3Com 4007R Implementation Guide
3Com 4007R - Switch Manual
 |
UPC - 662705445335
View all 3Com 4007R manuals
Add to My Manuals
Save this manual to your list of manuals |
3Com 4007R manual content summary:
- 3Com 4007R | Implementation Guide - Page 1
Switch 4007 Implementation Guide Release 3.0.5 http://www.3com.com/ Part No. 10013673 Published May 2000 - 3Com 4007R | Implementation Guide - Page 2
, or delivered to you in conjunction with, this User Guide. Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may and Transcend are registered trademarks of 3Com Corporation. 3Com Facts is a service mark of 3Com Corporation. Acrobat, Acrobat Reader, and - 3Com 4007R | Implementation Guide - Page 3
CONTENTS ABOUT THIS GUIDE Audience 31 Scope of this Guide 32 Conventions 32 Switch 4007 Documentation 34 Documentation Comments 35 Year 2000 Compliance 35 PART I UNDERSTANDING YOUR SWITCH 4007 SYSTEM 37 1 CONFIGURATION OVERVIEW Physical Configuration - 3Com 4007R | Implementation Guide - Page 4
PART II UNDERSTANDING THE MANAGEMENT MODULE 51 2 OVERVIEW OF THE MANAGEMENT MODULE Before You Start 53 Module Overview 54 Module Components 54 Module Functions 55 Impact on the Network 56 3 INSTALLING MANAGEMENT MODULES Before You Start 57 Installing Modules 58 Hot Insert and Hot Swap 58 Installing - 3Com 4007R | Implementation Guide - Page 5
82 Customizing Terminal Settings 82 Setting Terminal Hangup 83 Setting Terminal Prompt 83 Setting Terminal Timeout Value 83 Setting Terminal Type 84 Troubleshooting the Terminal Interface 84 Customizing Your System 86 Assigning a Unique Name 86 Setting EME Diagnostics 86 Assigning a Contact Name and - 3Com 4007R | Implementation Guide - Page 6
Creating a Community Table 96 Configuring a Trap Destination 97 Configuring the Authentication Alert Setting 97 Configuring Trap Options 97 Viewing SNMP Extensions and Traps 98 Interpreting EME Trap Messages 98 Obtaining More Information About SNMP 99 Configuring the Event Log 100 Using the File - 3Com 4007R | Implementation Guide - Page 7
Power Class Settings 117 Using the Default Power Class Setting 117 Setting Power Class 117 Power Class 10 Warnings 118 Budgeting Power 118 Allocating Power for Installed Modules 118 Increasing the Unallocated Power Budget 119 Determining Chassis Power Budget 120 Power Supply Output in Non-Fault- - 3Com 4007R | Implementation Guide - Page 8
7 PHYSICAL PORT NUMBERING Slot Architecture 137 Default Port Settings 138 Configuring Port Status 139 Allocating Switch Fabric Capacity to Slots 140 9-port GEN Switch Fabric Module 140 Using Table 33: Examples 140 24-port GEN Switch Fabric Module 141 Using Table 34: Examples 142 Key Guidelines for - 3Com 4007R | Implementation Guide - Page 9
Flow Control 157 Important Considerations 157 PACE Interactive Access 158 Important Considerations 158 Port Monitoring 158 Standards, Protocols, and Related Reading 159 Ethernet Protocol 159 Media Specifications 159 Related Reading 160 9 BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Bridging Overview 162 - 3Com 4007R | Implementation Guide - Page 10
How a Single Bridge Interprets CBPDUs 174 How Multiple Bridges Interpret CBPDUs 175 Determining the Root Bridge 178 Determining the Root Ports 178 Determining the Designated Bridge and Designated Ports 178 Spanning Tree Port States 180 Reconfiguring the Bridged Network Topology 182 Resulting Actions - 3Com 4007R | Implementation Guide - Page 11
Important Considerations 196 GARP VLAN Registration Protocol (GVRP) 197 Important Considerations 197 Standards, Protocols, and Related Reading 198 10 CLASS OF SERVICE (COS) Overview 200 Key Concepts 201 Basic Elements of the Standard 201 Format of Prioritized Packets 202 Queues and Priority Levels - 3Com 4007R | Implementation Guide - Page 12
Key Implementation Guidelines 215 Processing IP Multicast Packets 217 Effects of MAC Address Aliasing 218 Important Considerations 219 Operating as the Querier 220 Locating Multicast Routers 220 Aging the IGMP Tables 221 Standards, Protocols, and Related Reading 221 12 TRUNKING Trunking Overview 224 - 3Com 4007R | Implementation Guide - Page 13
Resilient Link Define and Modify 238 Important Considerations 238 Resilient Link State 239 Important Considerations 239 Resilient Link Active Port 239 Important Considerations 239 Resilient Link Remove 239 Important Consideration 239 14 VIRTUAL LANS (VLANS) VLAN Overview 242 Need for VLANs 242 - 3Com 4007R | Implementation Guide - Page 14
Port-based VLANs 266 The Default VLAN 266 Modifying the Default VLAN 267 Trunking and the Default VLAN 268 User-Configured Port-based VLANs 270 Important Considerations 270 Example 1: A Single VLAN Configuration 271 Example 2: VLANs with Tagged Backplane Ports 272 Example 3: VLANs with Tagged Front- - 3Com 4007R | Implementation Guide - Page 15
15 PACKET FILTERING Packet Filtering Overview 306 What Can You Filter? 306 When Is a Filter Applied? - Paths 307 Input Packet Filtering: Receive Path 307 Output Packet Filtering: Transmit Path 307 Internal Packet Filtering: Receive Internal Path 307 Path Assignment 308 Key Concepts 309 Standard - 3Com 4007R | Implementation Guide - Page 16
Groups 340 Important Considerations 340 Long Custom Filter Example 341 Filtering Problem 341 Packet Filter Solution 342 Packet Filter One 344 Packet 354 Integrating Bridging and Routing 355 Bridging and Routing Models 355 3Com Bridging and Routing 356 IP Routing Overview 358 Features and Benefits - 3Com 4007R | Implementation Guide - Page 17
Variable Length Subnet Masks (VLSMs) 364 How VLSMs Work 364 Guidelines for Using VLSMs 364 Router Interfaces 365 Routing Table 366 Default Route 368 Routing Models: Port-based and VLAN-based 368 Key Guidelines for Implementing IP Routing 369 Configure Trunks (Optional) 369 Configure IP VLANs 370 - 3Com 4007R | Implementation Guide - Page 18
Effects and Consequences 383 RIP-1 Versus RIP-2 383 Important Considerations 384 Routing Policies 384 How Routing Policies Work 385 Important Considerations 387 Implementing RIP Routing Policies 387 RIP Metric Adjustments 387 RIP Import Policy Conditions for Specified Interfaces 388 RIP Export - 3Com 4007R | Implementation Guide - Page 19
Operations 404 Spanning Tree Protocol (STP) 405 Dynamic Routing Protocols (RIP, RIP-2, OSPF) 405 IGMP Queries 406 ICMP Redirect 407 Quality of Service 407 IP Routing Policies 407 Dynamic Host Configuration Protocol (DHCP) 407 Using VRRP On Your Switch 4007 407 VRRP with Multiple Virtual Routers 407 - 3Com 4007R | Implementation Guide - Page 20
Traffic Movement 429 IP Multicast Groups 430 Source-Group Pairs 430 Multicast Addresses 430 Registered Groups 430 Reserved MAC Addresses 431 How IGMP Supports IP Multicast 432 Electing the Querier 432 Query Messages 432 Host Messages 432 Response to Queries 432 Join Message 433 Leave-Group Messages - 3Com 4007R | Implementation Guide - Page 21
Configuring IGMP Options 440 Querying and Snooping Modes 440 Important Considerations 440 Configuring DVMRP Interfaces 440 Important Considerations 440 Configuring DVMRP Tunnels 441 Important Considerations 441 Configuring DVMRP Default Routes 443 How Default Routes Work 443 How to Configure A - 3Com 4007R | Implementation Guide - Page 22
Autonomous System Boundary Routers 459 Configuring an ASBR 459 Areas 461 Types of Areas 462 Area Border Routers 464 Routing Databases 464 Configuring Route Summarization in ABRs 465 Important Considerations 465 Default Route Metric 468 OSPF Interfaces 468 Mode 468 Priority 469 Using Priority to - 3Com 4007R | Implementation Guide - Page 23
Default Memory Allocation 485 Current Partition Maximum Size 485 Allocated Memory Size 486 Running Out of Memory - Soft Restarts 486 Manual Memory Allocation 487 System Memory Allocation 487 Stub Default Metrics 487 Important Considerations 488 Virtual Links 488 Important Considerations 490 OSPF - 3Com 4007R | Implementation Guide - Page 24
How IPX Routing Works 510 IPX Packet Format 510 IPX Packet Delivery 512 Sending Node's Responsibility 513 Router's Responsibility 514 Terminology 515 Key Guidelines for Implementation 516 Procedural Guidelines 516 General Guidelines 516 IPX Interfaces 517 Important Considerations 517 Per-Interface - 3Com 4007R | Implementation Guide - Page 25
IPX SAP Mode 530 Important Considerations 530 SAP Policies 530 SAP Import Polices 531 SAP Export Policies 531 SAP Policy Parameters 531 IPX Statistics 532 Standards, Protocols, and Related Reading 533 21 APPLETALK ROUTING AppleTalk Overview 536 Features 536 Benefits 537 Key Concepts 538 AppleTalk - 3Com 4007R | Implementation Guide - Page 26
AppleTalk Zones 554 Important Considerations 555 Changing Zone Names 556 Aging Out the Network Range 556 Forwarding AppleTalk Traffic 558 Enabling Forwarding 558 Disabling Forwarding 558 Important Considerations 558 Checksum Error Detection 559 Important Considerations 559 AppleTalk Echo Protocol ( - 3Com 4007R | Implementation Guide - Page 27
Classifiers 580 NonFlow Classifier Information 580 QoS Controls 581 Important Considerations 582 Assigning Control Numbers 583 Specifying Rate Limits 585 Specifying Service Levels 586 Specifying TCP Drop Control 587 Setting the QoS Timer Control 589 Timer Options 590 Examples of Classifiers and - 3Com 4007R | Implementation Guide - Page 28
on Your System 630 Administering SNMP Trap Reporting 630 Remote Monitoring (RMON) 631 Overview of RMON 631 RMON Benefits 632 RMON in Your System 633 3Com Transcend RMON Agents 633 - 3Com 4007R | Implementation Guide - Page 29
643 Application-Layer Host Group 643 Application-Layer Matrix Group 644 Probe Configuration Group Capabilities 644 Management Information Base (MIB) 644 MIB Files 645 Compiler Support 647 MIB Objects 647 MIB Tree 648 MIB-II 651 RMON-1 MIB 652 RMON-2 MIB 653 - 3Com 4007R | Implementation Guide - Page 30
A TECHNICAL SUPPORT Online Technical Services 659 World Wide Web Site 659 3Com FTP Site 659 3Com Bulletin Board Service 660 Access by Analog Modem 660 Access by Digital Modem 660 3Com Facts Automated Fax Service 661 Support from Your Network Supplier 661 Support from 3Com 661 Returning Products for - 3Com 4007R | Implementation Guide - Page 31
process. s Become familiar with the Switch 4007 Command Reference Guide which documents the commands that you use to configure and manage built-in, menu-driven interface called the Administration Console. This guide is intended for the network administrator who is responsible for configuring - 3Com 4007R | Implementation Guide - Page 32
what release is loaded. Go to the 3Com Web site (http://support.3com.com) to download the latest software. If the information in the release notes that correspond with the software on your modules differs from the information in this guide, follow the instructions in the release notes. The Switch - 3Com 4007R | Implementation Guide - Page 33
not case sensitive. The words "enter" and "type" When you see the word "enter" in this guide, you must type something, and then press Return or Enter. Do not press Return or Enter when an instruction simply says "type." Keyboard key names If you must press two or more keys simultaneously, the - 3Com 4007R | Implementation Guide - Page 34
), except for release notes (which you must download from the 3Com Web site). s World Wide Web - All user guides and release notes are available in Adobe Acrobat Reader PDF or HTML format from the 3Com Web site at: http://support.3com.com/ Although they do not ship with your chassis in paper form - 3Com 4007R | Implementation Guide - Page 35
are very important to us. They help us to make our documentation more useful to you. Please send e-mail comments about this guide to: [email protected] Please include the following information when you comment: s Document title s Document part number (found on the front or back page of - 3Com 4007R | Implementation Guide - Page 36
36 ABOUT THIS GUIDE - 3Com 4007R | Implementation Guide - Page 37
UNDERSTANDING YOUR I SWITCH 4007 SYSTEM Chapter 1 Configuration Overview - 3Com 4007R | Implementation Guide - Page 38
- 3Com 4007R | Implementation Guide - Page 39
Configuration Requirements and Options s System Architecture s Management Options s Management Access s System Configuration Process The Switch 4007 chassis supports frame-based technology with the Gigabit Ethernet switch fabric module and Fast Ethernet and Gigabit Ethernet interface modules (Layer - 3Com 4007R | Implementation Guide - Page 40
to support all installed components s One Management Module The Management Module may be referred to as the Enterprise Management Engine (EME) in this guide may be referred to as Layer 3 Switching Modules either in this guide or in the product's management interfaces. This is because the heritage - 3Com 4007R | Implementation Guide - Page 41
management systems. See the Switch 4007 Getting Started Guide. Order of Installation 3Com recommends that you install and configure Switch 4007 unless they were already installed at the factory) All Switch 4007 modules support hot-swap functionality so that the system can respond to dynamic changes. - 3Com 4007R | Implementation Guide - Page 42
Console prior to connecting to the Administration Console of a switching module. For more information about the Management Module and its CLI, see Part I of this guide. - 3Com 4007R | Implementation Guide - Page 43
in Part II of this guide. For information on specific commands, see the Switch 4007 Command Reference Guide. Web Management software A suite access to links to support information on the 3Com Web site. s Installable tools - Install these optional tools on your workstation from the 3Com Web site: s - 3Com 4007R | Implementation Guide - Page 44
, and other aspects, see the Switch 4007 Getting Started Guide. SNMP-Based Network Management Overview For a more comprehensive approach , SNMP is the standard management protocol for multivendor networks. SNMP supports transaction-based queries so that the protocol can format messages and - 3Com 4007R | Implementation Guide - Page 45
attachment under UNIX can use an emulator such as TIP. For more information about terminal port configuration options, see the chapters in Part I of this guide. - 3Com 4007R | Implementation Guide - Page 46
the external modem. For more information about modem configuration options, see the chapters in Part I of this guide. Access Levels The Management Module CLI and the Administration Console CLI support three access levels so that you can provide different levels of access for a range of users, as - 3Com 4007R | Implementation Guide - Page 47
3Com Web site (http://support.3com.com/). When you download software, be sure to also download the corresponding release notes to learn about software compatibility requirements among modules in the chassis, known problems application. See Chapter X in this guide for more information. Configure Each - 3Com 4007R | Implementation Guide - Page 48
Chapter 19 s IPX - See Chapter 20. s AppleTalk - See Chapter 21. 4 Configure more advanced traffic control features: packet filters, Quality of Service (QoS), and the Resource Reservation Protocol (RSVP). To improve LAN performance, shape traffic flows, or implement security controls with standard - 3Com 4007R | Implementation Guide - Page 49
monitoring features such as event logging, baselining, and roving analysis to analyze your network periodically and identify potential network problems before they become serious problems. To test and validate paths in your network, use tools like ping and traceRoute. SNMP and Management Information - 3Com 4007R | Implementation Guide - Page 50
50 CHAPTER 1: CONFIGURATION OVERVIEW - 3Com 4007R | Implementation Guide - Page 51
UNDERSTANDING THE II MANAGEMENT MODULE Chapter 2 Overview of the Management Module Chapter 3 Installing Management Modules Chapter 4 Configuring and Using EME Options Chapter 5 Managing the Chassis Power and Temperature - 3Com 4007R | Implementation Guide - Page 52
- 3Com 4007R | Implementation Guide - Page 53
that you have read the following documents: s Switch 4007 Getting Started Guide s Enterprise Management Engine Quick Start Guide for the CoreBuilder® 9000 Enterprise Switch s Enterprise Management Controller Quick Start Guide for the CoreBuilder 9000 Enterprise Switch s Release Notes for appropriate - 3Com 4007R | Implementation Guide - Page 54
54 CHAPTER 2: OVERVIEW OF THE MANAGEMENT MODULE Module Overview The Management Module is an SNMP-based network management module that: s Provides chassis controller functions (such as power and temperature monitoring), as well as management functions (such as collecting and sending SNMP traps). s - 3Com 4007R | Implementation Guide - Page 55
chassis contents, including fans and power supplies. The inventory lists current software revisions for all installed modules. The inventory system also supports a scratchpad feature so that you can add custom information to the Management Module display. s Power management - You can manage how the - 3Com 4007R | Implementation Guide - Page 56
Telnet sessions so that you can manage an Management Module or another module from a workstation with Telnet support or from another Management Module. s Web Management support - You can monitor and manage the Management Module through the CoreBuilder 9000 Web Management suite of applications - 3Com 4007R | Implementation Guide - Page 57
Engine" in their titles. All relevant documents are available from the Switch 4007 Software and Online Manuals CD or from the 3Com Web site. In addition, be sure to review the earlier front matter and chapters in this guide for an overview of system functions and management module functions. - 3Com 4007R | Implementation Guide - Page 58
primary (active) Management Module and retain uninterrupted chassis services, first ensure that a secondary (standby) Management Module Guide that accompanies the module. Guides for all modules that are supported in the Switch 4007 are available from the Switch 4007 Online Manuals CD or from the 3Com - 3Com 4007R | Implementation Guide - Page 59
There is no reboot of switching modules, no loss of data, and no interruption of service. You can also force a failover to occur from the EME CLI or the Web Start Guide for the CoreBuilder 9000 Enterprise Switch. This document is available on the Switch 4007 Online Manuals CD or from the 3Com Web - 3Com 4007R | Implementation Guide - Page 60
occurs, the failed EME recovers to a normal operating condition, it will remain in the secondary state. The failover mechanism is non-revertive. Even if the problem that caused the failover is resolved, the the failover process does not switch the primary state back to the original primary EME. - 3Com 4007R | Implementation Guide - Page 61
Creating a Redundant Configuration 61 The Standby LED, located on front panel of the EME that fails over, continues to display Active. This is because the two components that make up the EME (SMC and SCC) are independent of each other. Therefore, when the SMC fails over, the SCC on the same EME - 3Com 4007R | Implementation Guide - Page 62
Module is installed properly and you have made an RS-232 console connection: CoreBuilder 9000 Enterprise Management Engine (vx.xx) Copyright (c) 1999 3Com Corporation. Login: To ensure that a broken module LED is not providing a false indication of current conditions, enter the show chassis command - 3Com 4007R | Implementation Guide - Page 63
Making Management Connections 63 The Display Button The front panel of the Management Module includes a display button that is located next to the LED display, and labeled DSPLY. The LED display shows status information when you power on the Management Module, and shows Pri when the Management - 3Com 4007R | Implementation Guide - Page 64
64 CHAPTER 3: INSTALLING MANAGEMENT MODULES Using an MDI-to-MDI Crossover Cable The 10BASE-T port is configured as an MDI or host port. To connect the Management Module to an MDI crossover (MDI-X) or switch port, use a standard RJ-45 jumper cable. To connect the Management Module directly to a host - 3Com 4007R | Implementation Guide - Page 65
Making Management Connections 65 Table 9 Auxiliary Port Pinouts Pin Signal Name 1 Carrier Detect (CD) 2 Receive Data (RD) 3 Transmit Data (TD) 4 Data Terminal Ready (DTR) 5 Signal Ground (GND) 6 Data Set Ready (DSR) 7 Request to Send (RTS) 8 Clear to Send (CTS) 9 reserved Table - 3Com 4007R | Implementation Guide - Page 66
CTS RTS Not Used Using a Modem The Management Module Console Port permits dial-in modem use. To use a dial-in modem: 1 Ensure that the modem supports the AT command set. 2 Select one of the following baud rates: 300, 1200, 2400, 4800, 9600, 19200, or 38400. The factory default is 9600. 3 Place - 3Com 4007R | Implementation Guide - Page 67
Making Management Connections 67 Verifying Network To verify that the chassis and all modules have been installed correctly: Connectivity 1 Confirm that communication can be established on all network segments that you have enabled. 2 Confirm that the Network Activity LED on each installed module - 3Com 4007R | Implementation Guide - Page 68
Troubleshooting Symptom Meaning Corrective Action Chassis power is on, but EME is in standby or has 1 Verify that the EME is installed correctly by following the ACTIVE LED does not light failed diagnostics installation instructions eme command to alleviate the problem. 3 Follow the corrective - 3Com 4007R | Implementation Guide - Page 69
of RAM 512 KB of Flash PROM for controller functions 512 KB of SRAM for controller functions For 100% Hayes-compatible modems Baud rates supported up to 38,400 baud Table 16 EME Power Specifications Element EME Power Consumption 12 W @ 5 V 1.0 W @ +12 V Table 17 EME Environmental Specifications - 3Com 4007R | Implementation Guide - Page 70
70 CHAPTER 3: INSTALLING MANAGEMENT MODULES - 3Com 4007R | Implementation Guide - Page 71
4 CONFIGURING AND USING EME OPTIONS This chapter describes how to configure an installed Management Module (EME). This chapter contains the following sections: s Quick Reference Configuration s Connecting to the System s In-band Connections s Configuring the Terminal s Customizing Your System s - 3Com 4007R | Implementation Guide - Page 72
72 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Quick Reference Configuration Table 19 outlines the basic steps for configuring your Management Module (EME). Table 19 Configuration Steps Procedure* Command 1 Configure your terminal to match the default EME communication settings. See your - 3Com 4007R | Implementation Guide - Page 73
Connecting to the System 73 Connecting to the System This section addresses procedures and commands that you can use to prepare the system (the EME's CLI) to receive connections from terminals or remote workstations or receive requests for access to the embedded Web server. This section also - 3Com 4007R | Implementation Guide - Page 74
Log in to the EME and manage the system as appropriate. The EME supports up to four incoming Telnet sessions. You cannot use Telnet to connect so will terminate the session. Connecting to The EME features a Telnet service for your convenience. To log in to Remote Devices another network device from - 3Com 4007R | Implementation Guide - Page 75
Protocol Connections Vendors initiate Serial Line Internet Protocol (SLIP) sessions differently. Consult the documentation for your system. Although the 3Com SLIP implementation is as generic as possible, it may not function properly with SLIP implementations from other vendors. To properly - 3Com 4007R | Implementation Guide - Page 76
76 CHAPTER 4: CONFIGURING AND USING EME OPTIONS 2 Assign the terminal settings using the following command: set terminal Set the terminal to match the remote terminal settings. 3 Enable SLIP mode using the following command: - 3Com 4007R | Implementation Guide - Page 77
Entering Commands 77 Entering Commands This section describes ways to enter commands and display command options. The Command Completion Feature The command completion feature allows the interface to accept abbreviated command input. You need only to enter a minimum number of characters to - 3Com 4007R | Implementation Guide - Page 78
78 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Listing Command Options To display a list of top-level menu options from the CB9000> prompt, type ? and press Enter. Then, to display a list of submenus or options for any of those options, type one of the options followed by one space and ? and - 3Com 4007R | Implementation Guide - Page 79
Entering Commands 79 You can continue using ? in this manner. Example: CB9000>> show ? Possible completions: chassis clock community eme event_log file host interface inventory ip login module power security servdiag snapshot snmp sntp terminal web CB9000>> show Each command as a list of options - 3Com 4007R | Implementation Guide - Page 80
80 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Keystroke Functions You can alter your keyboard input using specific keyboard functions and control sequences. If you press Enter in the middle of a command entry when a parameter is expected, the EME prompts you for additional information. Table 20 - 3Com 4007R | Implementation Guide - Page 81
disable disable Mode command line or slip command line Terminal_type VT100 To configure the terminal: 1 Consult the user guide that was shipped with your terminal for instructions about setting the terminal values. 2 After you configure your terminal to match the factory defaults of the EME - 3Com 4007R | Implementation Guide - Page 82
82 CHAPTER 4: CONFIGURING AND USING EME OPTIONS 4 Press Enter. The EME displays the following message and prompt: Welcome to Administer service on CB9000. CB9000> You are now logged in as the admin with full access to all commands.To show the current terminal settings, use the - 3Com 4007R | Implementation Guide - Page 83
Configuring the Terminal 83 Setting Terminal Hangup If you use a modem connection to log in to the EME, use the set terminal console hangup command. This command causes the EME to de-assert the RS-232 DTR signal when you log out of the EME. This forces the modem to hang up the connection and may - 3Com 4007R | Implementation Guide - Page 84
terminal type as a VT100 terminal on the console port: CB9000> set terminal console terminal_type vt100 Terminal type changed. Troubleshooting the Table 22 lists some common problems that can occur as you configure Terminal Interface the EME to communicate with a terminal. Table 22 EME Terminal - 3Com 4007R | Implementation Guide - Page 85
the module appears not to download. be operating, contact your service provider. Module reports that a particular subnetwork is reserved. Subnet subnetwork. Statistics are inaccurate. EME statistics are designed to identify problems on the network. They may not be 100% accurate. Module - 3Com 4007R | Implementation Guide - Page 86
being part of the boot process, enter: CB9000> set eme diagnostics disable Assigning a Contact Name and Location The EME can store the name of a service contact and chassis location for reference. Use the show eme command to display the current contact name and location of the EME. To identify - 3Com 4007R | Implementation Guide - Page 87
Customizing Your System 87 After you enter each command, the EME prompts you to enter a line of text, which can be up to 78 characters: CB9000> enter one line of text: The EME commands time out if you do not enter text within 15 seconds. Configuring the Internal Clock Use the set clock date_time - 3Com 4007R | Implementation Guide - Page 88
88 CHAPTER 4: CONFIGURING AND USING EME OPTIONS 15 [GMT+2:00] EET 16 [GMT+3:00] BT 17 [GMT+4:00] ZP4 18 [GMT+5:00] ZP5 19 [GMT+5:30] Bombay/Calcutta/Madras/New Dehli/Colombo 20 [GMT+6:00] ZP6 21 [GMT+7:00] WAST 22 [GMT+8:00] CCT 23 [GMT+9:00] JST 24 [GMT+9:30] Darwin/Adelaide 25 [GMT+10:00] EAST/GST - 3Com 4007R | Implementation Guide - Page 89
Configuring User Logins 89 Configuring User Logins This section describes the different commands for assigning user (network personnel) access levels and login functions:, setting up passwords, and adding or deleting user profiles. User Access Levels The EME provides three levels of user access: - 3Com 4007R | Implementation Guide - Page 90
90 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Setting the Password By default, the EME has no password. The first time that you log in, you press Enter at the Password: prompt. To set a password for the default log in username, use the set login password command. Setting a password for the - 3Com 4007R | Implementation Guide - Page 91
Configuring User Logins 91 4 At the Enter Login Name: prompt, enter the login name for the user that you want to add. 5 At the Enter Login Password: prompt, enter the user's login password. 6 At the Verify - re-enter password: prompt, enter the new password again. The system acknowledges the new - 3Com 4007R | Implementation Guide - Page 92
92 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Table 23 describes the fields in the show login display. Table 23 Fields in the show login Display Column Index Login Name Access Active Sessions Active Login Sessions Description Index number of each of the 10 available logins Name assigned to - 3Com 4007R | Implementation Guide - Page 93
Configuring User Logins 93 Clearing Login Names You may want to clear login names from the EME periodically to help ensure system security. Only a user with Administer access can clear other users. You can enter either the index number of the user or users that you want to clear or all to clear all - 3Com 4007R | Implementation Guide - Page 94
94 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Configuring SNMP Values The Simple Network Management Protocol (SNMP) is a standard that is defined by the Internet Engineering Task Force (IETF). SNMP information is encapsulated in a UDP and IP packet, which in turn, is encapsulated in an - 3Com 4007R | Implementation Guide - Page 95
Configuring SNMP Values 95 Setting a Subnet Mask Use the set ip subnet_mask command to assign a subnet mask to the EME. For example, to set the subnet mask for a class B device, without subnetworks, enter a command similar to the following: CB9000> set ip subnet_mask 255.255.0.0 ethernet_port - 3Com 4007R | Implementation Guide - Page 96
96 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Creating a Community Table Use the Community Table to define: s SNMP stations on the network that access information from the EME s SNMP stations that receive traps from the EME To enable the EME to receive SNMP alarms, you must add the following - 3Com 4007R | Implementation Guide - Page 97
Configuring SNMP Values 97 Configuring a Trap Destination To set up a destination for SNMP traps, use this command at the EME prompt: set snmp trap destination Where is the community string of the selected trap where you want to send the trap and - 3Com 4007R | Implementation Guide - Page 98
sends messages that describe the change to the console: Message received from this device on 15:58 Fri 09 Jul 99: Enterprise: 3Com Enterprise Specific Trap: Module Down Message Information: Slot Number: 6 Subslot Number: 1 Module Type Number: 6 Module Description: Message received from this device - 3Com 4007R | Implementation Guide - Page 99
in this instance is similar to the following example: Message received from this device on 15:58 Fri 09 Jul 99: Enterprise: 3Com SNMP Generic Trap: SNMP Authentication Failure Message Information: Authentication Failure Address: 192.104.6.163 Obtaining More Information About SNMP More information - 3Com 4007R | Implementation Guide - Page 100
100 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Configuring the Event Log The EME maintains a log of informational events, nonfatal errors, and fatal errors that occur on all modules in the chassis. Event log entries are stored in the chronological order in which they are received. When two EMEs - 3Com 4007R | Implementation Guide - Page 101
Module to other modules in the chassis. Under most conditions, you do not need to access or manage the file system. The file system supports commands that allow you to view the files in the file system or to delete certain files. Software Configuration Files The following commands are available - 3Com 4007R | Implementation Guide - Page 102
102 CHAPTER 4: CONFIGURING AND USING EME OPTIONS 82904 82904 Jul 25 1999 Jul 25 1998 9:52:15 BladeConfig.06.01 9:52:19 BladeConfig.05.01 Number of files: Number of bytes in file system: Number of bytes used: Number of bytes available: Number of bytes cleaned: 13 11945984 1157120 10788864 - 3Com 4007R | Implementation Guide - Page 103
of this file. Example: CB9000> clear file_system !!WARNING!! This command will clear all files and reset the EME. Consult the user guide for information on operational considerations before continuing with this command. Do you wish to continue with clear file_system command?(y/n):y Preparing to - 3Com 4007R | Implementation Guide - Page 104
104 CHAPTER 4: CONFIGURING AND USING EME OPTIONS Resetting System Components Certain situations require that you reset power to the entire chassis, certain switching modules, or the EME. This section describes the commands for performing such actions. Resetting the Chassis Use the reset chassis - 3Com 4007R | Implementation Guide - Page 105
Resetting System Components 105 Resetting the EME Use the following commands to reset the EME: s reset eme cold - Use this command after you downgrade software releases. This command cycles the power (off/on) and runs the EME diagnostic (Diags) software which updates the EME's Power On - 3Com 4007R | Implementation Guide - Page 106
. To exit the module and return to the EME management console, enter the disconnect command at the module prompt. See the Switch 4007 Command Reference Guide for more information about the commands that are available through the Administration Console. Also see the chapters in Part III of this - 3Com 4007R | Implementation Guide - Page 107
switching module that you specify. This command is useful if you suspect a problem on the module or if you notice that the module is behaving inconsistently. not pass network traffic. Do not use this command unless you suspect a problem on the module, and you do not need to use the module in your - 3Com 4007R | Implementation Guide - Page 108
an error, and if it is set to stop on the error, the module does not function. If this occurs, call your 3Com reseller or 3Com Technical Support immediately to obtain assistance. See "The cont_mode Characteristic" later in this chapter for information about how to set the servdiag diagnostic tests - 3Com 4007R | Implementation Guide - Page 109
Technical Assistance To receive assistance for installing and troubleshooting the EME, call your 3Com reseller or the 3Com Customer Service Organization. Be prepared to supply a representative with the following information: s A description of the problem s The steps that you have taken to try - 3Com 4007R | Implementation Guide - Page 110
110 CHAPTER 4: CONFIGURING AND USING EME OPTIONS - 3Com 4007R | Implementation Guide - Page 111
5 MANAGING THE CHASSIS POWER AND TEMPERATURE This chapter describes how to configure and manage the chassis power and temperature parameters using commands from the Management Module. This chapter contains the following topics: s Managing Power in the Chassis s Load-Sharing Power Supplies s - 3Com 4007R | Implementation Guide - Page 112
AND TEMPERATURE Managing Power in the Chassis The chassis provides a fault-tolerant, managed, intelligent power supply subsystem. This subsystem supports: s Load-sharing power supplies s High power availability s EME-based power verification features that are designed to ensure optimal performance - 3Com 4007R | Implementation Guide - Page 113
Load-Sharing Power Supplies 113 Software-driven power management also provides protection against the possibility of a catastrophic power failure. If the chassis is operating in power non-fault-tolerant mode and a power supply fails, installed EMEs power off selected (low power class) modules until - 3Com 4007R | Implementation Guide - Page 114
114 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Power Non-Fault-Tolerant Mode Power non-fault-tolerant mode is: s A user-selectable mode in which 100 percent of the power that can be allocated to modules is available to them (no power is held in reserve). s The default mode for power - 3Com 4007R | Implementation Guide - Page 115
Load-Sharing Power Supplies 115 If a power supply fails while the chassis is running in fault-tolerant mode: s The EME automatically disables fault-tolerant mode. s Power formerly reserved is made available by power class and slot location to power-enabled modules to prevent them from powering off - 3Com 4007R | Implementation Guide - Page 116
116 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Enabling and Disabling Power to Slots You can enable or disable power to any slot in your chassis, and the EME does not turn on power to the module in the disabled slot. Modules in disabled slots are not allocated power. All slots are - 3Com 4007R | Implementation Guide - Page 117
Load-Sharing Power Supplies 117 Power Class Settings A power class setting is a value in the range of 1 through 10 that is assigned to each module. The highest setting is 10. Each module has a default power class setting, which you can change with an EME command. The EME uses the power class - 3Com 4007R | Implementation Guide - Page 118
118 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Power Class 10 Warnings The EME cannot automatically power off a module that is assigned a power class setting of 10. For example, if a power supply failure causes a power deficit (or if a chassis overheat condition develops), a module that - 3Com 4007R | Implementation Guide - Page 119
unallocated power budget: 1 Add one or more power supplies. For instructions and information, see the 7-Slot Chassis Power Supply Installation Guide, which is available on the Switch 4007 Software and Online Manuals CD or from the 3Com Web site. 2 If the chassis is running in power fault-tolerant - 3Com 4007R | Implementation Guide - Page 120
120 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Determining Chassis To ensure optimal power fault-tolerance, determine the current power Power Budget budget for the chassis as follows: 1 At the terminal prompt, enter: show power budget The show power budget command shows the amount of - 3Com 4007R | Implementation Guide - Page 121
Budgeting Power 121 Power Supply Output in Non-Fault-Tolerant Mode In Table 28, values are rounded values that do not include system overhead (fans, backplane, signalling, and EMEs). Table 28 shows the power available in power non-fault-tolerant mode (by voltage type) when the power supply is 930 - 3Com 4007R | Implementation Guide - Page 122
122 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Overheat Conditions An overheat condition exists when one of the chassis temperature sensors detects a chassis internal operating temperature that exceeds a predefined threshold. The allowable ambient temperature operating range is 0 °C - 3Com 4007R | Implementation Guide - Page 123
installed, powered-on, modules continue to run. Under these circumstances, an extended overheat condition may cause heat-related hardware damage. 3Com recommends that you run the chassis with overheat_auto_power_down enable in effect. In the following example, overheat power-down mode is enabled - 3Com 4007R | Implementation Guide - Page 124
124 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Overheat Power-off Process The module overheat power-off process is as follows: 1 When any chassis temperature sensor detects an internal chassis operating temperature of 45 °C (113 °F) or higher, power management issues warning traps that - 3Com 4007R | Implementation Guide - Page 125
Saved Power Management Configurations Saved Power Management Configurations 125 Overheat Recovery Process Overheat recovery occurs when the temperature sensor that detected an overheat condition reports that internal chassis temperature is at or below the overheat threshold. When overheat recovery - 3Com 4007R | Implementation Guide - Page 126
126 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Table 30 Saved Power Management Configuration Data Data Type Descriptions Slot profile Identifies the module installed in a given slot. In addition, empty slots are identified. Slot power state Power state for each installed module ( - 3Com 4007R | Implementation Guide - Page 127
Displaying Operating Conditions 127 Displaying Module Information Use the show module commands to display status information for a module and submodule that is installed in a specific slot or to display information for all modules and submodules that are installed in the chassis. The following - 3Com 4007R | Implementation Guide - Page 128
128 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE Displaying Power Use the show power commands to display the power budget, power Information modes, and power information on a per-slot basis. Table 31 lists the commands that display current power conditions in the chassis. Table 31 - 3Com 4007R | Implementation Guide - Page 129
Administrator Operational Version: v3.0 Serial Number: 9ABJ001292 Mac Address: 08-00-8f-30-c7-27 Cpu Ram Size (MB): 20 Trap Receive: DISABLED Boot Version: Service Date: Restarts: Flash Memory (MB): Diagnostics: v3.0 1999/04/ 7 16 ENABLED - 3Com 4007R | Implementation Guide - Page 130
130 CHAPTER 5: MANAGING THE CHASSIS POWER AND TEMPERATURE - 3Com 4007R | Implementation Guide - Page 131
Chapter 6 Module Parameters Chapter 7 Physical Port Numbering Chapter 8 Ethernet Chapter 9 Bridge-Wide and Bridge Port Parameters Chapter 10 Class of Service (CoS) Chapter 11 IP Multicast Filtering with IGMP Chapter 12 Trunking Chapter 13 Resilient Links Chapter 14 Virtual LANs (VLANs) Chapter 15 - 3Com 4007R | Implementation Guide - Page 132
Chapter 19 Open Shortest Path First (OSPF) Routing Chapter 20 IPX Routing Chapter 21 AppleTalk Routing Chapter 22 QoS and RSVP Chapter 23 Device Monitoring - 3Com 4007R | Implementation Guide - Page 133
. s nvData You can manage module parameters in these ways: s From the module menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the EME and connect to a module slot. s From the Web Management software. (See - 3Com 4007R | Implementation Guide - Page 134
the module name s View the module's date and time s Clear the module's diagnostics block s Reboot the module See the Switch 4007 Command Reference Guide or online Help for more information about how to set and modify module parameters. Benefits Using the module parameters to set and modify module - 3Com 4007R | Implementation Guide - Page 135
Key Concepts 135 Key Concepts This section explains how to set and modify module values for applicable parameters and defines terms that are used during each process. How to Set and Modify Module Parameters The module parameter values are set at the factory or during power-on. The basic steps - 3Com 4007R | Implementation Guide - Page 136
work with nvData, you can: s Restore the module's nvData values to their factory defaults, using the reset option. Use the reset option if you have problems with a new setting and want to start over again. s Prepare the system (update the image name and IP address) for an emergency download using - 3Com 4007R | Implementation Guide - Page 137
fabric module slot to all other switching module slots. s Slots 1 - 6 are reserved for Layer 2 and Multilayer Switching Modules. You can install any supported switching module in any of these slots, however one consideration is the capacity of the switch fabric module in Slot 7. For example, if you - 3Com 4007R | Implementation Guide - Page 138
138 CHAPTER 7: PHYSICAL PORT NUMBERING Default Port Settings Table 32 describes the default backplane port settings of Switch 4007 modules. Table 32 Default Port Settings Module Factory Default Setting for Front Factory Default Setting Panel Ports for Backplane Ports Switch Fabric Modules - 3Com 4007R | Implementation Guide - Page 139
Default Port Settings 139 Table 32 Default Port Settings (continued) Module Factory Default Setting for Front Factory Default Setting Panel Ports for Backplane Ports Interface Modules (no on-board switching) 3CB9LG4 Front panel ports Uses the switch fabric 4-Port GBIC Gigabit Ethernet (GEN - 3Com 4007R | Implementation Guide - Page 140
140 CHAPTER 7: PHYSICAL PORT NUMBERING Allocating Switch Fabric Capacity to Slots This section describes how the capacities of the 9-port and 24-port Gigabit Ethernet Switch Fabric Modules are distributed to the other switching module slots in the chassis. 9-port GEN Switch The capacity of the 9- - 3Com 4007R | Implementation Guide - Page 141
Allocating Switch Fabric Capacity to Slots 141 24-port GEN Switch Fabric Module The capacity of the 24-Port Gigabit Ethernet Switching Fabric Module (3CB9FG24T) is distributed across the slots in the chassis. The module capacity is expressed in terms of backplane ports. When a switching module is - 3Com 4007R | Implementation Guide - Page 142
142 CHAPTER 7: PHYSICAL PORT NUMBERING Using Table 34: Examples Suppose you installed a 24-port Switch Fabric Module. Next, you installed a 36-port Fast Ethernet Layer 2 Switching Module in slot 4. After both module's boot sequences were finished, you should see LED #7 and #8 on the switch fabric - 3Com 4007R | Implementation Guide - Page 143
Effects of Removing a Module 143 Effects of Removing When you remove a module and leave the slot empty, a number of a Module changes occur. VLAN Changes When you remove a module, VLAN changes occur as follows: s If you have a VLAN that includes ports that are associated with the removed module, - 3Com 4007R | Implementation Guide - Page 144
144 CHAPTER 7: PHYSICAL PORT NUMBERING Effects of Replacing When you remove a module and replace it with another module, a Modules number of changes can occur, depending on the replacement module. Replacing Modules of the Same Type If you remove a module and replace it with a module of the same - 3Com 4007R | Implementation Guide - Page 145
can manage Ethernet features in either of these ways: s From the ethernet menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the Enterprise Management Engine and connect to a module slot. s From the Ethernet - 3Com 4007R | Implementation Guide - Page 146
146 CHAPTER 8: ETHERNET Ethernet Overview Ethernet is a standardized, switched, packet-based network that supports an exponential hierarchy of three line speeds: s 10 Mbps - Ethernet s 100 Mbps - Fast Ethernet s 1000 Mbps - Gigabit Ethernet All speeds of Ethernet are based on - 3Com 4007R | Implementation Guide - Page 147
bandwidths s Link availability Link Bandwidths As your network needs to support more users and increasingly bandwidth-intensive applications, you can configure from shared 10-Mbps to switched 100-Mbps Fast Ethernet. 3Com's Ethernet network interface cards (NICs) can automatically sense and - 3Com 4007R | Implementation Guide - Page 148
Mbps (Gigabit Ethernet) s Port state - Whether a port is enabled (placed online) or disabled (placed off-line) s Duplex mode - Whether a port supports one-way (half-duplex) or two-way (full-duplex) transmissions s Autonegotiation - A feature that allows some ports to identify and negotiate speed and - 3Com 4007R | Implementation Guide - Page 149
Ethernet, a packet collision can cause the last station that transmitted successfully to monopolize Ethernet access and cause delays.) s Network areas - 3Com uses a three-tiered framework to describe the different functional areas in a LAN: s Wiring closet - This area provides connections to user - 3Com 4007R | Implementation Guide - Page 150
150 CHAPTER 8: ETHERNET Ethernet Packet Processing All frames on an Ethernet network are received promiscuously by an Ethernet port. A port can discard frames for either of the following reasons: s There is no buffer space available. s The frame is in error. Figure 1 shows the order in which - 3Com 4007R | Implementation Guide - Page 151
Key Concepts 151 Frames also may be delivered directly to an Ethernet port by bridge, router, or management applications. However, a transmitted frame can be discarded for any of the following reasons: s The Ethernet port is disabled. s There is no room on the transmit queue. s An error occurred - 3Com 4007R | Implementation Guide - Page 152
implement and trunk Fast Ethernet or Gigabit Ethernet links: s 3Com recommends that you use trunks to increase network availability in the trunked, it can be difficult to manage and troubleshoot individual port-to-port connections if a connectivity problem occurs. This issue may not be of concern in - 3Com 4007R | Implementation Guide - Page 153
Port Enable and Disable (Port State) 153 Port Enable and You can enable Ethernet ports (place them on-line) or disable them Disable (Port State) (place them off-line). Important Considerations s Because it stops all network traffic through the port, disabling a port may adversely affect a live - 3Com 4007R | Implementation Guide - Page 154
way. If autonegotiation does not properly detect the port speed, you can manually set the port speed and duplex mode. s Table 36 lists Ethernet port types on your system, whether they support autonegotiation, and which features they negotiate. Table 36 Port Types and Autonegotiation Attributes - 3Com 4007R | Implementation Guide - Page 155
the requested portMode values for ports that have portMode options and the requested flowControl values for 1000BASE-SX ports. (Backplane ports do not support autonegotiation.) s Use the portMode option to manually configure or modify the port speed and duplex mode. Use the flowControl option to - 3Com 4007R | Implementation Guide - Page 156
156 CHAPTER 8: ETHERNET Port Mode You can change the port speed and duplex mode for 10/100BASE-TX ports and the duplex mode for 100BASE-FX ports. You cannot change the port speed or duplex mode for Gigabit Ethernet ports. Important Considerations s When you configure duplex mode, configure both - 3Com 4007R | Implementation Guide - Page 157
Flow Control 157 Flow Control The flow control mode allows a Fast Ethernet port or a Gigabit Ethernet port to: s Decrease the frequency with which it sends packets to a receiving device, if packets are being sent too rapidly. s Send flow control packets to a sending device, to request that the - 3Com 4007R | Implementation Guide - Page 158
158 CHAPTER 8: ETHERNET PACE Interactive Access PACE Interactive Access (which is called PACE Access on Layer 2 modules) prevents excessive network jitter (variation in the timing of packet delivery that can cause garbled sound, jerky images, and delays). PACE technology also improves timing and - 3Com 4007R | Implementation Guide - Page 159
Standards, Protocols, and Related Reading 159 Standards, Protocols, and Related Reading The system supports these Ethernet standards: s IEEE 802.3 - 10BASE-T Ethernet over unshielded twisted pair (UTP) s IEEE 802.3u - 100BASE-T Fast Ethernet over UTP or fiber-optic cable s IEEE - 3Com 4007R | Implementation Guide - Page 160
compliance, use only GBIC transceivers and conditioned launch cables that 3Com supports. For information about currently supported GBIC specifications and conditioned launch cables, see the 3Com Web site: http://www.3com.com/gigabit_ethernet/gbics Related Reading For more information about Ethernet - 3Com 4007R | Implementation Guide - Page 161
9 BRIDGE-WIDE AND BRIDGE PORT PARAMETERS This chapter provides an overview of bridging concepts and implementation guidelines for modules in the Switch 4007. The chapter covers these topics: s Bridging Overview s Key Bridging Concepts s Bridging Implementation Summary s Key Guidelines for - 3Com 4007R | Implementation Guide - Page 162
connected segments experience and increase available bandwidth in each LAN. s Bridges allow a larger number of devices to communicate than a single LAN can support. s Bridges can detect loops in the network topology and communicate with each other to ensure that only one path exists between any two - 3Com 4007R | Implementation Guide - Page 163
are learned on the fly and no human intervention is required. This term contrasts with static addresses, which are addresses that are manually configured. A bridge maintains a database, called the address table, which lists all static and dynamic addresses and associates them with appropriate port - 3Com 4007R | Implementation Guide - Page 164
capabilities of all devices on the LAN. This phenomenon of congestion, which can sometimes be so severe as to bring down network devices and network service, is called a broadcast storm. - 3Com 4007R | Implementation Guide - Page 165
your options with your network designer or 3Com product and service vendor. Your module supports several features that relate to the bridging on VLAN mode) by dynamically learning addresses as well as storing manually configured static addresses. See "MAC Address Table Design" in this chapter - 3Com 4007R | Implementation Guide - Page 166
levels specified in the IEEE 802.1p standard to one of the two queues. For more information, see the Class of Service chapter in this guide. s Multicast filtering with IGMP (Layer 2 Switching Modules only) - By understanding the Internet Group Management Protocol (IGMP), a module can direct IP - 3Com 4007R | Implementation Guide - Page 167
to communicate as if they were physically connected to the same LAN (broadcast domain). For more information, see the VLAN chapter in this guide. s Trunking - You can aggregate multiple network links into a single point-to-point trunk. These features allow you to increase bandwidth and redundancy - 3Com 4007R | Implementation Guide - Page 168
can configure a VLAN port to ignore the STP mode. For more information, see the VLAN chapter in this guide or see the command bridge vlan stpMode in the Switch 4007 Command Reference Guide. STP Compatible with Trunking You can enable STP on the same module and ports on which you configure trunks - 3Com 4007R | Implementation Guide - Page 169
VLAN Registration Protocol (GVRP) on Multilayer Switching Modules is useful only when there are several other switches or endstation NICs in the network that also support GVRP. - 3Com 4007R | Implementation Guide - Page 170
, see "STP Bridge and Port Parameters" in this chapter. Configuration Messages In order to determine a loopless LAN topology, bridges that support STP must communicate and share information with each other. STP Bridges periodically transmit special frames called Configuration Bridge Protocol Data - 3Com 4007R | Implementation Guide - Page 171
STP Terms and Concepts 171 The bridges that are chosen as the best path, called designated bridges, form the second level of the hierarchy. s A designated bridge relays network transmissions to the root bridge through its root port. Any port that transmits to the root bridge is a root port. s The - 3Com 4007R | Implementation Guide - Page 172
172 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS s Bridges elect as the designated bridge on each LAN the bridge with the least cost path to the root bridge. The designated bridge forwards frames between that LAN and the path to the root bridge. For this reason, the root bridge is always the - 3Com 4007R | Implementation Guide - Page 173
STP Terms and Concepts 173 Contents of CBPDUs Bridges use information in CBPDU to calculate a STP topology. The content of a CBPDU includes: s Root ID - The identification number of the root bridge. s Cost - The cost of the least-cost path to the root from the transmitting bridge. One of the - 3Com 4007R | Implementation Guide - Page 174
174 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Example 2. Root ID is the same for Message 1 and Message 2, but cost is lower in Message 1. The bridge saves Message 1. Message 1 root ID cost 29 15 transmitter 80 Message 2 root ID cost 29 18 transmitter 38 Example 3. Root ID and - 3Com 4007R | Implementation Guide - Page 175
STP Terms and Concepts 175 4 Because the bridge now knows the root bridge, it can determine its distance to the root and elect a root port. It examines CBPDUs from all ports to see which port has received a CBPDU with the smallest cost to the root. This port becomes the root port. 5 Now that the - 3Com 4007R | Implementation Guide - Page 176
176 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS LAN 1 Figure 5 Starting the Spanning Tree Calculation LAN 2 Bridge A L2/3 12.0.12 LAN 3 Bridge C L2/3 20.0.20 Bridge B L2/3 10.0.10 Bridge D L2/3 29.0.29 LAN 5 Bridge E L2/3 35.0.35 LAN 6 Bridge F L2/3 LAN 4 81.0.81 XX.X.XX = CBPDU ( - 3Com 4007R | Implementation Guide - Page 177
STP Terms and Concepts 177 LAN 1 Figure 6 Spanning Tree Topology Calculated (R) Bridge A LAN 2 L2/3 (B) 10.11.12 (R) Bridge C LAN 3 L2/3 (D) 10.11.20 (D) (D) Root bridge Bridge B L2/3 (D) 10.0.10 (R) (D) Bridge D L2/3 (B) 10.11.29 LAN 5 (R) Bridge E L2/3 (B) 10.11.35 LAN 6 - 3Com 4007R | Implementation Guide - Page 178
178 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Determining the Root Bridge The root ID portion of the CBPDU determines which bridge actually becomes the root bridge. In Figure 5, notice how each bridge initially assumes that it is the root bridge and transmits a CBPDU that contains its own - 3Com 4007R | Implementation Guide - Page 179
STP Terms and Concepts 179 A designated bridge must be determined for LANs 3, 4, and 6: s Because Bridges C, D, and F are all attached to LAN 3, one of them must be the designated bridge for that LAN: s The algorithm first compares the root ID of these bridges, which is the same for all. s The cost - 3Com 4007R | Implementation Guide - Page 180
180 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Spanning Tree Because STP determines the network configuration based on events that Port States occur, it places bridge ports in one of the five states at all times. Table 41 describes these states. Table 41 Spanning Tree Protocol Port States - 3Com 4007R | Implementation Guide - Page 181
STP Terms and Concepts 181 Figure 7 illustrates the factors that cause a port to change from one state to another. The arrows indicate the direction of movement between states. The numbers correspond to the factors that affect the transition. Figure 7 Factors Involved in Spanning Tree Port State - 3Com 4007R | Implementation Guide - Page 182
182 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Reconfiguring the Bridged Network Topology STP reconfigures the bridged network topology when any of the following occurs: s Bridges are added or removed. s The root bridge fails. s You change any of the bridging parameters that determine the - 3Com 4007R | Implementation Guide - Page 183
any times: s Bridge-wide STP state s Bridge priority s Bridge maximum age s Bridge hello time s STP group address See the Switch 4007 Command Reference Guide for value ranges and defaults for these parameters, as well as definitions of fields in the displays. Default Bridge-Wide STP State You can - 3Com 4007R | Implementation Guide - Page 184
184 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Bridge Priority The bridge priority influences the choice of the root bridge and the designated bridge. The lower the bridge's priority number, the more likely it is that the bridge is chosen as the root bridge or a designated bridge. The bridge - 3Com 4007R | Implementation Guide - Page 185
STP Bridge and Port Parameters 185 from a link until news of a topology change has spread to all parts of a bridged network. The delay gives enough time to turn off to all links that need to be turned off in the new topology before new links are turned on. Setting the value too low can result in - 3Com 4007R | Implementation Guide - Page 186
186 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Bridge Port STP Parameters You can modify these STP parameters on each port: s Port state s Port path cost s Port priority Port State You can enable, disable, or remove STP for each bridge port on a module. This setting affects the operation - 3Com 4007R | Implementation Guide - Page 187
to the bridge address table using menu options. These addresses never age; you must add and remove them manually. s Dynamic MAC addresses - Addresses that the bridge learns by receiving and processing frames and ages. In the bridge address table, each dynamic address is associated - 3Com 4007R | Implementation Guide - Page 188
188 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS s You can remove individual MAC addresses from selected ports. Typically, this action is only applied to the removal of static addresses because the module can quickly relearn dynamic addresses that you remove. s A static address is never aged - 3Com 4007R | Implementation Guide - Page 189
to dynamic addresses. (Static addresses are never aged from the address table and cannot be learned on other ports until they have been manually removed.) Address Table Dependencies The amount of time that dynamic addresses remain in a module's address table depends on these factors: s The aging - 3Com 4007R | Implementation Guide - Page 190
190 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS Normal Aging Process Each module records in its address table the source address of every received frame (that is not otherwise filtered or discarded) along with the appropriate port number. At the time the table entry is created, an aging bit - 3Com 4007R | Implementation Guide - Page 191
Address Aging 191 The module reverts to using the bridge agingTime value as the aging interval after it receives a CBPDU from the root bridge that does not have the topology change flag set. Port Down Events When a Multilayer Switching Module detects a port down event, it immediately flushes all - 3Com 4007R | Implementation Guide - Page 192
192 CHAPTER 9: BRIDGE-WIDE AND BRIDGE PORT PARAMETERS If STP State is "Aging Only" This option is available on Layer 2 Switching Modules only. With this option selected, the module does not operate as an STP bridge but does use two of the STP parameters in certain circumstances related to aging - 3Com 4007R | Implementation Guide - Page 193
immediately flush dynamic addresses associated with down or disabled ports. s The "Aging Only" option was created primarily for customers with Layer 2 Switching Modules who use 3Com Transcend EVM but do not want to enable STP. If you do not want to enable STP and if you do not want to accelerated - 3Com 4007R | Implementation Guide - Page 194
reasons: s The destination station is on the same segment as the source station. s The receive bridge port is blocked by STP. s There is a problem with the frame. The physical interface does not deliver frames with errors to the bridge port. Thus, the rxFrames fields in the Ethernet statistics - 3Com 4007R | Implementation Guide - Page 195
IPX SNAP Translation 195 IPX SNAP Translation IPX SNAP Translation (Multilayer Switching Modules only) allows an alternative method of translating IPX packets from Ethernet to FDDI and vice-versa. s When IPX SNAP translation is enabled, any 802.3_RAW IPX packets that are forwarded from Ethernet to - 3Com 4007R | Implementation Guide - Page 196
On Multilayer Switching Modules, the limit always affects both multicast and broadcast packets. You can set similar limits using options on the Quality of Service menu. s If you want to specify a limit for a trunk, you only need to specify the trunk's anchor port (the lowest-numbered port). However - 3Com 4007R | Implementation Guide - Page 197
VLAN origin for a port-based VLAN is dynamic (GVRP enabled) or static (GVRP disabled). s To maximize the effectiveness of GVRP, it should be supported in as many end stations and network devices as possible. s Based on updates from GVRP-enabled devices, GVRP allows the module to dynamically create - 3Com 4007R | Implementation Guide - Page 198
manages the active topology, not nontopological data such as VLAN protocols. If a local bridge needs to classify and analyze frames by VLAN protocols, you must manually configure protocol-based VLANs and simply rely on GVRP to send VLAN ID updates. But if the local bridge needs to know only how to - 3Com 4007R | Implementation Guide - Page 199
Tagged and Untagged Packets s Standards, Protocols, and Related Reading You can administer Class of Service (CoS) commands from the bridge cos menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the Enterprise - 3Com 4007R | Implementation Guide - Page 200
processed in a single queue by network devices. This approach to network service is described as "best effort" because there is no way to congested, certain bandwidth-intensive applications may receive a poor quality of service (QoS). A jittery video conference display that does not reflect real - 3Com 4007R | Implementation Guide - Page 201
Key Concepts 201 Key Concepts Before you configure CoS options in a Layer 2 Switching Module, review the following key concepts. Basic Elements of the Standard The two basic elements of the IEEE 802.1p standard are: s Multiple processing queues in devices The standard does not require a specific - 3Com 4007R | Implementation Guide - Page 202
202 CHAPTER 10: CLASS OF SERVICE (COS) Format of Prioritized Packets Priority level information can only be carried inside packets that are formatted according to the IEEE 802.1Q standard; such - 3Com 4007R | Implementation Guide - Page 203
CoS in Your System 203 CoS in Your System Using the Administration Console on Layer 2 Switching Modules, you can: s Enable or disable CoS (the setting affects all ports), which changes the number of hardware queues per port from one to two. s Modify how the eight priority levels are assigned - 3Com 4007R | Implementation Guide - Page 204
204 CHAPTER 10: CLASS OF SERVICE (COS) Important Considerations s In non-blocking situations, CoS settings have received on the port. This n of 8 packets formula means that, in real terms, there are eight supported rate limit percentages: 12.5, 25, 37.5, 50, 62.5, 75, 87.5, and 100. The rate limit - 3Com 4007R | Implementation Guide - Page 205
CoS in Your System 205 For example, if you enter any whole number between 88 and 99 as the rate limit, the working rate limit will be 87.5; that is, for every 8 packets received on a given port, 7 packets are selected from queue 1 and 1 packet is selected from queue 2. Table 44 provides a - 3Com 4007R | Implementation Guide - Page 206
can insert tags and priority levels other than 0. Standards, Protocols, and Related Reading The following standards provide more information about Class of Service: s IEEE 802.1p Traffic Class Expediting and Dynamic Multicast Filtering A supplement to the IEEE 802.1D MAC Bridges base standard that - 3Com 4007R | Implementation Guide - Page 207
2 Switching Modules in either of these ways: s From the bridge multicast igmp menu of the Administration Console. (See the Switch 4007 Command Reference Guide).You can use the Administration Console after you log in to the Enterprise Management Engine and connect to a module slot. s From an SNMP - 3Com 4007R | Implementation Guide - Page 208
in a Layer 2 switch: snooping and querying. Descriptions of these functions and how they work together are explained later in this chapter. Benefits Support for IGMP in Layer 2 devices benefits your network in many ways: s IGMP reduces the amount of bandwidth that an IP multicast stream would - 3Com 4007R | Implementation Guide - Page 209
special configuration because IGMP is already part of the IP protocol stack. s Because more IP multicast applications are available each year, support for IGMP in switches helps prolong the life span of existing network topologies and available bandwidth. To understand the fundamental benefit that - 3Com 4007R | Implementation Guide - Page 210
generate IP multicast packets as the way to communicate with each other to establish a delivery path. These packets are issued by specific supporting protocols, such as IGMP. Group Addresses and Group Members An IP multicast packet differs from a unicast packet by the presence of a multicast - 3Com 4007R | Implementation Guide - Page 211
Key Concepts 211 Figure 9 Protocols That Coordinate the Delivery of IP Multicast Traffic IP multicast application sources L3 DVMRP L3 IGMP L3 IGMP L2 IGMP Routers are not required for transmission of IP multicast packets between sources and group members. Compare Figure 8 and Figure 9; both - 3Com 4007R | Implementation Guide - Page 212
only one of the devices needs to perform the querying. If there are multiple devices (routers and switches) in the subnetwork or broadcast domain that support querying, the one with the lowest IP address is elected as the querier. The querier periodically sends a query message to all hosts on the - 3Com 4007R | Implementation Guide - Page 213
Key Concepts 213 How Hosts Use IGMP Each host uses IGMP to communicate with the querier in a few different ways. Host Membership Reports Hosts transmit Host Membership Reports (hereafter called IGMP reports) in response to queries. A host sends a separate report for each group that it wants to join - 3Com 4007R | Implementation Guide - Page 214
to receive IGMP reports from at least one host per group on each of its ports. Configuring IGMP in Your System Layer 2 Switching Modules support IGMP version 1 (RFC 1112) and version 2 (RFC 2236). You can manage the following IGMP options: s Enable or disable the snooping function and the querying - 3Com 4007R | Implementation Guide - Page 215
by enabling the query function only on certain devices. s Because some IP multicast applications transmit a large number of unsolicited packets or may require security protection, 3Com recommends that you place IP multicast sources upstream from a Layer 3 switch or router. - 3Com 4007R | Implementation Guide - Page 216
Aliasing" later in this chapter for more information. s Your switching module supports both IGMP version 1 and 2. For maximum benefit, verify that the IP stack in your host endstations also supports both IGMP version 1 and 2. s If a resilient link pair - 3Com 4007R | Implementation Guide - Page 217
Processing IP Multicast Packets 217 Processing IP Multicast Packets Table 45 summaries how a Layer 2 Switching Module processes various types of IGMP packets and other IP multicast packets. Table 45 How the System Processes IP Multicast Packets Packet Type Is Forwarded To* IGMP Membership - 3Com 4007R | Implementation Guide - Page 218
218 CHAPTER 11: IP MULTICAST FILTERING WITH IGMP Effects of MAC Address Aliasing Operating as a Layer 2 device, your module filters IP multicast traffic by referring to hexidecimal MAC addresses that correspond to binary IP multicast group addresses. A multicast MAC address is created by selecting - 3Com 4007R | Implementation Guide - Page 219
Effects of MAC Address Aliasing 219 Important Considerations s To reduce the effects of MAC address aliasing, verify that your IP multicast applications do not use binary group addresses in the range [224 - 239]. [0,128].0.x, where x equals 0 - 255. s See Table 46 for several examples of permanent - 3Com 4007R | Implementation Guide - Page 220
220 CHAPTER 11: IP MULTICAST FILTERING WITH IGMP Operating as the Querier For a Layer 2 Switching Module to offer itself as a potential IGMP querier for its subnetwork or broadcast domains (VLANs), you must: 1 Enable the IGMP snooping option. The module cannot send queries if snooping is disabled. - 3Com 4007R | Implementation Guide - Page 221
Aging the IGMP Tables 221 Aging the IGMP Tables Standards, Protocols, and Related Reading If a switching module receives no host reports for a given group on a given port within a certain period of time (the aging interval), it ages that entry in its IGMP tables and sets a filter for that group on - 3Com 4007R | Implementation Guide - Page 222
222 CHAPTER 11: IP MULTICAST FILTERING WITH IGMP - 3Com 4007R | Implementation Guide - Page 223
Related Reading You can manage trunks in either of these ways: s From the bridge trunk menu of the Administration Console. (See the Command Reference Guide.) You can use the Administration Console after you log in to the Enterprise Management Engine and connect to a module slot in the Switch 4007 - 3Com 4007R | Implementation Guide - Page 224
224 CHAPTER 12: TRUNKING Trunking Overview A trunk (also known as an aggregated link) works at Layer 2 and Layer 3 of the Open Systems Interconnection (OSI) model and allows you to combine multiple Fast Ethernet and Gigabit Ethernet ports on interface modules into a single high-speed link between - 3Com 4007R | Implementation Guide - Page 225
Trunking Overview 225 Trunks also enhance network availability because the Trunk Control Message Protocol (TCMP) detects and handles physical configuration errors in the point-to-point configuration. The interface module automatically distributes traffic across the ports that are associated with - 3Com 4007R | Implementation Guide - Page 226
226 CHAPTER 12: TRUNKING It is important to understand the relationships between Ethernet, bridge, and VLAN port-related information: s Ethernet port information - Each physical port is always listed individually, regardless of whether it is part of a trunk. s Bridge port information - This - 3Com 4007R | Implementation Guide - Page 227
the following important factors when you implement and configure trunks: General Guidelines s Create trunks before you define VLANs. s An interface module supports four point-to-point trunks, each built from up to eight ports. All channels in a trunk must connect: s Correctly configured ports - 3Com 4007R | Implementation Guide - Page 228
problem occurs. This issue may not be of concern in a server farm room. But if you use trunking extensively between wiring closets and data centers, the large number of connections involved and their distributed nature may make their management and troubleshooting difficult. 3Com recommends - 3Com 4007R | Implementation Guide - Page 229
Key Guidelines for Implementation 229 Trunk Capacity Guidelines s The device-to-device burst-transmission rate across a trunk is limited to the speed of just one of the port-to-port links within the trunk. For example, the maximum burst rate over a 400-Mbps pipeline with four trunked Fast Ethernet - 3Com 4007R | Implementation Guide - Page 230
managed interface module. This centralizes the trunking application through the switch fabric module. s Staging is not supported if autoMap is enabled on the module. s The autoMap feature does not support single-port trunk groups. No backplane trunks containing fewer than two ports can be defined on - 3Com 4007R | Implementation Guide - Page 231
Switch, you cannot select ports that are part of an existing trunk. s Devices that you use in a trunking configuration must have the hardware to support the trunking algorithm. s You can define one or several trunks using a single define command. This capability saves you from having to reboot the - 3Com 4007R | Implementation Guide - Page 232
s 3Com recommends Switch Fabric Module (Model Number 3CB9FG24T) that you install provides port trunking support for 12 groups, with up to six ports in a group (12x6 before you define the trunks using backplane ports, manually enable the second backplane port on the interface module. s - 3Com 4007R | Implementation Guide - Page 233
Modifying Trunks 233 Modifying Trunks You can modify a trunk in two ways: s You can modify a trunk's characteristics (for example, the operating mode or the TCMP state). s You can add or remove a port from the trunk. Important Considerations s You must keep at least one port that you defined in - 3Com 4007R | Implementation Guide - Page 234
12: TRUNKING Standards, Protocols, and Related Reading The Switch 4007 supports these Ethernet standards: s IEEE 802.3 - 10BASE-T Ethernet over for trunking (link aggregation) is not yet finalized, 3Com trunking technology currently interoperates with similar technology from other vendors - 3Com 4007R | Implementation Guide - Page 235
links from the bridge link menu of the Administration Console. For more information on specific commands, see the Switch 4007 Command Reference Guide. The management interfaces display "cb9000" and refer to the Management Module as the Enterprise Management Engine (EME) because the heritage of the - 3Com 4007R | Implementation Guide - Page 236
its standby link, traffic is switched back to the main link, provided that no loss of link is detected for 2 minutes. Otherwise, you must manually switch traffic back to the main link. Switchover time to the backup link takes less than 1 second, ensuring no session timeouts and therefore seamless - 3Com 4007R | Implementation Guide - Page 237
links from the module. Benefits s Resilient links enable you to protect critical links and prevent network downtime if those links fail. s 3Com recommends that you implement resilient links in these network configurations: s Switch-to-switch downlinks from the wiring closet to the data center - 3Com 4007R | Implementation Guide - Page 238
238 CHAPTER 13: RESILIENT LINKS Key Guidelines for Implementation Consider these important factors when you implement and configure resilient links. General Guidelines s Create resilient links before you define your VLANs. If you plan to create resilient links to be part of a VLAN, create the - 3Com 4007R | Implementation Guide - Page 239
trunk itself as part of a resilient link. s The resilient link name can be up to 32 characters long. See the Switch 4007 Command Reference Guide for a complete description of the resilient link commands. Resilient Link State You can enable or disable one or more resilient link pairs with a single - 3Com 4007R | Implementation Guide - Page 240
240 CHAPTER 13: RESILIENT LINKS - 3Com 4007R | Implementation Guide - Page 241
14 VIRTUAL LANS (VLANS) This chapter provides guidelines and other key information about how to manage VLANs on your Switch 4007. This feature is available on Layer 2 and Multilayer Switching Modules. Differences in implementation between these two module groups are noted where applicable. The - 3Com 4007R | Implementation Guide - Page 242
From the bridge vlan menu of the Administration Console. (See the Command Reference Guide.) You can use the Administration Console after you log in to the system and types of traffic increase, bridge flooding may create unnecessary traffic problems that can clog the LAN. To help control the flow - 3Com 4007R | Implementation Guide - Page 243
VLANs can help network administrators track workstation movements to new locations without manual reconfiguration of IP addresses. s VLANs can be used to isolate traffic associated with its modules. The switch fabric module supports a variety of Layer 2 Switching Modules, Multilayer Switching - 3Com 4007R | Implementation Guide - Page 244
244 CHAPTER 14: VIRTUAL LANS (VLANS) The examples in this chapter represent the location of the switch fabric module logically to emphasize its central role in the configuration process. To create VLANs in the Switch 4007 environment, you configure these components: s Layer 2 and Multilayer - 3Com 4007R | Implementation Guide - Page 245
establish routing between VLANs. See "Protocol-based VLANs" later in this chapter. In addition to the user-defined protocol-based VLANs, the system supports a special type of protocol-based VLAN called a router port IP VLAN. This type of VLAN, which the system automatically generates when you define - 3Com 4007R | Implementation Guide - Page 246
802.1p, uses this same frame format but it takes advantage of an additional 3 bits to specify the priority levels used for Class of Service differentiation. s Generic Attribute Registration Protocol (GARP) - This protocol is defined in IEEE 802.1p, which is a supplement to the IEEE 802.1D standard - 3Com 4007R | Implementation Guide - Page 247
. s Non-tagging mode - The default tagging mode. Use this tagging mode for front-panel ports if the environment includes end stations that do not support 802.1Q VLANs. Non-tagged VLAN ports accept tagged frames; however, any traffic transmitted from an untagged port on a VLAN is untagged. s 802.1Q - 3Com 4007R | Implementation Guide - Page 248
connected to an explicitly tagged front-panel port must be capable of supporting 802.1Q tagging. If the front-panel port is untagged in the VLAN 2-4094 Description Reserved for the default VLAN assigned by IEEE and 3Com Corporation Reserved Numbers that you assign when you create VLANs On - 3Com 4007R | Implementation Guide - Page 249
Key Concepts 249 Terminology Review the following terms: s Default VLAN - The predefined port-based VLAN interface on all switch fabric module ports and the ports of each switching module that always uses s VID 1 s Protocol type unspecified (for Multilayer Switching Modules) s The name Default The - 3Com 4007R | Implementation Guide - Page 250
it, use the following procedure: 1 Remove any existing network-based VLANs on your Multilayer Switching Modules. 2 Define an IP VLAN or a VLAN that supports IP as one of its protocols. 3 Define multiple IP interfaces (with different IP addresses) to use that IP VLAN. (See Chapter 16.) You can - 3Com 4007R | Implementation Guide - Page 251
for the routing interface. This latter procedure is not recommended, because it makes the IP VLAN a network-based VLAN, which will not be supported at releases higher than 3.0. If you continue to use network-based VLANs for Release 3.0 on your Multilayer Switching Modules, you are limited to - 3Com 4007R | Implementation Guide - Page 252
252 CHAPTER 14: VIRTUAL LANS (VLANS) VLANs Created by Router Port IP Interfaces By default, the Multilayer Switching Modules use a routing over bridging model, in which any frame is bridged before it is potentially routed. If you want to define IP routing interfaces that use a routing versus - 3Com 4007R | Implementation Guide - Page 253
. You can also use EME commands to upload and download module configurations saved on a server. See the Switch 4007 Enterprise Management Engine User Guide for more information about the EME. s If you lose track of your changes in a complicated VLAN configuration, it may be better to perform - 3Com 4007R | Implementation Guide - Page 254
, if the ports overlap with another VLAN and tagging is the only distinguishing characteristic). Remember that if you tag a port, the attached device must support IEEE 802.1Q tagging. If you are configuring a Multilayer Switching Module that serves as a router, your VLAN may or may not include front - 3Com 4007R | Implementation Guide - Page 255
. Verify that the routing interface is defined to use the same network or subnetwork as any other module that supports the VLAN. 5 Use the EME to connect to the switch fabric module and configure all VLANs that will 802.1Q enabled devices, such as other Switch 4007 systems or other 3Com switches. - 3Com 4007R | Implementation Guide - Page 256
of up to 64 is valid. If your result is greater than 64, you must observe 64 as the limit for the number of VLANs supported. The number of allowable VLANs includes the default VLAN, and the number of protocol suites always includes the unspecified protocol type. To perform the calculation - 3Com 4007R | Implementation Guide - Page 257
of 15 different protocols can be implemented by the protocol suites on the module. See Table 53 later in this chapter for a list of the supported protocol suites and the number of protocols within each suite. Example 1 The following examples show how to use the equation. You have 7 protocol suites - 3Com 4007R | Implementation Guide - Page 258
resources differently than did Release 2.x and may cause a change in the total number of allowable VLANs. VLAN aware mode is currently supported only through the Administration Console, not through Web Management or SNMP. Initial installation of Release 3.0 provides a default VLAN aware mode of - 3Com 4007R | Implementation Guide - Page 259
Key Guidelines for Implementation 259 If you do not see the VLAN internal resource error message, maintain the default VLAN aware mode of allPorts. In this case, the module can accommodate the number of Release 2.x VLANs, but it now uses different ingress rules for tagged frames. The Administration - 3Com 4007R | Implementation Guide - Page 260
and no tagging. s If you are using a Multilayer Switching Module to establish routing between static VLANs and configure a VLAN interface to support one or more routing protocols, configure the VLAN for the protocols before you configure a routing interface. For protocols other than IP, the - 3Com 4007R | Implementation Guide - Page 261
2 or Multilayer switching module. The default is allOpen. VLAN modes on a module cannot be mixed; they must be either allOpen or allClosed for a module. 3Com's use of the term "allOpen" is equivalent to the IEEE Standard 802.1Q term "Shared VLAN Learning" (SVL). The term "allClosed" is equivalent to - 3Com 4007R | Implementation Guide - Page 262
262 CHAPTER 14: VIRTUAL LANS (VLANS) s allClosed - Use this restrictive mode if you are concerned about security between VLANs. Data cannot be forwarded between VLANs (although data can still be routed between VLANs). The allClosed mode implies that each VLAN that you create has its own address - 3Com 4007R | Implementation Guide - Page 263
VLAN allOpen or allClosed Mode 263 Modifying the To change your VLAN mode for a module: VLAN Mode 1 For a Multilayer Switching Module, delete all routing interfaces (including router port IP interfaces). You cannot change the mode if you have router interfaces defined on the module. 2 Modify the - 3Com 4007R | Implementation Guide - Page 264
264 CHAPTER 14: VIRTUAL LANS (VLANS) Mode Requirements Table 50 lists the requirements for defining VLANs in allOpen mode and allClosed mode. Table 50 Mode Requirements for Static VLANs Type of Static VLAN Requirements Port-based For nonoverlapped port-based VLANs: (Layer 2 and Multilayer - 3Com 4007R | Implementation Guide - Page 265
VLAN allOpen or allClosed Mode 265 Using allOpen Mode Figure 13 shows an allOpen configuration between two port-based VLANs that share the same address table. In this example, although Station-A and Station-B share a common address table, they must still adhere to broadcast containment rules. If - 3Com 4007R | Implementation Guide - Page 266
in a VLAN interface is constrained to that VLAN interface. Port-based VLANs group together one or more tagged or untagged bridge ports. The Switch 4007 supports the 802.1Q IEEE frame tagging standard on a per-port basis. The standard dictates that frames are encapsulated and tagged, which gives them - 3Com 4007R | Implementation Guide - Page 267
is the flood domain in any of the following situations: s A module receives data for a protocol that is not supported by any VLAN on the module s A module receives data for a protocol that is supported by defined VLANs, but these VLANs do not contain the port receiving the data. s A module receives - 3Com 4007R | Implementation Guide - Page 268
the default VLAN intact Trunking and the Default VLAN Another benefit of maintaining the default VLAN (with any number of ports) involves trunking. 3Com strongly recommends that you define your trunks before you define your VLANs. Trunking actions affect the default VLAN in the following ways: s If - 3Com 4007R | Implementation Guide - Page 269
Port-based VLANs 269 Ports Before Action ipvlan1: ports 1-11 Trunking Action Define trunk with ports 5-8. Ports After Action ipvlan1: ports 1-4, 9-11 s If you have VLANs (but no default VLAN) and you subsequently modify an existing trunk that has ports in one VLAN, any port removed from the - 3Com 4007R | Implementation Guide - Page 270
270 CHAPTER 14: VIRTUAL LANS (VLANS) User-Configured You can explicitly configure port-based VLAN interfaces on the Layer 2 Port-based VLANs and Multilayer switching modules as well as the switch fabric module. Important Considerations When you create this type of VLAN interface, review these - 3Com 4007R | Implementation Guide - Page 271
Port-based VLANs 271 To define a port-based VLAN interface, specify this information: s VID, or accept the next available VID. s Bridge ports that are part of the VLAN. (If you have trunk ports, specify the anchor port for the trunk.) s Protocol type unspecified (on Multilayer Switching Modules) s - 3Com 4007R | Implementation Guide - Page 272
272 CHAPTER 14: VIRTUAL LANS (VLANS) In this example: s A single VLAN spans multiple switching modules. (It can be a modified default VLAN.) s The backplane ports of the switching modules and the switch fabric module are part of the VLAN. s All traffic that passes between switching modules flows - 3Com 4007R | Implementation Guide - Page 273
Port-based VLANs 273 Figure 16 Two VLANs with Tagged Backplane Ports Port 1 Port 21 Switch 4007 Chassis Switch Fabric Module All backplane ports: T = VLAN1 U = VLAN2 Port 5 Port 21 Port 1 A B 20-port Layer 2 Switching Module Slot 1 20-port Layer 2 Switching Module Slot 2 VLAN1 VLAN2 - 3Com 4007R | Implementation Guide - Page 274
the membership of both VLANs is port-based, the shared ports (on both the front-panel and backplane ports) must be explicitly tagged. s Station-E must support tagging because it is connected to a tagged port. s The two overlapped front-panel ports on Module-YY can receive frames that are flooded on - 3Com 4007R | Implementation Guide - Page 275
Port-based VLANs 275 When the backplane port of Module-YY receives the frame, the tag identifies and knows to which VLAN the frame belongs. Figure 17 Multiple VLAN Example with Tagged Front-Panel Ports Port 5 Port 21,22 A Switch 4007 Chassis Switch Fabric Module Backplane ports B Port 17 Port - 3Com 4007R | Implementation Guide - Page 276
276 CHAPTER 14: VIRTUAL LANS (VLANS) Table 52 lists the VLAN definitions for these port-based VLANs. Table 52 Port-based VLANs with Tagged Front-Panel and Backplane Ports Switch Fabric Slot 3 Module Slot 5 Module Slot 6 Module Module VLAN2: VLAN2: - VLAN2: s VLAN Index 2 s VLAN Index 2 s - 3Com 4007R | Implementation Guide - Page 277
tagging s Send dynamic GVRP updates about its existing port-based VLANs. GVRP allows your Multilayer Switching Module to advertise its manually configured IEEE 802.1Q VLANs to other devices supporting GVRP. Because the VLANs are advertised, GVRP-aware devices in the core of the network do not need - 3Com 4007R | Implementation Guide - Page 278
devices must be GVRP-enabled (that is, support GVRP). These devices could be end stations with 3Com's DynamicAccess® software or other switches that explicitly need to classify and analyze packets by VLAN protocols, you must manually configure protocol-based VLANs. But if the module needs to know - 3Com 4007R | Implementation Guide - Page 279
Port-based VLANs 279 Example: GVRP Figure 18 shows how a GVRP update (with the VID) sent from one end station is propagated throughout the network. Figure 18 Sample Configuration Using GVRP LAN 1 Switch 4007 with Multilayer Switching Module R L3 D D R L2/3 D LAN 2 D R R L2/3 D R - 3Com 4007R | Implementation Guide - Page 280
Modules. s You can use a Multilayer Switching Module to route between VLANs that are defined on Layer 2 modules. s The Multilayer Switching Modules support routing for three protocol suites: IP, IPX, and AppleTalk. s To define a protocol-based VLAN interface, specify this information: s The VID, or - 3Com 4007R | Implementation Guide - Page 281
protocol-based VLAN. For example, VLANs on the Multilayer Switching Module support the IP protocol suite, which has three protocol entities (IP, DEC LAT, 1 5 DEC LAVC (Ethernet Version 2, SNAP PID) SNA SNA Services over Ethernet (Ethernet 2 1 Version 2 and DSAP/SSAP values 0x04 and 0x05 - 3Com 4007R | Implementation Guide - Page 282
opt to use a routing versus bridging model by defining a router port IP interface, as defined in Chapter 16). Because the Multilayer Switching Modules support router port IP interfaces as well as IP router interfaces for static VLANs, you must now specify the interface type vlan when you define an - 3Com 4007R | Implementation Guide - Page 283
4 Enable IP routing. You perform similar steps to create IPX and AppleTalk routing interfaces. For more information, see the chapters in this guide for routing protocols such as IP, IPX, and AppleTalk. Example 1: Routing Between Multilayer Modules The configuration in Figure 19 shows routing between - 3Com 4007R | Implementation Guide - Page 284
284 CHAPTER 14: VIRTUAL LANS (VLANS) the switch fabric module. The IP routing interfaces for IP VLAN 3 reside on the same subnet (33.3.3.0). s VLAN4, an IP VLAN on the Multilayer Switching Module in slot 5. s For this configuration to work, VLANs 2, 3, and 4 define IP routing interfaces, enable IP - 3Com 4007R | Implementation Guide - Page 285
Protocol-based VLANs 285 Table 54 lists the VLAN definitions for the modules in this configuration. Table 54 Routing Between 2 Multilayer Modules over the Switch Fabric Module Slot 3 Module Slot 5 Module Switch Fabric Module VLAN1 (default): VLAN1 (default): VLAN1 (default): s VLAN Index 1 - 3Com 4007R | Implementation Guide - Page 286
286 CHAPTER 14: VIRTUAL LANS (VLANS) Example 2: One-Armed Routing Configuration Figure 20 shows a one-armed router configuration. (The switch fabric module resides in slot 7 but is logically represented above the other modules.) In this configuration: s There are three Layer 2 modules, a Multilayer - 3Com 4007R | Implementation Guide - Page 287
Protocol-based VLANs 287 Figure 20 One-Armed Routing with Multilayer Module and Layer 2 Modules Port 1 T = VLAN1 U = VLAN2 Port 21,22 Switch 4007 Chassis Switch Fabric Module Port 5 T = VLAN1 U = VLAN2 T = VLAN3 Port 21,22 Port 9 T = VLAN1 U = VLAN4 Port 21,22 Port 13 T = VLAN1 T = VLAN2 T = - 3Com 4007R | Implementation Guide - Page 288
288 CHAPTER 14: VIRTUAL LANS (VLANS) Table 55 defines the VLANs in this one-armed routing configuration. Table 55 VLAN Definitions for One-Armed Routing Configuration Slot 1 Layer 2 Module Slot 2 Layer 2 Module Slot 3 Layer 2 Module Slot 4 Multilayer Module (Routing) VLAN1 (default): VLAN1 ( - 3Com 4007R | Implementation Guide - Page 289
Network-based IP VLANs 289 Network-based IP VLANs For IP VLANs only, you can also configure network-layer subnetwork addresses. With this additional Layer 3 information, you can create multiple independent IP VLANs with the same bridge ports. Untagged frames are assigned to a network-based VLAN - 3Com 4007R | Implementation Guide - Page 290
290 CHAPTER 14: VIRTUAL LANS (VLANS) s In allOpen mode, you need not supply the IEEE 802.1Q tagging. However, to ensure line-speed throughput for overlapped network-based IP VLANs in allOpen mode, supply the IEEE 802.1Q tagging. Example: Network-based VLANs Figure 21 shows two IP network-based - 3Com 4007R | Implementation Guide - Page 291
Network-based IP VLANs 291 Figure 21 Network-based VLANS Port 9 Port 13 Switch 4007 Chassis Switch Fabric Module Port 17 T = VLAN2 (IP) T = VLAN2 (IP) T = VLAN3 (IPX) T = VLAN3 (IPX) Port 13 12-port 12-port Multilayer Module Multilayer Module Slot 3 Slot 5 VLAN2; IP VLAN for 22.2.2.0 - 3Com 4007R | Implementation Guide - Page 292
292 CHAPTER 14: VIRTUAL LANS (VLANS) Table 56 defines the VLANs in this configuration: Table 56 Network-based IP VLANs and IPX VLANs Slot 3 Module Slot 5 Module VLAN2: VLAN2: s VLAN Index 2, VID 20 s VLAN Index 2, VID 20 s Ports 1-8, 13 s Port 13 s Protocol type IP s Protocol type IP s - 3Com 4007R | Implementation Guide - Page 293
Ignore STP Mode 293 Ignore STP Mode When you use allClosed VLAN mode on a Multilayer Switching Module in your system, you can enable the module to ignore the Spanning Tree Protocol (STP) mode on a per-VLAN basis; that is, ignore STP blocked ports. (When STP detects multiple paths to a destination, - 3Com 4007R | Implementation Guide - Page 294
294 CHAPTER 14: VIRTUAL LANS (VLANS) IP VLAN2 has routing interfaces defined on both Multilayer Switching Modules (22.2.2.2 on the first Multilayer Switching Module and 22.2.2.3 on the second Multilayer Switching Module). Figure 22 Ignore STP Mode Port 9 Switch 4007 Chassis Switch Fabric Module - 3Com 4007R | Implementation Guide - Page 295
Rules of VLAN Operation 295 Rules of VLAN Operation After you select a VLAN mode for your modules and create VLAN interfaces with VLAN characteristics such as IEEE 802.1Q or no tagging, port membership, protocol type, and Layer 3 (network) address information, the system determines the details of - 3Com 4007R | Implementation Guide - Page 296
296 CHAPTER 14: VIRTUAL LANS (VLANS) Figure 23 shows the flow chart for the Release 3.0 VLAN ingress rules for Multilayer Switching Modules. Figure 23 Flow Chart for Release 3.0 Ingress Rules Incoming Frame No Yes (frame tagged with a VID) Frame tagged? Receive port is untagged in a No VLAN - 3Com 4007R | Implementation Guide - Page 297
Rules of VLAN Operation 297 The ingress rules for tagged frames also vary for the different releases. Table 57 summarizes the differences in ingress rules based on the releases. Table 57 Ingress Rules for IEEE 802.1Q Tagged Frames Based on VLAN Mode and Release VLAN Mode Release 2.x Release 3.0 - 3Com 4007R | Implementation Guide - Page 298
298 CHAPTER 14: VIRTUAL LANS (VLANS) Egress Rules These rules determine whether the outgoing frame is forwarded, filtered (dropped), or flooded. They also determine the frame's tag status. The same standard bridging rules apply to both open and closed VLANs, but they result in different behavior - 3Com 4007R | Implementation Guide - Page 299
Rules of VLAN Operation 299 For each port on which the frame is to be transmitted, if that port is tagged for the VLAN associated with the frame, transmit the frame as a tagged frame; otherwise, transmit the frame as an untagged frame. If the transmit port is not a member of the assigned VLAN, the - 3Com 4007R | Implementation Guide - Page 300
300 CHAPTER 14: VIRTUAL LANS (VLANS) Example 2: VLAN Exception Flooding If data arrives on a bridge port for a certain protocol and VLANs for that protocol are defined in the module but not on that bridge port, the default VLAN defines the flooding domain for that data. This case is called VLAN - 3Com 4007R | Implementation Guide - Page 301
Rules of VLAN Operation 301 The frames that are associated with these protocols have different ingress rules for assignment to the appropriate network-based VLAN: s IP frames - These frames are assigned to the network-based IP VLAN if the IP source address is consistent with the VLAN subnet and the - 3Com 4007R | Implementation Guide - Page 302
302 CHAPTER 14: VIRTUAL LANS (VLANS) Modifying and Removing VLANs You can modify or remove any VLANs on the modules in your system. Review the following guidelines before you modify or remove VLANs: s When you modify VLAN information for a VLAN interface on your module, you have the option to - 3Com 4007R | Implementation Guide - Page 303
Monitoring VLAN Statistics 303 Monitoring VLAN Statistics When you display VLAN statistics on Multilayer Switching Modules, the module-generated statistics are valid only under either of these conditions: s When the VLANs are defined for the same protocol type (or the type unspecified, for port- - 3Com 4007R | Implementation Guide - Page 304
304 CHAPTER 14: VIRTUAL LANS (VLANS) - 3Com 4007R | Implementation Guide - Page 305
and Control Functions s Long Custom Filter Example Packet filtering is supported on Multilayer Switching Modules only. You can control and manage packet menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the - 3Com 4007R | Implementation Guide - Page 306
packet fields are shown in Figure 24. You can only filter Layer 2 traffic, not Layer 3 traffic. (This is true even though packet filtering is supported only on Multilayer Switching Modules.) You must filter on the input packet type. For example, if you write a filter that you intend to assign to - 3Com 4007R | Implementation Guide - Page 307
Packet Filtering Overview 307 Figure 24 Ethernet and FDDI Packet Fields Destination Address (6 octets) Type/Length (Ethernet Type field if > 1500; 802.3 Length field if - 1500) Ethernet Packet octets 0 6 12 14 25 Source Address (6 octets) Destination Address (6 octets) Source Address (6 - 3Com 4007R | Implementation Guide - Page 308
308 CHAPTER 15: PACKET FILTERING Path Assignment After you create a packet filter, you can assign it to any combination of the transmit all, transmit multicast, receive all, receive multicast, and receive internal paths of each port. The filter executes a series of operations on the packet's - 3Com 4007R | Implementation Guide - Page 309
is part of the Web Management suite of applications. See Table 63 later in this chapter.) At present, one standard hardware filter is supported: the portGroup (rejdiffportgrp) filter. s Custom Filters - Packet filters that are executed in software. You create custom filters in any of these ways - 3Com 4007R | Implementation Guide - Page 310
310 CHAPTER 15: PACKET FILTERING Placing a filter on the receive path confines the packet to the segment that it originated from if it does not meet the forwarding criteria. Placing a filter on the transmit path prohibits a packet from accessing certain segments unless it meets the forwarding - 3Com 4007R | Implementation Guide - Page 311
the Administration Console, as described in the Switch 4007 Command Reference Guide. s Listing packet filters - You can list the packet filters you list the packet filters. The module displays the packet filter instructions. Comments in the original packet filter definition file are not displayed - 3Com 4007R | Implementation Guide - Page 312
refer to port groups, create the port groups. See "Defining Port Groups" later in this chapter for more information. See the Switch 4007 Command Reference Guide for more information about using these commands and management functions. - 3Com 4007R | Implementation Guide - Page 313
that fall outside maximum line length are discarded. The built-in editor initially operates in insert mode. Table 62 summarizes the commands that the editor supports. - 3Com 4007R | Implementation Guide - Page 314
314 CHAPTER 15: PACKET FILTERING Table 62 Commands for the Built-In Packet Filter Editor Command List buffer Keys Ctrl+l Next Line Previous Line Start of Line End of Line Left 1 Character Right 1 Character Insert Line Ctrl+n Ctrl+p Ctrl+a Ctrl+e Ctrl+b Ctrl+f Enter Delete Previous Character - 3Com 4007R | Implementation Guide - Page 315
that require an IP connection to the Switch 4007 are not supported in Release 3.0. This includes automatic filter downloads, defining port groups manually to perform these functions through the Administration Console as described in the "Packet Filters" chapter of the Command Reference Guide - 3Com 4007R | Implementation Guide - Page 316
with the packet filtering or to create a complex filter, use this interface. For more information on the Filter Builder tool, see the Web Management User Guide and the Filter Builder's Help system. - 3Com 4007R | Implementation Guide - Page 317
Builder. Filter Builder is part of the Web Management suite of applications on the Switch 4007 software CD. See the Web Management User Guide for procedures and software prerequisites. s A TFTP server application. This application must be set up with access to the appropriate IP address for: s The - 3Com 4007R | Implementation Guide - Page 318
from eme to module 6.1 - 000000289 File transfer completed successfully. The predefined filters that come with Filter Builder are found in the /3Com/Filterbuilder/Filters directory, which is the default directory for Filter Builder when installed from WebManage.exe. 3 Connect to the module: For - 3Com 4007R | Implementation Guide - Page 319
in the program. This top-of-stack byte value determines whether to forward or discard the packet. In this stack-oriented language, instructions: s Push operands onto the stack s Pop the operands from the stack for comparison purposes s Push the results back onto the stack Therefore, with - 3Com 4007R | Implementation Guide - Page 320
Packet Filter Opcodes" later in this chapter. Table 64 describes the supported operand sizes later in this chapter. The operand value is determined by or a length). Implicit operands for an instruction must be of the size expected by the instruction. Any mismatch in implicit operand size results in - 3Com 4007R | Implementation Guide - Page 321
the filter is created and saved externally. Operand sizes The following operand sizes are supported: s 1 byte = .b s 2 bytes = .w s 4 bytes = by an instruction and the results of the instruction. Operands are popped from the stack as required by the instructions. An instruction using two - 3Com 4007R | Implementation Guide - Page 322
The most significant byte of the field is the byte at the specified offset. The size field of the instruction determines the number of bytes pushed. The pushField instruction provides direct access to any 1, 2, 4, or 6 byte (.b, .w, .l, or .a) field contained within the first 64 bytes of the target - 3Com 4007R | Implementation Guide - Page 323
is the first byte of the literal. Bytes are copied directly from the operand onto the stack. The size field of the instruction determines number of bytes pushed. Specify the value as either an octal, decimal, or hexadecimal number. s Precede an octal number by a "0". s Precede a hexadecimal - 3Com 4007R | Implementation Guide - Page 324
is the first byte of the literal. Bytes are copied directly from the operand onto the stack. The size field of the instruction determines number of bytes pushed. Specify the value as either an octal, decimal, or hexadecimal number. s Precede an octal number by a "0". s Precede a hexadecimal - 3Com 4007R | Implementation Guide - Page 325
group mask (SPGM) onto the top of the stack. The SPGM is a bitmap representing the groups to which the source port of a packet belongs. This instruction pushes 4 bytes on to the stack. Each port group mask is represented by a single bit in the SPGM bitmap. Port group masks are assigned to - 3Com 4007R | Implementation Guide - Page 326
326 CHAPTER 15: PACKET FILTERING Table 66 Packet Filtering Opcodes (continued) Opcode pushDPGM Memory Requirements 1 byte eq (equal) 1 byte ne (not equal) 1 byte lt (less than) 1 byte le (less than or equal 1 byte to) gt (greater than) 1 byte Description Pushes the destination port - 3Com 4007R | Implementation Guide - Page 327
. If its value is non-zero, the packet is accepted and evaluation of the filter ends immediately; otherwise, filter evaluation continues with the next instruction. Use accept with and and or operators when you have sequential tests and you would like the filter to accept a packet before the entire - 3Com 4007R | Implementation Guide - Page 328
stack. If its value is non-zero, the packet is rejected and filter evaluation ends immediately; otherwise, the filter evaluation continues with the next instruction. Use reject with and and or operators when you have sequential tests and you would like the filter to reject a packet before the entire - 3Com 4007R | Implementation Guide - Page 329
in Figure 26. In order to optimize a filter's performance, it is best to exit a filter as early as possible. If you wait until the last instruction to make the forward or filter decision, more processing is needed. The accept and reject criteria allow you to exit a filter early. When using these - 3Com 4007R | Implementation Guide - Page 330
330 CHAPTER 15: PACKET FILTERING Figure 26 Accept and Reject Instructions Accept (Use for OR-ing tests) Reject (Use for AND-ing tests) First test First test Nonzero result? No Next test Accept packet Yes and - 3Com 4007R | Implementation Guide - Page 331
the operand. No result found on top The program must end with a byte operand on the top of of stack the stack. After the last instruction in the program is executed, the stack is either empty or contains an operand other than a byte. Extra characters on line The source line contains - 3Com 4007R | Implementation Guide - Page 332
332 CHAPTER 15: PACKET FILTERING Table 67 Common Syntax Errors (continued) Syntax Error Description Invalid characters in number The number specified as an offset or literal is improperly formatted. Possible causes are 1) lack of white space setting off the number, and 2) invalid characters in - 3Com 4007R | Implementation Guide - Page 333
stations with an OUI of 08-00-02. To customize this filter to another OUI value, change the literal value loaded in the last pushLiteral.l instruction. The OUI must be padded with an additional 00 to fill out the literal to 4 bytes. name pushField.l pushLiteral.l and pushLiteral.l eq "Forward from - 3Com 4007R | Implementation Guide - Page 334
to be forwarded that are IP frames. To customize this filter to another type value, change the literal value loaded in the pushLiteral.w instruction. name pushField.w pushLiteral.w eq "Forward IP frames" 12 # Get type field. 0x0800 # Load IP type value. # Check for match. Ethernet Type IPX - 3Com 4007R | Implementation Guide - Page 335
OUI value, change the literal value loaded in the last pushLiteral.l instruction. You must pad the OUI with an additional 00 to fill out allows packets to be forwarded that are XNS or IP frame. The pushTop instruction makes a copy of the type field. name pushField.w pushTop pushLiteral.w eq pushLiteral - 3Com 4007R | Implementation Guide - Page 336
overhead is 22 bytes, plus a per-packet-filter overhead of 13 bytes. For example, assume a packet filter program requires 200 bytes for storing the instructions in the program. If this packet filter is the only one loaded, the nonvolatile memory required is 22 bytes (for module overhead) plus 13 - 3Com 4007R | Implementation Guide - Page 337
Using Port Groups in Custom Packet Filters 337 Using Port Groups in Custom Packet Filters You can use a port group (a list of module ports) as filtering criteria in a packet filter. A packet filter uses the group to make filtering decisions by accessing the group's source port group mask and - 3Com 4007R | Implementation Guide - Page 338
338 CHAPTER 15: PACKET FILTERING If MAC address 00-80-3e-12-34-56 is learned on port 3 and port 3 belongs to port group 1, it has a port group bit mask for port group 1 inserted into the port group mask table that is associated with the MAC address in the bridge address table. The mask is 32 bits - 3Com 4007R | Implementation Guide - Page 339
Using Port Groups in Custom Packet Filters 339 For example, port 1 has a packet filter using the DPGM assigned to port 1's rxAll path and a broadcast frame is received on port 1. The bridge determines that the frame will be flooded to the VLAN ports 2-5. The filter is processed 4 times: 1 Once for - 3Com 4007R | Implementation Guide - Page 340
340 CHAPTER 15: PACKET FILTERING Port Group Management and Control Functions This section describes the management and control functions that you use to define port groups. Defining Port Groups You can configure port groups from the bridge packetFilter portGroup menu of the Administration Console - 3Com 4007R | Implementation Guide - Page 341
filters can be used on its own to accomplish its own task. Combined, these filters create a solution for a larger filtering problem. Filtering Problem Your network contains market data feed servers that receive time-critical financial data needed for trading floor applications. At the center of - 3Com 4007R | Implementation Guide - Page 342
342 CHAPTER 15: PACKET FILTERING Packet Filter Solution The solution described here is to create a highly sophisticated packet filter that prevents only the broadcast packets from the market data servers from being forwarded onto the segments that are not part of an active trading floor. Before - 3Com 4007R | Implementation Guide - Page 343
Long Custom Filter Example 343 Name pushField.a pushLiteral.a ne accept pushField.w pushLiteral.w eq pushLiteral.w pushField.w ge pushLiteral.w pushField.w lt and and pushField.w pushLiteral.w eq pushLiteral.w pushField.w ge pushLiteral.w pushField.w lt and and or not "IP XNS ticker bcast filter" - 3Com 4007R | Implementation Guide - Page 344
useful for archiving filters on a remote system so that the filters can be saved and loaded on one or more systems. 2 Enter executable instruction #1: pushField.a 0 # Clear the stack 3 Enter executable instruction #2: pushField.a 0xffffffffffff # Put the broadcast address on the top of the stack - 3Com 4007R | Implementation Guide - Page 345
12 # Get the type field of the packet and # place it on top of the stack. 7 Enter executable instruction #6: pushLiteral.w 0x0600 # Put the type value for XNS on top # of the stack. 8 Enter executable instruction #7: eq # If the two values on the top of the stack are equal, # then return a non-zero - 3Com 4007R | Implementation Guide - Page 346
the filter: name "Only IP pkts w/in socket range" 2 Perform steps 6 through 8 as described earlier in "Packet Filter One" except give the pushLiteral instruction (in step 7) a value of 0x0800 for IP. 3 Perform steps 2 through 8 as described earlier in "Packet Filter Two" except the socket value for - 3Com 4007R | Implementation Guide - Page 347
on the stack. and # Compare if IP and in range. Combining All the Filters Together, the packet filters work to perform the solution to the problem: filtering the broadcast packets from the market data servers. These steps show how to create this filter: 1 Name the filter: name "Discard XNS & IP - 3Com 4007R | Implementation Guide - Page 348
348 CHAPTER 15: PACKET FILTERING 6 Add an or statement: or # determine if the type field is either XNS or IP 7 Add a not statement to discard any matching packets: not # discard if (IP & in range) or (XNS & in range) The complete packet filter discards IP and XNS packets that are within the - 3Com 4007R | Implementation Guide - Page 349
Long Custom Filter Example 349 Name pushField.a pushLiteral.a ne accept pushField.w pushTop pushLiteral.w eq pushLiteral.w pushField.w ge pushLiteral.w pushField.w lt and and reject pushLiteral.w ne accept pushLiteral.w pushField.w ge pushLiteral.w pushField.w lt and not "Optimized IP XNS ticker - 3Com 4007R | Implementation Guide - Page 350
350 CHAPTER 15: PACKET FILTERING - 3Com 4007R | Implementation Guide - Page 351
16 IP ROUTING This chapter provides guidelines and other key information about how to configure a Multilayer Switching Module to route packets using the Internet Protocol (IP). The chapter covers these topics: s Routing Overview s Key Concepts s Routing Models: Port-based and VLAN-based s Key - 3Com 4007R | Implementation Guide - Page 352
ip menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the Management software. (See the Switch 4007 Getting Started Guide.) Routing Overview Routing distributes packets over potentially dissimilar networks - 3Com 4007R | Implementation Guide - Page 353
Routing Overview 353 Figure 27 shows where routers are typically used in a network. Routing connects subnetworks to the enterprise network, providing connectivity between devices within a workgroup, department, or building. Figure 27 Typical Routing Architecture Connecting enterprise networks - 3Com 4007R | Implementation Guide - Page 354
354 CHAPTER 16: IP ROUTING Routing in a Subnetworked Environment Use your system to fit Ethernet switching capability into subnetworked (subnetted) environments. When you put your system into such a network, the system streamlines your network architecture by routing traffic between subnetworks - 3Com 4007R | Implementation Guide - Page 355
to different subnetworks is routed using one of the supported routing protocols. For information about implementing bridging, see Chapter that belong to recognized protocols; all other packets are bridged. s In the 3Com model, the Multilayer Switching Module first tries to determine if the frame is - 3Com 4007R | Implementation Guide - Page 356
its default gateway MAC address, then transmits the packet using the MAC address of the default gateway. Figure 30 illustrates bridging on a 3Com Multilayer Switching Module: 1 The packet enters the module. 2 The bridging layer examines the destination MAC address of the packet. The destination MAC - 3Com 4007R | Implementation Guide - Page 357
5 The bridging layer then selects a segment (port) based on the destination MAC address and forwards the packet to that segment. Figure 31 3Com Routing Model 31 2 4 2 5 Router 3 Bridge Routing layer Router interfaces Bridging layer 1 1 2 3 Subnetworks Transmitting host Destination host - 3Com 4007R | Implementation Guide - Page 358
358 CHAPTER 16: IP ROUTING IP Routing Overview An IP router, unlike a bridge, operates at the network layer of the Open Systems Interconnection (OSI) Reference Model. The network layer is also referred to as Layer 3. An IP router routes packets by examining the network layer address (IP address). - 3Com 4007R | Implementation Guide - Page 359
Key Concepts 359 Features and Benefits 3Com routing in general and IP routing in particular provide the to compensate for this occurrence; in a typical case, there is no need for you to manually intervene. Key Concepts IP routers use the following elements to transmit packets: s Multiple IP - 3Com 4007R | Implementation Guide - Page 360
360 CHAPTER 16: IP ROUTING If you define multiple interfaces for an IP VLAN, you cannot subsequently modify that IP VLAN to supply Layer 3 address information. If only one routing interface is defined for the IP VLAN, then you can supply Layer 3 address information as long as it matches the Layer 3 - 3Com 4007R | Implementation Guide - Page 361
Key Concepts 361 Dotted Decimal Notation The actual IP address is a 32-bit number that is stored in binary format. These 32 bits are segmented into 4 groups of 8 bits - each group is referred to as a field or an octet. Decimal notation converts the value of each field into a decimal number, and the - 3Com 4007R | Implementation Guide - Page 362
362 CHAPTER 16: IP ROUTING Subnetwork Portion The IP address can also contain a subnetwork part at the beginning of the host part of the IP address. Thus, you can divide a single Class A, B, or C network internally, allowing the network to appear as a single network to other external networks. The - 3Com 4007R | Implementation Guide - Page 363
alternate method to represent the subnet mask numbers is based on the number of bits that signify the network portion of the mask. Many Internet Service Providers (ISPs) now use this notation to denote the subnet mask. See Table 72. Table 72 Subnet Mask Notation Standard Mask Notation 100.100.100 - 3Com 4007R | Implementation Guide - Page 364
364 CHAPTER 16: IP ROUTING The subnet mask 255.255.255.255 is reserved as the default broadcast address. Variable Length With Variable Length Subnet Masks (VLSMs), each subnetwork under a Subnet Masks network can use its own subnet mask. Therefore, with VLSM, you can get (VLSMs) more subnetwork - 3Com 4007R | Implementation Guide - Page 365
Key Concepts 365 s Make sure that the routers forward routes based on what is known as the longest match. For example, assume that the destination IP address of a packet is 158.101.26.48 and that the following four routes are in the routing table: s 158.101.26.0/24 s 158.101.3.10/16 s 158.101.26.32/ - 3Com 4007R | Implementation Guide - Page 366
366 CHAPTER 16: IP ROUTING Figure 37 Routing Interfaces Network 1 Network 2 158.101.1.1 1 158.101.1.2 2 158.101.2.2 L3 3 Router 158.101.2.1 158.101.3.2 Network 3 1 = Interface 1 2 = Interface 2 3 = Interface 3 158.101.3.1 To gain access to the module using TCP/IP or to manage the module - 3Com 4007R | Implementation Guide - Page 367
of the routes that are generated with a routing protocol. Because static routes do not automatically change in response to network topology changes, manually configure only a small number of reasonably stable routes. Static routes do not time out, but they can be learned. s Dynamically - Routers use - 3Com 4007R | Implementation Guide - Page 368
implement Virtual Router Redundancy Protocol (VRRP) on your network to remedy this problem. For more information about VRRP, see Chapter 17. There are two basic for implementing how a bridge and a router interact within the same 3Com switch. They are: s Port-based routing (routing versus bridging) - 3Com 4007R | Implementation Guide - Page 369
Key Guidelines for Implementing IP Routing 369 Your module, as a routing device, has the ability to implement either type of routing scheme, "routing over bridging" and "routing versus bridging". Each kind of routing scheme requires its own interface type: s Routing over Bridging requires a VLAN- - 3Com 4007R | Implementation Guide - Page 370
of the paths.) You can use Ignore STP mode to avoid disruptions to routing connectivity, based on the STP state. See Chapter 14 in this guide to learn about VLANs. Establish Your IP To establish an IP interface: Interfaces 1 Determine your interface parameters. 2 Define the IP interfaces. Interface - 3Com 4007R | Implementation Guide - Page 371
-band) options are documented in the Command Reference Guide. To learn how to use the Web Management Console to set up IP interfaces that you must define a VLAN and select IP as a protocol that the VLAN supports before you define the IP (routing) interface. VLANs are described in Chapter 14. - 3Com 4007R | Implementation Guide - Page 372
372 CHAPTER 16: IP ROUTING Enable IP Routing To enable IP routing, use the ip routing command on the Administration Console or use the IP Configuration form in the Web Management software. By default, IP routing is disabled on the Multilayer Switching Module. You can use the Routing Information - 3Com 4007R | Implementation Guide - Page 373
Address Resolution Protocol (ARP) 373 You do not need to implement ARP - the module has ARP capability built in, but you can manipulate and display the contents of the ARP cache. When the host or router knows the IP address of the next hop towards the packet destination, the host or router - 3Com 4007R | Implementation Guide - Page 374
374 CHAPTER 16: IP ROUTING target protocol address, the receiving device places its MAC address in the target hardware address field and sends the packet back to the source hardware address. When the originating host or router receives this ARP reply, it places the new MAC address in its ARP cache - 3Com 4007R | Implementation Guide - Page 375
ARP Proxy 375 ARP Proxy ARP proxy allows a host that has no routing ability to determine the MAC address of a host on another network or subnet. When ARP proxy is enabled and a workstation sends an ARP request for a remote network, the module determines if it has the best route and then answers - 3Com 4007R | Implementation Guide - Page 376
(ICMP) Because a router knows only about the next network hop, it is not aware of problems that may be closer to the destination. Destinations may be unreachable if: s Hardware is temporarily out of service. s You specified a nonexistent destination address. s The routers do not have a route to the - 3Com 4007R | Implementation Guide - Page 377
make this default gateway choice yourself. Important Considerations Keep the following points in mind with ICMP Router Discovery: s You need not manually configure a default route. Although IP traffic may initially be directed to any of the routers on the LAN, ICMP Redirect messages subsequently - 3Com 4007R | Implementation Guide - Page 378
378 CHAPTER 16: IP ROUTING s The minimum value hex 80000000 directs neighboring hosts not to use the address, even though it may be advertised as a default router address. It may be useful to configure an address with a preference level of hex 80000000 (rather than setting its Advertise flag to - 3Com 4007R | Implementation Guide - Page 379
ICMP Redirect 379 Use the Administration Console or the Web Management software to enable ICMP Redirect. Important Considerations Keep the following things in mind with ICMP Redirect: s ICMP Redirect determines if the sending interface is the same as the receiving interface. s ICMP Redirect - 3Com 4007R | Implementation Guide - Page 380
to reflect your security requirements. If you have a critical IP interface, disabling directed broadcast can, for example, protect against denial-of-service attacks by malicious users. Routing Information Protocol (RIP) RIP is the protocol that implements routing. RIP does this by using Distance - 3Com 4007R | Implementation Guide - Page 381
Routing Information Protocol (RIP) 381 RIP operates using both active and passive devices. s Active devices, usually routers, broadcast RIP messages to all devices in a network or subnetwork and update their internal routing tables when they receive a RIP message. s Passive devices, usually hosts, - 3Com 4007R | Implementation Guide - Page 382
a RIP feature that you use specifically with a scheme called Split Horizon. The module enables Poison Reverse by default. Split Horizon avoids the problems that reverse-route updates can cause. Reverse-route updates are sent to a neighboring router and include the routes that are learned from that - 3Com 4007R | Implementation Guide - Page 383
Routing Information Protocol (RIP) 383 Poison Reverse is essentially another layer of protection against advertising reverse routes. s When you enable (default mode) Poison Reverse, the Multilayer Switching Module advertises reverse routes in updates, but it sets the metrics to 16 (infinity). - 3Com 4007R | Implementation Guide - Page 384
-2 - enabled In this way, the module keeps track of the RIP-1 and RIP-2 address routes in its routing table and forwards the routes as well. s 3Com recommends that you not advertise RIP-1 and RIP-2 together. If you do, two different sets of IP addresses may go into to the routing table - 3Com 4007R | Implementation Guide - Page 385
Routing Policies 385 Routing policies can control the entire flow of routing information among the network, the protocols, and the routing table manager. Routing Policies are often referred to as Route Filters because defining policies for accepting and forwarding routes is very much like defining - 3Com 4007R | Implementation Guide - Page 386
386 CHAPTER 16: IP ROUTING Figure 62 shows the first level of decision-making in routing policies. Routing policies also contain two parameters that help further refine this system: metrics and administrative weight. s Metric (cost) adjustment - Specifies how many hops to assign to the route. The - 3Com 4007R | Implementation Guide - Page 387
Routing Policies 387 Important Considerations Even though Routing Policies are not true routing protocols and are considered optional, they can increase network efficiency. s You can increase speed and security simply by limiting the number of devices from which the router receives data. s You can - 3Com 4007R | Implementation Guide - Page 388
388 CHAPTER 16: IP ROUTING RIP Import Policy Conditions for Specified Interfaces Table 75 lists the policy conditions for RIP import policies: Table 75 RIP Import Policy Conditions Source Router Specified router Route (address/mask) Action Specified route/mask accept Specified all (0.0.0.0) - 3Com 4007R | Implementation Guide - Page 389
Routing Policies 389 RIP Export Policy Conditions for Specified Interfaces Table 76 lists the policy conditions for the RIP export policies: Table 76 RIP Export Policy Conditions Protocol RIP, OSPF, static Source Router Specified router or all routers Route Specified route/mask RIP, OSPF, - 3Com 4007R | Implementation Guide - Page 390
390 CHAPTER 16: IP ROUTING Setting Up RIP To configure a routing policy, follow these general steps: Routing Policies 1 Establish an Export policy that controls the advertisement of routes through RIP, regardless of the source from which the route is learned. 2 Establish an Import policy that - 3Com 4007R | Implementation Guide - Page 391
Routing Policies 391 Creating RIP Routing Policies To set a routing policy, you need to know the following parameters: s Policy type - The determination whether to accept a route into the routing table (import) or advertise a route from the routing table (export) s Source address - The routing - 3Com 4007R | Implementation Guide - Page 392
DNS settings on each host that the ISP services. See UNIX Network File System (NFS) documentation for information about how to create and maintain lists of domain names and IP addresses on the name servers. See Chapter 17 and also the Command Reference Guide, for information about how to use ping - 3Com 4007R | Implementation Guide - Page 393
network. With DHCP, you can dynamically configure a host with new information. 3Com implements a generic UDP Helper agent in the module that can apply to any described in the "IP Routing" chapter of the Command Reference Guide. You need to have a thorough understanding of your network configuration - 3Com 4007R | Implementation Guide - Page 394
to forward a packet through the router) is 16; the default hop count limit is 4. Keep the hop count as low as possible for performance purposes. s 3Com recommends that you keep the UDP port number at 67. The port number 67, which is the industry standard, helps ensure that UDP packets do - 3Com 4007R | Implementation Guide - Page 395
Standards, Protocols, and Related Reading 395 Standards, Protocols, and Related Reading This section describes how to obtain more technical information about IP. Requests For Comments (RFCs) Documents called Requests for Comments (RFCs) contain information about the entire set of protocols that - 3Com 4007R | Implementation Guide - Page 396
396 CHAPTER 16: IP ROUTING Related Reading For more information about the IP protocol suite, see the following books: s High Speed Networks: TCP/IP and ATM Design Principles. William Stallings, Prentice Hall, 1998 s Local Area Networks: Architectures and Implementations. James Martin, Prentice - 3Com 4007R | Implementation Guide - Page 397
ways: s From the vrrp menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) s From the VRRP folder of the Web Management software. (See the Switch 4007 Getting Started Guide.) The management interfaces display "cb9000" and refer to the Management Module as the Enterprise - 3Com 4007R | Implementation Guide - Page 398
398 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) VRRP Overview A critical component of IP networking is the way in which hosts and routing devices find the next-hop address in a connectionless environment. There are several different ways of determining the next-hop address, but they all - 3Com 4007R | Implementation Guide - Page 399
today; however, it has one major drawback: if the default gateway becomes unavailable, then all routing to remote networks stops, requiring manual intervention to restore connectivity even if there are alternate paths available. VRRP addresses this drawback by defining an election protocol that - 3Com 4007R | Implementation Guide - Page 400
400 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Figure 45 Simple VRRP Configuration Key Concepts L3 Router A WAN PC L3 Router B L3 Router C L3 Router D Server In the example shown in Figure 45, Router A is the default gateway for the workstation labeled PC, which provides access - 3Com 4007R | Implementation Guide - Page 401
Key Concepts 401 s Virtual router master - The VRRP router that forwards packets sent to the IP addresses associated with the virtual router. Also called the Master router. A virtual router is the Master when: s You configure it (using the Administration console, the Web Management console, or SNMP - 3Com 4007R | Implementation Guide - Page 402
402 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) For this scheme to work, the association between VRIDs and IP addresses must be coordinated among all VRRP routers across the LAN: otherwise, the backup router does not have a valid set of IP addresses to use. Virtual Router Decision-making - 3Com 4007R | Implementation Guide - Page 403
Important Considerations Important Considerations 403 VRRP provides for this by making you assign each virtual router on the LAN a priority value between 1 and 255. (255 means that the virtual router is the actual owner of the IP addresses.) If the Master fails, the virtual router with the next- - 3Com 4007R | Implementation Guide - Page 404
be on the same VLAN. s VRRP supports Proxy ARP; the virtual router uses the virtual router MAC address in Proxy ARP replies. s VRRP supports Fiber Distributed Data Interface (FDDI) and Ethernet 2 (RIP-2) s Open Shortest Path First (OSPF) s IP Multicast s ICMP Redirect s Quality of Service (QoS) - 3Com 4007R | Implementation Guide - Page 405
VRRP and Other Networking Operations 405 Spanning Tree Protocol (STP) Figure 46 earlier in this chapter shows how you can set up VRRP parallel routers to provide total redundancy in your inter-LAN operations. However, because VRRP uses MAC addresses in its advertisements, this topology can - 3Com 4007R | Implementation Guide - Page 406
406 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Figure 47 Proper Use of Dynamic Routing Protocols with VRRP AA (OSPF) 99.99.1.0 99.99.2.0 L3 Router A L3 Router B L3 Router C OSPF RIP-2 BB (RIP) IGMP Queries IP multicast routers use IGMP to query subnetworks in order to detect host - 3Com 4007R | Implementation Guide - Page 407
ICMP Redirect in conjunction with VRRP might cause gateway access problems due to potential conflicts between actual MAC addresses that ICMP . Disable ICMP Redirect if you are using VRRP. Quality of Service You can enable Quality of Service (QoS) to run on modules running the VRRP protocol. As - 3Com 4007R | Implementation Guide - Page 408
408 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) See Figure 48 for a graphic example of a VRRP topology on two Switch 4007s. This sample topology directly connects end stations to a backbone Switch 4007 16-slot chassis. The end stations can communicate with end stations on LANs that are - 3Com 4007R | Implementation Guide - Page 409
Using VRRP On Your Switch 4007 409 Backbone Switch Switch 4007 External Switch Switch 4007 Switch Fabric Module LAN 1 Switch Fabric Module LAN IP Addr IP Addr 22.2.52.17 22.2.52.16 33.3.52.17 33.3.52.16 1 VRRP vid 52 backup for subnets 22.2.52 33.3.52 VRRP vid 52 primary for subnets 22 - 3Com 4007R | Implementation Guide - Page 410
410 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Spanning Tree Considerations To prevent the links from going into blocking mode on the External Switch side, you must: s Remove the BA1 and BA2 front panel ports in the Protocol VLAN from the Default VLAN. s Set the Spanning Tree Protocol ( - 3Com 4007R | Implementation Guide - Page 411
Using VRRP On Your Switch 4007 411 VRRP Activity If the entire BA2 module goes down, then both Backup virtual routers on BA1 switch over to Master and the end stations' ability to address one another on LAN1 (the switch fabric module) and to address the end stations on LAN2 (external switch) is - 3Com 4007R | Implementation Guide - Page 412
412 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Problem The backplane port router of BA2 does not have the ability to address the 44.4.53 and 55.5.53 subnetworks on the front panel port - 3Com 4007R | Implementation Guide - Page 413
Using VRRP On Your Switch 4007 413 Figure 49 Sample VRRP Topology with a Single Virtual Router Switch 4007 Switch Fabric Module LAN Switch 4007 Switch Fabric Module LAN IP Addr IP Addr 22.2.52.17 22.2.52.16 33.3.52.17 33.3.52.16 44.4.53.17 44.4.53.16 1 55.5.53.17 55.5.53.16 3 VRRP - 3Com 4007R | Implementation Guide - Page 414
414 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Configuring VRRP This section provides details about configuring multiple VRRP routers, following the topology in Figure 48. Router 1 is on the Backplane Port of a 12-Port 10/100BASE-TX Fast Ethernet Multilayer Switching Module in Slot 3, - 3Com 4007R | Implementation Guide - Page 415
Configuring VRRP 415 Configuring the Protocol (IP) VLAN of the Master Router [email protected] [12-E/FEN-TX-L3] (): bridge vlan define Enter VID (2-4094) [2]: 2 Select bridge ports (1-13|all|?): 13 Enter protocol suite (IP,IPX,Apple,XNS,DECnet,SNA,Vines,X25,NetBEUI,unspecified,IPX-II,IPX-802.2, - 3Com 4007R | Implementation Guide - Page 416
416 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Configuring the IP Interfaces [email protected] [12-E/FEN-TX-L3] (): ip interface define Enter IP address: 44.4.4.1 Enter subnet mask [255.0.0.0]: 255.255.255.0 Enter interface type (vlan,port) [vlan]: vlan Enter VLAN interface index {2|?} - 3Com 4007R | Implementation Guide - Page 417
Configuring VRRP 417 Configuring the Master Router [email protected] [12-E/FEN-TX-L3] (): ip vrrp define Enter virtual router's type (Primary,Backup) [Primary]: primary Enter VLAN interface index {2|?} [2]: 2 Enter VRID (1-255) [1]: 52 Enter address mode (auto-learn,IP-address) [auto-learn]: auto - 3Com 4007R | Implementation Guide - Page 418
418 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Configuring the Protocol (IP) VLAN of the Backup Router [email protected] [10-E/FEN-FX-L3] (): bridge vlan define Enter VID (2-4094) [2]: 2 Select bridge ports (1-11|all|?): 11 Enter protocol suite (IP,IPX,Apple,XNS,DECnet,SNA,Vines,X25, - 3Com 4007R | Implementation Guide - Page 419
Configuring VRRP 419 Configuring the IP Interfaces [email protected] [10-E/FEN-FX-L3] (): ip int define 44.4.4.2 255.255.255.0 vlan 2 [email protected] [10-E/FEN-FX-L3] (): ip int define 55.5.5.2 255.255.255.0 vlan 2 [email protected] [10-E/FEN-FX-L3] (): ip int summary all IP routing is disabled - 3Com 4007R | Implementation Guide - Page 420
420 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Configuring the Backup Router [email protected] [10-E/FEN-FX-L3] (): ip vrrp define Enter virtual router's type (Primary,Backup) [Primary]: backup Enter VLAN interface index {2|?} [2]: 2 Enter VRID (1-255) [1]: 52 Enter address mode (auto- - 3Com 4007R | Implementation Guide - Page 421
Configuring VRRP 421 Disabling the Master Router [email protected] [12-E/FEN-TX-L3] (): eth portstate 13 disable Displaying the Results of the Master Router Change [email protected] [10-E/FEN-FX-L3] (): ip vrrp detail all all VLAN Index: 2 Ports: 11 VRID State Interval Pri Preempt Mode Auth - 3Com 4007R | Implementation Guide - Page 422
422 CHAPTER 17: VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) Standards, Protocols, and Related Reading Virtual Router Redundancy Protocol is defined in the IETF Request For Comments (RFC) document RFC2338. RFC2338 can be found at the following WWW site: http://www.ietf.cnri.reston.va.us/rfc/rfc2338. - 3Com 4007R | Implementation Guide - Page 423
Overview s How a Network Supports IP Multicast s Key Concepts s How IGMP Supports IP Multicast s How DVMRP Supports IP Multicast s Key Console of Multilayer Switching Modules. See the Switch 4007 Command Reference Guide. The management interfaces display "cb9000" and refer to the Management - 3Com 4007R | Implementation Guide - Page 424
IP multicast routing: the Internet Group Management Protocol (IGMP) and the Distance-Vector Multicast Routing Protocol (DVMRP). IGMP is also supported on Layer 2 Switching Modules, but that implementation is described in Chapter 11. IP Multicast Overview The easiest way to begin to understand - 3Com 4007R | Implementation Guide - Page 425
defined in 1985 in RFC 966. Certain other protocols are used to support IP multicast processes. These are explained later in this chapter. Benefits concert with other protocols and services, such as Quality of Service (QoS) and Resource Reservation (RSVP) requests to support real-time multimedia. - 3Com 4007R | Implementation Guide - Page 426
both are called routers) to direct packets on an efficient path from sources to destinations. As shown in Figure 50, routers that support IP multicast must accomplish two important tasks: s Communicate with other routers to determine the shortest, loopfree delivery path between an IP multicast - 3Com 4007R | Implementation Guide - Page 427
, you can configure a transitional technique called tunneling to extend the service area. Tunnels provide a virtual point-to-point link between two the path between them includes one or more routers that do not support multicast routing (unicast routers). Figure 51 DVMRP Tunnel Example DVMRP - 3Com 4007R | Implementation Guide - Page 428
packets reach the end of the tunnel, the router strips the encapsulation away and returns the packet to its native IP multicast format. Supporting Protocol in Your Module Switch 4007 Multilayer Switching Modules use the Distance-Vector Multicast Routing Protocol (DVMRP) to form IP multicast tunnels - 3Com 4007R | Implementation Guide - Page 429
is an interconnected set of Internet routers, subnetworks, and tunnels that support the delivery of IP multicast traffic. The MBONE was first configured in of subnetworks. You can connect to the MBONE through most Internet service providers (ISPs). You can use it to test multicast applications - 3Com 4007R | Implementation Guide - Page 430
430 CHAPTER 18: IP MULTICAST ROUTING IP Multicast Groups Users can join or leave an IP multicast group at any time. Users request and cancel membership through mechanisms built into their desktop application - perhaps visible to the user as Go and Quit buttons. There are no restrictions on the - 3Com 4007R | Implementation Guide - Page 431
01-00-5E. A simple procedure maps Class D addresses to this block, so that IP multicasting can take advantage of the hardware-level multicasting supported by network interface cards (NICs). The mapping process involves placing the low-order 23 bits of the Class D address (binary format) into the - 3Com 4007R | Implementation Guide - Page 432
432 CHAPTER 18: IP MULTICAST ROUTING How IGMP Supports IP Multicast IGMP provides a way for routers and switches to learn where group members exist on a network, and thus provides a critical function in the IP - 3Com 4007R | Implementation Guide - Page 433
How IGMP Supports IP Multicast 433 Join Message Rather than wait for a query, a host can also send an IGMP report on its own initiative to inform the querier - 3Com 4007R | Implementation Guide - Page 434
434 CHAPTER 18: IP MULTICAST ROUTING How DVMRP Supports IP Multicast DVMRP is a distance-vector routing protocol that allows routers to establish shortest-path, source-rooted, IP multicast delivery trees. While it is similar - 3Com 4007R | Implementation Guide - Page 435
How DVMRP Supports IP Multicast 435 The term spanning tree applies to any loopless graph grafting. These techniques balance the goal of an efficient delivery path with the goal of effective service for all potential group members. Figure 53 shows the broadcasting, pruning, and grafting processes. - 3Com 4007R | Implementation Guide - Page 436
436 CHAPTER 18: IP MULTICAST ROUTING Interface Relationships The interface on which a router receives source-origin traffic for a given source-group pair is called the incoming or parent interface. Each interface over which the router forwards source-group traffic is called an outgoing or child - 3Com 4007R | Implementation Guide - Page 437
How DVMRP Supports IP Multicast 437 Inside the prune message is a prune lifetime, or prune timer, which is a period of time for which the prune message is valid. - 3Com 4007R | Implementation Guide - Page 438
on Switch 4007 Layer 2 Switching Modules, see Chapter 11 in this guide. 3 Enable DVMRP on each interface that is to perform IP multicast routing each interface. For general information about DVMRP see "How DVMRP Supports IP Multicast" earlier in this chapter. For information about configuring - 3Com 4007R | Implementation Guide - Page 439
chapter. 7 Use the traceroute option for troubleshooting or to determine the traffic paths. See . If network users have trouble receiving IP multicast application traffic 3Com representative about network design options. Protocol Interoperability Routing protocols other than DVMRP exist to support - 3Com 4007R | Implementation Guide - Page 440
as the factory default. These settings apply to the entire module. You cannot enable or disable snooping or querying on specific interfaces. s 3Com recommends that you keep both modes enabled at all times. They add little processing overhead to the module. Configuring DVMRP Interfaces DVMRP is - 3Com 4007R | Implementation Guide - Page 441
Configuring DVMRP Tunnels 441 Table 79 lists conventional numeric values and network objectives. Table 79 Conventional TTL Scope Control Values TTL Value 0 1 16 64 128 255 Objective Restricted to the same host Restricted to the same subnetwork Restricted to the same site Restricted to the same - 3Com 4007R | Implementation Guide - Page 442
index 2, it can assign index 4 to the next new tunnel, and so on. s Removing a tunnel end point on one system destroys that tunnel's functionality, but 3Com recommends that you remove the tunnel configuration from both systems. - 3Com 4007R | Implementation Guide - Page 443
Configuring DVMRP Default Routes 443 Configuring DVMRP You can configure a default route for IP multicast traffic on any DVMRP Default Routes routing interface in the module. How Default Routes Work If an interface is configured as a default route, it advertises source 0.0.0.0 to neighboring - 3Com 4007R | Implementation Guide - Page 444
table. This depends on whether group members exist on directly-attached subnetworks or on subnetworks from downstream routers. See the Command Reference Guide for definitions of the fields of information and symbols used in the DVMRP route display. Your module records information about the IP - 3Com 4007R | Implementation Guide - Page 445
3 module. The ability to trace the path of a IP multicast group packet from a source to a particular destination is desirable for troubleshooting purposes. Unlike unicast traceroute, IP multicast traceroute requires the ability for routers to understand a special IGMP packet type and the related - 3Com 4007R | Implementation Guide - Page 446
condition such as "no route" is encountered along the path. All interim devices must support IP multicast traceroute for you to see a complete path on the display. Standards, following Web resources: s http://www.3com.com s http://www.ipmulticast.com s http://www.ietf.org s http://www.stardust.com - 3Com 4007R | Implementation Guide - Page 447
that houses a Multilayer Switching Module, you can manage OSPF routing from the ip ospf menu of the Administration Console. See the Switch 4007 Command Reference Guide. - 3Com 4007R | Implementation Guide - Page 448
portions of their tables throughout the network by flooding. For information about how to perform IP routing, see Chapter 16. Features Your system supports OSPF Version 2 as defined in RFC 1583. OSPF routing on your system includes these features: s Areas - You can subdivide an autonomous system - 3Com 4007R | Implementation Guide - Page 449
OSPF Overview 449 s OSPF interfaces - An OSPF interface is an IP interface that you configure to send and receive OSPF traffic. When you configure an OSPF interface, you define the behavior and role of the interface within the OSPF routing domain. For example, router priority determines designated - 3Com 4007R | Implementation Guide - Page 450
450 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s Virtual links - All areas of an OSPF routing domain must connect to the backbone area. In cases where an area does not have direct, physical access to the backbone, you can configure a logical connection to the backbone, called a virtual - 3Com 4007R | Implementation Guide - Page 451
for each area. This partitioning allows some areas to use much stricter authentication than others. s Host-specific and network-specific route support - OSPF supports traffic forwarding to single hosts or networks. Each network the router knows has both an IP destination address and a mask. The - 3Com 4007R | Implementation Guide - Page 452
were connected by an unnumbered point-to-point network. For more information, see "Virtual Links" later in this chapter. s Variable length subnet mask support - OSPF considers both the IP address and subnet mask in determining the best route for a packet. An IP address mask is distributed with each - 3Com 4007R | Implementation Guide - Page 453
Key Concepts 453 Key Concepts Before you configure OSPF on your system, review the following key concepts and terms discussed in these sections: s Autonomous Systems s Areas s Neighbors and Adjacency s Router Types s Protocol Packets s How OSPF Routing Works Autonomous Systems An autonomous - 3Com 4007R | Implementation Guide - Page 454
454 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Router Types OSPF routers serve several different, often overlapping, functions: s Internal routers - Internal routers connect only to networks that belong to the same area. An internal router runs one copy of the OSPF algorithm and maintains - 3Com 4007R | Implementation Guide - Page 455
Key Concepts 455 Router IDs The OSPF router ID identifies a router to other routers within an autonomous system. OSPF uses three types of router identifiers, which take the form of an IP address: s Default - An arbitrary ID that the system generates and uses as the default router ID s Interface - - 3Com 4007R | Implementation Guide - Page 456
456 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING How OSPF Routing Works This section summarizes how the OSPF algorithm works for a router that meets these characteristics: s Lies within an autonomous system area (an interior router) s Is attached to a multiaccess network s Is configured to - 3Com 4007R | Implementation Guide - Page 457
Key Concepts 457 Electing the Designated Router OSPF selects a designated router, which originates LSAs on behalf of the network segment. These advertisements list all routers (including the designated router) that are attached to the segment. The designated router also floods LSA packets throughout - 3Com 4007R | Implementation Guide - Page 458
458 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s To a stub area - When a packet's destination is in a stub area (an area that does not accept external route advertisements), OSPF uses the area's predefined default route. You configure default routing in area border routers that serve an - 3Com 4007R | Implementation Guide - Page 459
, keep the maximum number of routers participating in OSPF exchanges in any given area to around 50. This number decreases the likelihood of performance problems that may be associated with router recalculation. If the link is of high quality and the number of routes is minimal, you can increase - 3Com 4007R | Implementation Guide - Page 460
460 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING The ASBR then generates external link state advertisements for these IP interfaces. A router also becomes an ASBR if you have configured either of the following on the box: s A default route metric s Any static routes, including configuring a - 3Com 4007R | Implementation Guide - Page 461
Areas Areas 461 To reduce the amount of routing information that travels through a network, and the corresponding size of the OSPF routers' topology databases, subdivide OSPF autonomous systems into areas. Each area has the following configurable parameters: s Area ID - A 32 bit number that - 3Com 4007R | Implementation Guide - Page 462
462 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Types of Areas All routers within the same area maintain and use identical link state advertisement (LSA) databases. The network shown in Figure 54 later in this chapter contains four OSPF areas within autonomous system A. There are three - 3Com 4007R | Implementation Guide - Page 463
Areas 463 Figure 54 Sample OSPF Routing Application Area 2 (stub) Autonomous system A Segment 2 Area border router 1 Area 0 (backbone) Segment 1 Router 1 Segment 4 Segment 3 Pointto-point link Router 3 Segment 5 Router 4 Area border Segment 7 router 2 Router 5 Area 1 Segment 8 Router - 3Com 4007R | Implementation Guide - Page 464
464 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Area Border Routers Each area (including the backbone area) includes all border routers that are connected to the area. In Figure 54, for example, you define: s Area border routers 1, 2, and 3 as being in backbone area 0 s Area border routers - 3Com 4007R | Implementation Guide - Page 465
the area fall within a specified address range. This summary route or address range is defined by an IP address and mask combination. OSPF supports Variable Length Subnet Masks (VLSMs), so you can summarize a range of addresses on any bit boundary in a network or subnetwork address. For example - 3Com 4007R | Implementation Guide - Page 466
466 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Stub areas Backbone area s Whenever there is a change in network topology (such as when a link is lost or comes online), routers in all affected areas must converge on the new topology. If your internetwork consists of unstable links, you can - 3Com 4007R | Implementation Guide - Page 467
that it spans. s This dependency on underlying areas can make troubleshooting difficult. s Virtual links cannot run across stub areas. s or more areas to the backbone. To maximize stability, a single ABR should support no more than three areas because the router must run the link-state algorithm - 3Com 4007R | Implementation Guide - Page 468
468 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Default Route Metric An OSPF router always forwards an IP packet to the network that is the best match for the packet's destination; best match means the longest or most specific match. A router that fails to find a specific match for a - 3Com 4007R | Implementation Guide - Page 469
OSPF Interfaces 469 Priority You assign the interface priority to an OSPF router to determine its status as a designated router. A router can function in one of three ways: s Designated router (DR) - The router that has the highest priority value, unless a designated router already exists on the - 3Com 4007R | Implementation Guide - Page 470
default cost based on the module media type, you can set the cost manually to a different value. In most cases, you can accept the default value in the route. You can configure area routers to use preferred paths by manually setting higher cost metrics for those paths that are not preferred. For - 3Com 4007R | Implementation Guide - Page 471
OSPF Interfaces 471 Delay The transmit delay is the estimated time (in seconds) that it takes for the system to transmit a link state update packet on the interface. The system increases the age of the link state advertisements (LSAs) that are contained in the update packets by the value that you - 3Com 4007R | Implementation Guide - Page 472
the network. The default value for the dead interval is 4 times the default value for the Hello interval - 40 seconds. Password OSPF supports simple password authentication. You can set security passwords for OSPF interfaces so that only routers that know the password participate in OSPF exchanges - 3Com 4007R | Implementation Guide - Page 473
on the network. For a complete listing of OSPF interface statistics, see the ip ospf interface statistics command in the Command Reference Guide. Important Considerations Designated routers Area ID Consider the following guidelines when you configure router interfaces: s To set the OSPF interface - 3Com 4007R | Implementation Guide - Page 474
474 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Transmit delay Hello interval Dead interval Retransmit interval Password s The default value for the transmit delay is 1 second. s Set the transmit delay to an integer value greater than 0. s To set the transmit delay, take into account the - 3Com 4007R | Implementation Guide - Page 475
Link State Databases 475 Link State Databases OSPF routers use the information that is contained in the link state advertisements (LSAs) to build and maintain link state databases. Each link state database contains the link state advertisements from throughout the areas to which the router is - 3Com 4007R | Implementation Guide - Page 476
476 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s Link ID - Identifies the object to which this router link connects for each Link Type. Possible values: s If Link Type is PTP, then this is the neighboring router's router ID. s If Link Type is Transit, then this is the address of the - 3Com 4007R | Implementation Guide - Page 477
Link State Databases 477 Summary Link State Advertisements Area border routers can generate two types of summary link state advertisements: s Summary link state advertisements that report the cost to a single subnetwork number outside the area. These advertisements are identified as Type 3 in the - 3Com 4007R | Implementation Guide - Page 478
478 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING External Link State Advertisements Each autonomous system boundary router generates an external link state advertisement for each network destination (known to the router) outside the AS. AS boundary routers use these external link state - 3Com 4007R | Implementation Guide - Page 479
originated locally. s All routers within an area must maintain identical link state databases. s Use the contents of the link state database for network configuration and troubleshooting purposes. - 3Com 4007R | Implementation Guide - Page 480
480 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Neighbors Neighbor routers are those that are physically attached to the same network segment. The OSPF Hello protocol establishes adjacencies among neighboring routers to facilitate the exchange of routing information. An adjacency describes - 3Com 4007R | Implementation Guide - Page 481
Neighbors 481 Neighbor Information Your system can display a list of all neighbors for all OSPF interfaces defined on the system. The list includes the following information: s Index - The Index number that corresponds to the OSPF router interface for which neighbors have been discovered. s - 3Com 4007R | Implementation Guide - Page 482
482 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s Loading - The router is sending requests for link state advertisements (LSAs) that were discovered in the exchange state but not yet received. s Full - The neighbor is now fully adjacent. This adjacency is now advertised in router LSAs and - 3Com 4007R | Implementation Guide - Page 483
Neighbors 483 Static Neighbors On broadcast networks such as Ethernet, the OSPF Hello protocol uses the broadcast capability to dynamically discover neighbors. On nonbroadcast networks, such as X.25 Public Data Network, however, you may need to assist in neighbor discovery by statically defining - 3Com 4007R | Implementation Guide - Page 484
inactive before you can add or modify an OSPF router ID. To deactivate OSPF routing, set the OSPF mode to disabled. See the Command Reference Guide for details. After you add the router ID, you can set the OSPF mode to enabled on the interface. Important Considerations Consider the following - 3Com 4007R | Implementation Guide - Page 485
(partition size = 0). s Configure the maximum OSPF memory partition size manually (partition size = 4096 - ). You use the option to control memory allocation, as described in the Command Reference Guide. Default Memory Allocation You typically do not have to modify the - 3Com 4007R | Implementation Guide - Page 486
486 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING The estimate (maxRoutingTableSize) of the maximum number of routing table entries the system can hold for a given memory size is a hardcoded value. On extended memory systems this value is 51200. On systems without extended memory this value - 3Com 4007R | Implementation Guide - Page 487
between 4096 and the maximum memory available on your system, as shown in the ip ospf partition modify command prompt. You can also use manual memory allocation control to lower the OSPF current maximum partition size to be less than the 4,200,000 default minimum on extended memory systems. As - 3Com 4007R | Implementation Guide - Page 488
488 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING A stub area can have multiple ABRs and multiple exit points. However, all of the exit points and routers must contain the same external routing data so that the choice of an exit point does not need to be made for each external destination. - 3Com 4007R | Implementation Guide - Page 489
Virtual Links 489 The endpoints of a virtual link must be area border routers. You must configure the virtual link on both routers. Each router's virtual link definition includes the other router's router ID and the transit area through which the routers connect. Figure 55 illustrates a virtual - 3Com 4007R | Implementation Guide - Page 490
that it spans. s This dependency on underlying areas can make troubleshooting difficult. OSPF Routing Policies Routing policies are rules that define criteria flow of routes to and from the routing table. Your system supports two types of OSPF routing policies: import policies that dictate which - 3Com 4007R | Implementation Guide - Page 491
OSPF Routing Policies 491 s Isolate suspect networks - Misconfigured hosts can sometimes send inappropriate routing information, which can compromise network integrity. In such a case, you can define an import policy on an ASBR that rejects all routes from the suspect network. s Adjust route cost - - 3Com 4007R | Implementation Guide - Page 492
492 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s With the ability to wildcard policy parameters (such as 0.0.0.0 to indicate all routers or all routes), occasions may arise when several policies match a route. In such cases, routers use the following procedure to determine which policy to - 3Com 4007R | Implementation Guide - Page 493
OSPF Routing Policies 493 Implementing Import Policies Import policies control which non-self-originated routes (RIP external routes) are accepted and stored in the routing table. Non-self-originated means that the router itself did not originate the route; it learned the route from an external - 3Com 4007R | Implementation Guide - Page 494
494 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Figure 56 illustrates the import policy process. Figure 56 Import Policy Process IP Network OSPF Incoming traffic (non-self-originated) Link State Database Reject Import Policy Accept Routing Table Information that you define for an import - 3Com 4007R | Implementation Guide - Page 495
OSPF Routing Policies 495 Route Address 0.0.0.0 A 0.0.0.0 A s For routes that are accepted into the routing table as defined by the policy, you can define a new cost metric value for the route, or you can adjust the existing cost metric using one of these operators: s + adds the specified number - 3Com 4007R | Implementation Guide - Page 496
496 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Import Example 1: Accept Route The policy defined in Table 81 imports route 243.140.28.0 into the routing table and assigns a cost of 10 to the route. Table 81 Import Policy Example Policy Field Policy type Route address Route subnet mask - 3Com 4007R | Implementation Guide - Page 497
OSPF Routing Policies 497 When you define an export policy, you can configure the router to accept or reject routes. An accept export policy configures the router to place the specified route in external link state advertisements for propagation over the network. The routes are advertised with the - 3Com 4007R | Implementation Guide - Page 498
498 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING s When you specify RIP or static as the origin protocol, you can specify the source address of the router that originated the RIP or static route. For example, you can define an export policy to reject (that is, not advertise) all statically - 3Com 4007R | Implementation Guide - Page 499
OSPF Routing Policies 499 Export Policies for RIP and Static Routes Table 83 shows the export policies that can be applied to RIP and statically defined routes. Table 83 OSPF Export Policies for RIP and Static Routes Origin Source Protocol Router RIP or A Static RIP or A Static RIP or Static - 3Com 4007R | Implementation Guide - Page 500
500 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Export Policies for Direct Interfaces Table 84 shows the possible export policies that can be applied to directly connected router interfaces. Table 84 OSPF Export Policies for Directly Connected Interfaces Origin Protocol Interface Policy - 3Com 4007R | Implementation Guide - Page 501
OSPF Routing Policies 501 Export Example 2: Prohibit Advertisement of Static Address The policy defined in Table 86 prohibits a router from advertising any static route originating from router 131.141.127.7. Table 86 Export Policy to Reject Static Routes Policy Field Policy type Origin protocol - 3Com 4007R | Implementation Guide - Page 502
502 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING Export Example 4: Advertisement of Direct Interfaces The policy defined in Table 88 configures a router to advertise direct interface 8 as a Type 2 external metric with a cost increase of 2. Table 88 Export Policy to Accept a Direct Interface - 3Com 4007R | Implementation Guide - Page 503
OSPF Routing Policies 503 Export Example 6: Advertisement of RIP Routes The policy defined in Table 90 configures an autonomous system boundary router to advertise all routes that are imported from a RIP network as Type 2 external metrics with associated costs of 10. Table 90 Export Policy to - 3Com 4007R | Implementation Guide - Page 504
OSPF interfaces. These statistics provide valuable information useful in troubleshooting network and system issues. For example, the number memory resources (implies a fatal memory allocation failure). To fix this problem, change the OSPF memory partition with the ip ospf partition modify option - 3Com 4007R | Implementation Guide - Page 505
Standards, Protocols, and Related Reading 505 Standards, Protocols, and Related Reading OSPF as implemented on this system is described in the following Internet Engineering Task Force (IETF) Request for Comment (RFC) documents: s RFC 1583, Moy, J., OSPF Version 2, March 1994. s RFC 1850, Baker, - 3Com 4007R | Implementation Guide - Page 506
506 CHAPTER 19: OPEN SHORTEST PATH FIRST (OSPF) ROUTING - 3Com 4007R | Implementation Guide - Page 507
Switching Module, you can manage IPX routing features from the ipx menu of the Administration Console. See the Switch 4007 Command Reference Guide. The management interfaces display "cb9000" and refer to the Management Module as the Enterprise Management Engine (EME) because the heritage of the - 3Com 4007R | Implementation Guide - Page 508
OSI Reference Model Layers in the OSI Reference Model Application Presentation Session Transport Applications NetWare shell NetBIOS SPX NetWare Control Protocol Service Routing Advertising Information Protocol Protocol Network IPX Data link Physical Media access protocols (Ethernet, FDDI) - 3Com 4007R | Implementation Guide - Page 509
to route packets, you can create and support: s IPX interfaces s IPX routes (primary and secondary) s IPX servers (primary and secondary) s IPX forwarding s IPX RIP mode s IPX SAP mode Benefits You can use IPX routing to: s Provide services for connectionless communications. s Reduce the cost of - 3Com 4007R | Implementation Guide - Page 510
network. Each IPX VLAN interface is associated with a VLAN that supports IPX. The Multilayer Switching Module has one interface defined for each the Open Systems Interconnection (OSI) Reference Model. The router receives instructions to route packets from one segment to another from the network- - 3Com 4007R | Implementation Guide - Page 511
Key Concepts 511 Figure 59 shows the IPX packet format. Figure 59 IPX Packet Format MAC Header Data MAC Trailer Checksum (2 bytes) Packet length (2 bytes) Transport control Packet type (1 byte) (1 byte) Destination network (4 bytes) Destination node (6 bytes) Destination socket (2 bytes) - 3Com 4007R | Implementation Guide - Page 512
512 CHAPTER 20: IPX ROUTING s Source network - A 4-byte field that contains the source node network number. If a sending node sets this field to 0, the source's local network number is unknown. s Source node - A 6-byte field that contains the source node, physical address. Broadcast addresses are - 3Com 4007R | Implementation Guide - Page 513
Key Concepts 513 Figure 60 shows an example of IPX format routing. Figure 60 IPX Packet Routing Sending node Network = 000000AA Node = 000000000001 Socket = 4003 Router Node Node 000000000020 000000000021 Destination node Network = 000000BB Node = 000000000003 Socket = 0451 MAC Header - 3Com 4007R | Implementation Guide - Page 514
514 CHAPTER 20: IPX ROUTING If the sending node is a router rather than a workstation, the node's internal routing tables supply the destination's network location. The destination router does not need to broadcast a RIP request. Router's Responsibility A router handles a received IPX packet in one - 3Com 4007R | Implementation Guide - Page 515
to create and maintain their dynamic routing tables. s SAP - Service Advertisement Protocol. Provides routers and servers that contain SAP mode agents with a means of dynamically exchanging network service information. s Ticks - An estimate of the time that is necessary - 3Com 4007R | Implementation Guide - Page 516
and servers. 3 Define routes. 4 Define servers. 5 Select RIP or SAP, if you plan to use them. 6 Define IPX forwarding. See the Command Reference Guide for commands that you use for these steps. General Guidelines Consider the following general guidelines before you configure IPX routing on your - 3Com 4007R | Implementation Guide - Page 517
IPX Interfaces 517 IPX Interfaces An IPX interface has the following information associated with it: s IPX network address - A 4-byte address that you assign. Make each address unique within the network. s Cost - A number between 1 and 65534 that the system uses to calculate route ticks. A tick is - 3Com 4007R | Implementation Guide - Page 518
802.2, IPX-802.2 LLC, or IPX-802.3-SNAP as the protocol to be supported by the VLAN. See Chapter 14 for information about creating VLANs. s Unless index s If you use the OddLengthPadding feature (10 MB switching modules support only), make sure that you select only those interfaces that require odd - 3Com 4007R | Implementation Guide - Page 519
options, see the Administering IPX Routing chapter in the Command Reference Guide. NetBIOS Option This option determines whether the system handles IPX Type 20 packet forwarding. OddLengthPadding Option This option only supports 10 MB switching modules. To provide a compatibility mode for older - 3Com 4007R | Implementation Guide - Page 520
in the routing table. To set up routes in the routing table, see the IPX routing chapter in the Switch 4007 Command Reference Guide. Static Routes You manually configure a static route. Static routes are useful in environments in which no routing protocol is used or in which you want to override - 3Com 4007R | Implementation Guide - Page 521
IPX Routes 521 The system uses RIP (one of the most widely used IGPs) to dynamically build routing tables. RIP operates with active and passive network devices. Active devices, usually routers, broadcast their RIP messages to all devices in a network; they update their own routing tables when they - 3Com 4007R | Implementation Guide - Page 522
522 CHAPTER 20: IPX ROUTING The routing table consists of the following elements: s Interface - The interface number of the router that is used to reach a network segment s Address - The network segments that the router knows about s Hops to network - The number of routers that must be crossed to - 3Com 4007R | Implementation Guide - Page 523
IPX Servers 523 IPX Servers Your system creates and maintains a server information table that lists all the servers that reside on other IPX networks. You can: s Use SAP to exchange server information dynamically s Make static entries in the server table Important Considerations Consider the - 3Com 4007R | Implementation Guide - Page 524
on your system, see the Switch 4007 Command Reference Guide. Static Servers Static servers are useful in environments in response to network topology changes, manually configure only a small number or file server SAP agent to obtain server and service information. On your system, you select a SAP - 3Com 4007R | Implementation Guide - Page 525
IPX Servers 525 Maintaining Server Information When a router's SAP agent receives a SAP broadcast response indicating a change in a server's configuration, the agent updates its server information table and informs other SAP agents. Examples of such a change are when a server is disconnected or - 3Com 4007R | Implementation Guide - Page 526
of the network that contains the server s Node address - The server's node address s Socket address - The socket number through which the server receives service requests s Hops to server - The number of intermediate networks that must be crossed to reach the server s Age of server - The time in - 3Com 4007R | Implementation Guide - Page 527
IPX RIP Mode 527 IPX RIP Mode You can exchange routing information on a NetWare network with the ipx rip mode option. This option selects the IPX RIP mode that is appropriate for your network and selects the routers that use RIP mode to create and maintain their dynamic routing tables. In ipx rip - 3Com 4007R | Implementation Guide - Page 528
528 CHAPTER 20: IPX ROUTING RIP Policies Each router maintains a table of current routing information (the routing table). The routing protocols receive or advertise routes from the network. RIP policies control the flow of routing information among the network, the protocols, and the routing - 3Com 4007R | Implementation Guide - Page 529
IPX RIP Mode 529 RIP Policy Parameters These parameters define SAP policies: Policy type - Import (apply the policy to received services) or Export (apply the policy to advertised services). Route origin - The origin of the route for this policy if it is an export policy: static, RIP, or all. Route - 3Com 4007R | Implementation Guide - Page 530
IPX SAP Mode IPX SAP provides routers and servers that contain SAP mode agents with a means of exchanging network service information. Through SAP, servers advertise their services and addresses. Routers gather this information and share it with other routers. With this process, routers dynamically - 3Com 4007R | Implementation Guide - Page 531
offered by the server. For details, consult your Novell documentation. Refer to the Command Reference Guide for a list of common service types. s Server name - The name of the server providing the services. s Network address - The IPX network address of the network on which the server resides - 3Com 4007R | Implementation Guide - Page 532
with this policy. This parameter specifies the order of precedence for policies that match the same service. A higher value takes precedence over a lower value. You can view the following IPX /server option is enabled See the Command Reference Guide for more information about IPX statistics. - 3Com 4007R | Implementation Guide - Page 533
.2 s IEEE 802.2 LLC s IEEE 802.3 s IEEE 802.3-RAW s IEEE 802.3-SNAP s Internet Packet eXchange (IPX) - RFC 1234, RFC 1552 s Routing Information Protocol (RIP) - RFC 1058 s Service Advertisement Protocol (SAP) - NetWare Protocol - 3Com 4007R | Implementation Guide - Page 534
534 CHAPTER 20: IPX ROUTING - 3Com 4007R | Implementation Guide - Page 535
Switching Module, you can manage AppleTalk features from the appletalk menu of the Administration Console. See the Switch 4007 Command Reference Guide. The management interfaces display "cb9000" and refer to the Management Module as the Enterprise Management Engine (EME) because the heritage of - 3Com 4007R | Implementation Guide - Page 536
peripheral devices, and other equipment to a network. AppleTalk protocols support most of the functions that are offered by the Open Systems Interconnection de facto standard for Apple networks. AppleTalk transport and application services operate over a best-effort Delivery Datagram Protocol (DDP). - 3Com 4007R | Implementation Guide - Page 537
. These statistics can help you diagnose and troubleshoot network issues and performance problems. See "AppleTalk Statistics" later in this from having to understand anything about how AppleTalk works. s AppleTalk supports peer-to-peer networking, so no dedicated servers or centralized network - 3Com 4007R | Implementation Guide - Page 538
CHAPTER 21: APPLETALK ROUTING s In theory, AppleTalk networks can support millions of nodes. s AppleTalk supports zones, which makes it easier for network administrators to define workgroups that consist of users and services that span multiple network segments. Key Concepts Before you configure - 3Com 4007R | Implementation Guide - Page 539
below it. The Datagram Delivery Protocol (DDP) transfers data in packets called datagrams. Datagram delivery is the basis for building other AppleTalk services, such as electronic mail. With DDP, AppleTalk runs as a process-to-process, best-effort delivery system in which the processes running in - 3Com 4007R | Implementation Guide - Page 540
ensure that routers transmit data accurately between one another. Each layer includes four protocols that work together to support these services. This section describes these protocols and provides more detail for the protocols that you can view using the Administration Console. An AppleTalk - 3Com 4007R | Implementation Guide - Page 541
Key Concepts 541 A router uses these items to determine the best path along which to forward a data packet to its destination. The routing table contains an entry for each network that a router's datagram can reach within 15 hops. The table is aged at set intervals as follows: 1 After a specified - 3Com 4007R | Implementation Guide - Page 542
542 CHAPTER 21: APPLETALK ROUTING Figure 64 illustrates a simple AppleTalk network, and Table 91 shows the corresponding routing table. Figure 64 A Simple AppleTalk Network Network 8-8 L3 Router Network 20-40 L3 Router L3 Router Network 47-47 Zone: Administration Zone: Accounting Zone: Marketing - 3Com 4007R | Implementation Guide - Page 543
Key Concepts 543 AppleTalk Echo Protocol (AEP) AppleTalk nodes use the AEP to send datagrams to other nodes in the network. The transmitted AEP datagram causes the destination node to return, or echo, the datagram to the sending node. This protocol determines whether a node is accessible before any - 3Com 4007R | Implementation Guide - Page 544
of these commands to the workstation. Printer Access Protocol (PAP) The PAP maintains communications between a workstation and a printer or print service. The PAP functions include setting up and maintaining a connection, transferring the data, and tearing down the connection on completion of the - 3Com 4007R | Implementation Guide - Page 545
include workstations, routers, printers, and servers that provide services for other computers, called clients. This section describes these are currently in use: nonextended (Phase 1) and extended (Phase 2). 3Com routers support extended network numbers. While the system does not translate Phase 1 - 3Com 4007R | Implementation Guide - Page 546
ROUTING Named Entities When a device on the network provides a service for other users, you can give the device a name. on an AppleTalk intranet. Zones make it easier to locate devices. Because your system supports AppleTalk, Phase 2, you can associate a list of zones for each network. Nodes on - 3Com 4007R | Implementation Guide - Page 547
to reach a destination network. s AppleTalk Echo Protocol (AEP) - An AppleTalk support protocol used to test the accessibility of a system and make an estimate of example, zones may fail to appear in Chooser, and AppleTalk services may become inaccessible. s If you are connecting your system's - 3Com 4007R | Implementation Guide - Page 548
548 CHAPTER 21: APPLETALK ROUTING AppleTalk Interfaces On the Switch 4007, an AppleTalk interface defines the relationship between a virtual LAN (VLAN) and an AppleTalk network. An AppleTalk interface has these elements associated with it: s Seed Interface - You can configure the interface to be a - 3Com 4007R | Implementation Guide - Page 549
configure AppleTalk interfaces, review the following guidelines and considerations: s Your system can support up to 32 AppleTalk interfaces. s Each seed interface supports up to 16 zones. s Your system supports a maximum of 1 AppleTalk interface per VLAN; overlapping AppleTalk interfaces on a bridge - 3Com 4007R | Implementation Guide - Page 550
550 CHAPTER 21: APPLETALK ROUTING s A router does not advertise its routing table through an interface until that interface has an associated network number range. s An interface is not added to the routing table until it has an associated network number range. Changing the zone association for an - 3Com 4007R | Implementation Guide - Page 551
restarts. s Each 16 bit number within a network range is capable of supporting 253 network nodes. s When a router receives an RTMP packet that by 1. s When a network is removed from the RTMP table (whether manually or though the aging process), the router also scans the Zone Information Table - 3Com 4007R | Implementation Guide - Page 552
a hierarchal addressing scheme in the form of a network range, with each 16-bit network number within that range capable of supporting up to 254 nodes. All AppleTalk nodes, including router interfaces, dynamically acquire a unique AppleTalk address using a feature provided by the AppleTalk Address - 3Com 4007R | Implementation Guide - Page 553
AppleTalk Address Resolution Protocol (AARP) Cache 553 AARP registers a node's dynamically assigned address on the network, as follows: s AARP randomly assigns an address. s To determine whether another node is already using the address, the system broadcasts AARP probe packets containing the - 3Com 4007R | Implementation Guide - Page 554
554 CHAPTER 21: APPLETALK ROUTING AppleTalk Zones An AppleTalk zone is a logical collection of nodes on an AppleTalk intranetwork. A zone can include all nodes in a single network or a collection of nodes in different networks. You assign a unique name to each zone to identify it in the - 3Com 4007R | Implementation Guide - Page 555
is no longer on the Internet, and deletes the network's ZIT entry. This means, whenever a network is removed from the RTMP table (whether manually, or though the aging process), the router also removes ZIT entries that contain the deleted network number. s At the time of initialization, the Zone - 3Com 4007R | Implementation Guide - Page 556
556 CHAPTER 21: APPLETALK ROUTING Changing Zone Names When you change the zone information for a network, all routers on the segment must update their Zone Information Tables with the new information. Although no AppleTalk mechanism forces routers to update zone lists, you can successfully change - 3Com 4007R | Implementation Guide - Page 557
AppleTalk Zones 557 To change the associated zones for a network segment without changing the segment's network range, follow these steps: 1 Remove all AppleTalk interfaces attached to the segment for which you want to redefine zone information. 2 Wait a minimum of 10 minutes while routers on the - 3Com 4007R | Implementation Guide - Page 558
558 CHAPTER 21: APPLETALK ROUTING Forwarding AppleTalk Traffic You can choose to enable or disable AppleTalk forwarding on your system. Enabling Forwarding When you enable AppleTalk forwarding, you enable the forwarding of Datagram Delivery Protocol (DDP) packets. Because AppleTalk uses this - 3Com 4007R | Implementation Guide - Page 559
generation and verification if you have older devices that cannot receive packets that contain checksums. AppleTalk Echo Protocol (AEP) The system supports the AppleTalk Echo Protocol, which sends a datagram (an Echo Request) to a specified node. The destination node returns, or echoes, the - 3Com 4007R | Implementation Guide - Page 560
-socket delivery of datagrams - packets exchanged using DDP - over the AppleTalk network. Datagram delivery is the key service on which other AppleTalk services are built. All other AppleTalk services, such as RTMP, NBP, and ZIP, rely on DDP for packet delivery, as illustrated in Figure 63 earlier - 3Com 4007R | Implementation Guide - Page 561
AppleTalk Statistics 561 s inShortDdps - Number of input DDP datagrams that were dropped because the system was not their final destination and their type was short DDP s inTooFars - Number of input datagrams that were dropped because the system was not their final destination and their hop count - 3Com 4007R | Implementation Guide - Page 562
562 CHAPTER 21: APPLETALK ROUTING s routeLessChgs - Number of times that RTMP changed the Next Internet Router in a routing entry because the hop count advertised in a routing table was less than the current hop count for a particular network s routeOverflows - Number of times that RTMP attempted - 3Com 4007R | Implementation Guide - Page 563
AppleTalk Statistics 563 s outExReplies - Number of ZIP extended replies that have been sent s outGniReplies - Number of ZIP GetNetInfo reply packets that have been sent out of this port s outGniRequests - Number of ZIP GetNetInfo packets that have been sent s outLocalZones - Number of transmitted - 3Com 4007R | Implementation Guide - Page 564
564 CHAPTER 21: APPLETALK ROUTING Standards, Protocols, and Related Reading For more information about AppleTalk technology, see the following publications: s Gursharan S. Sidhu, Richard F. Andrews, and Alan B. Oppenheimer, Inside AppleTalk, Second Edition (Addison-Wesley Publishing Company, 1990 - 3Com 4007R | Implementation Guide - Page 565
provides guidelines and other key information about how to use Quality of Service (QoS) and the Resource Reservation Protocol (RSVP) on a Multilayer qos menu of the Administration Console. (See the Switch 4007 Command Reference Guide.) You can use the Administration Console after you log in to the - 3Com 4007R | Implementation Guide - Page 566
specific, time-critical, and file-backup traffic. Although QoS and Class of Service (CoS) are closely related, QoS has more features and addresses bandwidth, The Multilayer Switching Modules that are available on the Switch 4007 support the following QoS features: s QoS Classifiers - Define how - 3Com 4007R | Implementation Guide - Page 567
of priority-queued traffic. If you use QoS and decide to classify traffic broadly, you are using a subset of QoS called network class of service. To simplify your classification of traffic, the Multilayer Switching Module provides a set of predefined traffic classes. You can also specify your own - 3Com 4007R | Implementation Guide - Page 568
standards and terms. Related Standards The Switch 4007 Multilayer Switching Modules support IEEE 802.1Q, IEEE and Protocols 802.1p, and the RSVP , part of IEEE 802.1D, covers traffic class and dynamic multicast filtering services in bridged LANs. It uses the same tag format as the proposed IEEE - 3Com 4007R | Implementation Guide - Page 569
rate, maximum frame jitter, and maximum end-to-end delay. RSVP supports the QoS flow specifications by managing resource reservations across the network. Switching Module groups packets in order to schedule them with the appropriate service level: s Flow classifiers - Apply to routed IP unicast and - 3Com 4007R | Implementation Guide - Page 570
) and to nonconforming excess packets (excess packets that exceed the rate-limit parameters). If you set the rate limit to none, you can specify a service level of high, best, low, or drop for conforming classified packets. s Time of day controls - A QoS timer option enables you to configure a QoS - 3Com 4007R | Implementation Guide - Page 571
Key Concepts 571 Drop causes the Multilayer Switching Module to drop all packets on all ports that are associated with the control and its classifier. To drop conforming packets for only a subset of ports, specify the receivePort or aggregate rate limit, set the rate limit to 0, and specify the - 3Com 4007R | Implementation Guide - Page 572
classifiers only, IEEE 802.1P tag values range from 0 through 7. To allow low priority queues to get serviced and to prevent starvation of best effort traffic in the low priority queue, 3Com has implemented the following map: s priorities 1-2 map to the low queue s priorities 0, 3 map to the best - 3Com 4007R | Implementation Guide - Page 573
Key Guidelines for Implementation 573 Key Guidelines for Implementation Consider the following guidelines when you configure QoS on your Layer 3 switching module. Procedural Guidelines Configure classifiers and controls in the following order: 1 Define a classifier, or choose a predefined - 3Com 4007R | Implementation Guide - Page 574
in each group adds up to 50 percent of 100 MB or 50 MB. The following list describes Multilayer Switching Modules and what ports support QoS aggregate rate limit for flow classifiers: s The 12-port 10/100BASE-TX Fast Ethernet Multilayer Switching Module (Model Number 3CB9RF12R) allows aggregation on - 3Com 4007R | Implementation Guide - Page 575
QoS Classifiers 575 s You can define up to 100 flow classifiers and up to 16 nonflow classifiers. Because the Multilayer Switching Module predefines 16 nonflow classifiers, you must delete one of the existing nonflow classifiers (except the default classifier) before you can add your own nonflow - 3Com 4007R | Implementation Guide - Page 576
assign to this classifier (control 5) gives this traffic a low-priority service level. s You use the predefined nonflow classifier 420, which recognizes all control for this classifier to give the TCP traffic a high-priority service level. (By default, this classifier has no control.) With these - 3Com 4007R | Implementation Guide - Page 577
QoS Classifiers 577 Defining Flow Classifiers You can define up to 100 flow classifiers per Multilayer Switching Module for routed IP traffic. When you define a flow classifier (using a unique classifier number), you can create one or more address/port patterns (filters) for that classifier. Each - 3Com 4007R | Implementation Guide - Page 578
specifies the source address and the destination address. Or, if classified traffic to and from certain locations is going to be controlled at the same service level, you may decide to use two address/port patterns: one pattern that covers IP address A as the source and IP address B as the - 3Com 4007R | Implementation Guide - Page 579
port numbers. For other applications, you may have to determine the appropriate port number. See RFC 1700 for a list of port assignments for known services. When you specify the start and end range of a TCP or UDP port, specify as small as range as possible, such as 1 port (for example, - 3Com 4007R | Implementation Guide - Page 580
, a protocol type of AppleTalk, and an IEEE 802.1p tag value of all. You can then apply a control to this classifier to assign a rate limit, service level, and IEEE 802.1p tag to apply to forwarded frames. For examples of how to define nonflow classifiers and their associated controls for specific - 3Com 4007R | Implementation Guide - Page 581
assign it a control to apply any of the following values: s Rate limit (to limit the amount of input bandwidth the classifier uses) s Service level for conforming packets (a transmit priority that maps to a particular transmit queue) s Whether packets conforming to the rate limit are loss eligible - 3Com 4007R | Implementation Guide - Page 582
control to only one classifier. s Apply one control to multiple classifiers. s Assign a rate limit of none to a control and thereby emphasize the service level and priority tag. s Assign a rate limit type of receivePort or aggregate to the control and define multiple rate-limit values for different - 3Com 4007R | Implementation Guide - Page 583
can specify any unreserved control number. The Multilayer Switching Module supports control numbers in the range of from 0 through 50 and Name 1 Default/Best Effort 2 Background 3 Business Critical 4 Controlled Load Service Level best low best high Classifiers Controlled 499 (default) 401, 402 - 3Com 4007R | Implementation Guide - Page 584
s For the rate limit type receivePort or aggregate: s Service level for nonconforming excess (packets exceeding the rate limit) s limit value for another set of ports. s For any type of rate limit (and a service level other than drop), any combination of IEEE 802.1p priority tag values in the range - 3Com 4007R | Implementation Guide - Page 585
packets (packets that are below the rate limit), decide if you want to apply an IEEE 802.1p priority tag value to forwarded frames (for service levels other than drop), and specify the classifiers with which you want to associate the control. If you specify a rate limit of receivePort or aggregate - 3Com 4007R | Implementation Guide - Page 586
-eligible; nonconforming excess are loss-eligible. The Multilayer Switching Module supports these service levels: s High - For any type of rate limit, to 0, and specify the group of ports. If you specify drop for the service level for conforming packets (that is, you are using a rate limit of none - 3Com 4007R | Implementation Guide - Page 587
QoS Controls 587 Specifying TCP Drop Control The TCP drop control option lets you create a control for packets used to establish TCP connections. This control affects QoS Flow Classifiers that have TCP traffic going from source IP addresses to destination IP addresses. TCP drop control does not - 3Com 4007R | Implementation Guide - Page 588
588 CHAPTER 22: QOS AND RSVP Figure 68 shows an example with TCP drop control disabled. Figure 68 QoS Control Action (Drop Control Disabled) QoS Classifier: Source IP: 0.0.0.0 Destination IP: 10.1.1.0 QoS Control Action: Drop all 10.1.1.254 10.1.2.254 Admin End-user network With the QoS - 3Com 4007R | Implementation Guide - Page 589
QoS Controls 589 In this example, any attempt by a client on an End User network to establish a TCP connection to a server on the Admin network still fails, but it is now possible for clients on the Admin network to establish TCP connections to servers on any network without restriction. Setting - 3Com 4007R | Implementation Guide - Page 590
590 CHAPTER 22: QOS AND RSVP Timer Options The following options are available for the timer control: s Specific Day - Select the specific start day and time, and the specific end day and time. The control is removed after the end time is reached. s Daily - Select a starting day and then a start and - 3Com 4007R | Implementation Guide - Page 591
Examples of Classifiers and Controls 591 Examples of Classifiers and Controls The following examples show ways to implement flow and nonflow classifiers and their associated controls. In all examples, a Multilayer Switching Module on the Switch 4007 provides the illustrated connections. Example - 3Com 4007R | Implementation Guide - Page 592
.255.255 168.101.0.0 255.255.0.0 2020/2020 n The control definition for the to/from classifier: Control Field Control number Control name Rate limit type Service level Loss eligible status 802.1p tag for forwarded frames Classifiers controlled Definition 5 DBServer1 none high no none 15 - 3Com 4007R | Implementation Guide - Page 593
192.1.0.0 (which includes subnetworks 192.1.1.0 and 192.1.2.0) from the Research and Development 168.20.30.0 subnetwork. The associated control for this classifier sets a service level of drop to drop all traffic that is sent by the 168.20.30.0 subnet to the Accounting network. Figure 71 Flow - 3Com 4007R | Implementation Guide - Page 594
.20.30.0 255.255.255.0 192.1.0.0 255.255.0.0 0/65535 n The control definition for this filtering classifier: Control Field Control number Control name Rate limit type Service Level Classifiers controlled Definition 6 IPFilter1 none drop 26 - 3Com 4007R | Implementation Guide - Page 595
Examples of Classifiers and Controls 595 Example 3: Using Two Classifiers to Filter Traffic In the following example, two flow classifiers (1 and 3) are defined with controls to filter IP traffic. Classifier 1 permits IP traffic between two hosts (192.20.3.3. and 193.20.3.3), while classifier 3 - 3Com 4007R | Implementation Guide - Page 596
.255 192.20.3.3 255.255.255.255 0/65535 n The control definition for the first filtering classifier: Control Field Control number Control name Rate limit type Service level 802.1p tag for forwarded frames Classifiers controlled Definition 5 192.20.3.3_to_193.20.3.3 none best none 1 - 3Com 4007R | Implementation Guide - Page 597
y 0.0.0.0 (all) 0.0.0.0 192.20.3.3 255.255.255.255 0/65535 n The control definition for the second filtering classifier: Control Field Control number Control name Rate limit type Service level Classifiers controlled Definition 7 192_20.3.3_to_all none drop 3 - 3Com 4007R | Implementation Guide - Page 598
598 CHAPTER 22: QOS AND RSVP Example 4: Assigning High Priority to Specific Traffic In the following example, a classifier is defined to give high priority to Web server (http) traffic. In this configuration, all Web servers have addresses that end in .222. This example can apply to any type of - 3Com 4007R | Implementation Guide - Page 599
is defined to classify bridged multimedia traffic with an IEEE 802.1p priority tag of 5 and control this traffic with a high priority transmit service level and a rate limit of 2048 Kbps. Figure 74 Nonflow Classifier/Control for Bridged Multimedia Traffic Switch 4007 with Multilayer Module L3 - 3Com 4007R | Implementation Guide - Page 600
, UMB) any 5 The control definition for this classifier is as follows: Control Field Control number Control name Rate limit type Service level Loss eligible status Excess service level Excess loss eligible status Representation of rate limit Rate limit value Burst size Bridge ports 802.1p tag for - 3Com 4007R | Implementation Guide - Page 601
traffic between clients and the server on the 168.101.0.0 network. The applied control handles this bridged traffic with a high-priority transmit service level and a rate limit of 75 percent of the link bandwidth. Figure 75 Nonflow Classifier/Control for Bridged IP Unicast Traffic Server Switch - 3Com 4007R | Implementation Guide - Page 602
QOS AND RSVP The control definition for this classifier is as follows: Control Field Control number Control name Rate limit type Service level Loss eligible status Excess service level Excess loss eligible status Representation of rate limit Rate limit value Burst size Bridge ports 802.1p tag for - 3Com 4007R | Implementation Guide - Page 603
can modify or remove the classifier. s When you remove a control, the associated classifiers are no longer controlled and no longer have a rate limit, service level, or 802.1p tag. s If you want to modify a classifier that has several address/port definitions, you must supply them again during the - 3Com 4007R | Implementation Guide - Page 604
, and QoS excess tagging to tag conforming QoS multicast video traffic from a server as Streaming Multimedia 802.1p service and to tag any excess traffic as Standard 802.1p service. In this sample configuration: s The configured rate limit is 1 MB, so when the server sends 1.5 MB, the upstream - 3Com 4007R | Implementation Guide - Page 605
another filter (address/port pattern)? n The accompanying control definition: Control Field Control number Control name Rate limit type Service level Loss eligible status Excess service level Excess loss eligible status Representation of rate limit Rate limit value Burst size Bridge ports 802.1p - 3Com 4007R | Implementation Guide - Page 606
- The transmit queue for reserved network control traffic, such as RIP or OSPF updates, as well as RSVP data flows. This queue is always serviced first. Bandwidth for this queue is set via RSVP. s High priority queue - The transmit queue with the second highest priority. You can map classifiers - 3Com 4007R | Implementation Guide - Page 607
service that prevents real-time traffic such as voice or video from overwhelming bandwidth resources. In general, RSVP supports applications, but it also supports resource reservations for unicast applications .) End stations in the configuration must support RSVP in order to request the reservation - 3Com 4007R | Implementation Guide - Page 608
608 CHAPTER 22: QOS AND RSVP RSVP Terminology Familiarize yourself with the following RSVP terms: s RSVP Flow - A data stream that operates in simplex, going one way from the origin to multiple destinations. The flows go from a set of senders to a set of receivers. s Reservation Style - The types - 3Com 4007R | Implementation Guide - Page 609
RSVP 609 s Never - The Multilayer Switching Module never polices the flow, even if RSVP requests it. Example: RSVP Figure 77 shows an RSVP configuration in which an RSVP reservation request (dotted lines) flows upstream along a multicast delivery tree (with routing-capable devices such as Switch - 3Com 4007R | Implementation Guide - Page 610
following information: s Maximum total reservable bandwidth s Maximum per-reservation bandwidth s Policing option (edge, always, or never, with edge as the default) s Service level for excess/policed traffic (best or low, with low as the default). This setting applies to the excess traffic with the - 3Com 4007R | Implementation Guide - Page 611
78 RSVP Information with Installed Flows Total Resv Per Resv Bandwidth Bandwidth 50% 50% Policing Excess Excess Loss Option Service Eligible always low no Session 1 2 Destination IP:Port 228.8.8.8:80 230.2.2.2:20 Protocol UDP UDP Senders Receivers Reservations 1 1 1 1 1 1 Session - 3Com 4007R | Implementation Guide - Page 612
612 CHAPTER 22: QOS AND RSVP - 3Com 4007R | Implementation Guide - Page 613
23 DEVICE MONITORING This chapter provides descriptions and key operational information about device monitoring features and tools available in your Switch 4007 modules. These features are available on Switch 4007 Layer 2 and Multilayer Switching Modules. Differences in implementation between - 3Com 4007R | Implementation Guide - Page 614
s Ping s Simple Network Management Protocol (SNMP) For information about using these features, see the chapters in Part II of this guide. Features implemented on Switch 4007 modules include: s Baselining s Roving Analysis s Ping (EME and Layer 3 only) s traceRoute (Layer 3 only) s SNMP Features - 3Com 4007R | Implementation Guide - Page 615
Management Engine and connect to a module in the Switch 4007 chassis. For information about the Administration Console, see the Command Reference Guide. RMON MIBs are accessible only through applications that implement SNMP. The management interfaces display "cb9000" and refer to the Management - 3Com 4007R | Implementation Guide - Page 616
this chapter to analyze your network periodically and to identify potential network problems before they become serious. To identify potential problems in your network, use: s Event logging s Baselining s or through a Telnet connection. See the Switch 4007 Getting Started Guide for more information. - 3Com 4007R | Implementation Guide - Page 617
platform that supports your Transcend® Network Control Services software installation can provide valuable troubleshooting tools. SmartAgent management by exception - that is, you are only notified if a problem occurs. Management by exception is unlike traditional SNMP management, in which the - 3Com 4007R | Implementation Guide - Page 618
real-time information about the state of the system, a specific service, or both, and can help you diagnose site-specific problems. Event Logging is implemented from the EME module. See the chapters in Part II of this guide for more information. Baselining Normally, statistics for MACs and ports - 3Com 4007R | Implementation Guide - Page 619
an external RMON-1/RMON-2 probe or analyzer attached such as the 3Com Transcend Enterprise Monitor. Through the probe, you can monitor traffic on optimize your network loads by moving network segments s Troubleshoot switched network problems (for example, to find out why a particular segment - 3Com 4007R | Implementation Guide - Page 620
and stop analysis. See the "Roving Analysis" chapter in the Command Reference Guide for details. Important Considerations s The monitor port and the analyzer port must be a member of the default VLAN. You have to manually add it back to its original VLANs. s You cannot use roving analysis to monitor - 3Com 4007R | Implementation Guide - Page 621
Roving Analysis 621 s If the physical port configuration changes in the system (that is, if you remove or rearrange modules), the MAC address of the analyzer port remains fixed. If the module with the analyzer port is replaced with a different media type module, the RAP configuration is cleared. s - 3Com 4007R | Implementation Guide - Page 622
information about ICMP. Ping is implemented for the EME module and the Multilayer Switching Modules of the Switch 4007 system. See Part II of this guide for information about using the Ping feature for the EME module. When a router sends an echo request packet to an IP station using ping, the - 3Com 4007R | Implementation Guide - Page 623
with IP addresses even if you cannot access hostname information. s Ping by hostname when you want to identify DNS server problems. s To troubleshoot problems involving large packet sizes, ping the remote host repeatedly, increasing the packet size each time. traceRoute Use the traceRoute feature - 3Com 4007R | Implementation Guide - Page 624
Layer 2 and Multilayer Switching Modules, and the switch fabric module of the Switch 4007 system. See the chapters in Part II of this guide for information about using the SNMP features implemented for the EME module. Most management applications, including Status Watch applications, require SNMP to - 3Com 4007R | Implementation Guide - Page 625
Platforms (such as HP OpenView Network Node Manager) s When you manually enter IP addresses of the devices that you want to manage For agents inform the manager that certain events have occurred. SNMP Messages SNMP supports queries (called messages) that allow the protocol to transmit information - 3Com 4007R | Implementation Guide - Page 626
station and on your network, you can limit the traps reported to the management station. MIBs are not required to document traps. The SNMP agent supports the limited number of traps defined in Table 96. More traps may be defined in vendors' private MIBs. Each Layer 2 and Multilayer Switching Module - 3Com 4007R | Implementation Guide - Page 627
SNMP 627 Table 96 Traps Supported by SNMP Trap No. Trap Name 1 Cold Start 2 Link Down Source MIB II MIB II 3 Link Up MIB II 4 Authentication MIB II Failure 5 New Root - 3Com 4007R | Implementation Guide - Page 628
628 CHAPTER 23: DEVICE MONITORING Table 96 Traps Supported by SNMP (continued) Trap No. Trap Name Source Indication 22 Port LER Condition 3C FDDI MIB A status FDDI port link error rate reaches a certain threshold. - 3Com 4007R | Implementation Guide - Page 629
IP Address s Destination IP Port Number s QoS Classifier Number To prevent a denial-of-service (DOS) attack, the system will not generate more than one QOS Intruder trap per certain traps. Your management applications must support trap-based polling for you to take advantage of this feature. - 3Com 4007R | Implementation Guide - Page 630
attached. See the chapters in Part II of this guide for more information. You can manage the system using through SNMP applications such as Transcend® Network Control Services software. See "RMON in Your System" later use the Administration Console to manually administer the trap reporting address - 3Com 4007R | Implementation Guide - Page 631
through the serial interface or Telnet. For more information about the details of managing 3Com devices using RMON and Transcend tools, see the user documentation for the 3Com Transcend Network Control Services for Windows suite of applications. Overview of RMON RMON provides a way to monitor and - 3Com 4007R | Implementation Guide - Page 632
for the network. The RMON implementation in your system offers solutions to both of these problems: s The system examines the network without affecting the characteristics and performance of the network. s The system can report by exception rather than by reporting constant - 3Com 4007R | Implementation Guide - Page 633
based on network-layer protocols and addresses. The embedded RMON support software cannot receive RMONv2 updates for IP, IPX, and AppleTalk many probes in a large network can be high. To solve this problem, 3Com has built an inexpensive RMON probe into the Transcend SmartAgent software in each - 3Com 4007R | Implementation Guide - Page 634
the EME management module. See the Switch 4007 Enterprise Management Engine User Guide for information about how to do this. s The system will always keep on as many ports as its resources allow. s Multilayer Switching Modules support additional RMON-1 and RMON-2 groups. s The system will keep as - 3Com 4007R | Implementation Guide - Page 635
for conversations between pairs of addresses Allows you to define actions (generate traps, log alarms, or both) based on alarms The system also supports the RMON/FDDI extension groups that the AXON Enterprise-specific MIB specifies. See Table 98. Table 98 RMON/FTable 98DDI Extension Groups Group - 3Com 4007R | Implementation Guide - Page 636
the ethernet packet length counters that are implemented in the RMON-1 statistics group to keep track of the frame sizes that are encountered. Table 99 Supported Frame Sizes for Ethernet and FDDI Frame Lengths (Bytes) Ethernet 64 FDDI 22 or fewer 65 - 127 128 - 511 512 - 1023 23 - 63, 64 - 127 - 3Com 4007R | Implementation Guide - Page 637
a CRC or an alignment error s Number of detected transmit collisions s Estimate of the mean physical layer network utilization Alarm Group The system supports the following RMON alarm mechanisms: s Counters s Gauges s Integers s Timeticks These RMON MIB objects yield alarms when the network exceeds - 3Com 4007R | Implementation Guide - Page 638
a preset threshold, the alarm reports this occurrence. Using Transcend Network Control Services or any other SNMP network management application, you can assign alarms to has exceeded a certain value. You can set alarm thresholds manually through the network, choosing any value for them that is - 3Com 4007R | Implementation Guide - Page 639
Remote Monitoring (RMON) 639 Figure 81 shows a counter with thresholds set manually. Figure 81 Manually Set Thresholds Counter User specified high threshold User specified low threshold Time You can associate an alarm with the high threshold, the low threshold, or - 3Com 4007R | Implementation Guide - Page 640
640 CHAPTER 23: DEVICE MONITORING Host Group The host group records the following statistics for each host (the host group detects hosts on the network by their physical MAC addresses): s Number of received packets s Number of transmitted packets s Number of received octets s Number of transmitted - 3Com 4007R | Implementation Guide - Page 641
event descriptions. Although alarm group thresholds trigger most events, other RMON groups may define event conditions. RMON-2 Groups The system software supports seven RMON-2 groups defined by the IETF in RFC 2021 and one object from the probe configuration group. Table 100 briefly describes - 3Com 4007R | Implementation Guide - Page 642
4007 provides protocolDist segmentation only between the IP, IPX, and Appletalk protocols. The protocolDist group tracks how many octets and packets the supported protocols have sent. It features two tables, a protocol distribution control table that manages the collection of the statistics for the - 3Com 4007R | Implementation Guide - Page 643
Remote Monitoring (RMON) 643 Address Map Group The addressMap group maps each network address to a specific MAC-level address and to a specific port on the network device. This group provides three scalar objects (to track address-mapping entry insertions, deletions, and the maximum number of - 3Com 4007R | Implementation Guide - Page 644
s Compiler Support s MIB Objects s MIB Tree s MIB-II s RMON-1 MIB s RMON-2 MIB s 3Com Enterprise MIBs MIB II is implemented for the EME module, Layer 2 and Multilayer Switching Modules, and the switch fabric module of the Switch 4007 system. See the Part II in this guide - 3Com 4007R | Implementation Guide - Page 645
Network Management Protocol (SNMP) network management package, such as the Transcend Network Control Services application suite, to manage a network device without having a specific description of that device. 3Com ships the following MIB files with Extended System software as ASN.1 files. s BRIDGE - 3Com 4007R | Implementation Guide - Page 646
2 and 3) s history (Layers 2 and 3) s alarm (Layers 2 and 3) s hosts (Layer 3) s hostTopN (Layer 3) s matrix (Layer 3) s event (Layers 2 and 3) s axonFddiRmon.mib - AXON RMON MIB, proprietary support. Layer 3 only. On FDDI modules, these replace the RMON-1 statistics and history groups. FDDI modules - 3Com 4007R | Implementation Guide - Page 647
Layer 3 only. s VRRP-MIB.mib - Virtual Router Redundancy Protocol MIB, Draft RFC. Layer 3 only. s 3Com Enterprise MIBs - See "3Com Enterprise MIBs" later in this chapter. Compiler Support Compiler Support ASN.1 MIB files are provided for these MIB compilers: s SunNet Manager (version 2.0) s SMICng - 3Com 4007R | Implementation Guide - Page 648
MIB object. Most network management applications, including Transcend Network Control Services, make the MIB transparent. However, by knowing how different as the RMON MIB), and vendors' private MIBs (such as enterprise MIBs from 3Com). These MIBs and their objects are part of the MIB tree. MIB Tree - 3Com 4007R | Implementation Guide - Page 649
software performs an SNMP Get operation, the management application sends the OID to the agent, which in turn determines if the OID is supported. If the OID is supported, the agent returns information about the object. For example, to retrieve an object from the RMON MIB, the software uses this OID - 3Com 4007R | Implementation Guide - Page 650
(9) TokenRing(10) RMON-1 RMON(16) ProtocolDir(11) Protocol Dist(12) AddressMap(13) nlHost(14) nlMatrix(15) alHost(16) alMatrix(17) userHistory(18) probeConfig(19) RMON-2 3Com(43) synernetics(114) chipcom(49) startek(260) onstream(135) retix(72) axon(370 - 3Com 4007R | Implementation Guide - Page 651
-II, the only MIB that has reached Internet Engineering Task Force (IETF) standard status, is the one MIB that all SNMP agents are likely to support. Table 101 lists the MIB-II object groups. The number following each group indicates the group's branch in the MIB subtree. MIB - 3Com 4007R | Implementation Guide - Page 652
652 CHAPTER 23: DEVICE MONITORING RMON-1 MIB RMON-1 is a MIB that enables the collection of data about the network itself, rather than about devices on the network. The IETF definition for the RMON-1 MIB specifies several groups of information. These groups are described in Table 102. Table 102 - 3Com 4007R | Implementation Guide - Page 653
Management Information Base (MIB) 653 RMON-2 MIB RMON-1 and RMON-2 are complementary MIBs. The RMON-2 MIB extends the capability of the original RMON-1 MIB to include protocols above the MAC level. Because network-layer protocols (such as IP) are included, a probe can monitor traffic through - 3Com 4007R | Implementation Guide - Page 654
devices. These MIBs are shipped with your system. Figure 83 shows some of the 3Com Enterprise MIB names and numbers. The following MIBs are included in 3Com(43). s cb9000.mib - Top-level 9000 MIB. EME. s cb9000Mod.mib - Module-specific information. Layer 2 and Layer 3. s cb9eme.mib - EME-specific - 3Com 4007R | Implementation Guide - Page 655
(MIB) 655 s 3cVlan.mib - 3Com VLAN MIB (43.10.1.14.1). Layer 2 and Layer 3. s 3cWeb.mib - 3Com Web Management MIB (43.29.4.24). Layer 2 and Layer 3. MIB names and numbers are usually retained when organizations restructure their businesses; therefore, some of the 3Com Enterprise MIB names may not - 3Com 4007R | Implementation Guide - Page 656
656 CHAPTER 23: DEVICE MONITORING - 3Com 4007R | Implementation Guide - Page 657
REFERENCE IV Appendix A Technical Support Index - 3Com 4007R | Implementation Guide - Page 658
- 3Com 4007R | Implementation Guide - Page 659
appendix is correct at time of publication. For the most recent information, 3Com recommends that you access the 3Com Corporation World Wide Web site. Online Technical Services 3Com offers worldwide product support 24 hours a day, 7 days a week, through the following online systems: s World Wide - 3Com 4007R | Implementation Guide - Page 660
APPENDIX A: TECHNICAL SUPPORT To connect to the 3Com FTP site, enter the following information into your FTP client: s Hostname: ftp.3com.com (or 192 Internet Explorer. 3Com Bulletin Board Service The 3Com BBS contains patches, software, and drivers for 3Com products. This service is available - 3Com 4007R | Implementation Guide - Page 661
Network Supplier 661 3Com Facts Automated Fax Service The 3Com Facts automated fax service provides technical articles, diagrams, and troubleshooting instructions on 3Com products 24 hours a day, 7 days a week. Call 3Com Facts using your Touch-Tone telephone: 1 408 727 7021 Support from Your - 3Com 4007R | Implementation Guide - Page 662
is a list of worldwide technical telephone support numbers: Country Telephone Number Country Asia 13 3266 1230 020 0645 98012 2127 Mexico Peru Puerto Rico Venezuela North America 1 800 NET 3Com (1 800 638 3266) Enterprise Customers 1 800 876-3266 Telephone Number 10800 61 00137 or 021 - 3Com 4007R | Implementation Guide - Page 663
Returning Products for Repair 663 Returning Products for Repair Before you send a product directly to 3Com for repair, you must first obtain a Return Materials Authorization (RMA) number. Products sent to 3Com without RMA numbers will be returned to the sender unopened, at the sender's expense. To - 3Com 4007R | Implementation Guide - Page 664
- 3Com 4007R | Implementation Guide - Page 665
INDEX Numbers 10BASE-T Ethernet port 63 3Com Enterprise MIBs 654 3Com Facts 661 499 (default classifier) 576 802.1p standard 568 priority tags 569 802.1Q standard 247 802.1Q tagging 439 A AARP (AppleTalk Address Resolution - 3Com 4007R | Implementation Guide - Page 666
666 INDEX and (bit-wise AND) opcode 327 AppleTalk Address Resolution Protocol (AARP) 547, 552 addresses 553 and OSI Reference Model 538 benefits of 537 changing zones 557 checksum 559 data link layer 539 data stream protocol (ADSP) 544 Echo Protocol (AEP) 543, 547 hop count 547 interfaces 548, 549, - 3Com 4007R | Implementation Guide - Page 667
143 port numbering via module replacements 144 chassis contents, showing 129 checksum 547 configuring AppleTalk 559 Chooser, Macintosh 546 Class of Service 199 classifiers, QoS assigning numbers 576 defining 573, 575 defining flow 577 defining nonflow 580 flow routing requirements 577, 580 modifying - 3Com 4007R | Implementation Guide - Page 668
589 using 581 conventions notice icons, About This Guide 32 text, About This Guide 33 convergence, OSPF 466 CoreBuilder 9000 bridging and Multiple Access With Collision Detection) 146, 159 custom packet filters 310 customer service 109 D DAS (dual attachment station) pairs and port numbering 142 - 3Com 4007R | Implementation Guide - Page 669
DNS (Domain Name System) 392 server problems 623 documentation CD-ROM 34 comments 35 dot matrix display 62, 63 downloads 55 DPGM (destination port group mask) 337 drop service level 570 duplex mode, Ethernet ports 156 DVMRP multicast routing table 444 dynamic route IP 367 IPX 524 dynamic VLAN - 3Com 4007R | Implementation Guide - Page 670
-tolerant mode defined 114 establishing power fault tolerance 115 power capacity 112 reserve budget 115 fault-tolerant power mode 113 fax service (3ComFacts) 661 FDDI (Fiber Distributed Data Interface) packet fields 307 replacing modules 144 features, management 53, 57 feedback on documentation 35 - 3Com 4007R | Implementation Guide - Page 671
interface 371 ingress rules 250 VLANs 295 installable software files 43 Filter Builder 44 installation EME 58 verifying network communication 67 instructions, packet filter opcodes 321, 322 operands 321, 322 Interaction Between the EME and SNMP 94 interface address, AppleTalk 548 interface module - 3Com 4007R | Implementation Guide - Page 672
filtering 428 groups 430 MBONE 429 routing table 444 spanning tree 435 supported protocols 439 system displays 444 tunnels 441 IP multicast filtering 423, routing table example 522 routing, packet format 511 SAP (Service Advertising Protocol) 524 aging mechanism 525 request handling 525 triggered - 3Com 4007R | Implementation Guide - Page 673
with ARP 372 use in IP routing 374 MAC address aliasing 218 Macintosh, Chooser 546 management IP interface 366 LAN 41 station RMON MIB 632 manual versus dynamic VLAN configuration 278 INDEX 673 masks flow classifier 578 subnet 362, 370 matrix group, RMON 640 maximum age 184 MBONE 429 MDI-to - 3Com 4007R | Implementation Guide - Page 674
617 network numbers extended 545 nonextended 545 network ranges 546, 548, 550, 551 aging out of AppleTalk tables 556 network supplier support 661 network troubleshooting 619 network-based VLANs 243, 245 allOpen mode and 265 ingress rules 295 using 289 networks and AppleTalk devices 549 AppleTalk - 3Com 4007R | Implementation Guide - Page 675
, 472, 474 path trees, shortest 457 priority 469, 473 protocol packets 455 protocols Hello 483 retransmit interval 472, 474 route summarization 465 route support 451 router databases 464 router IDs 449, 455, 475, 484 guidelines for configuring 484 types of 484 router placement 459 router updates 450 - 3Com 4007R | Implementation Guide - Page 676
commands 314 description 313 examples 341 filtering criteria, groups 337, 349 instructions 321 language description 310, 319 listing 311 opcodes 322 operands 321 port policing options, RSVP 608 policy-based services 566 port designated 171 identifier 173 maximum number in group 340 root 171, 172 - 3Com 4007R | Implementation Guide - Page 677
management saved configurations 125 power management, intelligent enabling and disabling power to slots 116 module power consumption table 119 power problems 68 power requirements AC power supplies 118 power subsystem distributed power output 112 features described 112 front-loading power supplies - 3Com 4007R | Implementation Guide - Page 678
multicast 437 pushDPGM opcode 326, 337 pushField.size 322 pushLiteral. opcode 323, 324 pushSPGM opcode 325, 337 pushTop opcode 325 Q QoS (Quality of Service) and RSVP 569 bandwidth 571, 606 burst size 571, 586 classifiers 569 assigning numbers 576 defining 575 defining flow 577 defining nonflow 580 - 3Com 4007R | Implementation Guide - Page 679
RMON2 groups 653 MIB definition 653 purpose 653 root bridge 170 root port 171 route flapping, AppleTalk networks 551 route summarization, OSPF 465 route support, OSPF 451 routed traffic and flow classifiers 569 router databases, OSPF 464 router IDs, OSPF 449, 455, 475, 484 router updates, OSPF 450 - 3Com 4007R | Implementation Guide - Page 680
and controls 593 QoS high priority 598 QoS nonflow classifiers and controls 599, 601 QoS to/from classifiers and controls 591 RSVP 609 SAP (Service Advertising Protocol) aging mechanism 525 request handling 525 using for dynamic routes 524 SAP routing policies export 531 import 531 IPX 530 scripting - 3Com 4007R | Implementation Guide - Page 681
command 107 servdiag command characteristics 108 servers, bandwidth to 147, 152 service levels, QoS 581 definition 570 session layer AppleTalk 540 protocols, Get 625 Get Responses 625 Get-next 625 Set 625 support 55 trap reporting configuring destinations 630 displaying configuration 630 flushing - 3Com 4007R | Implementation Guide - Page 682
568, 569, 571, 580, 584 TCP drop control 571, 587 one-way filtering 571, 587 ports 579 technical specifications EME 69 technical support 109 fax service 661 network suppliers 661 product repair 663 Telnet 75, 89 temperature, ambient operating range 122 terminal hangup 83 terminal port access 45 - 3Com 4007R | Implementation Guide - Page 683
INDEX 683 transmit ports VLAN rules for 299 transmit priorities, QoS 570, 581 transparent bridging and aging addresses 163 IEEE 802.1d compliant 198, 221 transport layer, AppleTalk 540 trap commands (SNMP) flush 631 trap messages interpreting 98 trap receive 97 Trap receivers 97 trap reporting - 3Com 4007R | Implementation Guide - Page 684
between 260, 282 routing between Layer 3 modules 283 sample Ignore STP mode 293 selecting modes 261 single VLAN configuration 271 statistics 303 supported protocol suites 281 supported switching modules 241, 243 switch fabric module and 243, 248, 255 tagging mode 802.1Q 247 terms 249 trunks and 260
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
-
333
-
334
-
335
-
336
-
337
-
338
-
339
-
340
-
341
-
342
-
343
-
344
-
345
-
346
-
347
-
348
-
349
-
350
-
351
-
352
-
353
-
354
-
355
-
356
-
357
-
358
-
359
-
360
-
361
-
362
-
363
-
364
-
365
-
366
-
367
-
368
-
369
-
370
-
371
-
372
-
373
-
374
-
375
-
376
-
377
-
378
-
379
-
380
-
381
-
382
-
383
-
384
-
385
-
386
-
387
-
388
-
389
-
390
-
391
-
392
-
393
-
394
-
395
-
396
-
397
-
398
-
399
-
400
-
401
-
402
-
403
-
404
-
405
-
406
-
407
-
408
-
409
-
410
-
411
-
412
-
413
-
414
-
415
-
416
-
417
-
418
-
419
-
420
-
421
-
422
-
423
-
424
-
425
-
426
-
427
-
428
-
429
-
430
-
431
-
432
-
433
-
434
-
435
-
436
-
437
-
438
-
439
-
440
-
441
-
442
-
443
-
444
-
445
-
446
-
447
-
448
-
449
-
450
-
451
-
452
-
453
-
454
-
455
-
456
-
457
-
458
-
459
-
460
-
461
-
462
-
463
-
464
-
465
-
466
-
467
-
468
-
469
-
470
-
471
-
472
-
473
-
474
-
475
-
476
-
477
-
478
-
479
-
480
-
481
-
482
-
483
-
484
-
485
-
486
-
487
-
488
-
489
-
490
-
491
-
492
-
493
-
494
-
495
-
496
-
497
-
498
-
499
-
500
-
501
-
502
-
503
-
504
-
505
-
506
-
507
-
508
-
509
-
510
-
511
-
512
-
513
-
514
-
515
-
516
-
517
-
518
-
519
-
520
-
521
-
522
-
523
-
524
-
525
-
526
-
527
-
528
-
529
-
530
-
531
-
532
-
533
-
534
-
535
-
536
-
537
-
538
-
539
-
540
-
541
-
542
-
543
-
544
-
545
-
546
-
547
-
548
-
549
-
550
-
551
-
552
-
553
-
554
-
555
-
556
-
557
-
558
-
559
-
560
-
561
-
562
-
563
-
564
-
565
-
566
-
567
-
568
-
569
-
570
-
571
-
572
-
573
-
574
-
575
-
576
-
577
-
578
-
579
-
580
-
581
-
582
-
583
-
584
-
585
-
586
-
587
-
588
-
589
-
590
-
591
-
592
-
593
-
594
-
595
-
596
-
597
-
598
-
599
-
600
-
601
-
602
-
603
-
604
-
605
-
606
-
607
-
608
-
609
-
610
-
611
-
612
-
613
-
614
-
615
-
616
-
617
-
618
-
619
-
620
-
621
-
622
-
623
-
624
-
625
-
626
-
627
-
628
-
629
-
630
-
631
-
632
-
633
-
634
-
635
-
636
-
637
-
638
-
639
-
640
-
641
-
642
-
643
-
644
-
645
-
646
-
647
-
648
-
649
-
650
-
651
-
652
-
653
-
654
-
655
-
656
-
657
-
658
-
659
-
660
-
661
-
662
-
663
-
664
-
665
-
666
-
667
-
668
-
669
-
670
-
671
-
672
-
673
-
674
-
675
-
676
-
677
-
678
-
679
-
680
-
681
-
682
-
683
-
684
 |
 |
Switch 4007
Implementation Guide
Release 3.0.5
Part No. 10013673
Published May 2000