The timeout parameter is used to configure the timeout time of remote loopback. It ranges between 1 and 10 and its default value is 2. Step4 exit Exits from interface configuration mode. Step5 exit Exits from the global configuration mode. Step6 ethernet oam Enables or disables remote loopback on an remote-loopback {start | interface.
Users Manual of XGS-6350-24X4C case, while the window size ranges between 1 and 60 on a 100M Ethernet interface and its default value is 1 in this case. Step5 ethernet oam link-monitor Sets the high and low thresholds of the error frame {threshold {high frame event, which triggers the link events { symbols |none} | low of error frame. {symbols}} | window The threshold high parameter is used to symbols} configure the high threshold. Its unit is signal number.
Users Manual of XGS-6350-24X4C Step7 ethernet oam link-monitor Sets the high and low thresholds of the frame-seconds {threshold second event of error frame, which triggers {high { symbols |none} | low the link events of error frame’s second. {symbols}} | window The threshold high parameter is used to symbols} configure the high threshold. Its unit is signal number. It ranges between 1 and 900 and its default value is none. The threshold low parameter is used to configure the low threshold.
Users Manual of XGS-6350-24X4C 2. The remote interface which connects the local interface enters the errdisabled state. 3. The OAM function on the remote interface which connects the local interface is shut down by the administrator. The procedure to configure the remote OAM trouble indication on an interface is shown in the following table: Procedure Command Purpose Step1 config Enters the global configuration mode. Step2 interface intf-type intf-id Enters the interface configuration mode.
Users Manual of XGS-6350-24X4C show ethernet oam statistics {pdu | Displays the OAM statistics information on all link-monitor | remote-failure} interfaces or a designated interface. interface [intf-type intf-id] The pdu parameter is used to classify and count the OAM packets according to the code-domain value of the OAM packet. The link-monitor parameter is used to display the detailed statistics information of normal link events.
Users Manual of XGS-6350-24X4C Admin state : Mode : enabled passive PDU max rate : PDU min rate 10 packets/second : Link timeout 1 seconds/packet : 1 seconds High threshold action: no action Remote Failure -------------Link fault action : no action Dying gasp action : no action Critical event action: no action Remote Loopback --------------Is supported : not supported Loopback timeout :2 Link Monitoring --------------Negotiation Status : : supported on Errored Symbol Period
Users Manual of XGS-6350-24X4C Low threshold : 1 error second(s) High threshold : none Errored CRC Frames Event Window : 1 seconds Low threshold : 10 error frame(s) High threshold : none Configuring switch B: Switch_config_g0/1#ethernet oam Switch_config_g0/1#show ethernet oam statistics link-monitor int g0/1 GigaEthernet0/1 Local Link Events: ------------Errored Symbol Period Event: No errored symbol period event happened yet. Errored Frame Event: No errored frame event happened yet.
Users Manual of XGS-6350-24X4C Errored Frame Seconds Summary Event: No errored frame seconds summary event happened yet. Errored CRC Frames Event: No errored CRC frame event happened yet.
Users Manual of XGS-6350-24X4C Chapter 34. CFM and Y1731 Configuration 34.1 Overview 34.1.1 Stipulations 34.1.1.1 Format Stipulation in the Command Line Syntax Meaning Stands for the keyword in the command line, which stays unchanged and must be entered without Bold any modification. It is presented as a bold in the command line. {italic} Stands for the parameter in the command line, which must be replaced by the actual value. It must be presented by the italic in the brace.
Users Manual of XGS-6350-24X4C 34.2.3 CFM Configuration 34.2.3.1 Adding the Maintenance Domain Configuration mode: Global Command Purpose ethernet cfm md mdnf {string} Adds a maintenance domain whose mdn [level<0-7> | name is char_string. creation | Note: sit | The system enters the maintenance ip] domain configuration mode after the maintenance domain is added. 34.2.3.
Users Manual of XGS-6350-24X4C 34.2.3.5 Starting CFM Configuration mode: Global Command Purpose ethernet cfm {enable} Starts CFM. 34.2.4 CFM Maintenance 34.2.4.1 Using the Loopback Function Configuration mode: EXEC Command Purpose ethernet cfm loopback mdnf {string} Uses a designated MEP to conduct mdn manf {string} man loopback towards itself. mepid <1-8191> mac number <1-64> 34.2.4.
Users Manual of XGS-6350-24X4C Switch_config#ethernet cfm enable 34.3 Y1731 Configuration 34.3.1 Configuration Task List Specifying an MEP to Forward AIS Frame Enabling Frame Delay Measurement Displaying the Information About OAM Protocol 34.3.1.1 Specifying an MEP to Forward AIS Frame Run the following commands specify an MEP to transmit AIS frames: Procedure Command Purpose Step1 config Enters the global configuration mode.
Users Manual of XGS-6350-24X4C MEPID is the symbol of to-be-displayed MEP. show ethernet y1731 interface Displaying MEP and MIP Configurations on interface-name a Port interface-namestands for port identifier. show ethernet y1731 meglist The above-mentioned command is used to [MEGID ] display the configuration of all MEG or the detailed configuration about a certain MEG. MEGID is the name of to-be-displayed MEG.
Users Manual of XGS-6350-24X4C Chapter 35. DHCP-Snooping Configuration 35.1 DHCP-Snooping Configuration 35.1.1 DHCP-Snooping Configuration Tasks DHCP-Snooping is to prevent the fake DHCP server from providing the DHCP service by judging the DHCP packets, maintaining the binding relationship between MAC address and IP address. The L2 switch can conduct the DAI function and the IP source guard function according to the binding relationship between MAC address and IP address.
Users Manual of XGS-6350-24X4C 35.1.1.2 Enabling DHCP-Snooping in a VLAN If DHCP snooping is enabled in a VLAN, the DHCP packets which are received from all distrusted physical ports in a VLAN will be legally checked. The DHCP response packets which are received from distrusted physical ports in a VLAN will then be dropped, preventing the faked or mis-configured DHCP server from providing address distribution services.
Users Manual of XGS-6350-24X4C 35.1.1.5 Setting an Interface to an ARP-Trusting Interface ARP monitoring is not enabled on those trusted interfaces. The interfaces are distrusted ones by default. Run the following commands in interface configuration mode. Command Purpose arp inspection trust Sets an interface to an ARP-trusting interface. Resumes an interface to an no arp inspection trust ARP-distrusting interface. 35.1.1.
Users Manual of XGS-6350-24X4C 35.1.1.8 Configuring the TFTP Server for Backing up Interface Binding After the switch configuration is rebooted, the previously-configured interface binding will be lost. In this case, there is no binding relationship on this interface. After source IP address monitoring is enabled, the switch rejected forwarding all IP packets.
Users Manual of XGS-6350-24X4C write backup to the default settings. 35.1.1.11 Configuring Interface Binding Manually If a host does not obtain the address through DHCP, you can add the binding item on an interface of a switch to enable the host to access the network. You can run no ip source binding MAC IP to delete items from the corresponding binding list. Note that the manually-configured binding items have higher priority than the dynamically-configured binding items.
Users Manual of XGS-6350-24X4C on an interface. show ip dhcp-relay snooping binding all Displays all binding items which are generated by DHCP snooping. [ no ] debug ip dhcp-relay [ snooping | Enables or disables the switch of DHCP binding | event ] relay snooping.
Users Manual of XGS-6350-24X4C DHCPR: DHCP packet len 300 DHCPR: send packet continue DHCPR: receive l2 packet from vlan 3, diID: 3 DHCPR: DHCP packet len 289 DHCPR: send packet continue DHCPR: receive l2 packet from vlan 3, diID: 1 DHCPR: DHCP packet len 300 DHCPR: update binding on interface FastEthernet0/3 DHCPR: IP address: DHCPR: send packet continue 192.2.2.101, lease time 86400 seconds 35.1.1.14 Example of DHCP-Snooping Configuration The network topology is shown in figure 1.
Users Manual of XGS-6350-24X4C Chapter 36. MACFF Configuration 36.1 MACFF Settings 36.1.1 Configuration Tasks MACFF is to isolate downlink ports of the same VLAN in a switch from exchanging inter-access packets, enabling these packets to be allocated to the default gateway of client through DHCP server and then to downlink ports.
Users Manual of XGS-6350-24X4C packets will also be dropped. The VLAN on which MACFF is enabled must be configured to have a management address. DHCP snooping shall also be enabled on this VLAN. Run the following commands in global configuration mode. Command Purpose macffvlanvlan_id enable Enables MACFF in a VLAN. no macffvlanvlan_id enable Disables MACFF in a VLAN. 36.1.1.
Users Manual of XGS-6350-24X4C not be listened. Run the following commands in physical interface configuration mode. Command Operation macff disable Specifies a physical port to shut down MACFF. no macff disable Specifies a physical port to enable MACFF (it is enabled by default). In default settings, the ports are allowed to enable MACFF. 36.1.1.6 Opening MACFF Debugging Run the following commands in global configuration mode. Command Operation debug macff Opens MACFF debugging.
Users Manual of XGS-6350-24X4C Switch_config#macff vlan 1 enable (2) Enable MACFF in VLAN2, which connects private network B. The default gateway allocated by DHCP server is 192.168.2.2 (If necessary, the default gateway can also be 192.168.2.1). Switch_config#arp 192.168.2.2 a8: f7: e0: ea: 74: ee Switch_config#ip dhcp-relay snooping vlan 2 Switch_config#macff vlan 2 enable (3) Sets the ports that connect DHCP server, default gateway and other ARs respectively to be trusted.
Users Manual of XGS-6350-24X4C Chapter 37. IEEE 1588 Transparent Clock Configuration 37.1 Task List for IEEE1588 Transparent Clock Configuration Enabling the Transparent Clock Creating the Transparent Clock Port Configuring the Link Delay Calculation Mode Configuring the Forwarding Mode of Sync Packets Configuring the Domain Filtration Function Setting the Transmission Interval of Pdelay_Req Packets 37.2 Tasks for IEEE1588 Transparent Clock Configuration 37.
Users Manual of XGS-6350-24X4C 37.3.1 Creating the Transparent Clock Port The transparent clock can include multiple PTP ports to connect the master and slave clock respectively. Run the following commands in port configuration mode to create the PTP ports: Command Purpose ptp start l2 Creates the PTP L2 port. Ptp start l3 Creates the PTP L3 port. Run the following command in port configuration mode to delete the PTP ports: Command Purpose no ptp start Delete the PTP port. 37.3.
Users Manual of XGS-6350-24X4C Run the following command in global configuration mode to configure an authentication mode: Command Purpose ptp sync-mechanism store-forward Sets the forwarding method of Sync packets to store-forward. To switch the forwarding mode over to straight forwarding, run the following command in global configuration mode: Command Purpose ptp sync-mechanism Sets the forwarding method of Sync straight-forward packets to store-forward. 37.3.
Users Manual of XGS-6350-24X4C transmission interval is 1 second. 37.4 PTP TC Configuration Example See the following figure: MASTER TC G0/12 SLAVE G0/10 MASTER here stands for the master clock, which is a L2 PTP device. SLAVE here stands for the master clock, which is a L3 PTP device. TC stands for a switch that supports transparent clock. The master clock connects port g0/12 of the switch, while the slave clock connects port g0/10 of the switch. MASTER, TC and SLAVE are all working in P2P mode.
Users Manual of XGS-6350-24X4C Chapter 38. Layer 2 Tunnel Protocol Configuration 38.1 Configuring Layer-2 Protocol Tunnel 38.1.1 Introduction Layer-2 protocol tunnel allows users between two sides of the switch to transmit the specified layer 2 protocol on their own network without being influenced by the relevant layer 2 software module of the switch. The switch is a transparent media for users. 38.1.
Users Manual of XGS-6350-24X4C (1) The f0/2 of Switch A1, f0/1 and f0/2 of Gather, f0/1 of A2 should be configured to trunk mode. (2) The f0/1 of switch A1, f0/2 of A2 should be configured to Access, and enables tunnel function of the STP protocol.
Users Manual of XGS-6350-24X4C Chapter 39. Loopback Detection Configuration 39.1 Setting Loopback Detection 39.1.1 Introduction of Loopback Detection The loopback in a network may trigger the repeated transmission of broadcast, multicast or unicast packets, wasting network resources and even leaving network breakdown.
Users Manual of XGS-6350-24X4C Length 2 0x0008, length of the header of loopback detection packet RESERVE 2 Reserved field SYSMAC 6 MAC address of the switch SEQUENCE 4 Sequence ID of packet, which is generated randomly by the system before the packet is transmitted DiID 4 Port ID, which is the ID of the global port of 85 Series End 2 0x0000, end character 39.1.
Users Manual of XGS-6350-24X4C One point to be noted is that the port must exist in the specified VLAN, or the configuration takes no effect. If loopback detection happens in VLAN2 to VLAN8, ports are configured to be in trunk mode, and trunk vlan-allowed is vlans 5-8, the packets with tags 2-4 transmitted by the switch cannot pass through this port and the configuration hence takes no effect.
Users Manual of XGS-6350-24X4C conduct MAC address learning any more and at the same time the MAC address table of this port ages. shutdown: Means to close the port. When loopback is detected, except that trap message will be transmitted and the port’s MAC address table ages, the port will be automatically closed and it cannot forward packets any more until the err-disable-recover time. Trap: It means that the port only reports alarm.
Users Manual of XGS-6350-24X4C 39.1.3.9 Displaying the Configuration of Port Loopback Detection Command Purpose show loopback-detection interface intf Displays the configuration of port loopback detection. This command is mainly used to display port loopback detection, including the port timer and the information about transmitted and received packets. 39.1.4 Configuration Example Figure 1.1 Loopback detection configuration As shown in figure 1.
Users Manual of XGS-6350-24X4C switchport mode trunk Configuration of interface GigaEthernet0/2: switchport mode trunk Configuration of interface GigaEthernet0/3: switchport mode trunk Global Configuration vlan1-3 Switch S3: Configuration of interface GigaEthernet0/1: switchport pvid 3 If loopback exists in the network that S3 connects and the PVID of the interface, on which loopback exists, is 3, the packets will be transmitted to interface g0/1 of S1 and S1 will block interface g0/1 after finding loopbac
Users Manual of XGS-6350-24X4C Chapter 40. QoS Configuration If you care to use your bandwidth and your network resources efficiently, you must pay attention to QoS configuration. 40.1 QoS Configuration 40.1.1 QoS Overview 40.1.1.1 40.1.1.1 QoS Concept In general, the switch works in best-effort served mode in which the switch treats all flows equally and tries its best to deliver all flows. Thus if congestion occurs all flows have the same chance to be discarded.
Users Manual of XGS-6350-24X4C and first served (FCFS). 2. Differentiated service As to the differentiated service, if a special service is to be transmitted in a network, each packet should be specified with a corresponding QoS tag. The switch uses this QoS rule to conduct classification and complete the intelligent queuing. The QoS of the switch provides Strict Priority (SP), Weighted Round Robin (WRR), Deficit Round Robin (DRR) and First-Come-First-Served (FCFS). 40.1.1.
Users Manual of XGS-6350-24X4C 40.1.1.4 Weighted Random Early Detection Congestion avoidance and traditional packet loss mechanism Excessive congestion may inflict damage on network resources, so network congestion should be resolved through some measures. Congestion avoidance is a sort of flow control method of positively dropping packets and regulating network flows to solve network overload via network resource monitoring.
Users Manual of XGS-6350-24X4C 40.1.2 QoS Configuration Task List In general, ONU will try its best to deliver each packet and when congestion occurs all packets have the same chance to be discarded. However, in reality different packets have different importance and the comparatively important packets should get the comparatively good service.
Users Manual of XGS-6350-24X4C 40.1.3.2 Setting the Bandwidth of the CoS Priority Queue The bandwidth of priority queue means the bandwidth distribution ratio of each priority queue, which is set when the schedule policy of the CoS priority queue is set to WRR/DRR. This series of switches has 8 priority queues in total. If this command is run, the bandwidth of all priority queues on all interfaces are affected. This command validates only when the queue schedule policy is set to WRR or DRR.
Users Manual of XGS-6350-24X4C 40.1.3.4 Configuring the Minimum and Maximum Bandwidths of CoS Priority Queue The minimum and maximum bandwidths of CoS priority queue can be modified through configuration. All the flows with a bandwidth less than the configured minimum bandwidth shall not be dropped, but the flows with a bandwidth bigger than the configured maximum bandwidth shall all be dropped. Enter the privileged mode. Command Purpose config Enters the global configuration mode.
Users Manual of XGS-6350-24X4C interface g0/1 Enters the to-be-configured port. [no] cos default cos Sets the CoS value of the received untagged frames. cos stands for the corresponding CoS value. exit Goes back to the global configuration mode. exit Goes back to the EXEC mode. write Saves the settings. 40.1.3.
Users Manual of XGS-6350-24X4C 40.1.3.9 Establishing the QoS Policy Mapping Flow classification means to identify a class of packets with certain attributes by applying a certain regulation and take designated actions towards to these packets. Enter the privileged mode and then run the following commands to establish a new QoS policy mapping. Command Purpose config Enters the global configuration mode. [no]policy-mapname Enters the configuration mode of the QoS policy map.
Users Manual of XGS-6350-24X4C [no]policy-map name Enters the configuration mode of the QoS policy map. name stands for the name of the policy. description description-text Sets the description of the QoS policy. description-text stands for the text to describe the policy. classify {any | cos cos | Matches up with any packet. icosicos | vlanvlanid | Configures the matched COS value which ivlanivlanid | ranges between 0 and 7.
Users Manual of XGS-6350-24X4C Enter the privileged mode and run the following commands to set the action of a policy, matching up the data flow. The action will replace the previous settings. Command Purpose config Enters the global configuration mode. [no]policy-map name Enters the configuration mode of the QoS policy map. name stands for the name of the policy. action{bandwidth max-band | {cir max-band stands for the occupied maximum commit-band {bc bandwidth.
Users Manual of XGS-6350-24X4C queue, which ranges from 1 to 8. Redirects the egress port of the matched flow. stat-packet stands for the number of packets under statistics. stat-byte means the number of bytes under statistics. vlanID is used to replace or add the outer vlan ID, which ranges from 1 to 4094. exit Goes back to the global configuration mode. exit Goes back to the EXEC mode. 40.1.3.
Users Manual of XGS-6350-24X4C 40.1.4 QoS Configuration Example 40.1.4.1 Example for Applying the QoS Policy on a Port The following example shows how to set packet’s cos to 2 on port g0/2: ip access-list extended ipacl permit ip 192.168.20.2 255.255.255.255 192.168.20.210 255.255.255.
Users Manual of XGS-6350-24X4C Chapter 41. DoS Attack Prevention Configuration 41.1 DoS Attack Prevention Configuration 41.1.1 DoS Attack Overview 41.1.1.1 Concept of DoS Attack The DoS attack is also called the service rejection attack. Common DoS attacks include network bandwidth attacks and connectivity attacks. DoS attack is a frequent network attack mode triggered by hackers. Its ultimate purpose is to break down networks to stop providing legal users with normal network services.
Users Manual of XGS-6350-24X4C service address). The SYN message causes the server to send the SYN-ACK message to the sever itself, hence this address also sends the ACK message and creates a null link. Each of this kinds of links will keep until the timeout time, so the server will break down. Landattack can be classified into IPland and MACland. 41.1.
Users Manual of XGS-6350-24X4C Saves the settings. write 41.1.3.2 Displaying All DoS Attack Prevention Configurations You can display the Dos attack prevention configurations through the show command. Run the following command in EXEC mode to display the configured DoS attack prevention functions. Command Purpose show dos Displays Dos attack prevention configuration. 41.1.
Users Manual of XGS-6350-24X4C Chapter 42. Attack Prevention Configuration 42.1 Attack Prevention Configuration 42.1.1 Overview To guarantee the reasonable usage of network bandwidth, our 6508 series switches provide the function to prevent vicious traffic from occupying lots of network bandwidth. In light of current attack modes, our 6508 series switches can limit the hosts that send lots of ARP, IGMP or IP message in a period of time and do not provide any service to these hosts.
Users Manual of XGS-6350-24X4C at slot X. filter arp Detects the arp attack. The ARP attack takes the host’s MAC address and the source port as the attack source, that is, message from the same MAC address but different ports cannot be calculated together. Both the IGMP attack and IP attack take the host’s IP address and source port as the attack source. Remember that the IGMP attack prevention and the IP attack prevention cannot be started up together. 42.1.3.
Users Manual of XGS-6350-24X4C Chapter 43. Network Protocol Configuration 43.1 Configuring IP Addressing 43.1.1 IP Introduction 43.1.1.1 IP Internet Protocol (IP) is a protocol in the network to exchange data in the text form. IP has the functions such as addressing, fragmenting, regrouping and multiplexing. Other IP protocols (IP protocol cluster) are based on IP. As a protocol working on the network layer, IP contains addressing information and control information which are used for routing.
Users Manual of XGS-6350-24X4C Network traffic Safety requirements Reliability requirements Strategy Others Details of the above items are not described in the section. We just want to remind you that your network requirements must be satisfied when you choose the routing protocols. 43.1.1.4 IGRP Interior Gateway Routing Protocol (IGRP) is used for network targets in an autonomous system. All IP IGRPs must be connected with networks when they are started up.
Users Manual of XGS-6350-24X4C 43.1.3 Configuring IP Address 43.1.3.1 Configuring IP Address at Network Interface The IP address determines the destination where the IP message is sent to. Some IP special addresses are reserved and they cannot be used as the host IP address or network address. Table 1 lists the range of IP addresses, reserved IP addresses and available IP addresses. Type A B C D E Address or Range State 0.0.0.0 Reserved 1.0.0.0 to 126.0.0.0 Available 127.0.0.0 Reserved 128.0.
Users Manual of XGS-6350-24X4C needed to connect the physical network. In this case, you can configure the subordinate IP address on the switch or the server, enabling two logical subnets to use the same physical subnet. Most of early-stage networks which are based on the layer-2 bridge are not divided into multiple subnets. You can divide the early-stage network into multiple route-based subnets by correctly using the subordinate IP addresses.
Users Manual of XGS-6350-24X4C ARP is used to map IP addresses to media or MAC address. When the IP address is known, ARP will find the corresponding MAC address. When the MAC address is known, the mapping relationship between IP address and MAC address is saved in ARP cache for rapid access. The IP message is then packaged in the message at the link layer and at last is sent to the network.
Users Manual of XGS-6350-24X4C To activate the proxy ARP, run the following command in interface configuration mode: Run… To… ip proxy-arp Activate the proxy ARP on the interface. Configuring free ARP function The switch can know whether the IP addresses of other devices collide with its IP address by sending free ARP message. The source IP address and the destination IP address contained by free ARP message are both the local address of the switch.
Users Manual of XGS-6350-24X4C identify the broadcast message through special address. Some protocols, including some important Internet protocols, frequently use the broadcast message. One primary task of the IP network administrator is to control the broadcast message. The system supports the directed broadcast, that is, the broadcast of designated network. The system does not support the broadcast of all subnets in a network. Some early-stage IP’s do not adopt the current broadcast address standard.
Users Manual of XGS-6350-24X4C Run the following command in global configuration mode to specify protocols to be forwarded: Run… To… ip forward-protocol udp [port] Specify which interfaces’ UDP protocols will be forwarded. 43.1.3.6 Detecting and Maintaining IP Addressing Perform the following operations to detect and maintain the network: 1. Clearing cache, list and database You can clear all content in a cache, list or the database. When you think some content is ineffective, you can clear it.
Users Manual of XGS-6350-24X4C 43.2 Configuring NAT 43.2.1 Introduction The Internet faces two key problems: insufficient IP address space and route measurement. Network Address Translation (NAT) is an attribute. You can find that a group of IP networks with this attribute use different IP address spaces, but you cannot find the actual address space used by the group of networks.
Users Manual of XGS-6350-24X4C message indicating the host cannot be reached. The switch with NAT configured should not publish the local network. However, the routing information that NAT receives from the outside can be published in the single-connection domain. 43.2.1.3 NAT Terms As said above, the term “inside” means those networks which are possessed by organizations and have to be transformed. In this domain, the host has an address in one address space.
Users Manual of XGS-6350-24X4C Translating inside source address Reloading inside global address Translating the overlapping address Providing TCP load balance Changing translation timeout time and limiting the number of connections Monitoring and maintaining NAT 43.2.3 NAT Configuration Task 43.2.3.
Users Manual of XGS-6350-24X4C host 1.1.1.1. (5) When the routing switch receives message of the inside global IP address, it takes the inside global address as a keyword to query the NAT table, translates the address to the inside local address of host 1.1.1.1, and forwards message to host 1.1.1.1. (6) Host 1.1.1.1 receives the message and continues the session. The routing switch is to perform step 2 and step 5 for each message. 1.
Users Manual of XGS-6350-24X4C Only those transferable addresses can be contained in the access list (remember that an implicit item “deny all” exists at the end of each access list). The random access list may lead to unexpected results. Refer to section 2.4.1 “Dynamic Inside Source Address Transfer Example” for details. 43.2.3.2 Reloading Inside Global Address Multiple local addresses use one global address through the routing switch. All the addresses can be stored in the inside global address pool.
Users Manual of XGS-6350-24X4C inside global address, outside address and port as the keywords to search the NAT table. After that, it transfers the address to the inside local address 1.1.1.1 and forwards the packet to host 1.1.1.1. (6) Host 1.1.1.1 receives the packet and continues the session. The routing switch performs step 2 and step 5 for each packet.
Users Manual of XGS-6350-24X4C Figure 43-3 Network Condition Where NAT Translates Overlapping Addresses The routing switch performs the following steps when translating the overlapping addresses: (1) The user of host 1.1.1.1 uses domain name to send instructions for connecting host C. Host 1.1.1.1 requires DNS server to perform a checkup from domain name to address. (2) The DNS server responds the request and returns the address 1.1.1.1 of host C.
Users Manual of XGS-6350-24X4C outside network. 2. Configuring dynamic transfer Run the following commands in global configuration mode to configure dynamic outside source address transfer: Run… To… ip nat poolname start-ip end-ip Define a to-be-distributed local address netmask pool according to requirements. ip access-list Define a standard access list.
Users Manual of XGS-6350-24X4C Figure 43-4 NAT TCP load balance When translating the cycle address, the routing switch performs the following steps: (1) The user of host B (9.6.7.3) sends instructions for connecting the virtual host 1.1.1.127 in the inside network. (2) The routing switch receives the connection request and creates a new translation item to allocate the next host 1.1.1.1 for the inside local IP address.
Users Manual of XGS-6350-24X4C ip nat inside Label the interface as one to connect the inside network. interface type number Specify the outside interface. ip nat outside Label the interface as one to connect the outside interface. Only those transferable addresses can be contained in the access list (remember that an implicit item “deny all” exists at the end of each access list). The random access list may lead to unexpected results. For details, refer to section “TCP Load Configuration Example”.
Users Manual of XGS-6350-24X4C Run... To... ip nat translation Set the maximum number of the max-entriesnumbers translation items (the default value is 4000). ip nat translation max-links Limit the maximum number of the NAT A.B.C.Dnumbers connection items that the designated inside IP address creates. There is no default value. ip nat translation max-links all Limit the maximum number of the NAT numbers connection items that a single IP address creates.
Users Manual of XGS-6350-24X4C ip nat inside source list a1 pool net-208 ! interface vlan10 ip address 171.69.232.182 255.255.255.240 ip nat outside ! interface vlan11 ip address 192.168.1.94 255.255.255.0 ip nat inside ! ip access-list standard a1 permit 192.168.1.0 255.255.255.0 ! 43.2.4.2 Inside Global Address Reloading Example An address pool named net-208 is created in the following example. The address pool contains all addresses from 171.69.233.208 to 171.69.233.233.
Users Manual of XGS-6350-24X4C address pool. The sentence ip nat outside source list 1 pool net-10 transfer the host addresses of the outside overlapping network to the address in the net-10 address pool. ip nat pool net-208 171.69.233.208 171.69.233.223 255.2555.255.240 ip nat pool net-10 10.0.1.0 10.0.1.255 255.255.255.0 ip nat inside source list a1 pool net-208 ip nat outside source list a1 pool net-10 ! interface vlan10 ip address 171.69.232.192 255.255.255.
Users Manual of XGS-6350-24X4C 43.3 Configuring DHCP 43.3.1 Introduction The Dynamic Host Configuration Protocol (DHCP) provides some parameters of network configuration fro hosts in the Internet. DHCP will be described in RFC 2131. The most important function of DHCP is to distribute IP addresses on the interface. DHCP supports three mechanisms of distributing IP addresses. Automatic distribution The DHCP server automatically distributes a permanent IP address to a client.
Users Manual of XGS-6350-24X4C As described above, the lease time is a concept appearing in the procedure of DHCP dynamic distribution. Lease time an effective period of an IP address since its distribution. When the effective period is over, the IP address is to be recycled by the DHCP server. To continuously use the IP address, the DHCP client requires re-applying the IP address. 43.3.2 Configuring DHCP Client 43.3.2.
Users Manual of XGS-6350-24X4C ip dhcp client select seconds Specify the interval for SELECT. The command is optional when you perform operations to obtain an IP address. 4. Monitoring DHCP To check information about DHCP-server currently found by switch, run the following command in management mode: Run... To... show dhcp server Display information about the DHCP server known by the routing switch.
Users Manual of XGS-6350-24X4C 43.3.3.2 Configuring DHCP Server 43.3.3.3 Enabling DHCP server To enable the DHCP server and distribute parameters such as IP address for the DHCP client, run the following command in global configuration mode (the DHCP server also supports the relay operation. For the addresses that the DHCP server cannot distribute, the port where ip helper-address is configured is to forward the DHCP request): Run... To... ip dhcpd enable Enabling DHCP server. 43.3.3.
Users Manual of XGS-6350-24X4C 43.3.3.7 Configuring DHCP server address pool Run the following command in global configuration mode to add the address pool for the DHCP server: Run... To... ip dhcpd pool name Add the address pool of the DHCP server and enter the configuration mode of the DHCP address pool. 43.3.3.8 Configuring DHCP server address pool You can run the following commands in DHCP address pool configuration mode to configure related parameters.
Users Manual of XGS-6350-24X4C Run... To... lease {days [hours][minutes] | infinite } Configure the lease time of the address that is distributed to the client. Run the following command to configure the netbios server address that is distributed to the client: Run... To... netbios-name-serverip-addr… Configure the netbios server address that is distributed to the client. You can run the following command to reject to distribute the IP address to the host whose MAC address is hardware-address.
Users Manual of XGS-6350-24X4C DHCP server. Run... To... clear ip dhcpd statistic Delete current message statistics information about DHCP server 43.3.3.11 DHCP Server Configuration Example In the following example, the timeout time of the ICMP detection packet is set to 200ms; Address pool 1 is configured and the DHCP server is enabled. ip dhcpd ping timeout 2 ip dhcpd pool 1 network 192.168.20.0 255.255.255.0 range 192.168.20.211 192.168.20.215 domain-name my315 default-router 192.168.20.
Users Manual of XGS-6350-24X4C 1. Sending ICMP unreachable message If the system receives a message and cannot send it to the destination, such as no routes, the system will send an ICMP-unreachable message to the source host. The function of the system is enabled by default. If the function is disabled, you can run the following command in interface configuration mode to enable the function. Run… To… ip unreachables Enable the function to send an ICMP-unreachable message. 2.
Users Manual of XGS-6350-24X4C the MTU set on the message forwarding interface. The IP message needs to be segmented, but the “unsegmented” bit of the IP message is reset. The message, therefore, cannot be segmented. The message has to be dropped. In this case, the routing switch sends the ICMP message to notify the source host of the reason of failed forwarding, and the MTU on the forwarding interface.
Users Manual of XGS-6350-24X4C ip source-route 7. Authorizing IP source route. Allowing IP fast exchange IP fast exchange uses the route cache to forward the IP message. Before the switch forwards message to a certain destination, its system will check the routing table and then forward the message according to a route. The selected route will be stored in the routing cache of the system software.
Users Manual of XGS-6350-24X4C 43.4.1.2 Configuring Performance Parameters 1. Setting the wait time for TCP connection When the routing switch performs TCP connection, it considers that the TCP connection fails if the TCP connection is not created during the wait time. The routing switch then notifies the upper-level program of the failed TCP connection. You can set the wait time for TCP connection. The default value of the system is 75 seconds.
Users Manual of XGS-6350-24X4C show ip cache [prefix mask] [type Display the routing cache that is used for number] fast IP message exchange. show ip sockets Display all socket information about the routing switch. show ip traffic Display statistics data about IP protocol. show tcp Display information about all TCP connection states. Briefly display information about TCP show tcp brief connection states. show tcp statistics Display TCP statistics data.
Users Manual of XGS-6350-24X4C terminates the match regulations. The order of the conditions is, therefore, important. If no regulations match, the address is declined. Use the access list by following the following steps: (1) Create the access list by designating the access list name and conditions. (2) Apply the access list to the interface. 43.4.2.2 Creating Standard and Extensible IP Access List Use a character string to create an IP access list.
Users Manual of XGS-6350-24X4C say, you cannot add the command line to the designated access list. However, you can run no permit and no deny to delete items from the access list. When you create the access list, the end of the access list includes the implicit deny sentence by default. If the mask is omitted in the relative IP host address access list, 255.255.255.255 is supposed to be the mask. After the access list is created, the access list must be applied on the route or interface.
Users Manual of XGS-6350-24X4C During the connection period, the same two port numbers are used. The mail packet from the Internet has a destination port, that is, port 25. The outgoing packet has a contrary port number. In fact, the security system behind the routing switch always receives mails from port 25. That is the exact reason why the incoming service and the outgoing service can be uniquely controlled. The access list can be configured as the outgoing service or the incoming service.
Users Manual of XGS-6350-24X4C The standard access list and the extensible access list cannot have the same name. Run the following command in global configuration mode to create a standard access list: Run… To… ip access-list standardname Use a name to define a standard access list. deny {source [source-mask] | Designate one or multiple permit/deny any}[log] or permit {source conditions in standard access list [source-mask] | any}[log] configuration mode.
Users Manual of XGS-6350-24X4C 43.4.3.4 Applying the Access List to the Interface After the access list is created, you can apply it to one or multiple interfaces including the in interfaces and out interfaces. Run the following command in interface configuration mode. Run… To… ip access-groupname {in | out} Apply the access list to the interface. The access list can be used on the in interfaces and the out interfaces.
Users Manual of XGS-6350-24X4C 405
Users Manual of XGS-6350-24X4C Chapter 44. IP ACL Application Configuration 44.1 Applying the IP Access Control List 44.1.1 Applying ACL on Ports After an ACL is established, it can be applied on one or many slots or globally. Run the following command in global or port configuration mode: Command Purpose config Enters the global configuration mode. interface g0/1 Enters the to-be-configured port.
Users Manual of XGS-6350-24X4C Chapter 45. Routing Configuration 45.1 Configuring RIP 45.1.1 Overview The section describes how to configure the RIP. For details about RIP commands, refer to the setion “RIP Commands” in “Network Protocol Command Reference”. The routing information protocol (RIP) is still a commonly used interior gateway protocol (IGP), mainly applied to small-scale networks of the same type. RIP is a classical distance vector routing protocol, which appears in RFC 1058.
Users Manual of XGS-6350-24X4C Activating or forbidding horizon split. Monitoring and maintaining RIP 45.1.3 Configuring RIP Tasks 45.1.3.1 Starting up RIP Run the following command in global configuration mode to activate RIP: Command Purpose Activates the RIP routing process and routerrip enters the switch configuration mode. networknetwork-number Specifies the network number related to the RIP routing process. 45.1.3.
Users Manual of XGS-6350-24X4C timers holddown value It means how much time is needed for a route to be deleted from the routing table. timers expirevalue It means what interval is needed for a route to be declared ineffective. timers updatevalue It means the transmission frequency of the routing update information. 45.1.3.5 Specifying the RIP Version Number The RIP-2 of our switches supports authentication, PIN management, routing summary, CIDR and VLSM.
Users Manual of XGS-6350-24X4C authentication. Each RIP-2 packet uses the plain authentication by default. For the purpose of security, do not use the plain authentication in the RIP packet because the unencrypted authentication PIN is sent to each RIP-2 packet. You can use the plain authentication without security concern. Run the following commands in VLAN configuration mode to configure the RIP plain text authentication.
Users Manual of XGS-6350-24X4C Forbids authenticating the source IP no validate-update-source address of the incoming routing information. 45.1.3.9 Configuring the Maximum Number of Routes By default, the local RIP routing table contains up to 1024 routes. When the route number exceeds the maximum number, you cannot add new routes to the routing table. At the same time, the system notifies you that the route number has already reached the maximum number set for the routing table.
Users Manual of XGS-6350-24X4C 45.1.3.11 Monitoring and Maintaining RIP Monitoring and maintaining RIP needs to display network statistics information, such as RIP parameter configuration, real-time network track. These information help you judge the network usage, solve network problem and the reachabilitiy of network nodes. Run the following commands in management mode to display all routing statistics information: Command show ip rip Purpose Display the current state of the RIP protocol.
Users Manual of XGS-6350-24X4C router rip network 192.168.20.0 network 20.0.0.0 ! 45.2 Configuring BEIGRP 45.2.1 Overview Technologies used by BEIGRP are similar to the distance vector protocol: The router makes routing decision according to the information provided by the directly-connecting neighbor; The router provides its routing information to its directly-connecting neighbor.
Users Manual of XGS-6350-24X4C Configuring forwarding route Configuring other BEIGRP parameters Monitoring and maintaining the running of BEIGRP 45.2.3 BEIGRP Configuration Task 45.2.3.1 Activating BEIGRP Perform the following operations to create a BEIGRP process: Command Purpose router beigrpas-number Adds a BEIGRP process in global configuration mode. networknetwork-number Adds network segment to the BEIGRP network-mask process in route configuration mode.
Users Manual of XGS-6350-24X4C offset{type number | *} {in | out} Applies a offset table. access-list-name offset 45.2.3.5 Disabling Automatic Route summary The automatic collection of BEIGRP is different from that of other dynamic routing protocols. It complies with the following regulations: When multiple networks in a BEIGRP process are defined, a summary route of the defined network is generated if at least one subnet of the network is in the BEIGRP topology table.
Users Manual of XGS-6350-24X4C 45.2.3.7 Configuring Forwarding Route When BEIGRP forwards other types of routes, BEIGRP complies with the following regulations: If the present route is static or directly-connected, the command default-metric need not be configured and other compound distance parameters (bandwidth, delay, reliability, effective load and MTU) are directly obtained from the current port.
Users Manual of XGS-6350-24X4C transmission frequency of the BEIGRP hello message on the interface of the router. hold timer specifies the time to declare the neighbor is dead when the router cannot receives data from the designated neighbor. After any type of the BEIGRP packet is received from the neighboring router, the value of hold timer needs to be reset. Different network types or network bandwidth adopt different default values of the hello timer.
Users Manual of XGS-6350-24X4C [as-number] interface. show ip beigrp neighbors[as-number Displays the information about BEIGRP | interface] neighbors. show ip beigrp topology [as-number | Displays the information about BEIGRP all-link | summary | active] topology table. 45.2.4 BEIGRP Configuration Example In the following example, the summary route that sends network segment 10.0.0.0/8 on VLAN11 is configured. All subnet routs of the network segment will not be notified of the neighbor.
Users Manual of XGS-6350-24X4C parameters cost, resending interval, interface output delay, the priority of the switch, the interval to judge the shutdown of the switch, the interval of the hello packet and the authentication PIN. Virtual link The virtual link is supported. NSSA area See RFC 1587. OSPF in the See RFC 1793. on-demand circuit 45.3.2 OSPF Configuration Task List OSPF requires the routing data exchange among switches, ABR and ASBR in the whole domain.
Users Manual of XGS-6350-24X4C and the relevant interface domain ID. 45.3.3.2 Configuring Interface Parameters of OSPF You are allowed to modify OSPF parameters of the interface according to actual requirements. When you modify a parameter, make sure that the parameter on all switches of the interconnected network is same.
Users Manual of XGS-6350-24X4C in the broadcast network through the map command. For details of the map command, refer to the description of the map command in WAN Command Reference. 45.3.3.4 Configuring OSPF Network Type No matter what physical media type your network belongs to, you can configure your network to be the broadcast network or the non-broadcast and multi-access network. This feature allows you configure the network flexibly.
Users Manual of XGS-6350-24X4C Run the following command in switch configuration mode to set area parameters: Command Purpose areaarea-idauthentication simple Activates the authentication of the OSPF area. areaarea-idauthentication Specifies the MD5 authentication as message-digest the authentication OSPF. areaarea-idstub [no-summary] Defines a stub area. area area-iddefault-cost cost Set the value of the default route in the stub area. 45.3.3.
Users Manual of XGS-6350-24X4C 45.3.3.9 Choosing Route ID Through the LOOPBACK Interface OSPF takes the maximum IP address configured on the interface as the switch ID. If the interface connecting the IP address changes to the Down state, or the IP address is cancelled, the OSPF process is to recalculate the new switch ID and resend the routing information from all interfaces. If a loopback interface is configured with the IP address, the switch takes its IP address as its ID.
Users Manual of XGS-6350-24X4C timersdelaydelaytime Sets the delay of routing calculation in an area. timersholdholdtime Sets the minimum interval of routing calculation in an area. 45.3.3.12 onitoring and Maintaining OSPF The network statistics information includes the content of IP routing table, cache and database. All information help you to judge the usage of network resources, solve network problems, learn the reachability of network nodes and to find routes where packets get through the network.
Users Manual of XGS-6350-24X4C neighboring events. debug ip ospf flood Monitors the flooding of OSPF database. debug ip ospf lsa-generation Monitors the LSA generation of OSPF. debug ip ospf packet Monitors the OSPF message. debug ip ospf retransmission Monitors the message resending of OSPF. debug ip ospf spf Monitors the SPF calculation route of debug ip ospf spf intra OSPF. debug ip ospf spf inter debug ip ospf spf external debug ip ospf tree Monitors SPF tree establishment of OSPF. 45.3.
Users Manual of XGS-6350-24X4C The third example shows how to use all kinds of OSPF tools. 45.3.4.2.1 Basic OSPF Configuration Example The following example shows how to configure a simple OSPF. Activate the routing process 9; connect Ethernet interface 0 to area 0.0.0.0; meanwhile, send RIP to OSPF or send OSPF to RIP. interface vlan 10 ip address 130.130.1.1 255.255.255.0 ip ospf cost 1 ! interface vlan 10 ip address 130.130.1.1 255.255.255.0 ! router ospf 90 network 130.130.0.0 255.255.0.
Users Manual of XGS-6350-24X4C interface vlan 12 ip address 131.108.2.5 255.255.255.0 Interface vlan13 is in area 3: interface vlan 13 ip address 131.109.10.5 255.255.255.0 Interface vlan14 is in area 0: interface vlan 14 ip address 131.109.1.1 255.255.255.0 Interface vlan 100 is in area 0: interface vlan 100 ip address 10.1.0.1 255.255.0.0 The function of network area configuration command has its order, so the sequence of the commands is important.
Users Manual of XGS-6350-24X4C Configure switches according to the previous figure. RTA: interface loopback 0 ip address 202.96.207.81 255.255.255.0 ! interface vlan 10 ip address 192.168.10.81 255.255.255.0 ! interface vlan 10 ip address 192.160.10.81 255.255.255.0 ! router ospf 192 network 192.168.10.0 255.255.255.0 area 1 network 192.160.10.0 255.255.255.0 area 0 ! RTB: interface loopback 0 ip address 202.96.209.82 255.255.255.252 ! interface vlan 10 ip address 192.168.10.82 255.255.255.
Users Manual of XGS-6350-24X4C ! router ospf 192 network 192.168.20.0 255.255.255.0 area 1 network 192.168.10.0 255.255.255.0 area 1 ! RTC: interface loopback 0 ip address 202.96.208.83 255.255.255.252 ! interface vlan 10 ip address 192.163.20.83 255.255.255.0 ! interface vlan 11 ip address 192.160.20.83 255.255.255.0 ! router ospf 192 network 192.168.20.0 255.255.255.0 area 1 network 192.163.20.0 255.255.255.0 area 0 ! 45.3.4.
Users Manual of XGS-6350-24X4C (3) Setting the authentication password for each area and network (4) Setting the link state value and other interface parameters Use one area command respectively to set authentication parameters and stub area. You can use one command to set these parameters. Set backbone area (Area 0).
Users Manual of XGS-6350-24X4C network 192.168.30.0 255.255.255.0 area 192.168.30.0 network 192.168.40.0 255.255.255.0 area 192.168.40.0 area 0 authentication simple area 192.168.20.0 stub area 192.168.20.0 authentication simple area 192.168.20.0 default-cost 20 area 192.168.20.0 authentication simple area 192.168.20.0 range 36.0.0.0 255.0.0.0 area 192.168.30.0 range 192.42.110.0 255.255.255.0 area 0 range 130.0.0.0 255.0.0.0 area 0 range 141.0.0.0 255.0.0.0 redistribute rip RIP is in network 192.168.30.
Users Manual of XGS-6350-24X4C Use neighbor-based access-list, aspath-list and prefix-list to filter the route. Or use port-based access-list and prefix-list to filter the route or the Nexthop attribute of the route. Use route-map to modify BGP route's attributes such as MED, Local Preference and Weight. To interact with dynamic IGRPs such as ospf and rip, you can use the distribute command to redistribute the route. The BGP routing information is thus automatically generated.
Users Manual of XGS-6350-24X4C 45.4.2.1.1 Activating BGP Routing Choice Run the following commands in global configuration mode to activate BGP route selecting: Command Purpose router bgp autonomous-system Activates the BGP routing process in router configuration mode. networknetwork-number/masklen Marks the network as the local [route-map route-map-name] autonomous system and adds it to the BGP table.
Users Manual of XGS-6350-24X4C new soft reconfiguration is used to send the outgoing update to the neighbor, it is called outgoing soft reconfiguration. After the incoming soft reconfiguration is run, new input policies validates. After the outgoing soft reconfiguration is run, the new local output policy validates without resetting BGP session.
Users Manual of XGS-6350-24X4C When cancelling the synchronization, you need to run the command clear ip bgp to clear BGP sessions. For details, refer to the section “Example for Neighbor-Based BGP Path Filtration”. In general, only one or two routes are forwarded to your IGP and become the exterior routes in IGRP or the BGP session sponsor generates a default AS route. When the routes are forwarded from BGP to IGP, only the routes obtained through EBGP can be forwarded.
Users Manual of XGS-6350-24X4C neighbor {ip-address } Establishes a BGP filter. distribute-listaccess-list-name {in | out } (3) Use the prefix list with the commands ip prefix-list and neighbor prefix-list. Command Purpose ip prefix-listprefixs-list-name |sequence Defines a prefix list. number {permit |deny}A.B.C.D/n ge x le y router bgpautonomous-system Enters the router configuration mode. neighbor {ip-address } Establishes a BGP filter.
Users Manual of XGS-6350-24X4C BGP neighbors update. When the previous command is used, the current router notifies itself to take as the next hop of the route. Therefore, other BGP neighbors will send packets to the current router. It is useful in the non-broadcast network because a path from the current router to the designated neighbor. However, it is useless in the broadcast network because unnecessary extra hops will occur. 45.4.2.2 Configuring Senior BGP Characteristics 45.4.2.2.
Users Manual of XGS-6350-24X4C Value of the AS_PATH attribute Value of the COMMUNITY attribute Routes can be classified into the community through the COMMUNITY attribute and the community-based routing policy can be applied to routes. Therefore, the configuration of routing information control is simplified. Community is a group of routes having the same attributes. Each route may belong to multiple communities. The AS administrator can decide which community a route belongs to.
Users Manual of XGS-6350-24X4C {permit | deny} communtiy-expression route-map map-name Configures the route map. sequence-number {deny | permit} match community-list-name Configures the matching regulations. router bgpautonomous-system Enters the router configuration mode. neighbor {ip-address } Applies the route map. route-maproute-map-name {in | out } Refer to the section “Example for Route Map Through BGP Community Attribute”. 45.4.2.2.
Users Manual of XGS-6350-24X4C cluster. When the route reflector receives the routing infotmation, it will perform the following tasks: Broadcast the routes from the external BGP session sponsors to all clients and non-client peers. Broadcast the routes from the non-client routes to all clients. Broadcast the routes from the client to all client peers and non-client peers. The client peers need not be fully connected.
Users Manual of XGS-6350-24X4C ttl external peers. 45.4.2.2.8 Setting BGP route management distance The management distance is a unit to measure the priority of routing protocols. BGP uses three kinds of management distance: external distance, internal distance and local distance. The route learned from the external BGP shows the external distance. The route learned from the internal BGP shows the internal distance. The local route shows the local distance.
Users Manual of XGS-6350-24X4C 45.4.3.1 Clearing BGP routing table and database Run the following command in management mode to perform relative tasks about clearing high-speed cache, table or BGP database. Command Purpose clear ip bgp * Resets all BGP connections. clear ip bgp as-number Resets the BGP connection of the designated autonomous system. clear ip bgp address Resets the BGP connection of the designated neighbor.
Users Manual of XGS-6350-24X4C advertised-routes] show ip bgp paths Displays all BGP path information in the database. show ip bgp summary Displays the state of all BGP connections. 45.4.3.3 Tracking BGP information To locate the fault and resolve the problem, you need to observe the BGP connection establishment, route receiving and route forwarding by tracking the BGP information. Perform the following operations: Command Purpose debug ip bgp * Tracks common BGP information.
Users Manual of XGS-6350-24X4C neighbor 1.1.1.1 route-map freddy out ! ip aspath-list abc permit ^690_ ip aspath-list xyz permit .
Users Manual of XGS-6350-24X4C 45.4.4.3 Example for neighbor-based BGP path filtration The following is an example for neighbor-based BGP path filtration. The route that gets through the access list test1of as-path obtains a weight value 100. Only the route that gets through the access list test2 of as-path can be sent to neighbor 193.1.12.10. Similarly, the route that gets through the access list test3 can be accepted by neighbor 193.1.12.10: router bgp 200 neighbor 193.1.12.10 remote-as 100 neighbor 193.
Users Manual of XGS-6350-24X4C filter * in prefix max24 ! ip prefix-list max24 seq 5 permit 0.0.0.0/0 ge 8 le 24 ! In the following example, the router filters all the routes and only accepts the routes whose prefix length ranges from 8 to 24: router bgp 12 filter * in prefix-list max24 ip prefix-list max24 seq 5 permit 0.0.0.0/0 ge 8 le 24 The following example shows that route whose prefix length is no more than 24 is permitted in network 192/8: ip prefix-list abc permit 192.0.0.
Users Manual of XGS-6350-24X4C the BGP routing table according to the following configuration. The aggregation route is considered to be from your AS and has the atomic attribute which may be lost in the indication information: router bgp 100 aggregate 193.0.0.0/8 The following example shows how to create the aggregation route 193.*.*.* and how to constrain more detailed routes from broadcasting to all neighbors: router bgp 100 aggregate 193.0.0.0/8 summary-only 45.4.4.
Users Manual of XGS-6350-24X4C neighbor 3.0.0.1 remote-as 200/*RTB IBGP*/ neighbor 3.0.0.1 route-reflector-client neighbor 5.0.0.1 remote-as 200 /*RTE IBGP*/ neighbor 4.0.0.2 remote-as 100 /*RTD EBGP*/ network 11.0.0.0/8 ! ip route 11.0.0.0 255.0.0.0 2.0.0.12 RTB configuration: interface vlan110 ip address 3.0.0.2 255.0.0.0 ! router bgp 200 neighbor 3.0.0.1 remote-as 200 /*RTA IBGP*/ network 13.0.0.0/8 ! ip route 13.0.0.0 255.0.0.0 3.0.0.12 RTC configuration: interface vlan110 ip address 2.0.0.2 255.0.0.
Users Manual of XGS-6350-24X4C ip address 5.0.0.2 255.0.0.0 ! router bgp 200 neighbor 5.0.0.1 remote-as 200 /*RTA IBGP*/ network 15.0.0.0/8 ! ip route 15.0.0.0 255.0.0.0 5.0.0.12 45.4.4.8 BGP autonomous system alliance example The following figure shows an autonomous system alliance configuration. RTA, RTB and RTC create the IBGP connection. RTA, RTB and RTC belong to the private autonomous system 65010. RTE belongs to the private autonomous system 65020.
Users Manual of XGS-6350-24X4C bgp confederation identifier 200 bgp confederation peers 65020 neighbor 1.0.0.2 remote-as 65010 /*RTB IBGP*/ neighbor 2.0.0.2 remote-as 65010 /*RTC IBGP*/ neighbor 5.0.0.2 remote-as 65020 /*RTE EBGP*/ neighbor 4.0.0.2 remote-as 100 /*RTD EBGP*/ RTB configuration: interface vlan110 ip address 1.0.0.2 255.0.0.0 ! interface vlan111 ip address 3.0.0.1 255.0.0.0 ! router bgp 65010 bgp confederation identifier 200 bgp confederation peers 65020 neighbor 1.0.0.
Users Manual of XGS-6350-24X4C RTE configuration: interface vlan110 ip address 5.0.0.2 255.0.0.0 ! router bgp 65020 bgp confederation identifier 200 bgp confederation peers 65010 neighbor 5.0.0.1 remote-as 65010 /*RTA EBGP*/ 45.4.4.9 Example for route map using BGP community attribute In the following example, the command route map set-community is used to update the outgoing routes of neighbor 171.69.232.50.
Users Manual of XGS-6350-24X4C ! ip aspath-list test1 permit 70$ ip aspath-list test2 permit .* In the following example, Set the MED and the local priority of the route from neighbor 171.69.232.55 according to the community attribute value. Set MED of all routes that match the community list com1 to 8000. These routes may contain routes with community value “100 200 300” and “900 901”. These routes may have other attribute values.
Users Manual of XGS-6350-24X4C Chapter 46. IP Hardware Subnet Routing Configuration 46.1 IP Hardware Subnet Configuration Task 46.1.1 Overview IP hardware subnet routing is similar to IP fast exchange. When the IP hardware subnet routing is not enabled, before forwarding message containing the IP address A at the next hop, the switch first checks whether the item of destination A exists in the IP cache of hardware. If the item exists, the message will be forwarded through hardware.
Users Manual of XGS-6350-24X4C 46.1.3 Checking the State of IP Hardware Subnet Routing Command Description show ip exf Displays the current state of the IP hardware subnet routing. 46.2 Configuration Example Pay attention to the following content when you configure the routing items: As to the direct-connecting routing, the next hop is CPU. If the next hop is a routing interface not an IP address, do as in the direct-connecting routing.
Users Manual of XGS-6350-24X4C ip exf 0.0.0.0 0.0.0.0 nexthop 192.168.1.
Users Manual of XGS-6350-24X4C Chapter 47. IP-PBR Configuration 47.1 IP-PBR Configuration IP-PBR realizes software PBR functions through the hardware of switch chip. PBR stands for Policy Based Routing. PBR enables users to rely on a certain policy not on routing protocol for routing. Software based PBR supports multiple policies and rules and also load balance. You can designate the next hop’s IP address or port for those packets that are in line with policy.
Users Manual of XGS-6350-24X4C 47.1.2 ISIS Configuration Task List To configure IP-PBR, do as follows: Create ACL; Create a route map; Apply the route map on a port; To create an ACL, run the following command globally: Command Remarks ip access-list standard net1 Enters the ACL configuration mode and defines ACL. To create a route map, run the following commands globally: Command Remarks route-map pbr Enters the route map configuration mode.
Users Manual of XGS-6350-24X4C IP policy based route state: disabled No pbr apply item No equiv exf apply item All data related about IP-PBR running are shown below: switch#show ip pbr IP policy based route state: enabled No equiv exf apply item VLAN3 use route-map ddd, and has 1 entry active. -----------------Entry sequence 10, permit Match ip access-list: ac1 Set Outgoing nexthop 90.0.0.
Users Manual of XGS-6350-24X4C IP policy based route state: enabled Equiv EXF has 1 entry active. -----------------Entry sequence 1, handle c1f95b0 Dest ip: 1.1.0.0/16 90.0.0.3 192.168.213.161 47.1.4 IP-PBR Configuration Example Switch configuration: ! ip pbr ! interface vlan1 ip address 10.1.1.3 255.255.255.0 no ip directed-broadcast ip policy route-map pbr ! ip access-list standard ac1 permit 10.1.1.21 255.255.255.255 ! ip access-list standard ac2 permit 10.1.1.2 255.255.255.
Users Manual of XGS-6350-24X4C will automatically choose 13.1.1.99 or 14.1.1.99 as the egress according to destination IP address.
Users Manual of XGS-6350-24X4C Chapter 48. Multi-VRF CE Configuration 48.1 Multi-VRF CE Introduction 48.1.1 Overview The Virtual Private Network (VPN) provides a secure method for multiple client networks to share the ISP-supplied bandwidth. In general, one VPN comprises a team of client networks that share a public routing table on the ISP's routers. Each client network is connected to the interface of the network devices of ISP, while ISP's device will relate each interface to a VPN routing table.
Users Manual of XGS-6350-24X4C VRF. 48.1.1.2 Establishing Routes with PE The MCE switch (MCE) can connect one or multiple PEs, but both MCE and the connected PEs have to get VRF configured. MCE will provide PE the routes which MCE learns from CE and learns the routes of remote client networks from PE. The VRF route can be established between MCE and PE through dynamic routing protocols such as BGP, OSPF, RIP and BEIGRP. Of course, the VRF route can also be established statically.
Users Manual of XGS-6350-24X4C Switch_config_vrf# rd Sets the route distinguisher of VRF. route-distinguisher route-distinguisher: Stands for the distinguisher of the route. It consists of autonomous domain ID and random numbers, or IP and random numbers. Switch_config_vrf# route-target Creates the expanded VPN attributes of input/output VRF { export | import | both } objects.
Users Manual of XGS-6350-24X4C Switch_config_ospf# redistribute Forwards the designated BGP network to the OSPF network. bgp ASN Switch_config_ospf# exit Exits from the OSPF configuration mode. Switch_config# show ip ospf Browses the information about the OSPF protocol. Switch_config# no router Deletes the OSPF-VRF routing configuration. ospfprocess-id 48.2.3.
Users Manual of XGS-6350-24X4C 48.3 MCE Configuration Example Figure 2.1 shows a simple VRF network. Both S1 and S2 are the Multi-VRF CE switches. S11, S12 and S13 belong to VPN1, S21 and S22 belong to VPN2, and all of them are customer devices. The OSPF route should be configured between CE and customer device, while the BGP route is configured between CE and PE. PE S1 VPN1 S11 S2 CE G0/1 11.0.0.0 VPN1 S13 CE G0/1 G0/1 G0/2 G1/1 G1/2 G0/2 S12 VPN2 S22 G0/3 G0/3 VPN2 S21 G0/4 Figure 2.
Users Manual of XGS-6350-24X4C 48.3.2 Configuring MCE-S1 Configures VRF on the Multi-VRF CE device.
Users Manual of XGS-6350-24X4C Switch_config_v11# ip address 11.0.0.1 255.0.0.0 Switch_config_v11# exit Switch_config# interface VLAN15 Switch_config_v15# ip vrf forwarding vpn2 Switch_config_v15# ip address 15.0.0.1 255.0.0.0 Switch_config_v15# exit Switch_config# interface VLAN21 Switch_config_v21# ip vrf forwarding vpn1 Switch_config_v21# ip address 21.0.0.2 255.0.0.0 Switch_config_v21# exit Switch_config# interface VLAN22 Switch_config_v22# ip vrf forwarding vpn2 Switch_config_v22# ip address 22.0.
Users Manual of XGS-6350-24X4C Switch_config_bgp_vpn2# no synchronization Switch_config_bgp_vpn2# redistribute ospf 2 Switch_config_bgp_vpn2# neighbor 22.0.0.1 remote-as 200 Switch_config_bgp_vpn2# exit-address-family Switch_config_bgp# exit Create VLAN. Switch_config# vlan 1,11-12,21-22 Enables the forwarding of subnet route of the switch. Switch_config# ip exf 48.3.
Users Manual of XGS-6350-24X4C Set the L3 VLAN interface of PE, which connects S1: Switch_config# interface VLAN21 Switch_config_v21# ip vrf forwarding vpn1 Switch_config_v21# ip address 21.0.0.1 255.0.0.0 Switch_config_v21# exit Switch_config# interface VLAN22 Switch_config_v22# ip vrf forwarding vpn2 Switch_config_v22# ip address 22.0.0.1 255.0.0.
Users Manual of XGS-6350-24X4C Switch_config# ip exf 48.3.
Users Manual of XGS-6350-24X4C Switch_config# interface VLAN41 Switch_config_v41# ip vrf forwarding vpn1 Switch_config_v41# ip address 41.0.0.1 255.0.0.0 Switch_config_v41# exit Switch_config# interface VLAN46 Switch_config_v46# ip vrf forwarding vpn2 Switch_config_v46# ip address 46.0.0.1 255.0.0.0 Switch_config_v46# exit Switch_config# interface VLAN31 Switch_config_v31# ip vrf forwarding vpn1 Switch_config_v31# ip address 31.0.0.2 255.0.0.
Users Manual of XGS-6350-24X4C Switch_config_bgp# address-family ipv4 vrf vpn2 Switch_config_bgp_vpn2# no synchronization Switch_config_bgp_vpn2# redistribute ospf 2 Switch_config_bgp_vpn2# neighbor 32.0.0.1 remote-as 200 Switch_config_bgp_vpn2# exit-address-family Switch_config_bgp# exit Create VLAN. Switch_config# vlan 1,31-32,41,46 Enables the forwarding of subnet route of the switch. Switch_config# ip exf 48.3.
Users Manual of XGS-6350-24X4C Switch# ping -vrf vpn1 21.0.0.1 !!!!! --- 21.0.0.
Users Manual of XGS-6350-24X4C Chapter 49. Reliability Configuration 49.1 Configuring Port Backup This chapter discusses how to back up the interface, describes the backup functions on the asynchronism serial interface, synchronism serial interface or ISDN interface. For details about interface backup commands, refer to Interface Backup Command Reference. 49.1.1 Overview Interface backup functions can enabled Backup interface or disabled it according to statement or flux information of Primary interface .
Users Manual of XGS-6350-24X4C 49.1.3.2 Enabling Backup Interface Rejection Set delaying of enabled and disabled backup interface .To realize time gap between primary interface state changing and the result of state of backup interface changing. 1. choose backup interface 2. enabled interface backup delaying in this interface . choose backup interface,You can use instructions as follows in interface configuration mode. Command Purpose Backup interfaceslot/port Choose backup interface of this port.
Users Manual of XGS-6350-24X4C The time of backup interface activation and deactivation is both 5 seconds. Flux equalization setting is when true flux of primary interface pass 60% of band width , activate backup interface, while flux through both interfaces is less than 30% of band width of primary interface, activate backup interface.
Users Manual of XGS-6350-24X4C relying on the availability of any single router. It enables a set of router interfaces to work together to present the appearance of a single virtual router or default gateway to the hosts on a LAN. When HSRP is configured on a network or segment, it provides a virtual Media Access Control (MAC) address and an IP address that is shared among a group of configured routers.
Users Manual of XGS-6350-24X4C standby [group-number] preempt Configure hsrp preempt. If local router's [delaydelay] priority is larger than active router, local router should try to replace the active router. Configure hsrp preempt delay timer.Local router should replace active router after preempt delay timer. standby [group-number] tracktype Configure hsrp group tracking interface number [interface-priority] list.If the tracking interface is failed ,HSRP priority value decreased.
Users Manual of XGS-6350-24X4C standby 1 preempt standby 1 ip 171.16.6.100 255.255.255.0 standby 1 trackl Serial0 standby 2 preempt standby 2 ip 171.16.6.200 255.255.255.0 standby 2 track Serial0 standby 2 priority 95 The following is the R2 configuration: Configure two HSRP groups on interface Ethernet 0. The virtual IP of group 1 is 171.16.6.100 and the privilege of group1 is 100, so R2 is the standby router of group1. The virtual IP of group 2 is 171.16.6.200 and the default privilege of group2 is 100.
Users Manual of XGS-6350-24X4C The VRRP-running main router transmits the Advertise packets based on the Sock Raw multicast, while the standby routers receive these packets. The standby routers can serve as the main router through their Timer out mechanism and the Preempt mechanism. You can configure multiple hot standby groups on an interface to fully use the router. Currently VRRP supports Ethernet/Fast Ethernet/VLAN protocols, but it does not support the token ring and the token bus.
Users Manual of XGS-6350-24X4C address Virtual Router A standby router which will be selected to serve as a Backup data-forwarding router when the master router invalidates 49.3.
Users Manual of XGS-6350-24X4C [no] vrrp group-number Sets the hot standby privilege level priority<1-255> in the VRRP router for selecting the primary router and the standby router. 49.3.3.6 Configuring the Preemption Mode Command Purpose [no] vrrp group-numberpreempt Sets the preemption mode. [delay<1-254>] 49.3.3.
Users Manual of XGS-6350-24X4C 49.3.4 VRRP Configuration Example In the following network topology, two subnets in a same network use their own gateways (gateway A and gateway B) respectively to access the Internet, but gateway A and gateway B are standby ones each other. When one gateway (one router) breaks down, the other will work for the two subnets. Group 3 vip: 100.1.1.30 vmac: 00:00:5e:00:01:03 Host John e1/1.2 F0/22 F0/23 F0/20 e1/1.1 F0/21 A B e1/1.1 e2/1 vrrp Group 6 vip: 200.1.1.
Users Manual of XGS-6350-24X4C RouterB: ----------------------------------interface Ethernet1/1.2 encapsulation dot1Q 2 ip address 100.1.1.6 255.255.255.0 vrrp 3 associate 100.1.1.30 255.255.255.0 vrrp 3 priority 110 vrrp 3 description line1-backup vrrp 3 authentication line1pwd vrrp 3 preempt vrrp 3 timers advertise dsec 15 ---------------------------------interface Ethernet1/1.2 encapsulation dot1Q 3 ip address 200.1.1.6 255.255.255.0 vrrp 6 associate 200.1.1.30 255.255.255.
Users Manual of XGS-6350-24X4C interface VLAN3 ip addr 200.1.1.8 255.255.255.
Users Manual of XGS-6350-24X4C Chapter 50. Multicast Configuration 50.1 Multicast Overview The chapter describes how to cofigure the multicast routing protocol. For the details of the multicast routing commands, refer to the part “Multicast Routing Commands”. The traditional IP transmission allows only one host to communicate with a single host (unicast communication) or to communicate with all hosts (broadcast communication). The multicast technology allows one host to send message to some hosts.
Users Manual of XGS-6350-24X4C 50.1.2 Multicast Routing Configuration Task List 50.1.2.
Users Manual of XGS-6350-24X4C Configuring the filtration list Setting the DR priority Clearing (S,G) information 50.1.2.4 PIM-SM Configuration Task List Configuring static RP Configuring standby BSR Configuring standby RP Displaying PIM-SM multicast routing Clearing multicast routes learned by PIM-SM 50.2 Basic Multicast Routing Configuration 50.2.
Users Manual of XGS-6350-24X4C 50.2.2.2 Starting up PIM-SM To run PIM-DM on a port and activate the PIM-DM multicast, perform the following operation: Command Purpose Enters a port where PIM-SM needs to run and then ip pim-sm activates the PIM-SM multicast routing process in port configuration mode. 50.2.3 Configuring TTL Threshold Run the command ip multicast ttl-threshold to configure the TTL threshold of the multicast message that is allowed to pass the port.
Users Manual of XGS-6350-24X4C Take the tunnel technology as an example. When a router in a path does not support the multicast protocol, the resolution is to configure the GRE tunnel between two routeres. In the following figure, each unicast router supports only the unicast message; each multicast router supports only the multicast message. The source host sends the multicast message to the destination host through MR1 and MR2.
Users Manual of XGS-6350-24X4C 50.2.7 Configuring IP Multicast Rate Control Run the command ip multicast rate-limit to limit the rate of receiving and sending the multicast message in a source/group range. Run the command noip multicastrate-limit to cancel the rate limitation. Run the following command to limit the input rate of a multicast flow to n kbps.
Users Manual of XGS-6350-24X4C Example The following example shows how to configure the command ip multicast helper. The configuration of the router is shown in the following figure. Configure the command ip directed-broadcast on the e0 port of the first-hop router to handle the directional message. Configure ip multicast helper-map broadcast 230.0.0.1 testacl1, allowing to convert the UDP broadcast message with port number 4000 that is sent from the source address 192.168.20.
Users Manual of XGS-6350-24X4C Command Purpose interface type number Enters the interface configuration mode. ip pim neighbor-filter access-list Filters all pim messages on the stub router. Example The configuration of router A and B is shown as follows: Stub Router A Configuration ip multicast-routing ip pim-dm ip igmp helper-address 10.0.0.2 Central Router B Configuration ip multicast-routing ip pim-dm ip pim-dm neighbor-filter stubfilter ip access-list stubfilter deny 10.0.0.1 50.2.
Users Manual of XGS-6350-24X4C show ip mroute mfc Displays the multicast forwarding cache. show ip rpf [ucast | mstatic | pim-dm Displays the RPF information. | pim-sm | dvmrp] source-address 50.3 IGMP Configuration 50.3.1 Overview 50.3.1.1 IGMP Internet Group Management Protocol (IGMP) is a protocol used to manage multicast group members. IGMP is an asymmetric protocol, containing the host side and the switch side.
Users Manual of XGS-6350-24X4C and RFC3376. IGMP V1 supports only the function to record the multicast group members. IGMP V2 can query the designated multicast group member, generates the leave message when an IGMP host leaves a multicast group, and shortens the change delay of the group member. IGMP V3 has additional functions to update and maintain the multicast group member IDs which correspond to the source host addresses.
Users Manual of XGS-6350-24X4C minimum IP address is the querier in the network. The switch that is not the querier needs to save a clock to record the existence of the querier. If the clock times out, the non-querier switch turns to be the querier until it receives the IGMP Query message from the switch with a smaller IP address.
Users Manual of XGS-6350-24X4C For IGMP-Router V2 and IGMP-Router V3, run the following command in interface configuration mode to configure the IGMP query interval of the last group member: Command Purpose ip igmp Configures the IGMP query interval of last-member-query-intervaltime the last group member (unit: ms). The previous command is useless for IGMP-Router V1. 50.3.2.
Users Manual of XGS-6350-24X4C interface configuration mode will be omitted. If the command is first configured in interface configuration mode, the command configured in global configuration mode will delete the command configured in interface configuration mode.
Users Manual of XGS-6350-24X4C 50.3.3.3 IGMP Querier interval configuration example The following example shows how to modify the IGMP Querier interval to 100 seconds on the interface ethernet 1/0: interface ethernet 1/0 ip igmp querier-timeout 100 50.3.3.4 Maximum IGMP response time example The following example shows how to modify the maximum IGMP response time to 15 seconds on the interface ethernet 1/0: interface ethernet 1/0 ip igmp query-max-response-time 15 50.3.3.
Users Manual of XGS-6350-24X4C the multicast group 224.1.1.7 to the interface ethernet 0/0. Run the following command in interface configuration mode to receive the IP multicast message that is from 192.168.20.169 and finally sent to the multicast group 224.1.1.7: ip igmp static-group 224.1.1.7 include 192.168.20.169 The previous command can be executed for many times to define different source addresses.
Users Manual of XGS-6350-24X4C pruning state contains information about the multicast source and the multicast group. When the multicast group member appears in the pruning area, PIM-DM actively sends the graft message to the upper field without waiting for the pruning state of the upper field to time out, turning the pruning state to the forwarding state.
Users Manual of XGS-6350-24X4C upstream ports. For the following switches, the interval is the period to receive and handle the state-refresh message. 50.4.2.2 Configuring State-Refresh The state-refresh control information of the PIM-DM is forwarded in management mode by default. The configuration commands in interface configuration mode are effective only to the configurations at the upstream ports when the first-hop switch directly connecting the source sends the state-refresh message periodically.
Users Manual of XGS-6350-24X4C Configures the priority for the local DR ip pim-dm dr-priority on the designated port. 50.4.2.5 Clearing Item (S,G) Normally, item (S,G) in the local MRT or the statistics value of the multicast message number forwarded through item (S,G) need be cleared. Run the following commands in management mode. Command Purpose clear ip mroute pim-dm {* | group Clears the item (S,G) in the local MRT.
Users Manual of XGS-6350-24X4C Figure 5-1 Join-in mechanism of PIM-SM PIM-SM forwards the multicast packet by creating the multicast distribution tree. The multicast distribution tree can be classified into two groups: Shared Tree and Shortest Path Tree. Shared Tree takes the RP of group G as the root, while Shortest Path Tree takes the multicast source as the root. PIM-SM creates and maintains the multicast distribution tree through the displayed join/prune mode.
Users Manual of XGS-6350-24X4C about a group member’s relationship from the directly-connected host, if the DR has no the routing item of the group, the DR will map the group address to a candidate RP through the Hash algorithm. The DR then multicasts the Join/prune message hop by hop towards the RP. Finally, the DR packages the multicast data in the registration message and unicasts it to the RP. 50.5.2 Configuring PIM-SM 50.5.2.
Users Manual of XGS-6350-24X4C routers in the domain, ensuring the RP mapping is unique. Run the following command in global configuration mode: Command ip pim-sm rp-candidate [typenumber] [interval|group-list acl-name] no ip pim-sm rp-candidate [typenumber] Purpose Configures the local switch as the candidate RP. After the candidate RP is configured, it will be sent to the BSR periodically. The BSR then broadcasts all PIM-SM routers in the PIM-SM domain. 50.5.2.
Users Manual of XGS-6350-24X4C ip pim-sm dr-priority 100 ! interface Serial2/0 ip address 192.168.21.142 255.255.255.0 physical-layer speed 128000 ip pim-sm ! router rip network 192.168.21.0 network 192.166.1.0 network 192.166.100.0 version 2 ! ip pim-sm bsr-candidate Loopback0 30 201 ip pim-sm rp-candidate Loopback0 ! Device B: ! ip multicast-routing ! interface Ethernet0/1 ip address 192.168.200.144 255.255.255.0 ip pim-sm ip pim-sm dr-priority 200 ! interface Serial0/0 ip address 192.168.21.144 255.
Users Manual of XGS-6350-24X4C ! interface Ethernet1/1 ip address 192.166.1.142 255.255.255.0 ip pim-sm ! interface Serial2/0 ip address 192.168.21.142 255.255.255.0 physical-layer speed 128000 ip pim-sm ! router rip network 192.168.21.0 network 192.166.100.0 ! ip pim-sm bsr-candidate Loopback0 30 201 ! Device B: ! ip multicast-routing ! interface Loopback0 ip address 192.168.100.144 255.255.255.0 ip pim-sm ! interface Ethernet0/1 ip address 192.168.200.144 255.255.255.
Users Manual of XGS-6350-24X4C Chapter 51. IPv6 Configuration 51.1 IPv6 Protocol’s Configuration The configuration of the IPv6 address of the router only takes effect on the VLAN interface, not on the physical interface. The IPv6 protocol is disabled in default state. If the IPv6 protocol need be used on a VLAN interface, this protocol should be first enabled in VLAN interface configuration mode. To enable the IPv6 protocol, users have to set the IPv6 address.
Users Manual of XGS-6350-24X4C Command Purpose ipv6 enable Sets a link-local address automatically. ipv6 address fe80: : x link-local Sets a link-local address manually. The link-local address must begin with fe80.The default length of the prefix is 64 bit.At manual settings only the values at the last 64 bits can be designated. On a VLAN interface can only one link-local address be set.
Users Manual of XGS-6350-24X4C (4) Setting IPv6 redirection (5) Setting IPv6 destination unreachability (6) Setting IPv6 ACL (7) Setting IPv6 Hop-Limit 1. Setting the transmission frequency of the ICMPv6 packet If you want to limit the transmission frequency of the ICMPv6 packet, run the command in the following table. If the ICMPv6 transmission frequency is larger than the set value, the transmission frequency will be limited. The default transmission frequency is 1000us.
Users Manual of XGS-6350-24X4C IPv6 redirection is opened by default. However, if a hot standby router protocol is configured on an interface, IPv6 redirection is automatically closed. If the hot standby router protocol is canceled, this function will not automatically opened. To open IPv6 redirection, run the following command: 5. Command Purpose ipv6 redirects Allows IPv6 to transmit the redirection packets.
Users Manual of XGS-6350-24X4C Chapter 52. ND Configuration 52.1 ND Overview A node (host and router) uses ND (Neighbor Discovery protocol) to determine the link-layer addresses of the connected neighbors and to delete invalid cache rapidly. The host also uses the neighbor to discover the packet-forwarding neighboring routers. Additionally, the node uses the ND mechanism to positively trace which neighbors are reachable or unreachable and to test the changed link-layer address.
Users Manual of XGS-6350-24X4C vlanid hardware-address IPv6 address into a link-layer address. 52.1.2 ND Configuration The ND protocol is used not only for address resolution but for other functions such as neighbor solicitation, neighbor advertisement, router solicitation, router advertisement and redirect.
Users Manual of XGS-6350-24X4C Setting the prefix of the RA message The router releases address prefixes to the network host via RA message. The address prefix plus the host address is the entire unicast address. The prefix option is carried by the RA message, and the host obtains the IPv6 address prefix and related parameter from this option.
Users Manual of XGS-6350-24X4C Setting the reachable-time field of the RA message reachable-time means the time to reach a neighbor, which is 0 by default. Command Purpose ipv6 nd reachable-time milliseconds Sets the reachable-time field in the RA message transmitted by the local port. Its default value is 0ms. Setting the value of the router preference in the RA message router-preference means the router’s priority, which accounts for two bits in the flags domain in the RA message.
Users Manual of XGS-6350-24X4C Chapter 53. RIPNG Configuration 53.1 Configuring RIPNG 53.1.1 Overview Routing Information Protocol of next generation (RIPng) is the RIP of version 6. In the equipment RIPng and RIP are two completely independent modules that are in charge of the learning and management of the routing information in version 6 and version 4 respectively. RIPng is same to RIP in the internal working mechanism. RIPng switches the routing information through the UDP broadcast.
Users Manual of XGS-6350-24X4C Activating or Forbidding Horizontal Fragmentation Monitoring and Maintaining RIPng 53.1.3 RIPng Configuration Tasks 53.1.3.1 Allowing to Set the Unicast Routing Protocol To set the RIPng, you must first run the following command to allow setting the switch of a unicast route. Command Ipv6 unicast-routing Purpose Enables to set the unicast routing protocol on a device. 53.1.3.
Users Manual of XGS-6350-24X4C above, run the following command in RIPng configuration mode: Command Purpose neighboripv6-address Defines a neighboring router and switches the routing information with this neighboring router. 53.1.3.5 Applying the Offset on the Routing Weight The offset list is used to add an offset for an incoming or outgoing route which RIPng learns. In this case, a local mechanism is provided to add the routing weight.
Users Manual of XGS-6350-24X4C recovery is needed. To adjust the timer, run the following command in RIPng configuration mode: Command Purpose timers holddown value Means how long it takes for a route to be removed from the routing table. timers garbagevalue Means how long it takes for a route to be declared invalid. timers updatevalue Means the transmission frequency of routing updates, whose unit is second. 53.1.3.
Users Manual of XGS-6350-24X4C parameters of RIPng, the network usage information and the real communication-tracing information. This kind of information can help users to judge the usage of network resources and solve network problems. From the statistics information, you can also know the reachablity of a network node.
Users Manual of XGS-6350-24X4C ipv6 rip dang2 split-horizon ! router ripng dang2 redistribute static exit ! ! Device B: interface Ethernet1/1 no ip address no ip directed-broadcast duplex half ipv6 address 4444: : 2222/64 ipv6 enable ipv6 rip dang enable ipv6 rip dang split-horizon ! router ripng dang redistribute static exit ! In this way both device A and device B learns the static routing information from each other.
Users Manual of XGS-6350-24X4C Chapter 54. OSPFv3 Configuration 54.1 Overview OSPFv3 is an IGP routing protocol developed by the OSPF working group of IETF for the IPv6 network. OSPFv3 supports the IPv6 subnet, the mark of the external routing information and the packet’s authentication. OSPFv3 and OSPFv2 have a lot in common: Both router ID and area ID are 32 bit. The following are the same type of packets: Hello packets, DD packets, LSR packets, LSU packets and LSAck packets.
Users Manual of XGS-6350-24X4C 54.2 OSPFv3 Configuration Task List OSPFv3 demands the switchover of routing data between in-domain router, ABR and ASBR. In order to simplify the settings, you can make related configuration to enable them to work under the default parameters without any authentication; if you want to change some parameters, you must guarantee that the parameters on all routers are identical. To set OSPFv3, you must perform the following tasks.
Users Manual of XGS-6350-24X4C If the OSPFv3 process is still not created before OSPFv3 is enabled on an interface, the OSPFv3 process will be automatically created. 54.3.2 Setting the Parameters of the OSPFv3 Interface During OSPFv3 realization, related OSPFv3 parameters on an interface are allowed to be modified according to actual requirements. Of cause you have no need to change every parameter, but you have to make sure that some parameters are consistent on all routers in the connected networks.
Users Manual of XGS-6350-24X4C point-to-multipoint one. Between those routers which are not adjacent the routing information can be switched through the virtual link. The OSPFv3 point-to-multipoint interface can be set to be multipoint-to-point interface, through which multiple routes of a host can be established.
Users Manual of XGS-6350-24X4C Command Purpose areaarea-idrange ipv6-prefix Sets the address' range of the /prefix-length summary route. 54.3.7 Setting the Summary of the Forwarded Routes When routes are distributed from other routing areas to the OSPFv3 routing area, each route is singularly broadcasted as an external LSA. However, you can set a route on a router to make this route cover an address range. In this way, the size of the OSPFv3 link-state database can be reduced.
Users Manual of XGS-6350-24X4C OSPFv3 uses three different kinds of management distances: inter-domain, inner-domain and exterior. The routes in a domain are called inner-domain routes; the routes to other domains are called inter-domain routes; the routes transmitted from other routing protocols are called the exterior routes. The default value of each kind of routes is 110. 54.3.
Users Manual of XGS-6350-24X4C show ipv6 ospf neighbor Displays the information about OSPFv3 neighbors. show ipv6 ospf route Displays the routing information about OSPFv3. show ipv6 ospf topology Displays the OSPFv3 topology. show ipv6 ospf virtual-links Displays the virtual links of OSPFv3. debug ipv6 ospf Monitors all OSPFv3 behaviors. debug ipv6 ospf events Monitors the OSPFv3 events. debug ipv6 ospf ifsm Monitors the state machine of the OSPFv3 interface.
Users Manual of XGS-6350-24X4C interface vlan 10 ipv6 address 2001: : 1/64 ipv6 enable ipv6 rip aaa enable ipv6 rip aaa split-horizon ipv6 ospf 90 area 0 ipv6 ospf cost 1 ! router ospfv3 90 router-id 1.1.1.1 redistribute rip ! router ripng aaa redistribute ospf 90 2. Configuring multiple OSPFv3 processes The following example shows that two OSPFv3 processes are created.
Users Manual of XGS-6350-24X4C ! router ospfv3 110 router-id 2.2.2.2 ! Each interface can belong to many OSPFv3 processes, but if an interface belongs to multiple OSPFv3 processes each OSPFv3 process must correspond to different instances. 3. Complicated configuration example The following example shows how to configure multiple routers in a single OSPFv3 autonomous system.
Users Manual of XGS-6350-24X4C ! ! router ospfv3 1 router-id 2.2.2.
Users Manual of XGS-6350-24X4C ! R2: interface vlan 0 ipv6 enable ipv6 ospf 1 area 1 ! ! router ospfv3 1 router-id 2.2.2.
Users Manual of XGS-6350-24X4C Configure the router according to the above-mentioned figure: R1: interface vlan 0 ipv6 address 101: : 1/64 ipv6 enable ipv6 ospf 1 area 1 ! interface vlan 1 ipv6 address 6: : 1/64 ipv6 enable ipv6 ospf 1 area 0 ! ipv6 route 2001: : /64 6: : 2 ! router ospfv3 1 router-id 200.200.200.1 area 1 virtual-link 200.200.200.
Users Manual of XGS-6350-24X4C Browsing the state of the OSPFv3 neighbor: R1#show ipv6 ospf neighbor OSPFv3 Process (1) Neighbor ID Pri State Dead Time Interface Instance ID 200.200.200.2 1 Full/DR 00: 00: 35 VLAN0 0 200.200.200.2 1 Full/ - 00: 00: VLINK1 36 0 R2#show ipv6 ospf neighbor OSPFv3 Process (1) OSPFv3 Process (1) Neighbor ID Pri State Dead Time Interface 200.200.200.1 1 Full/Backup 200.200.200.
Users Manual of XGS-6350-24X4C is directly connected, L, VLAN1 C ff00: : /8[2] is directly connected, L,Null0 R2#show ipv6 route O 6: : /64[1] [110,20] via fe80: C 101: : 4: : 2e0: fff: fe26: 2d98(on VLAN0) fff: fe26: 2d98(on VLAN0) /64[1] is directly connected, C, VLAN0 O 101: : 1/128[1] [110,10] via fe80: C 101: : 4: : 2e0: 2/128[1] is directly connected, L, VLAN0 C 888: : /64[1] is directly connected, C, VLAN1 C 888: : 8/128[1] is directly connected, L, VLAN1 O 2
Users Manual of XGS-6350-24X4C Chapter 55. BFD Configuration 55.1 Overview BFD (Bidirectional Forwarding Detection) is a set of all-net uniform detection mechanism used for rapid detection and monitoring of link or IP routing forwarding connectivity. To improve the performance of existing networks, communication troubles can be detected rapidly between neighboring protocols so that a standby communication channel can be quickly established.
Users Manual of XGS-6350-24X4C of BFD control packets on the local end cannot be modified until the packets reset by the peer's F field are received, which ensures that the detection time is lengthened on the peer before the increase of the transmission interval of BFD control packets on the local end. Otherwise, the detection timer on the peer may time out.
Users Manual of XGS-6350-24X4C 55.2.4 Enabling Port BFD Authentication Port BFD authentication is not activated by default. Authentication configuration takes immediate effect before BFD neighbor is up, and the two terminals of a link on which BFD detection is conducted can be up only when their BFD authentication configurations are same.
Users Manual of XGS-6350-24X4C interface vlan1 ip address 1.1.1.2 255.255.255.0 bfd enable no ip directed-broadcast ! router bgp 200 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.
Users Manual of XGS-6350-24X4C Chapter 56. SNTP Configuration 56.1 Overview 56.1.1 Stipulations 56.1.1.1 Format Stipulation in the Command Line Syntax Bold {italic} Definition Stands for the keyword in the command line, which stays unchanged and must be entered without any modification. It is presented as a bold in the command line. Stands for the parameter in the command line, which must be replaced by the actual value. It must be presented by the italic in the brace.
Users Manual of XGS-6350-24X4C Setting the Grade of the SNTP Server Enabling the SNTP Server The local switch takes as the SNTP client: Setting the IP Address of the SNTP Server Setting the Interval of Browsing the SNTP Server Disabling the SNTP Server 56.2.3 SNTP Configuration 56.2.3.1 Setting the Grade of the SNTP Server Configuration mode: Global Command Purpose sntp master [Stratum] Sets the grade of the SNTP server. 56.2.3.
Users Manual of XGS-6350-24X4C Chapter 57. Cluster Management Configuration 57.1 Overview The switch cluster is a group of switches which can be managed as a single entity. In the cluster, there must be a switch worked as the command switch, which allows up to 255 switches simultaneously to join the cluster as member switches. As the single access node in the cluster, the command switch is used to configure, manage and monitor member switches. One switch belongs to only one cluster at a certain moment.
Users Manual of XGS-6350-24X4C When planning the address pool, pay attention that the service addresses cannot be the same as those in the address pool; note that the address number in the address pool cannot be smaller than the maximum number of member switches in the cluster (including the command switch). 57.3.2 Creating Cluster A. Activating command switch Run the following command in global configuration mode to set the current switch to the command switch: B.
Users Manual of XGS-6350-24X4C cluster hellotime<1-300> Configures the interval of sending hello message between the command switch and the member switch. C. Configuring holdtime If the member switch and the command switch do not receive the handshake message from the peer in an interval, they think the peer is in down state.
Users Manual of XGS-6350-24X4C member switch is public@es6. 57.3.6 Using Web to Manage Cluster After the cluster is created, the http message can be transmitted between the member switch and the browser through the command switch. The detailed operation is to add prefix like “esN/” before the url. Suppose the IP of the command switch is 192.168.20.1, the url of the No.6 member switch is http: //192.168.20.1/es6/.