DL manuals
3Com
Switch
8800
Configuration Manual

3Com 8800 Configuration Manual

Other manuals for 8800: Installation Manual, Datasheet, Installation Manual

Manual is about: 3Com 8800: Install Guide

Page of 773

Download

Print this page

Bookmark us

3Com Switch 8800

Configuration Guide

www.3com.com

Part No. DUA1750-2BAA01

Published: December 2005

1 2 3 4 5 6 7 Next › »

Summary of 8800

Page 1
3com switch 8800 configuration guide www.3com.Com part no. Dua1750-2baa01 published: december 2005.
Page 2
Copyright © 2005, 3com corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3com corporation. 3com corporation reserves th...
Page 3: About This Manual
3 about this manual release notes this manual applies to 3com switch 8800. Related manuals the related manuals are listed in the following table. Manual content 3com switch 8800 installation guide it provides information for the system installation, booting, hardware/software maintenance & monitorin...
Page 4
Switch 8800 configuration guide about this manual 4 z poe this module focuses on power over ethernet (poe) configuration. Z nat & vpls this module presents the configurations on nat and vpls. Z appendix this appendix offers the acronyms in this manual. Intended audience the manual is intended for th...
Page 6
Switch 8800 configuration guide about this manual 6 v. Mouse operation action description select press and hold the primary mouse button (left mouse button by default). Click select and release the primary mouse button without moving the pointer. Double-click press the primary mouse button twice con...
Page 7
3com switch 8800 configuration guide table of contents toc-1 table of contents chapter 1 product overview ........................................................................................................ 1-1 1.1 product overview....................................................................
Page 8
3com switch 8800 configuration guide table of contents toc-2 6.2.4 setting the duplex attribute of the ethernet port .................................................... 6-2 6.2.5 setting speed on the ethernet port ........................................................................ 6-2 6.2.6 se...
Page 9
3com switch 8800 configuration guide table of contents toc-3 8.4.1 creating/deleting a vlan protocol type................................................................ 8-4 8.4.2 associating/dissociating a port with/from a protocol-based vlan........................ 8-5 8.5 displaying vlan ...........
Page 10
3com switch 8800 configuration guide table of contents toc-4 chapter 13 dhcp configuration ................................................................................................ 13-1 13.1 introduction to dhcp.....................................................................................
Page 11
3com switch 8800 configuration guide table of contents toc-5 15.2 displaying and debugging ip performance................................................................... 15-2 15.3 troubleshooting ip performance ................................................................................... 15...
Page 12
3com switch 8800 configuration guide table of contents toc-6 18.4 typical rip configuration example ............................................................................. 18-12 18.5 troubleshooting rip faults .......................................................................................
Page 13
3com switch 8800 configuration guide table of contents toc-7 20.1.1 terms of is-is routing protocol ......................................................................... 20-1 20.1.2 two-level structure of is-is routing protocol .................................................... 20-2 20.1.3 nsa...
Page 14
3com switch 8800 configuration guide table of contents toc-8 21.2.2 configuring basic features for bgp peer .......................................................... 21-5 21.2.3 configuring application features of a bgp peer (group) ..................................... 21-8 21.2.4 configuring rout...
Page 15
3com switch 8800 configuration guide table of contents toc-9 23.1.3 application of multicast ....................................................................................... 23-7 23.2 implementation of ip multicast..................................................................................
Page 16
3com switch 8800 configuration guide table of contents toc-10 27.2.3 configuring the igmp version ............................................................................ 27-3 27.2.4 configuring the interval to send igmp query message..................................... 27-4 27.2.5 configuring ...
Page 17
3com switch 8800 configuration guide table of contents toc-11 29.2.11 configuring rp to filter the register messages sent by dr ........................... 29-7 29.2.12 limiting the range of legal bsr......................................................................... 29-7 29.2.13 limiting the ...
Page 18
3com switch 8800 configuration guide table of contents toc-12 31.2.6 configuring mbgp timer .................................................................................... 31-5 31.2.7 configuring mbgp peer (group) ........................................................................ 31-5 31....
Page 19
3com switch 8800 configuration guide table of contents toc-13 36.4.2 displaying and debugging ldp ........................................................................ 36-10 36.5 typical mpls configuration example ......................................................................... 36-11 36....
Page 20
3com switch 8800 configuration guide table of contents toc-14 38.2.7 configuring the time parameters of a switch .................................................. 38-19 38.2.8 setting the timeout factor of a specific bridge................................................ 38-21 38.2.9 configuring th...
Page 21
3com switch 8800 configuration guide table of contents toc-15 40.2 aaa configuration ......................................................................................................... 40-6 40.2.1 creating/deleting an isp domain ....................................................................
Page 22
3com switch 8800 configuration guide table of contents toc-16 chapter 41 vrrp configuration ................................................................................................ 41-1 41.1 introduction to vrrp ...................................................................................
Page 23
3com switch 8800 configuration guide table of contents toc-17 43.3.2 enabling/disabling ftp server ......................................................................... 43-12 43.3.3 configuring the ftp server authentication and authorization ......................... 43-12 43.3.4 configuring the...
Page 24
3com switch 8800 configuration guide table of contents toc-18 46.1.1 setting a name for a switch................................................................................ 46-1 46.1.2 setting the system clock .................................................................................... 4...
Page 25
3com switch 8800 configuration guide table of contents toc-19 47.5 snmp configuration example ....................................................................................... 47-9 chapter 48 rmon configuration ......................................................................................
Page 26
3com switch 8800 configuration guide table of contents toc-20 50.2.3 sftp client configuration ................................................................................ 50-18 50.2.4 sftp configuration example............................................................................ 50-22 ch...
Page 27: Chapter 1 Product Overview
3com switch 8800 configuration guide chapter 1 product overview 1-1 chapter 1 product overview 1.1 product overview the switch 8800 is a large-capacity, modularized l2/l3 switch. It is mainly designed for broadband man, backbone, switching core and convergence center of large-sized enterprise networ...
Page 28
3com switch 8800 configuration guide chapter 1 product overview 1-2 features implementation ip routing supports static routing supports routing information protocol (rip) v1/v2 supports open shortest path first (ospf) supports border gateway protocol (bgp) supports intermediate system-to-intermediat...
Page 29
3com switch 8800 configuration guide chapter 2 logging into switch 2-1 chapter 2 logging into switch 2.1 setting up configuration environment through the console port step 1: as shown in the figure below, to set up the local configuration environment, connect the serial port of a pc (or a terminal) ...
Page 30
3com switch 8800 configuration guide chapter 2 logging into switch 2-2 figure 2-3 configure the port for connection figure 2-4 set communication parameters step 3: the switch is powered on. Display self-test information of the switch and prompt you to press enter to show the command line prompt such...
Page 31
3com switch 8800 configuration guide chapter 2 logging into switch 2-3 2.2 setting up configuration environment through telnet 2.2.1 connecting a pc to the switch through telnet after you have correctly configured ip address of a vlan interface for a switch via console port (using ip address command...
Page 32
3com switch 8800 configuration guide chapter 2 logging into switch 2-4 figure 2-6 run telnet step 4: the terminal displays “login authentication!” and prompts the user to input the logon password. After you input the correct password, it displays the command line prompt (such as ). If the prompt “al...
Page 33
3com switch 8800 configuration guide chapter 2 logging into switch 2-5 telnet client pc telnet server figure 2-7 provide telnet client service step 1: configure the telnet user name and password on the telnet server through the console port. Note: by default, the password is required for authenticat...
Page 34
3com switch 8800 configuration guide chapter 2 logging into switch 2-6 note: by default, the password is required for authenticating the modem user to log in the switch. If a user logs in via the modem without password, he will see the prompt “login password has not been set !.”. System-view system ...
Page 35
3com switch 8800 configuration guide chapter 2 logging into switch 2-7 figure 2-9 set the dialed number figure 2-10 dial on the remote pc step 4: enter the preset login password on the remote terminal emulator and wait for the prompt such as . Then you can configure and manage the switch. Enter “?” ...
Page 36
3com switch 8800 configuration guide chapter 3 command line interface 3-1 chapter 3 command line interface 3.1 command line interface the switch 8800 provides a series of configuration commands and command line interfaces for configuring and managing the switch. The command line interface has the fo...
Page 37
3com switch 8800 configuration guide chapter 3 command line interface 3-2 z management level: they are commands that influence basis operation of the system and system support module, which plays a support role on service. Commands of this level involve file system commands, ftp commands, tftp comma...
Page 38
3com switch 8800 configuration guide chapter 3 command line interface 3-3 z route policy view z basic acl view z advanced acl view z layer-2 acl view z conform-level view z wred index view z radius server group view z isp domain view z mpls view z vpnv4 sub-address family view z vpn-instance sub-add...
Page 39
3com switch 8800 configuration guide chapter 3 command line interface 3-4 command view function prompt command to enter command to exit [sw8800- ethernet2/ 1/1] 100m ethernet port view key in interface ethernet 2/1/1 in system view [sw8800- gigabiteth ernet2/1/1 ] gigabitethernet port view key in in...
Page 40
3com switch 8800 configuration guide chapter 3 command line interface 3-5 command view function prompt command to enter command to exit pim view configure pim parameters [sw8800- pim] key in pim in system view quit returns to system view return returns to user view msdp view configure msdp parameter...
Page 41
3com switch 8800 configuration guide chapter 3 command line interface 3-6 command view function prompt command to enter command to exit advanced acl view define the rule of advanced acl [sw8800- acl-adv-30 00] key in acl number 3000 in system view quit returns to system view return returns to user v...
Page 42
3com switch 8800 configuration guide chapter 3 command line interface 3-7 command view function prompt command to enter command to exit vpn-instan ce subaddres s family view configure vpn instance subaddress family parameters [sw8800- bgp-af-vp n-instance ] key in ipv4-family vpn-instance vpna in bg...
Page 43
3com switch 8800 configuration guide chapter 3 command line interface 3-8 z partial help you can get the help information through these online help commands, which are described as follows. 1) input “?” in any view to get all the commands in it and corresponding descriptions. ? User view commands: l...
Page 44
3com switch 8800 configuration guide chapter 3 command line interface 3-9 3.3.2 displaying characteristics of command line command line interface provides the following display characteristics: z for users’ convenience, the instruction and help information can be displayed in both english and chines...
Page 45
3com switch 8800 configuration guide chapter 3 command line interface 3-10 3.3.4 common command line error messages all the input commands by users can be correctly executed, if they have passed the grammar check. Otherwise, error messages will be reported to users. The common error messages are lis...
Page 46
3com switch 8800 configuration guide chapter 3 command line interface 3-11 press after typing the incomplete key word and the system will execute the partial help: if the key word matching the typed one is unique, the system will replace the typed one with the complete key word and display it in a n...
Page 47
3com switch 8800 configuration guide chapter 4 user interface configuration 4-1 chapter 4 user interface configuration 4.1 user interface overview user interface configuration is another way provided by the switch to configure and manage the port data. The switch 8800 supports the following configur...
Page 48
3com switch 8800 configuration guide chapter 4 user interface configuration 4-2 z vty is numbered after aux user interface. The absolute number of the first vty is incremented by 1 than the aux user interface number. Ii. Relative number the relative number is in the format of “user interface type” +...
Page 49
3com switch 8800 configuration guide chapter 4 user interface configuration 4-3 when the users log in the switch, if a connection is activated, the login header will be displayed. After the user successfully logs in the switch, the shell header will be displayed. Perform the following configuration ...
Page 51
3com switch 8800 configuration guide chapter 4 user interface configuration 4-5 after the terminal service is disabled on a user interface, you cannot log in to the switch through the user interface. However, the user logged in through the user interface before disabling the terminal service can con...
Page 52
3com switch 8800 configuration guide chapter 4 user interface configuration 4-6 iv. Setting the screen length if a command displays more than one screen of information, you can use the following command to set how many lines to be displayed in a screen, so that the information can be separated in di...
Page 53
3com switch 8800 configuration guide chapter 4 user interface configuration 4-7 by default, terminal authentication is not required for local users log in via the console port. However, password authentication is required for local users and remote modem users log in via the aux port, and telnet use...
Page 54
3com switch 8800 configuration guide chapter 4 user interface configuration 4-8 note: by default, password is required to be set for authenticating local users and remote modem users log in via the aux port, and telnet users log in through ethernet port. If no password has been set, the following pr...
Page 55
3com switch 8800 configuration guide chapter 4 user interface configuration 4-9 note: when a user logs in the switch, the command level that it can access depends on two points. One is the command level that the user itself can access, the other is the set command level of this user interface. If th...
Page 56
3com switch 8800 configuration guide chapter 4 user interface configuration 4-10 4.2.6 configuring modem attributes when logging in the switch via the modem, you can use the following commands to configure these parameters. Perform the following configuration in aux user interface view. Table 4-19 c...
Page 57
3com switch 8800 configuration guide chapter 4 user interface configuration 4-11 table 4-21 configure to automatically run the command operation command configure to automatically run the command auto-execute command text configure not to automatically run the command undo auto-execute command note ...
Page 58
3com switch 8800 configuration guide chapter 5 management interface configuration 5-1 chapter 5 management interface configuration 5.1 management interface overview the switch 8800 provides a 10/100base-tx management interface on the fabric. The management interface can connect a background pc for s...
Page 59
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-1 chapter 6 ethernet port configuration 6.1 ethernet port overview the switch 8800 provides conventional ethernet ports, fast ethernet ports, 1000 mbps ethernet ports and 10 gbps ethernet ports. The configurations of these ...
Page 60
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-2 6.2.2 enabling/disabling an ethernet port after configuring the related parameters and protocol of the port, you can use undo shutdown command to enable the port. If you do not want a port to forward data any more, use sh...
Page 61
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-3 note that, 10/100 mbps electrical ethernet port can operate in full-duplex, half-duplex or auto-negotiation mode. The10/100/1000 mbps electrical ethernet port can operate in full duplex, half duplex or auto-negotiation mo...
Page 62
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-4 operation command restore the default type of the cable connected to the ethernet port undo mdi note that, the settings only take effect on 10/100 mbps and 10/100/1000 mbps electrical ports. By default, the cable type is ...
Page 63
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-5 note that, the values can be consecutive, but the effective values are discrete. The effective frame length for the fe port is 1552. The effective frame length for the ge port and 10 ge port is 1552, 9022, 9192 and 10240....
Page 64
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-6 6.2.11 setting the link type for the ethernet port ethernet port can operate in three different link types, access, hybrid, and trunk types. The access port carries one vlan only, used for connecting to the user’s compute...
Page 66
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-8 by default, the vlan of hybrid port and trunk port is vlan 1 and that of the access port is the vlan to which it belongs 6.2.14 setting the vlan vpn feature vlan tag consists of 12 bits (defined by ieee802.1q), so etherne...
Page 67
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-9 path cost link attributes(point-to-point or not) port mcheck max transmission speed enable/disable root protection enable/disable loop protection edge or non-edge port reset arp or not define/apply flow template traffic r...
Page 69
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-11 6.3 displaying and debugging ethernet port after the above configuration, execute display command in any view to display the running of the ethernet port configuration, and to verify the effect of the configuration. Exec...
Page 70
3com switch 8800 configuration guide chapter 6 ethernet port configuration 6-12 ii. Network diagram switch a switch b figure 6-1 network diagram for ethernet port configuration iii. Configuration procedure the following configurations are used for switch a. Please configure switch b in the similar w...
Page 71
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-1 chapter 7 link aggregation configuration 7.1 overview 7.1.1 introduction to link aggregation link aggregation means aggregating several ports together to implement the outgoing/incoming payload balance among the member...
Page 72
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-2 operation key. The management key of an lacp-enabled dynamic aggregation port is 0 by default. The management key of an lacp-enabled static aggregation port is the same as the aggregation group id. In a dynamic aggrega...
Page 73
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-3 z the system sets to inactive state the active port connecting to the different peer devices, or the port connecting to the same peer device but locating in the different aggregation group. Z the system sets to inactiv...
Page 74
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-4 protocol types in determining if to use ip or mac addresses. The packet with 0800 etype ethernet field is ip packet. In general, the system only provides limited resources. The system will always allocate hardware aggr...
Page 75
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-5 7.2 link aggregation configuration the following sections describe link aggregation tasks: z enabling/disabling lacp at port z creating/deleting an aggregation group z adding/deleting an ethernet port into/from an aggr...
Page 76
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-6 z you cannot enable lacp at the mirroring port, the port with static mac address configured, and the port with static arp configured, port with 802.1x enabled. Z you are inhibited to enable lacp at the port in a manual...
Page 77
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-7 table 7-3 add/delete an ethernet port into/from an aggregation group operation command add an ethernet port into the aggregation group (ethernet port view) port link-aggregation group agg-id delete an ethernet port fro...
Page 78
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-8 note: if you save the current configuration using the save command, the static and dynamic lacp aggregation groups and their description strings remains on the system after rebooting, but not the dynamic lacp aggregati...
Page 79
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-9 7.3 displaying and debugging link aggregation after the above configuration, execute the display command in any view to display the running of the link aggregation configuration, and to verify the effect of the configu...
Page 80
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-10 7.4 link aggregation configuration example i. Network requirements switch a connects switch b with three aggregation ports, numbered as ethernet2/1/1 to ethernet2/1/3, so that incoming/outgoing load can be balanced am...
Page 81
3com switch 8800 configuration guide chapter 7 link aggregation configuration 7-11 enable lacp on ethernet ports ethernet2/1/1 to ethernet2/1/3. [sw8800] interface ethernet2/1/1 [sw8800-ethernet2/1/1] lacp enable [sw8800-ethernet1/1/1] interface ethernet2/1/2 [sw8800-ethernet2/1/2] lacp enable [sw88...
Page 82
3com switch 8800 configuration guide chapter 8 vlan configuration 8-1 chapter 8 vlan configuration 8.1 vlan overview virtual local area network (vlan) groups the devices in a lan logically, not physically, into segments to form virtual workgroups. Ieee issued the ieee 802.1q in 1999 to standardize t...
Page 84
3com switch 8800 configuration guide chapter 8 vlan configuration 8-3 8.2.4 shutting down/bringing up a vlan interface you can use the following commands to shut down/bring up a vlan interface. Perform the following configuration in vlan interface view. Table 8-4 shut down/bring up a vlan interface ...
Page 85
3com switch 8800 configuration guide chapter 8 vlan configuration 8-4 8.4 configuring protocol-based vlan the following sections describe the protocol-based vlan configuration tasks: z creating/deleting a vlan protocol type z associating/dissociating a port with/from a protocol-based vlan 8.4.1 crea...
Page 86
3com switch 8800 configuration guide chapter 8 vlan configuration 8-5 note: z the port to be associated with a protocol-based vlan must be of hybrid type and in this vlan. Z the same protocol can be configured in the different vlans, but cannot be configured repeatedly in the same vlan. Z a port can...
Page 87
3com switch 8800 configuration guide chapter 8 vlan configuration 8-6 8.6 vlan configuration example i. Network requirements z create vlan2 and vlan3. Z add ethernet3/1/1 and ethernet4/1/1 to vlan2. Z add ethernet3/1/2 and ethernet4/1/2 to vlan3. Ii. Network diagram vlan 3 switch e3/1/2 e4/1/1 vlan ...
Page 88
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-1 chapter 9 garp/gvrp configuration 9.1 configuring garp 9.1.1 garp overview generic attribute registration protocol (garp) offers a mechanism that is used by the members in the same switching network to distribute, propagate a...
Page 89
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-2 note: z the value of garp timer will be used in all the garp applications, including gvrp and gmrp, running in one switched network. Z in one switched network, the garp timers on all the switching devices should be set to the...
Page 90
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-3 note that, the value of join timer should be no less than the doubled value of hold timer, and the value of leave timer should be greater than the doubled value of join timer and smaller than the leaveall timer value. Besides...
Page 91
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-4 gvrp-supporting switches can receive vlan registration information from other switches and dynamically update the local vlan registration information including the active members and through which port those members can be re...
Page 92
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-5 table 9-3 enable/disable global gvrp operation command enable global gvrp gvrp disable global gvrp undo gvrp by default, global gvrp is disabled. 9.2.3 enabling/disabling port gvrp you can use the following command to enable/...
Page 94
3com switch 8800 configuration guide chapter 9 garp/gvrp configuration 9-7 iii. Configuration procedure configure switch a: enable gvrp globally. [sw8800] gvrp set ethernet3/1/1 as a trunk port and allows all the vlans to pass through. [sw8800] interface ethernet3/1/1 [sw8800-ethernet3/1/1] port lin...
Page 95
3com switch 8800 configuration guide chapter 10 super vlan configuration 10-1 chapter 10 super vlan configuration 10.1 super vlan overview super vlan is also called vlan aggregation: a super vlan contains multiple sub vlans. A super vlan can be configured with an ip address of the virtual port, whil...
Page 96
3com switch 8800 configuration guide chapter 10 super vlan configuration 10-2 number item command description 2 enter vlan view [sw8800] vlan vlan_id required 3 set the vlan type to super vlan [sw8800-vlan4093] supervlan required. The vlan_id is the configured vlan id in the range 1 to 4,094. 4 crea...
Page 97
3com switch 8800 configuration guide chapter 10 super vlan configuration 10-3 10.2.2 super vlan configuration example i. Network requirements super vlan 10 and sub vlans including vlan 2, vlan 3 and vlan 5 need configuring. Vlan2 contains port 1 and 2; vlan3 contains port 3 and 4; vlan5 contains por...
Page 98
3com switch 8800 configuration guide chapter 11 ip address configuration 11-1 chapter 11 ip address configuration 11.1 introduction to ip address 11.1.1 ip address classification and representation an ip address is a 32-bit address allocated to a device that accesses the internet. It consists of two...
Page 99
3com switch 8800 configuration guide chapter 11 ip address configuration 11-2 table 11-1 ip address classes and ranges network class address range ip network range available note a 0.0.0.0 to 127.255.2 55.255 1.0.0.0 to 126.0.0.0 host id with all the digits being 0 indicates that the ip address is t...
Page 100
3com switch 8800 configuration guide chapter 11 ip address configuration 11-3 network class address range ip network range available note d 224.0.0.0 to 239.255.2 55.255 none addresses of class d are multicast addresses, among which: z ip address 224.0.0.0 is reserved and will not be allocated. Thos...
Page 101
3com switch 8800 configuration guide chapter 11 ip address configuration 11-4 138.38.160.0, 138.38.192.0 and 138.38.224.0 (refer to the following figure). Each subnet can contain more than 8000 hosts. 10001010, 00100110, 000 00000, 00000000 classb 138.38.0.0 subnet mask 255.255.224.0 11111111, 11111...
Page 102
3com switch 8800 configuration guide chapter 11 ip address configuration 11-5 11.2.2 configuring the ip address of the vlan interface you can configure an ip address for every vlan interface of the switch. Generally, it is enough to configure one ip address for an interface. You can also configure t...
Page 103
3com switch 8800 configuration guide chapter 11 ip address configuration 11-6 ii. Network diagram console cable switch pc console cable switch pc figure 11-3 network diagram for ip address configuration iii. Configuration procedure enter vlan interface 1. [sw8800] interface vlan-interface 1 configur...
Page 104
3com switch 8800 configuration guide chapter 12 arp configuration 12-1 chapter 12 arp configuration 12.1 introduction to arp address resolution protocol (arp) is used to resolve an ip address into a mac address. I. Necessity of arp an ip address cannot be directly used for communication between netw...
Page 105
3com switch 8800 configuration guide chapter 12 arp configuration 12-2 corresponding mac address of host b and adds them to its own arp mapping table. Then host a sends host b all the packets standing in the queue. Normally, dynamic arp takes effect and automatically searches for the resolution from...
Page 106
3com switch 8800 configuration guide chapter 12 arp configuration 12-3 12.2.2 configuring the dynamic arp aging timer for purpose of flexible configuration, the system provides the following commands to assign dynamic arp aging period. When the system learns a dynamic arp entry, its aging period is ...
Page 107
3com switch 8800 configuration guide chapter 12 arp configuration 12-4 12.3 displaying and debugging arp after the above configuration, execute the display command in any view to display the running of the arp configuration, and to verify the effect of the configuration. Execute the reset command in...
Page 109
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-1 chapter 13 dhcp configuration 13.1 introduction to dhcp 13.1.1 how dhcp works this is a world where networks are ever-growing in both size and complexity, and the network configuration is getting more and more complex. As is oft...
Page 110
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-2 z automatic ip address assignment. The dhcp server automatically assigns fixed ip addresses to dhcp clients when they connect to the network for the first time. After that, the ip addresses are always occupied by the dhcp client...
Page 111
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-3 z selection. The dhcp client only receives the first arriving dhcp_offer packet if there are dhcp_offer packets from several dhcp servers. Then, it retrieves the ip address carried in the packet, and broadcasts a dhcp_request pa...
Page 112
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-4 13.2.1 enabling/disabling dhcp service for both dhcp server and dhcp relay, you must enable the dhcp service first before performing other dhcp configurations. The other related dhcp configurations take effect only after the dhc...
Page 113
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-5 table 13-3 configure the processing method for multiple vlan interfaces operation command specify to forward dhcp packets to local dhcp server and let the local server assign ip addresses in global address pools to dhcp clients ...
Page 114
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-6 13.3 configuring dhcp server the following sections describe the dhcp server configuration tasks: z creating a global dhcp ip address pool z configuring ip address assignment mode z forbidding specified ip addresses to be automa...
Page 115
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-7 so, you can configure the parameters (such as domain name) that are common to all levels in the address pool structure or some subnets only for the network segment or for corresponding subnets. The display dhcp server tree comma...
Page 116
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-8 perform the following configuration in dhcp address pool view. Table 13-6 configure static address binding for a global dhcp address pool operation command configure an ip address to be statically bound static-bind ip-address ip...
Page 117
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-9 caution: a binding in a vlan interface address pool cannot be overwritten directly. If an ip-to-mac address binding entry is configured and you want to modify it, you must remove it and redefine a new one. Iii. Configuring dynam...
Page 118
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-10 you can set multiple ip address ranges that are not assigned automatically by executing the dhcp server forbidden-ip command multiple times. 13.3.4 configuring lease time for dhcp address pool you can configure different lease ...
Page 120
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-12 table 13-15 configure a dhcp client domain name for multiple vlan interfaces operation command configure a dhcp client domain name for dhcp address pools of multiple vlan interfaces dhcp server domain-name domain-name { interfa...
Page 121
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-13 table 13-17 configure dns server address for current vlan interface operation command configure one or more dns server addresses for the dhcp address pool of the current vlan interface dhcp server dns-list ip-address [ ip-addre...
Page 122
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-14 table 13-19 configure netbios server address for a global dhcp address pool operation command configure one or more netbios server addresses for a global dhcp address pool nbns-list ip-address [ ip-address ] remove one or all n...
Page 123
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-15 13.3.8 configuring netbios node type for dhcp clients for dhcp clients communicating in wide area network (wan) by netbios protocol, the mapping between their host names and ip addresses must be established. According to the wa...
Page 125
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-17 iii. Configuring custom dhcp options for multiple vlan interfaces perform the following configuration in system view. Table 13-27 configure custom dhcp options for multiple vlan interfaces operation command configure a custom d...
Page 126
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-18 the dhcp server receives no response after sending all these packets, it considers the ip address is not used by other devices in this network and assigns the ip address to this dhcp client. Otherwise, it does not assign the ip...
Page 128
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-20 dhcp server, is supposed to assign ip addresses to the two dhcp clients without the help of any dhcp relay. Ii. Network diagram ethernet dhcp client dhcp client 10.110.0.0 10.110.1.1 ethernet dhcp client dhcp client 10.110.0.0 ...
Page 129
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-21 13.4 configuring dhcp relay 13.4.1 introduction to dhcp relay this is a world where networks are ever-growing in both size and complexity, and the network configuration is getting more and more complex. As is often the case, th...
Page 130
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-22 z after receiving the packet, the dhcp server generates configuration information accordingly and sends it to the dhcp client through the dhcp relay to complete the dynamic configuration of the dhcp client. Note that the entire...
Page 131
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-23 table 13-34 configure user address entries for dhcp server operation command add a user address entry for dhcp server dhcp relay security ip_address mac_address static remove a user address entry for dhcp server undo dhcp relay...
Page 133
3com switch 8800 configuration guide chapter 13 dhcp configuration 13-25 [sw8800-vlan-interface2]ip relay address 202.38.1.2 note: besides the above configurations for dhcp relay, you need to configure address pool on the dhcp server and make sure the dhcp server and the switch interface connecting ...
Page 134
3com switch 8800 configuration guide chapter 14 dns configuration 14-1 chapter 14 dns configuration 14.1 introduction to dns used in the tcp/ip application, domain name system (dns) is a distributed database which provides the translation between domain name and the ip address. In this way, the user...
Page 135
3com switch 8800 configuration guide chapter 14 dns configuration 14-2 “3com”. Then the system connects the input domain name with the suffix into “3com.Com” automatically to search. When the domain name suffix is used, if the input domain name does not include “.”, like “3com”, the system regards i...
Page 136
3com switch 8800 configuration guide chapter 14 dns configuration 14-3 this function when you do not want to perform dynamic domain name resolution sometimes. Perform the following configuration in system view. Table 14-2 enable/disable dynamic domain name resolution operation command enable dynamic...
Page 137
3com switch 8800 configuration guide chapter 14 dns configuration 14-4 14.4 displaying and debugging domain name resolution after the above configuration, you can execute the display command in any view to view the running states of the domain name resolution, and verify the configuration results th...
Page 138
3com switch 8800 configuration guide chapter 14 dns configuration 14-5 iii. Configuraiton procedure enable dynamic domain name resolution [sw8800] dns resolve configure the ip address of the domain name server to 172.16.1.1. [sw8800] dns server 172.16.1.1 configure the domain name suffix as com. [sw...
Page 139
3com switch 8800 configuration guide chapter 15 ip performance configuration 15-1 chapter 15 ip performance configuration 15.1 configuring ip performance ip performance configuration includes: z configuring tcp attributes 15.1.1 configuring tcp attributes tcp attributes that can be configured includ...
Page 140
3com switch 8800 configuration guide chapter 15 ip performance configuration 15-2 15.2 displaying and debugging ip performance after the above configuration, execute the display command in any view to display the running of the ip performance configuration, and to verify the effect of the configurat...
Page 141
3com switch 8800 configuration guide chapter 15 ip performance configuration 15-3 operation command enable the debugging of udp connections debugging udp packet [task-id socket-id] disable the debugging of udp connections undo debugging udp packet [ task-id socket-id ] enable the debugging of tcp co...
Page 142
3com switch 8800 configuration guide chapter 15 ip performance configuration 15-4 z use the debugging tcp packet command to enable the tcp debugging to trace the tcp packets. Operations include: terminal debugging debugging tcp packet then the tcp packets received or sent can be checked in real time...
Page 143
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-1 chapter 16 ip routing protocol overview note: a router that is referred to in the following or its icon represents a generalized router or a switch 8800 running routing protocols. To improve readability, this will not ...
Page 144
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-2 a route segment b c a r r route segment r r r a figure 16-1 the concept of route segment as the networks may have different sizes, the segment lengths connected between two different pairs of routers are also different...
Page 145
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-3 with the mask 255.255.0.0 is located will be 129.102.0.0. It is made up of several consecutive "1"s, which can also be expressed in the dotted decimal format. Z output interface: it indicates an interface through which...
Page 146
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-4 the switch 8800 supports the configuration of a series of dynamic routing protocols such as rip, ospf, is-is and bgp, as well as the static routes. In addition, the running switch will automatically obtain some direct ...
Page 147
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-5 routing protocol or route type the preference of the corresponding route unknown 255 apart from direct routing, ibgp and ebgp, the preferences of various dynamic routing protocols can be manually configured to meet the...
Page 148
3com switch 8800 configuration guide chapter 16 ip routing protocol overview 16-6 16.2.3 routes shared between routing protocols as the algorithms of various routing protocols are different, different protocols may generate different routes, thus bringing about the problem of how to resolve the diff...
Page 149
3com switch 8800 configuration guide chapter 17 static route configuration 17-1 chapter 17 static route configuration 17.1 introduction to static route 17.1.1 static route a static route is a special route configured manually by an administrator. You can set up an interconnecting network with the st...
Page 150
3com switch 8800 configuration guide chapter 17 static route configuration 17-2 there is no default route and the destination address of the packet fails in matching any entry in the routing table, this packet will be discarded, and an internet control message protocol (icmp) packet will be sent to ...
Page 151
3com switch 8800 configuration guide chapter 17 static route configuration 17-3 the packets sent to null interface, a kind of virtual interface, will be discarded at once. This can decrease the system load. Z preference depending on the configuration of preference, you can achieve different route ma...
Page 152
3com switch 8800 configuration guide chapter 17 static route configuration 17-4 17.3 displaying and debugging static route after the above configuration, execute the display command in any view to display the running of the static route configuration, and to verify the effect of the configuration. T...
Page 153
3com switch 8800 configuration guide chapter 17 static route configuration 17-5 ii. Network diagram host 1.1.5.1 1.1.5.2/24 1.1.2.2/24 1.1.2.1/24 1.1.1.2/24 host 1.1.1.1 host 1.1.4.2 1.1.3.1/24 1.1.3.2/24 1.1.4.1/24 switch a switch b switch c a c b host 1.1.5.1 1.1.5.2/24 1.1.2.2/24 1.1.2.1/24 1.1.1...
Page 154
3com switch 8800 configuration guide chapter 17 static route configuration 17-6 17.5 troubleshooting static route faults symptom: the switch is not configured with the dynamic routing protocol and both the physical status and the link layer protocol status of the interface is up, but the ip packets ...
Page 155
3com switch 8800 configuration guide chapter 18 rip configuration 18-1 chapter 18 rip configuration 18.1 introduction to rip routing information protocol (rip) is a relatively simple interior gateway protocol (igp), which is mainly applied to small scale networks. It is easy to implement rip. You ca...
Page 156
3com switch 8800 configuration guide chapter 18 rip configuration 18-2 z period update is triggered periodically to send all rip routes to all neighbors. Z if the rip route is not updated (a router receives the update packets from the neighbor) when the timeout timer expires, this route is regarded ...
Page 157
3com switch 8800 configuration guide chapter 18 rip configuration 18-3 if the link, which does not support broadcast or multicast packets, runs rip, you need to configure rip to send any packet to the specified destination, establishing rip neighbors correctly. In nbma link networking through a fram...
Page 158
3com switch 8800 configuration guide chapter 18 rip configuration 18-4 table 18-2 enable rip interface operation command enable rip on the specified network network network-address disable rip on the specified network undo network network-address note that after the rip task is enabled, you should a...
Page 159
3com switch 8800 configuration guide chapter 18 rip configuration 18-5 table 18-4 configure split horizon operation command enable split horizon rip split-horizon disable split horizon undo rip split-horizon by default, split horizon of the interface is enabled. 18.2.5 setting additional routing met...
Page 162
3com switch 8800 configuration guide chapter 18 rip configuration 18-8 18.2.9 enabling rip-2 route aggregation function the so-called route aggregation means that different subnet routes in the same natural network can be aggregated into one natural mask route for transmission when they are sent to ...
Page 163
3com switch 8800 configuration guide chapter 18 rip configuration 18-9 broadcast packets. In addition, this mode can also make the hosts running rip-1 avoid incorrectly receiving and processing the routes with subnet mask in rip-2. When an interface is running in rip-2 broadcast mode, the rip-1 pack...
Page 164
3com switch 8800 configuration guide chapter 18 rip configuration 18-10 always become unreachable at the point when a new period starts, the actual value of garbage-collection timer is three to four times that of period update timer. Note: you must consider network performance when adjusting rip tim...
Page 165
3com switch 8800 configuration guide chapter 18 rip configuration 18-11 operation command enable the interface to send rip update packet rip output disable the interface to send rip update packet undo rip output the undo rip work command and the undo network command have similar but not all the same...
Page 166
3com switch 8800 configuration guide chapter 18 rip configuration 18-12 18.3 displaying and debugging rip after the above configuration, execute the display command in any view to display the running of the rip configuration, and to verify the effect of the configuration. Execute the debugging comma...
Page 167
3com switch 8800 configuration guide chapter 18 rip configuration 18-13 ii. Network diagram ethernet 110.11.2.2/24 network address: 117.102.0.0/16 network address: 196.38.165.0/24 interface address: 110.11.2.1/24 interface address: 117.102.0.1/16 interface address: 155.10.1.1/24 network address: 155...
Page 168
3com switch 8800 configuration guide chapter 18 rip configuration 18-14 [switch c-rip] network 110.11.2.0 18.5 troubleshooting rip faults symptom: the switch 8800 cannot receive the update packets when the physical connection to the peer routing device is normal. Solution: rip does not operate on th...
Page 169
3com switch 8800 configuration guide chapter 19 ospf configuration 19-1 chapter 19 ospf configuration 19.1 ospf overview 19.1.1 introduction to ospf open shortest path first (ospf) is an interior gateway protocol based on the link state developed by ietf. At present, ospf version 2 (rfc2328) is used...
Page 170
3com switch 8800 configuration guide chapter 19 ospf configuration 19-2 z a router uses the spf algorithm to calculate the shortest path tree with itself as the root, which shows the routes to the nodes in the autonomous system. The external routing information is the leave node. A router, which adv...
Page 171
3com switch 8800 configuration guide chapter 19 ospf configuration 19-3 19.1.4 lsa type i. Five basic lsa types as mentioned previously, ospf calculates and maintains routing information from lsas. Rfc2328 defines five lsa types as follows: z router-lsas: type-1. Each router generates router-lsas, w...
Page 172
3com switch 8800 configuration guide chapter 19 ospf configuration 19-4 ii. Dr and bdr z designated router (dr) in multi-access networks, if any two routers establish adjacencies, the same lsa will be transmitted repeatedly, wasting bandwidth resources. To solve this problem, the ospf protocol regul...
Page 173
3com switch 8800 configuration guide chapter 19 ospf configuration 19-5 since all the areas should be connected to the backbone area, virtual link is adopted so that the physically separated areas can still maintain the logic connectivity to the backbone area. V. Route summary an as is divided into ...
Page 174
3com switch 8800 configuration guide chapter 19 ospf configuration 19-6 z authenticator: ospf provides clear text authenticator and md5 encryption authenticator to authenticate packets transmitted between neighboring routers in the same area. Z flexible configuration for the router port parameter: o...
Page 175
3com switch 8800 configuration guide chapter 19 ospf configuration 19-7 z configuring to fill the mtu field when an interface transmits dd packets z setting an spf calculation interval for ospf 4) configurations related to ospf networking z configuring ospf authentication z prohibit ospf packet rece...
Page 176
3com switch 8800 configuration guide chapter 19 ospf configuration 19-8 by default, ospf is disabled. When enabling ospf, pay attention to the following points: z the default ospf process id is 1. If no process id is specified in the command, the default one is adopted. Z if a router is running mult...
Page 177
3com switch 8800 configuration guide chapter 19 ospf configuration 19-9 19.2.5 configuring ospf to import routes of other protocols the dynamic routing protocols on the router can share the routing information. As far as ospf is concerned, the routes discovered by other routing protocols are always ...
Page 178
3com switch 8800 configuration guide chapter 19 ospf configuration 19-10 the routes that can be imported include direct, static, rip, is-is, or bgp and in addition, the routes of other ospf processes. Note: z it is recommended to configure the imported route type, cost and tag for the import-route c...
Page 179
3com switch 8800 configuration guide chapter 19 ospf configuration 19-11 iii. Configuring the default interval and number for ospf to import external routes ospf can import the external routing information and broadcast it to the entire autonomous system. Importing routes too often and importing too...
Page 180
3com switch 8800 configuration guide chapter 19 ospf configuration 19-12 z the broadcasting scope of type-5 lsa or type-7 lsa advertising the default route is the same as that of the common type-5 lsa or type-7 lsa. Perform the following configuration in ospf view. Table 19-8 configure ospf to impor...
Page 181
3com switch 8800 configuration guide chapter 19 ospf configuration 19-13 by default, ospf will not filter the received routing information. Ii. Configuring filtering the routes imported to ospf use the filter-policy export command to configure the asbr router to filter the external routes imported t...
Page 182
3com switch 8800 configuration guide chapter 19 ospf configuration 19-14 aggregate segment specified by the command will not be transmitted separately. This can reduce the lsdb size in other areas. Once the aggregated segment of a certain network is added to the area, all the internal routes of the ...
Page 183
3com switch 8800 configuration guide chapter 19 ospf configuration 19-15 19.2.9 setting ospf route preference since maybe multiple dynamic routing protocols are running on one router concurrently, the problem of route sharing and selection between various routing protocols occurs. The system sets a ...
Page 184
3com switch 8800 configuration guide chapter 19 ospf configuration 19-16 ii. Setting a dead timer for the neighboring routers the dead timer of neighboring routers refers to the interval in which a router will regard the neighboring router as dead if no hello packet is received from it. The user can...
Page 185
3com switch 8800 configuration guide chapter 19 ospf configuration 19-17 19.2.11 configuring the network type on the ospf interface the route calculation of ospf is based upon the topology of the adjacent network of the local router. Each router describes the topology of its adjacent network and tra...
Page 187
3com switch 8800 configuration guide chapter 19 ospf configuration 19-19 if dr fails due to some faults, the routers on the network must elect a new dr and synchronize with the new dr. The process will take a relatively long time, during which, the route calculation is incorrect. In order to speed u...
Page 188
3com switch 8800 configuration guide chapter 19 ospf configuration 19-20 19.2.14 configuring an interval required for sending lsu packets trans-delay seconds should be added to the aging time of the lsa in an lsu packet. Setting the parameter like this mainly considers the time duration that the int...
Page 189
3com switch 8800 configuration guide chapter 19 ospf configuration 19-21 table 19-22 configure whether the mtu field will be filled in when an interface transmits dd packets operation command enable an interface to fill in the mtu field when transmitting dd packets ospf mtu-enable disable the interf...
Page 190
3com switch 8800 configuration guide chapter 19 ospf configuration 19-22 by default, all interfaces are allowed to transmit and receive ospf packets. After an ospf interface is set to be in silent status, the interface can still advertise its direct route. However, the ospf hello packets of the inte...
Page 191
3com switch 8800 configuration guide chapter 19 ospf configuration 19-23 operation command disable the interface to use md5 authentication undo ospf authentication-mode md5 by default, the interface is not configured with either simple authentication or md5 authentication. 19.2.20 configuring ospf v...
Page 193
3com switch 8800 configuration guide chapter 19 ospf configuration 19-25 table 19-28 configure stub area of ospf operation command configure an area to be the stub area stub [ no-summary ] remove the configured stub area undo stub configure the cost of the default route transmitted by ospf to the st...
Page 195
3com switch 8800 configuration guide chapter 19 ospf configuration 19-27 by default, mib is bound to the first enabled ospf process. Ii. Configuring ospf trap you can configure the switch to send multiple types of snmp trap packets in case of ospf anomalies. In addition, you can configure the switch...
Page 196
3com switch 8800 configuration guide chapter 19 ospf configuration 19-28 19.3 displaying and debugging ospf after the above configuration, execute the display command in any view to display the running of the ospf configuration, and to verify the effect of the configuration. Execute the debugging co...
Page 197
3com switch 8800 configuration guide chapter 19 ospf configuration 19-29 operation command disable ospf event debugging undo debugging ospf event enable ospf lsa packet debugging debugging ospf lsa-originate disable ospf lsa packet debugging undo debugging ospf lsa-originate enable spf debugging of ...
Page 198
3com switch 8800 configuration guide chapter 19 ospf configuration 19-30 iii. Configuration procedure configure switch a [switch a] interface vlan-interface 1 [switch a-vlan-interface1] ip address 196.1.1.1 255.255.255.0 [switch a-vlan-interface1] ospf dr-priority 100 [switch a] router id 1.1.1.1 [s...
Page 199
3com switch 8800 configuration guide chapter 19 ospf configuration 19-31 change the priority of switch b to 200 [switch b-vlan-interface2000] ospf dr-priority 200 on switch a, execute the display ospf peer command to show its ospf neighbors. Note the priority of switch b has changed to 200, but it i...
Page 200
3com switch 8800 configuration guide chapter 19 ospf configuration 19-32 iii. Configuration procedure configure switch a [switch a] interface vlan-interface 1 [switch a-vlan-interface1] ip address 196.1.1.1 255.255.255.0 [switch a] router id 1.1.1.1 [switch a] ospf [switch a-ospf-1] area 0 [switch a...
Page 201
3com switch 8800 configuration guide chapter 19 ospf configuration 19-33 19.5 troubleshooting ospf faults symptom 1: ospf has been configured in accordance with the earlier-mentioned steps, but ospf on the router cannot run normally. Solution: check according to the following procedure. Local troubl...
Page 202
3com switch 8800 configuration guide chapter 19 ospf configuration 19-34 as shown in figure 19-5: rta and rtd are configured to belong to only one area, whereas rtb (area0 and area1) and rtc (area1 and area 2) are configured to belong to two areas. In which, rtb also belongs to area0, which is compl...
Page 203
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-1 chapter 20 integrated is-is configuration 20.1 introduction to integrated is-is intermediate system-to-intermediate system (is-is) intra-domain routing information exchange protocol is designed by the international o...
Page 204
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-2 ii. Link types is-is routing protocol is applied to is-is routing protocol can run on point to point links, such as ppp, hdlc and others. Is-is routing protocol can also run on broadcast links, such as ethernet, toke...
Page 205
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-3 es routing domain boundary is-is area end system subnetwork path level 1 is-is routing level 2 is-is routing interdomain routing intermediate system es is area 1 area 2 area 3 routing domain 1 routing domain 2 es es ...
Page 206
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-4 20.1.3 nsap structure of is-is routing protocol i. Address structure afi idi high order dsp system id sel (1 octet) dsp idp area address figure 20-2 nsap structure osi adopts the address structure as shown in figure ...
Page 207
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-5 z sel nsap selector (sel or n-sel) functions as the protocol identifier of an ip address. Different transmission protocols correspond to different identifiers. All the sels of ip are 00. Because the address structure...
Page 208
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-6 iii. Snp sequence number packet (snp) can confirm the lsps last received from neighbors. Snps function as acknowledge packets, but snps function more validly. Snp includes complete snp (csnp) and partial snp (psnp). ...
Page 209
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-7 enabling is-is on the specified interface z setting priority for dis election z setting router type z setting interface circuit level 2) configuration related to is-is route z configuring is-is to import routes of ot...
Page 210
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-8 configuring is-is route metric type z setting is-is link state routing cost z configuring is-is timers z setting to discard the lsps with checksum errors z setting lsp refreshment interval z setting lifetime of lsp z...
Page 211
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-9 delete a net undo network-entity network-entity-title the format of the network-entity-title argument is x…x.Xxxxxxxxxxxx.Xx, among which the first “x…x” is the area address, the twelve xs in the middle is the system...
Page 212
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-10 20.2.3 enabling is-is on the specified interface after enabling is-is, you need to specify on which interfaces the is-is will be run. Perform the following configuration in interface view. Table 20-3 enable is-is on...
Page 215
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-13 protocol specifies the routing protocol sources for advertising routes, which can be direct, static, rip, bgp, ospf, ospf-ase, and so on. Note: z the filter-policy import command only filters the isis routes receive...
Page 216
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-14 by default, the system disables route summarization. 20.2.11 setting to generate default route in the is-is route domain, the level-1 router only has the lsdb of the local area, so it can only generate the routes in...
Page 217
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-15 20.2.13 configuring is-is route metric type is-is routing protocol has two styles of route metric: z narrow: the value of route metric ranges from 1 to 63. Z wide: the value of route metric ranges from 1 to 16,777,2...
Page 219
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-17 table 20-18 set the lsp packet transmission interval operation command set lsp packet interval on the interface, measured in milliseconds. Isis timer lsp time restore the default lsp packet interval on the interface...
Page 220
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-18 by default, the number of the invalid hello packets is set to 3. If this command does not specify level-1 or level-2, the system regard the invalid hello packets are set for both level-1 and level-2 routers. 20.2.16...
Page 223
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-21 table 20-26 set to discard the lsps with checksum errors operation command set to discard the lsp with checksum error ignore-lsp-checksum-error set to ignore the lsp checksum error undo ignore-lsp-checksum-error by ...
Page 224
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-22 perform the following configuration in is-is view. Table 20-29 set lifetime of lsp operation command set lifetime of lsp timer lsp-max-age seconds restore the default lsp lifetime undo timer lsp-max-age by default, ...
Page 225
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-23 by default, spf calculation is not divided into slices but runs to the end once, which can also be implemented by setting the seconds argument to 0. After slice calculation is set, the routes that are not processed ...
Page 226
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-24 the silent-interface command is only used to restrain the is-is packets not to be sent on the interface, but the interface routes can still be sent from other interfaces. On a switch, this command can disable/enable...
Page 227
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-25 display is-is spf calculation log display isis spf-log display is-is routing information display isis route display is-is neighbor information display isis peer [ verbose ] display mesh group information display isi...
Page 228
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-26 ii. Network diagram switch a switch b switch c 100.20.0.2/24 vlan-interface 100 switch d vlan-interface 102 vlan-interface 102 vlan-interface 100 vlan-interface 101 vlan-interface 102 vlan-interface 101 vlan-interfa...
Page 229
3com switch 8800 configuration guide chapter 20 integrated is-is configuration 20-27 configure switch c [switch c] isis [switch c-isis] network-entity 86.0001.0000.0000.0007.00 [switch c] interface vlan-interface 101 [switch c-vlan-interface101] ip address 200.10.0.2 255.255.255.0 [switch c-vlan-int...
Page 230
3com switch 8800 configuration guide chapter 21 bgp configuration 21-1 chapter 21 bgp configuration 21.1 bgp/mbgp overview 21.1.1 introduction to bgp border gateway protocol (bgp) is an inter-autonomous system (inter-as) dynamic route discovery protocol. Three early versions of bgp are bgp-1 (rfc110...
Page 231
3com switch 8800 configuration guide chapter 21 bgp configuration 21-2 bgp runs on a router in any of the following modes: z internal bgp (ibgp) z external bgp (ebgp) the bgp is called ibgp when it runs in an as and ebgp when it runs among different ass. 21.1.2 bgp message types bgp is driven by mes...
Page 232
3com switch 8800 configuration guide chapter 21 bgp configuration 21-3 z a bgp speaker does not advertise the routes obtained from ibgp to its ibgp peers. Z a bgp speaker advertises the routes obtained from ibgp to its ibgp peers (in the switch 8800, bgp and igp are asynchronous.) z once the connect...
Page 233
3com switch 8800 configuration guide chapter 21 bgp configuration 21-4 z mp_reach_nlri: multiprotocol reachable nlri, used to advertise reachable routes and the next hop information. Z mp_unreach_nlri: multiprotocol unreachable nlri, used to delete unreachable routes. These two attributes are option...
Page 234
3com switch 8800 configuration guide chapter 21 bgp configuration 21-5 z configuring application features of a bgp peer (group) z configuring route filtering of a peer (group) 3) bgp route configuration z configuring network routes for bgp distribution z configuring the interaction between bgp and i...
Page 235
3com switch 8800 configuration guide chapter 21 bgp configuration 21-6 perform the following configurations in bgp view. I. Creating a peer group a bgp peer must belong to a peer group. Before configuring a bgp peer, a peer group to which the peer belongs must be created first. Table 21-2 create a p...
Page 236
3com switch 8800 configuration guide chapter 21 bgp configuration 21-7 delete a peer undo peer peer-address if you want to add a peer to an ibgp peer group, this command cannot specify as numbers. When a peer is added to an ebgp peer group and the peer group is defined with an as number, all its mem...
Page 237
3com switch 8800 configuration guide chapter 21 bgp configuration 21-8 higher than the timer command that is used to configure timers for the whole bgp peers. Perform the following configuration in bgp view. Table 21-7 configure timer of a peer (group) operation command configure keep-alive message ...
Page 238
3com switch 8800 configuration guide chapter 21 bgp configuration 21-9 table 21-9 configure to permit connections with ebgp peer groups on indirectly connected networks operation command configure to permit connections with ebgp peer groups on indirectly connected networks peer group-name ebgp-max-h...
Page 239
3com switch 8800 configuration guide chapter 21 bgp configuration 21-10 after you use the peer default-route-advertise command, the local router will send a default route with the next hop as itself to the peer unconditionally, even if there is no default route in bgp routing table. Iv. Configuring ...
Page 240
3com switch 8800 configuration guide chapter 21 bgp configuration 21-11 table 21-14 configure to send the community attributes to a peer group operation command configure to send the community attributes to a peer group peer group-name advertise-community configure not to send the community attribut...
Page 241
3com switch 8800 configuration guide chapter 21 bgp configuration 21-12 ix. Configuring bgp md5 authentification password bgp uses tcp as its transport layer. For the sake of high security, you can configure md5 authentication password when setting up a tcp connection. In other words, bgp md5 authen...
Page 242
3com switch 8800 configuration guide chapter 21 bgp configuration 21-13 operation command configure the egress route policy for a peer group peer group-name route-policy route-policy-name export remove the egress route policy of a peer group undo peer group-name route-policy route-policy-name export...
Page 243
3com switch 8800 configuration guide chapter 21 bgp configuration 21-14 iv. Configuring route filtering policy based on address prefix list for a peer (group) table 21-21 configure route filtering policy based on address prefix list for a peer (group) operation command configure the ingress route fi...
Page 244
3com switch 8800 configuration guide chapter 21 bgp configuration 21-15 table 21-23 import igp routing information operation command configure bgp to import routes of igp protocol import-route protocol [process-id ] [ med med] [ route-policy route-policy-name ] configure bgp not to import routes of ...
Page 245
3com switch 8800 configuration guide chapter 21 bgp configuration 21-16 table 21-25 configure bgp route summarization operation command configure the summary automatic function of the subnet routes summary cancel the summary automatic function of the subnet routes undo summary configure local route ...
Page 246
3com switch 8800 configuration guide chapter 21 bgp configuration 21-17 ii. Configuring to filter the routes advertised by the bgp perform the following configuration in the bgp view. Table 21-27 configure to filter the routes advertised by the bgp operation command configure to filter the routes ad...
Page 247
3com switch 8800 configuration guide chapter 21 bgp configuration 21-18 suppressed. With time going, the penalty value will decrease according to power function, and when it decreases to certain specific threshold, the route suppression will be eliminated and the route will be re-advertised. Perform...
Page 248
3com switch 8800 configuration guide chapter 21 bgp configuration 21-19 the ebgp-value, ibgp-value and local-value arguments are in the range of 1 to 256. By default, the first two is 256 and the last one is 130. 21.2.11 configuring bgp timer after you established bgp connections between routers, a ...
Page 249
3com switch 8800 configuration guide chapter 21 bgp configuration 21-20 by default, the local preference is 100. 21.2.13 configuring med for as multi-exit discriminators (med) attribute is the external metric for a route. As uses the local preference to select the route to the outside, and uses the ...
Page 250
3com switch 8800 configuration guide chapter 21 bgp configuration 21-21 21.2.15 configuring bgp route reflector to ensure the interconnection between ibgp peers, it is necessary to establish a fully connected network. If there are many ibgp peers, large overhead is needed to establish a fully connec...
Page 251
3com switch 8800 configuration guide chapter 21 bgp configuration 21-22 by default, the route reflection between clients is allowed. If the clients are fully connected, for the purpose of overhead reduction, it is recommended to use the undo reflect between-clients command to disable the route refle...
Page 252
3com switch 8800 configuration guide chapter 21 bgp configuration 21-23 table 21-37 configure confederation_id operation command configure confederation_id confederation id as-number cancel confederation_id undo confederation id by default, the confederation_id is not configured. The configured conf...
Page 253
3com switch 8800 configuration guide chapter 21 bgp configuration 21-24 by default, the configured confederation is consistent with rfc1965. 21.2.17 clearing bgp connection after the user changes bgp policy or protocol configuration, they must cut off the current connection so as to enable the new c...
Page 254
3com switch 8800 configuration guide chapter 21 bgp configuration 21-25 table 21-42 display and debug bgp operation command display the routing information in bgp routing table display bgp routing-table [ ip-address [ mask ] ] display filtered as path information in the bgp display ip as-path-acl ac...
Page 256
3com switch 8800 configuration guide chapter 21 bgp configuration 21-27 ii. Network diagram as200 as100 as1002 as1001 as1003 ethernet 172.68.10.1 172.68.10.2 172.68.10.3 172.68.1.2 172.68.1.1 156.10.1.1 156.10.1.2 switch a switch b switch c switch d switch e figure 21-2 network diagram for as confed...
Page 257
3com switch 8800 configuration guide chapter 21 bgp configuration 21-28 configure switch c: [switch c] bgp 1003 [switch c-bgp] confederation id 100 [switch c-bgp] confederation peer-as 1001 1002 [switch c-bgp] group confed1001 external [switch c-bgp] peer confed1001 as-number 1001 [switch c-bgp] gro...
Page 258
3com switch 8800 configuration guide chapter 21 bgp configuration 21-29 [switch a-vlan-interface100] quit [switch a] bgp 100 [switch a-bgp] network 1.0.0.0 255.0.0.0 [switch a-bgp] group ex external [switch a-bgp] peer 192.1.1.2 group ex as-number 200 2) configure switch b: configure vlan 2: [switch...
Page 259
3com switch 8800 configuration guide chapter 21 bgp configuration 21-30 using the display bgp routing-table command, you can view bgp routing table on switch b. Note: switch b has known the existence of network 1.0.0.0. Using the display bgp routing-table command ,you can view the bgp routing table ...
Page 260
3com switch 8800 configuration guide chapter 21 bgp configuration 21-31 [switch a-bgp] group ex193 external [switch a-bgp] peer 193.1.1.2 group ex193 as-number 200 [switch a-bgp] quit configure the med attribute of switch a z add acl on switch a, enable network 1.0.0.0. [switch a] acl number 2000 [s...
Page 261
3com switch 8800 configuration guide chapter 21 bgp configuration 21-32 [switch c-vlan-interface3] ip address 193.1.1.2 255.255.255.0 [switch c] interface vlan-interface 5 [switch c-vlan-interface5] ip address 195.1.1.2 255.255.255.0 [switch c] ospf [switch c-ospf-1] area 0 [switch c-ospf-1-area-0.0...
Page 262
3com switch 8800 configuration guide chapter 21 bgp configuration 21-33 z define the route policy with the name of localpref, of those, the local preference matching acl 2000 is set as 200, and that of not matching is set as 100. [switch c] route-policy localpref permit node 10 [switch c-route-polic...
Page 263
3com switch 8800 configuration guide chapter 21 bgp configuration 21-34 covering large network segment cannot be imported. For example, route 10.1.1.0/24 can be imported, while 10.0.0.0/8 may cause error..
Page 264
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-1 chapter 22 ip routing policy configuration 22.1 introduction to ip routing policy when a router advertises or receives routing information, it possibly needs to implement some policies to filter the routing informat...
Page 265
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-2 ii. Ip-prefix the function of the ip-prefix is similar to that of the acl, but it is more flexible and easy for the users to understand. When the ip-prefix is applied to the routing information filtering, its matchi...
Page 266
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-3 configuring ip-prefix z configuring the as path list z configuring a community attribute list note: for the configuration of acl, refer to the qos/acl operation part of this manual. 2) applications of routing polici...
Page 267
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-4 satisfies all the if-match clauses of the node, it will be denied by the node and will not take the test of the next node. If not, however, the route will take the test of the next node. The nodes have the “or” rela...
Page 268
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-5 operation command cancel the matched next-hop of the routing information set by acl undo if-match ip next-hop cancel the matched next-hop of the routing information set by address prefix list undo if-match ip next-h...
Page 269
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-6 operation command set the next-hop address of the routing information apply ip next-hop ip-address cancel the next-hop address of the routing information undo apply ip next-hop import the route to is-is level-1, lev...
Page 270
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-7 22.2.2 configuring ip-prefix z a prefix-list is identified by an ip-prefix-name. Each ip prefix-list may include multiple entries each specifying an ip prefix matching range. Ip prefix entries are identified by inde...
Page 271
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-8 22.2.4 configuring a community attribute list in bgp, community attribute is optional and transitive. Some community attributes known globally are called standard community attributes. Some community attributes are ...
Page 272
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-9 operation command cancel the setting for importing routes of other protocols undo import-route protocol by default, the routes discovered by other protocols will not be advertised. Note: in different routing protoco...
Page 274
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-11 22.4 typical ip routing policy configuration example 22.4.1 configuring to filter the received routing information i. Network requirements z switch a communicates with switch b, running ospf protocol. The router id...
Page 275
3com switch 8800 configuration guide chapter 22 ip routing policy configuration 22-12 2) configure switch b: configure the ip address of vlan interface. [switch b] interface vlan-interface 100 [switch b-vlan-interface100] ip address 10.0.0.2 255.0.0.0 configure the access control list. [switch b] ac...
Page 276
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-1 chapter 23 ip multicast overview note: an ethernet switch functions as a router when it runs ip multicast protocol. A router that is referred to in the following represents a generalized router or a layer 3 ethernet switch ru...
Page 277
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-2 over the network if there is a large number of users in need of this infomration. As the bandwidth would turn short, the unicast mode is incapable of massive transmission. Ii. Data transmission in broadcast mode in broadcast ...
Page 278
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-3 server multicast user a user b user d user e user c server multicast user a user b user d user e user c figure 23-3 data transmission in multicast mode suppose the users b, d, and e need the information, they need to be organ...
Page 279
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-4 z occasional communication for training and cooperation z data storage and finance (stock) operation z point-to-multipoint data distribution with the increasing popularity of multimedia services over ip network, multicast is ...
Page 280
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-5 table 23-1 ranges and meanings of class d addresses class d address range description 224.0.0.0 ∼224.0.0.255 reserved multicast addresses (addresses of permanent groups). All but 224.0.0.0 can be allocated by routing protocol...
Page 281
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-6 class d address range description …… …… ii. Ethernet multicast mac addresses when a unicast ip packet is transmitted on the ethernet, the destination mac address is the mac address of the receiver. However, for a multicast pa...
Page 282
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-7 server multicast user d user e user c igmp igmp user a user b igmp mbgp/msdp pim pim as1 as2 figure 23-5 application positions of multicast-related protocols i. Multicast group management protocol multicast groups use interne...
Page 283
3com switch 8800 configuration guide chapter 23 ip multicast overview 23-8 uses the source address of a received multicast packet to query the unicast routing table or the independent multicast routing table to determine that the receiving interface is on the shortest path from the receiving station...
Page 284
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-1 chapter 24 igmp snooping configuration 24.1 igmp snooping overview 24.1.1 igmp snooping principle igmp snooping (internet group management protocol snooping) is a multicast control mechanism running on the layer 2 ether...
Page 285
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-2 internet / intranet video stream vod server layer 2 ethernet switch video stream multicast group member non-multicast group member multicast router video stream video stream video stream non-multicast group member figur...
Page 286
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-3 ii. Implement layer 2 multicast with igmp snooping the ethernet switch runs igmp snooping to listen to the igmp messages and map the host and its ports to the corresponding multicast group address. To implement igmp sno...
Page 287
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-4 forwarding table, and meanwhile creates an ip multicast group and adds the port received the report message to it. If the corresponding mac multicast group exists but does not contains the port received the report messa...
Page 289
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-6 table 24-3 configuring the maximum response time operation command configure the maximum response time igmp-snooping max-response-time seconds restore the default setting undo igmp-snooping max-response-time by default,...
Page 290
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-7 caution: if igmp snooping is not enabled on the vlan (nor layer 3 multicast), unknown multicast packets are broadcasted within the vlan no matter whether this function is enabled or not. That is, to make unknown multica...
Page 291
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-8 to implement igmp snooping on the switch, you need to enable igmp snooping on the switch first. The switch is connected with the router via the router port, and connected with user pc through the non-router ports. Ii. N...
Page 292
3com switch 8800 configuration guide chapter 24 igmp snooping configuration 24-9 z if igmp snooping is not enabled, input the igmp-snooping enable command in system view to enable igmp snooping. Then, use the same command in vlan view to enable igmp snooping in the corresponding vlan. 2) multicast f...
Page 293
3com switch 8800 configuration guide chapter 25 multicast vlan configuration 25-1 chapter 25 multicast vlan configuration 25.1 multicast vlan overview based on the current multicast on demand, when users in different vlans request the service, multicast flow is duplicated in each vlan and a great de...
Page 294
3com switch 8800 configuration guide chapter 25 multicast vlan configuration 25-2 item command description add ports to corresponding vlans port hybrid vlan vlan_id_list untagged required to cancel the configurations, use the corresponding undo commands. Note: z a port can only belong to one multica...
Page 295
3com switch 8800 configuration guide chapter 25 multicast vlan configuration 25-3 ii. Network diagram pc 2 pc 2 pc 2 pc 2 pc 1 pc 1 pc 1 pc 1 sw itch a pc 2 pc 2 pc 2 pc 1 pc 1 pc 1 pc 1 sw itch a workstation workstation sw itch b pc 2 pc 2 pc 2 pc 2 pc 1 pc 1 pc 1 pc 1 sw itch a pc 2 pc 2 pc 2 pc 1...
Page 296
3com switch 8800 configuration guide chapter 25 multicast vlan configuration 25-4 2) configure switch b enable igmp snooping. System-view [switch b] igmp-snooping enable enable igmp-snooping on vlan 2 and vlan 3. [switch b] vlan 2 [switch b-vlan 2] igmp-snooping enable [switch b-vlan 2]quit [switch ...
Page 297
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-1 chapter 26 common multicast configuration 26.1 introduction to common multicast configuration the multicast common configuration is for both the multicast group management protocol and the multicast routing protocol....
Page 298
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-2 26.2.2 configuring multicast route number limit because too many multicast routes may exhaust the router memory, you need to limit the number of multicast routes. Perform the following configuration in system view. T...
Page 299
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-3 26.3 controlled multicast configuration 26.3.1 controlled multicast overview the controlled multicast feature controls user’s authority to join multicast groups. This feature is based on ports: users must first pass ...
Page 300
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-4 caution: in local user view, before executing this command, you must configure user service type to lan-access, which is the only one supported by controlled multicast at present. 26.3.3 controlled multicast configur...
Page 301
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-5 [sw8800-gigabitethernet2/1/1] dot1x [sw8800-gigabitethernet2/1/2] dot1x configure the authentication mode on the controlled ports to port-based mode. [sw8800-gigabitethernet2/1/1] dot1x –method portbased [sw8800-giga...
Page 302
3com switch 8800 configuration guide chapter 26 common multicast configuration 26-6 operation command enable multicast kernel routing debugging debugging multicast kernel-routing disable multicast kernel routing debugging undo debugging multicast kernel-routing the multicast routing tables can be la...
Page 303
3com switch 8800 configuration guide chapter 27 igmp configuration 27-1 chapter 27 igmp configuration 27.1 igmp overview 27.1.1 introduction to igmp internet group management protocol (igmp) is a protocol in the tcp/ip suite responsible for management of ip multicast members. It is used to establish...
Page 304
3com switch 8800 configuration guide chapter 27 igmp configuration 27-2 address is elected as the querier when there are multiple multicast routers on the same network segment. Ii. Leaving group mechanism in igmp version 1, hosts leave the multicast group quietly without informing the multicast rout...
Page 305
3com switch 8800 configuration guide chapter 27 igmp configuration 27-3 27.2.1 enabling multicast only if the multicast function is enabled can the multicast-related configurations take effect. Refer to chapter 26 common multicast configuration. 27.2.2 enabling igmp on an interface this configuratio...
Page 306
3com switch 8800 configuration guide chapter 27 igmp configuration 27-4 27.2.4 configuring the interval to send igmp query message multicast routers send igmp query messages to discover which multicast groups are present on attached networks. Multicast routers send query messages periodically to ref...
Page 307
3com switch 8800 configuration guide chapter 27 igmp configuration 27-5 i. Configuring interval for querying igmp packets table 27-4 configuring interval for querying igmp packets operation command configure interval for querying igmp packets igmp lastmember-queryinterval seconds restore te default ...
Page 308
3com switch 8800 configuration guide chapter 27 igmp configuration 27-6 maximum response time. When any timer becomes 0, the host will send the membership report message of the multicast group. Setting the maximum response time reasonably can enable the host to respond to query messages quickly. In ...
Page 309
3com switch 8800 configuration guide chapter 27 igmp configuration 27-7 configuring one interface of the router as multicast member can avoid such problem. When the interface receives igmp query packet, the router will respond, thus ensuring that the network segment where the interface located can n...
Page 311
3com switch 8800 configuration guide chapter 27 igmp configuration 27-9 27.3 displaying and debugging igmp after the above configuration, execute display command in any view to display the running of igmp configuration, and to verify the effect of the configuration. Execute debugging command in corr...
Page 312
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-1 chapter 28 pim-dm configuration 28.1 pim-dm overview 28.1.1 introduction to pim-dm pim-dm (protocol independent multicast, dense mode) belongs to dense mode multicast routing protocols. Pim-dm is suitable for small networks. M...
Page 313
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-2 during this process, pim-dm uses the rpf check and the existing unicast routing table to build a multicast forwarding tree rooted at the data source. When a packet arrives, the router will first judge the correctness of the pa...
Page 314
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-3 iv. Graft when the pruned downstream node needs to be restored to the forwarding state, the node will send a graft packet to inform the upstream node. 28.2 pim-dm configuration 1) pim-dm basic configuration includes: z enablin...
Page 315
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-4 28.2.3 configuring the time intervals for ports to send hello packets when protocol independent multicast (pim) protocol is enabled for a port, the port sends hello packets periodically. The time intervals to send hello packet...
Page 316
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-5 28.2.5 configuring the filtering of multicast source/group you can set to filter the source (and group) address of multicast data packets via this command. When this feature is configured, the router filters not only multicast...
Page 317
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-6 table 28-6 configuring the maximum number of pim neighbor on an interface operation command configure the maximum number of pim neighbor on an interface pim neighbor-limit limit restore the limit of pin neighbor to the default...
Page 319
3com switch 8800 configuration guide chapter 28 pim-dm configuration 28-8 lanswitch3 lanswitch1 receiver 1 lanswitch2 vl an10 vl an11 vl an12 multicast source receiver 2 vl an20 vl an30 receiver 1 multicast source lanswitch3 lanswitch1 receiver 1 lanswitch2 vl an10 vl an11 vl an12 multicast source r...
Page 320
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-1 chapter 29 pim-sm configuration 29.1 pim-sm overview 29.1.1 introduction to pim-sm pim-sm (protocol independent multicast, sparse mode) belongs to sparse mode multicast routing protocols. Pim-sm is mainly applicable to large-s...
Page 321
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-2 i. Build the rp shared tree (rpt) when hosts join a multicast group g, the leaf routers that directly connect with the hosts send igmp messages to learn the receivers of multicast group g. In this way, the leaf routers calcula...
Page 322
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-3 it should be noted that one rp can serve multiple multicast groups or all multicast groups. Each multicast group can only be uniquely correspondent to one rp at a time rather than multiple rps. Ii. Configuring bsrs the bsr is ...
Page 323
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-4 it should be noted that at least one router in an entire pim-sm domain should be configured with candidate-rps and candidate-bsrs. 29.2.1 enabling multicast refer to chapter 26 common multicast configuration. 29.2.2 enabling p...
Page 324
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-5 at first, each candidate bsr considers itself as the bsr of the pim-sm domain, and sends bootstrap message by taking the ip address of the interface as the bsr address. When receiving bootstrap messages from other routers, the...
Page 326
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-7 by default, no domain border is set. After this configuration is performed, a bootstrap message can not cross the border but other pim packets can. This configuration can effectively divide a network into domains using differe...
Page 327
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-8 perform the following configuration in pim view. Table 29-7 limiting the range of legal bsr operation command set the limit legal bsr range bsr-policy acl-number restore to the default setting undo bsr-policy for detailed info...
Page 328
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-9 table 29-9 displaying and debugging pim-sm operation command display the bsr information display pim bsr-info display the rp information display pim rp-info [ group-address ] enable the pim-sm debugging debugging pim sm { all ...
Page 329
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-10 ii. Networking diagram lsd ls_b ls_c ls_a host a host b vlan11 vlan12 vlan10 vlan10 vlan11 vlan12 vlan12 vlan10 vlan11 lsd ls_b ls_c ls_a host a host b vlan11 vlan12 vlan10 vlan10 vlan11 vlan12 vlan12 vlan10 vlan11 figure 29-...
Page 330
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-11 [sw8800-vlan-interface12] quit 2) configure ls_b enable pim-sm. [sw8800] multicast routing-enable [sw8800] vlan 10 [sw8800-vlan10] port ethernet 2/1/2 to ethernet 2/1/3 [sw8800-vlan10] quit [sw8800] interface vlan-interface 1...
Page 331
3com switch 8800 configuration guide chapter 29 pim-sm configuration 29-12 enable pim-sm. [sw8800] multicast routing-enable [sw8800] vlan 10 [sw8800-vlan10] port ethernet 2/1/2 to ethernet 2/1/3 [sw8800-vlan10] quit [sw8800] interface vlan-interface 10 [sw8800-vlan-interface10] igmp enable [sw8800-v...
Page 332
3com switch 8800 configuration guide chapter 30 msdp configuration 30-1 chapter 30 msdp configuration 30.1 msdp overview 30.1.1 introduction multicast source discovery protocol (msdp) is used to discover multicast source information in other pim-sm domains. No isp would like to forward multicast tra...
Page 333
3com switch 8800 configuration guide chapter 30 msdp configuration 30-2 30.1.2 working principle i. Indentifying multicast source and receiving multicast data as shown in figure 30-1, the rps of pim-sm domains 1, 2 and 3 establish peer relationship between them. Domain 3 contains a group member. Sou...
Page 334
3com switch 8800 configuration guide chapter 30 msdp configuration 30-3 this case, the last hop router connected with the group member in domain 3 can choose whether to switch to spt. Ii. Message forwarding and rpf check between msdp peers as shown in figure 30-2 msdp working principles (ii), switch...
Page 335
3com switch 8800 configuration guide chapter 30 msdp configuration 30-4 case when the message is from switch e to switch f, it is received and forwarded to other peers. 6) if the sa message is sent from a msdp peer in a different domain which is the next autonomous domain along the optimal path to t...
Page 336
3com switch 8800 configuration guide chapter 30 msdp configuration 30-5 30.2.2 configuring msdp peers to run msdp, you need to configure msdp peers locally. Please perform the following configurations in msdp view. Table 30-2 configuring msdp peers operation command configure msdp peers peer peer-ad...
Page 337
3com switch 8800 configuration guide chapter 30 msdp configuration 30-6 rp-policy parameter are configured, any peer that receives an sa message will forward it to the other peers. Z not using the rp-policy parameter universally: according to the configuration sequence, only the first static rpf pee...
Page 338
3com switch 8800 configuration guide chapter 30 msdp configuration 30-7 30.2.6 configuring the maximum number of sa caching to prevent dos (deny of service) attacks, you can set the maximum number of sas cached on the router. Perform the following configuration in msdp view. Table 30-6 configuring t...
Page 339
3com switch 8800 configuration guide chapter 30 msdp configuration 30-8 qualified (s, g) entries in the multicast routing table when creating sa messages, that is, to control the (s,g) entries imported from the multicast routing table to the domain. Please perform the following configurations in msd...
Page 340
3com switch 8800 configuration guide chapter 30 msdp configuration 30-9 i. Using msdp outbound filter msdp outbound filter of are functional in: z filtering off all the (s, g) entries z forwarding only the sa messages permitted by the advanced acl please perform the following configurations in msdp ...
Page 341
3com switch 8800 configuration guide chapter 30 msdp configuration 30-10 table 30-12 controlling the received source information operation command filter off the sa messages from a specified msdp peer peer peer-address sa-policy import receive the sa messages permitted by the advanced acl from a spe...
Page 342
3com switch 8800 configuration guide chapter 30 msdp configuration 30-11 table 30-14 configuring the msdp connection retry period operation command configuring the msdp connection retry period timer retry seconds restore the default value of msdp connection retry interval undo timer retry by default...
Page 343
3com switch 8800 configuration guide chapter 30 msdp configuration 30-12 30.3 displaying and debugging msdp i. Displaying and debugging msdp after the above configuration, execute display commands in any view to display the running information of msdp and to verify the effect of the configuration. E...
Page 344
3com switch 8800 configuration guide chapter 30 msdp configuration 30-13 30.4 msdp configuration examples 30.4.1 configuring static rpf peers i. Networking requirements in the following networking environment, four switch 8800s all are in the pim-sm domains with no bgp or mbgp running among them (no...
Page 345
3com switch 8800 configuration guide chapter 30 msdp configuration 30-14 [switchd-msdp] static-rpf-peer 10.10.1.1 rp-policy list-a configure switch b to be a static rpf peer of switch d. [switchd] ip ip-prefix list-b permit 10.21.0.0 16 [switchd] msdp [switchd-msdp] peer 10.21.1.1 connect-interface ...
Page 346
3com switch 8800 configuration guide chapter 30 msdp configuration 30-15 ii. Networking diagram src a switche loopback0 10.10.1.1 loopback10 10.1.1.1 vlan-interface20 10.10.3.1/24 loopback10: anycast rp address 10.1.1.1 loopback0: msdp peer address & originating-rp switchb switchd switcha src b swit...
Page 347
3com switch 8800 configuration guide chapter 30 msdp configuration 30-16 [switchb-loopback10] igmp enable [switchb-loopback10] pim sm [switchb-loopback10] quit configure the ip address of vlan-interface10 and enable igmp and pim-sm. [switchb] interface vlan-interface10 [switchb-vlan-interface10] ip ...
Page 348
3com switch 8800 configuration guide chapter 30 msdp configuration 30-17 [switcha] vlan 10 [switcha-vlan10] port ethernet1/1/2 [switcha-vlan10] quit [switcha] vlan 20 [switcha-vlan20] port ethernet1/1/3 [switcha-vlan20] quit enable multicast. [switcha] multicast routing-enable configure the ip addre...
Page 349
3com switch 8800 configuration guide chapter 30 msdp configuration 30-18 [switcha-ospf-1] quit configure switch b as its msdp peer. [switcha] msdp [switcha-msdp] peer 10.10.1.1 connect-interface loopback 0 configure originating rp. [switcha-msdp] originating-rp loopback0 [switcha-msdp] quit configur...
Page 350
3com switch 8800 configuration guide chapter 30 msdp configuration 30-19 ii. Networking diagram src a vlan-interface30 vlan-interface20 vlan-interface10 pim-sm domain 4 loopback10 10.1.1.1 loopback0 10.25.1.1 loopback0 10.25.1.2 ethernet: 10.25.2.0 loopback0 10.26.1.1 loopback0 10.28.1.1 loopback0 1...
Page 351
3com switch 8800 configuration guide chapter 30 msdp configuration 30-20 enable multicast. [switcha] multicast routing-enable configure the ip address of interface loopback0 and enable pim-sm. [switcha] interface loopback0 [switcha-loopback0] ip address 10.25.1.1 255.255.255.255 [switcha-loopback0] ...
Page 352
3com switch 8800 configuration guide chapter 30 msdp configuration 30-21 [switcha-bgp] peer 10.27.1.2 group in [switcha-bgp] peer in connect-interface loopback0 [switcha-bgp] ipv4-family multicast [switcha-bgp-af-mul] peer in enable [switcha-bgp-af-mul] peer 10.26.1.2 group in [switcha-bgp-af-mul] p...
Page 353
3com switch 8800 configuration guide chapter 30 msdp configuration 30-22 [switche] multicast routing-enable configure the ip address of interface loopback0 and enable pim-sm. [switche] interface loopback0 [switche-loopback0] ip address 10.26.1.2 255.255.255.255 [switche-loopback0] pim sm [switche-lo...
Page 354
3com switch 8800 configuration guide chapter 30 msdp configuration 30-23 [switche-bgp] ipv4-family multicast [switche-bgp-af-mul] peer in enable [switche-bgp-af-mul] peer 10.25.1.1 group in [switche-bgp-af-mul] peer 10.27.1.2 group in [switche-bgp-af-mul] peer in next-hop-local [switche-bgp-af-mul] ...
Page 355: Configuration
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-1 chapter 31 mbgp multicast extension configuration 31.1 mbgp multicast extension overview 31.1.1 introduction at present, the most widely used inter-domain unicast routing protocol is bgp-4. Because the multic...
Page 356
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-2 i. Mp_reach_nlri attribute mp_reach_nlri is an optional non-transitive attribute, and can be used to: z send the routing information of a new reachable protocol. Z send the next hop information about the new ...
Page 357
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-3 31.2 mbgp multicast extension configuration basic configuration tasks of mbgp multicast extension include: z enable mbgp multicast extension protocol z specify the network routes notified by the mbgp multicas...
Page 358
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-4 table 31-1 enabling mbgp multicast extension protocol operation command enter the mbgp multicast address family view ipv4-family multicast remove the mbgp multicast address family view undo ipv4-family multic...
Page 359
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-5 31.2.5 configuring local preference different local preference can be configured as a reference of the mbgp route selection. When an mbgp router gets routes with the same destination but different next hops t...
Page 360
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-6 ii. Enabling a peer (group) please perform the following configurations in ipv4 multicast sub-address family view. Table 31-3 enabling a peer (group) operation command enable the specified peer (group) peer g...
Page 361
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-7 by default, there is no route reflector in an as. It is generally unnecessary to configure this command for a peer group. This command is reserved for the occasional compatibility with the network equipments ...
Page 363
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-9 operation command remove outgoing policy cnfiguration undo peer group-name ip-prefix prefixname export by default, a peer (group) does not perform route filtering based on the prefix list. 31.2.8 configuring ...
Page 364
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-10 31.2.10 configure mbgp community attributes within the mbgp, a community is a set of destinations with some characteriestics in common. A community is not limited to a network or an as has no physical bounda...
Page 365
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-11 31.2.14 resetting bgp connections after changing the mbgp policy or protocol configuration, users must disconnect the present bgp connection to make the new configuration effective. For details, refer to “bg...
Page 366
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-12 31.4 mbgp multicast extension configuration example i. Networking requirement this example describes how the administrator uses the mbgp attributes to manage route selection. All switches are configured with...
Page 367
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-13 [switcha-bgp-af-mul] network 1.0.0.0 [switcha-bgp-af-mul] network 2.0.0.0 [switcha-bgp-af-mul] quit configure peers relationship. [switcha-bgp] bgp 100 [switcha-bgp] group a1 external [switcha-bgp] peer 192....
Page 368
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-14 [switchb-vlan40] quit [switchb] interface vlan-interface 40 [switchb-vlan-interface40] ip address 194.1.1.2 255.255.255.0 [switchb-vlan-interface40] quit [switchb] ospf [switchb-ospf-1] area 0 [switchb-ospf-...
Page 369
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-15 [switchc-bgp] group c2 internal [switchc-bgp] peer 194.1.1.2 group c2 [switchc-bgp] peer 195.1.1.1 group c2 [switchc-bgp] ipv4-family multicast [switchc-bgp-af-mul] peer c1 enable [switchc-bgp-af-mul] peer c...
Page 370
3com switch 8800 configuration guide chapter 31 mbgp multicast extension configuration 31-16 [switchd-ospf-1-area-0.0.0.0] quit [switchd-ospf-1] quit [switchd] bgp 200 [switchd-bgp] undo synchronization [switchd-bgp] group d1 internal [switchd-bgp] peer 194.1.1.2 group d1 [switchd-bgp] peer 195.1.1....
Page 371
3com switch 8800 configuration guide chapter 32 acl configuration 32-1 chapter 32 acl configuration 32.1 acl overview 32.1.1 introduction to acl a series match rules must be configured to recognize the packets before they are filtered. Only when packets are identified, can the network take correspon...
Page 372
3com switch 8800 configuration guide chapter 32 acl configuration 32-2 note: depth first principle means putting the statement with smaller packet range in the front. You can know the packet range by comparing ip address wildcards: the smaller the wildcard is, the smaller host range is. For example,...
Page 373
3com switch 8800 configuration guide chapter 32 acl configuration 32-3 table 32-1 requirements for defining acls item number range maximum number number-based basic acl 2000 to 2999 1000 number-based advanced acl 3000 to 3999 1000 number-based l2 acl 4000 to 4999 1000 number-based user acl 5000 to 5...
Page 374
3com switch 8800 configuration guide chapter 32 acl configuration 32-4 table 32-3 acl configuration tasks no. Item command description 1 enter the system view system-view — 2 configure the time range [sw8800] time-range optional 3 define a flow template [sw8800] flow-template user-defined slot sloti...
Page 375
3com switch 8800 configuration guide chapter 32 acl configuration 32-5 start-timeandend-time days-of-the-week define period time range together. Start-time start-date and end-time end-date define absolute time range together. If a time range only defines the period time range, the time range is only...
Page 376
3com switch 8800 configuration guide chapter 32 acl configuration 32-6 table 32-6 length of template elements name description length in template cos 802.1p priority 1 byte dip destination ip field in ip packet header 4 bytes dmac destination mac field in ethernet packet header 6 bytes dport destina...
Page 377
3com switch 8800 configuration guide chapter 32 acl configuration 32-7 the fragment-flags field is 0 in length in flow template, so it can be ignored in calculating the total length of template elements. You can either use the default template or define a flow template based on your needs. Note: def...
Page 378
3com switch 8800 configuration guide chapter 32 acl configuration 32-8 note: z if the time-range keyword is not selected, the acl will be effective at any time after being activated. Z you can define multiple rules for the acl by using the rule command several times. Z if the acl is sent directly to...
Page 380
3com switch 8800 configuration guide chapter 32 acl configuration 32-10 32.2.4 activating acl after defining an acl, you must activate it. This configuration activates those acls to filter or classify the packets forwarded by hardware. For interface cards, perform the following configurations in eth...
Page 382
3com switch 8800 configuration guide chapter 32 acl configuration 32-12 iii. Configuration procedure note: only the commands concerning acl configuration are listed here. 1) define the time range. Define the time range from 8:00 to 18:00. [sw8800] time-range 3com 8:00 to 18:00 working-day 2) define ...
Page 383
3com switch 8800 configuration guide chapter 32 acl configuration 32-13 note: only the commands concerning acl configuration are listed here. 1) define the time range. Define the time range from 8:00 to 18:00. [sw8800] time-range 3com 8:00 to 18:00 daily 2) define the traffic with source ip 10.1.1.1...
Page 384
3com switch 8800 configuration guide chapter 32 acl configuration 32-14 1) define the time range. Define the time range from 8:00 to 18:00. [sw8800] time-range 3com 8:00 to 18:00 daily 2) define a user-defined flow template [sw8800] flow-template user-defined slot 3 ethernet-protocol smac 0-0-0 dmac...
Page 385
3com switch 8800 configuration guide chapter 33 qos configuration 33-1 chapter 33 qos configuration 33.1 qos overview conventional packet network treats all packets equally. Each switch/router processes all packets in first-in-first-out (fifo) mode and then transfers them to the destination in the b...
Page 386
3com switch 8800 configuration guide chapter 33 qos configuration 33-2 there are two key steps in packet filtering: step 1: classify the traffic at the port according to a specific rule. Step 2: run filtering operation (deny or permit) to the identified traffic. By default, deny operation is selecte...
Page 387
3com switch 8800 configuration guide chapter 33 qos configuration 33-3 figure 33-2 ethernet frame with 802.1q tag header in the above figure, each host supporting 802.1q protocol adds a 4-byte 802.1q tag header after the source address in ethernet header. The 802.1q tag header contains a 2-byte tpid...
Page 388
3com switch 8800 configuration guide chapter 33 qos configuration 33-4 packets sent via this interface high priority low priority classify packets sent sending queue dequeue queue 7 queue 6 queue 5 queue 4 queue 3 queue 2 queue 1 queue 0 figure 33-4 priority queues sp algorithm is designed for key s...
Page 389
3com switch 8800 configuration guide chapter 33 qos configuration 33-5 another merit for wrr algorithm: though the queues are scheduled by turn, they are not configured with fixed time quantum. If a queue has no packets, the system immediately schedules the next queue. Then bandwidth resources can b...
Page 390
3com switch 8800 configuration guide chapter 33 qos configuration 33-6 item command description apply flow template flow-template user-defined optional. Refer to section 32.2.2 “defining and applying flow template”. Activate acl packet-filter inbound optional. Refer to section 32.2.4 “activating acl...
Page 391
3com switch 8800 configuration guide chapter 33 qos configuration 33-7 item command description display qos configuration display you can execute the display command in any view to check the qos configuration. Refer to section 33.3.11 “displaying and debugging qos configuration”. For the common inte...
Page 392
3com switch 8800 configuration guide chapter 33 qos configuration 33-8 ii. Network diagram ge7/1/8 ge7/1/1 ge7/1/2 vlan2, 1.0.0.1/8 pc1 ge7/1/8 ge7/1/1 ge7/1/2 vlan2, 1.0.0.1/8 pc1 vlan3, 2.0.0.1/8 pc2 vlan3, 2.0.0.1/8 pc2 3.0.0.1/8 pc3 ge7/1/8 ge7/1/1 ge7/1/2 vlan2, 1.0.0.1/8 pc1 ge7/1/8 ge7/1/1 ge...
Page 393
3com switch 8800 configuration guide chapter 33 qos configuration 33-9 z configuring traffic shaping z configuring traffic priority z configuring traffic redirection z configuring queue scheduling z configuring traffic mirroring z configuring port mirroring z configuring traffic statistics before in...
Page 394
3com switch 8800 configuration guide chapter 33 qos configuration 33-10 after receiving a packet, the switch allocates a set of service parameters to it according to a specific rule. The switch first gets its local precedence and drop precedence according to the packet 802.1p priority value, by sear...
Page 395
3com switch 8800 configuration guide chapter 33 qos configuration 33-11 table 33-4 configure default local precedence for port operation command configure default local precedence for a port priority priority-level restore the default local precedence for a port undo priority 33.3.2 configuring traf...
Page 396
3com switch 8800 configuration guide chapter 33 qos configuration 33-12 restore the default values of the local-precedence + conform-level —> mapping table (conform level view) undo local-precedence the system provides default mapping tables. Ii. Configuring traffic policing the purpose of this conf...
Page 397
3com switch 8800 configuration guide chapter 33 qos configuration 33-13 note: z the parameters of traffic policy must be the same if you configure the same tc-index for different traffic; otherwise the system prompts you for the wrong configuration. Z for traffic policing configuration over the port...
Page 398
3com switch 8800 configuration guide chapter 33 qos configuration 33-14 rates, while traffic policing drops excessive packets. Therefore, traffic shaping may increase transmission delay, but not for traffic policing. Perform the following configurations in ethernet port view or port group view. Tabl...
Page 401
3com switch 8800 configuration guide chapter 33 qos configuration 33-17 33.3.6 configuring queue scheduling each port supports eight outbound queues except that port of xp4 board only supports four queues. The switch puts the packets into the queues according to the local precedence of packets. Queu...
Page 402
3com switch 8800 configuration guide chapter 33 qos configuration 33-18 1) tail drop mode: different queues (red, yellow and red) are allocated with different drop thresholds. When these thresholds are exceeded respectively, excessive packets will be dropped. 2) wred drop mode: drop precedence is ta...
Page 404
3com switch 8800 configuration guide chapter 33 qos configuration 33-20 a system index for it when delivering an acl rule with this command. However, you are not recommended to assign a system index if not urgently necessary. See the corresponding command manual for details of the commands. 33.3.9 c...
Page 405
3com switch 8800 configuration guide chapter 33 qos configuration 33-21 port. You can only choose port b on board 2 as its monitoring port when configuring a second mirroring group in the same direction on board 1. Z one mirroring group can contain as many as 24 monitored ports at most. Z you can co...
Page 408
3com switch 8800 configuration guide chapter 33 qos configuration 33-24 33.4 configuration example 33.4.1 traffic shaping configuration example i. Network requirements set traffic shaping for the outbound queue 2 at the port ge7/1/8: maximum rate 500kbps, burst size 12k bytes. Ii. Network diagram ge...
Page 409
3com switch 8800 configuration guide chapter 33 qos configuration 33-25 ii. Network diagram ser ver e3/0/8 e3/0/2 e3/0/1 ser ver ge3/1/8 ge3/1/2 ge3/1/1 ser ver e3/0/8 e3/0/2 e3/0/1 server ge3/1/8 ge3/1/2 ge3/1/1 ser ver e3/0/8 e3/0/2 e3/0/1 ser ver ge3/1/8 ge3/1/2 ge3/1/1 ser ver e3/0/8 e3/0/2 e3/0...
Page 410
3com switch 8800 configuration guide chapter 33 qos configuration 33-26 create a number-based basic acl 2000 and enter it. [sw8800] acl number 2000 define acl rule for the traffic from pc1. [sw8800-acl-basic-2000] rule 0 permit source 1.0.0.1 0 time-range 3com 3) define the cos—> conform-level mappi...
Page 411
3com switch 8800 configuration guide chapter 33 qos configuration 33-27 re-allocate service parameters for the packets from pc1. [sw8800-gigabitethernet7/1/1] traffic-priority inbound ip-group 2000 remark-policed-service dscp 63 33.4.4 traffic redirection configuration example i. Network requirement...
Page 412
3com switch 8800 configuration guide chapter 33 qos configuration 33-28 33.4.5 queue scheduling configuration example i. Network requirements modify the correspondence between 802.1p priority levels and local priority levels to change the mapping between 802.1p priority levels and queues. That is, p...
Page 413
3com switch 8800 configuration guide chapter 33 qos configuration 33-29 2) use wrr algorithm for the queues 0 to 5. Set the queues 0, 1 and 2 into wrr queue 1, with weight respectively as 20, 20 and 30; set the queues 3, 4 and 5 into wrr queue 2, with weight respectively as 20, 20 and 40. Use sp alg...
Page 414
3com switch 8800 configuration guide chapter 33 qos configuration 33-30 iii. Configuration procedure 1) configure wred parameters configure parameters for wred 0. [sw8800] wred 0 [sw8800-wred-0] queue 7 150 500 5 100 150 10 50 100 15 10 2) set drop algorithm and thresholds. Define the port ge7/1/1 i...
Page 415
3com switch 8800 configuration guide chapter 33 qos configuration 33-31 3) count the packets to pc1 and display the result using the display command. [sw8800-gigabitethernet7/1/1] traffic-statistic inbound ip-group 2000 rule 0 [sw8800] display qos-interface gigabitethernet7/1/1 traffic-statistic gig...
Page 416
3com switch 8800 configuration guide chapter 34 logon user acl control configuration 34-1 chapter 34 logon user acl control configuration 34.1 overview as the ethernet switches are used more and more widely over the networks, the security issue becomes even more important. The switches provide sever...
Page 418
3com switch 8800 configuration guide chapter 34 logon user acl control configuration 34-3 34.2.3 configuration example i. Network requirements only the telnet users from 10.110.100.52 and 10.110.100.46 can access the switch. Ii. Network diagram internet switch figure 34-1 acl configuration for telne...
Page 419
3com switch 8800 configuration guide chapter 34 logon user acl control configuration 34-4 34.3.2 importing acl import the defined acl into the commands with snmp community, username and group name configured, to achieve acl control over snmp users. Perform the following configurations in system view...
Page 420
3com switch 8800 configuration guide chapter 34 logon user acl control configuration 34-5 34.3.3 configuration example i. Network requirements only snmp users from 10.110.100.52 and 10.110.100.46 can access the switch. Ii. Network diagram internet switch figure 34-2 acl configuration for snmp users ...
Page 421
3com switch 8800 configuration guide chapter 35 mpls architecture 35-1 chapter 35 mpls architecture note: a switch 8800 running mpls can serve as a router. Routers mentioned in this manual can be either a router in common sense, or a layer 3 ethernet switch running mpls. To enable mpls function on t...
Page 422
3com switch 8800 configuration guide chapter 35 mpls architecture 35-2 35.2.2 label i. Label definition a label is a locally significant short identifier with fixed length, which is used to identify a fec. When reaching at mpls network ingress, packets are divided into different fecs, based on their...
Page 423
3com switch 8800 configuration guide chapter 35 mpls architecture 35-3 ethernet sonet/sdh packet ethernet header/ppp header flag lay er 3 data frame mode atm packet cell mode atm packet atm header flag lay er 3 data vpi/vci lay er 3 data ethernet sonet/sdh packet ethernet header/ppp header flag lay ...
Page 424
3com switch 8800 configuration guide chapter 35 mpls architecture 35-4 in independent control mode, each lsr can send label mapping messages to the lsrs it connects to at anytime. In ordered control mode, a lsr can send label mapping messages to upstream only when it receives a specific label mappin...
Page 425
3com switch 8800 configuration guide chapter 35 mpls architecture 35-5 with labels, distributes label binding messages, establishes and maintains label forwarding table. The network consisting of lsrs is called mpls domain. The lsr that is located at the edge of the domain is called edge lsr (ler, l...
Page 426
3com switch 8800 configuration guide chapter 35 mpls architecture 35-6 35.3.3 establishing lsp actually, the establishment of lsp refers to the process of binding fec with the label, and then advertising this binding to the adjacent lsr on lsp. This process is implemented through ldp, which regulate...
Page 427
3com switch 8800 configuration guide chapter 35 mpls architecture 35-7 received the returned label map message from its downstream lsr. Usually, the upstream lsr selects the downstream lsr according to the information in its routing table. In figure 35-4, lsrs on the way along lsp1 use the sequentia...
Page 428
3com switch 8800 configuration guide chapter 35 mpls architecture 35-8 as shown in figure 35-5, lsp is a tunnel between r2 and r3. Ii. Multi-layer label stack in mpls, a packet may carry multiple labels which are in the form of stack. Operations to the stack follow the “last in first out” principle ...
Page 429
3com switch 8800 configuration guide chapter 35 mpls architecture 35-9 there are obvious advantages to implement vpn by mpls. Mpls vpn connects the geographically different branches of private network by using lsp, forming a united network. Mpls vpn also supports the interconnection between differen...
Page 430
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-1 chapter 36 mpls basic capability configuration 36.1 mpls basic capability overview basic mpls forwarding functions includes ldp session establishment and lsp path maintenance. The typical configuration procedure...
Page 431
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-2 table 36-1 define mpls lsr id operation command define lsr id mpls lsr-id ip-address delete lsr id undo mpls lsr-id by default, lsr id is not defined. 36.2.2 enabling mpls and entering mpls view in system view, ...
Page 432
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-3 be the ingress node, an intermediate node (also called transit node), or the egress node. Note that an lsp operates normally only after all the lsrs along the lsp have been properly configured. The undo static-l...
Page 433
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-4 table 36-5 enable/disable ldp view operation command enable ldp protocol mpls ldp disable ldp undo mpls ldp by default, ldp is disabled. 36.3.2 enabling ldp on vlan interface to make the vlan interface support l...
Page 434
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-5 there is no default remote-peer. Ii. Configuring an address for the remote-peer you can specify the address of any ldp-enabled interface on the remote-peer or the address of the loopback interface on the lsr tha...
Page 436
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-7 36.3.5 configuring ldp loop detection control i. Enabling loop detection it is used to enable or disable the loop detection function during ldp signaling process. The loop detection includes maximum hop count mo...
Page 437
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-8 iii. Setting the maximum hop count in path vector mode when path vector mode is adopted for loop detection, it is also necessary to specify the maximum value of lsp path. In this way, when one of the following c...
Page 439
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-10 v. Trapping mpls this command is used to enable the trap function of mpls during an lsp/ldp setup process. Perform the following configuration in system view. Table 36-20 enable the trap function of mpls operat...
Page 440
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-11 ii. Ldp debugging commands execute debugging command in user view for the debugging of various messages related to ldp table 36-22 enable/disable debugging for mpls ldp operation command enable debugging for mp...
Page 441
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-12 ii. Network diagram switch a switchb switchc switchd vlan201 168.1.1.1 vlan201 168.1.1.2 vlan203 172.17.1.1 vlan203 172.17.1.2 vlan202 100.10.1.2 vlan202 100.10.1.1 switch a switchb switchc switchd vlan201 168....
Page 442
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-13 [sw8800] mpls [sw8800-mpls] quit [sw8800] mpls ldp configure ip address and enable mpls and ldp for vlan interface 201. [sw8800] vlan 201 [sw8800-vlan201] port gigabitethernet 2/1/1 [sw8800-vlan201] quit [sw880...
Page 443
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-14 configure lsr id and enable mpls and ldp. [sw8800] mpls lsr-id 100.10.1.1 [sw8800] mpls [sw8800-mpls] quit [sw8800] mpls ldp configure ip address and enable ldp and mpls for vlan interface 202. [sw8800] vlan 20...
Page 444
3com switch 8800 configuration guide chapter 36 mpls basic capability configuration 36-15 36.6 troubleshooting mpls configuration symptom: session cannot be setup with the peer after ldp is enabled on the interface. Troubleshooting: cause 1: loop detection configuration is different at the two ends....
Page 445
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-1 chapter 37 bgp/mpls vpn configuration 37.1 bgp/mpls vpn overview traditional vpn, for which layer 2 tunneling protocols (l2tp, l2f and pptp, and so on.) or layer 3 tunnel technology (ipsec, gre and so on.) is adopted, is...
Page 446
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-2 37.1.1 bgp/mpls vpn model i. Bgp/mpls vpn model site 1 ce site 2 ce vpn1 site 3 ce vpn2 site 1 vpn1 site 2 vpn 2 ce pe p pe p p pe pe site 1 vpn1 site 2 vpn 2 ce pe p pe p p pe pe site 1 ce site 2 ce vpn1 site 3 ce vpn2 ...
Page 447
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-3 vpns. These disadvantages not only increase the network operating cost, but also bring relevant management and security issues. The nested vpn is a better solution. Its main idea is to transfer vpnv4 route between pe and...
Page 448
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-4 compatibility: it not only supports traditional ipv4 address family, but also supports other address families, for example, vpn-ipv4 address family. Mp-bgp ensures that vpn private routes are only advertised within vpns,...
Page 449
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-5 rd ipv4 address ... Ert1 ert2 ... Ertn ert: export route targets import route targets: ( irt1, irt2, ... ,irtm ) mpls vpn route figure 37-3 route filtering through matching vpn target attribute note: the routes for other...
Page 450
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-6 lsps must be set up between pes for vpn data traffic forwarding with mpls lsp. The pe router which receives packets from ce and create label protocol stack is called ingress lsr, while the bgp next hop (egress pe router)...
Page 451
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-7 3) each p router on lsp forwards mpls packets using exterior-layer label to the penultimate-hop router, namely the p router before pe2. The penultimate-hop router extracts the exterior-layer and sends mpls packet to pe2....
Page 452
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-8 as shown in figure 37-5, the pes directly connected with user devices are called upe (underlayer pe or user-end pe); the devices in the core network connected with the upes are called spe (superstratum pe or service-prov...
Page 453
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-9 interface, routing table, and sends vpn routing information over mpls network using bgp/ospf interaction. If supporting ospf multi-instance, one router can run multiple ospf procedures, which can be bound to different vp...
Page 454
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-10 compromised method brings additional configuration burden and has limitation in actual use. To resolve this problem, the idea of multi-role host is generated. Specifically to say, this idea is to differentiate the acces...
Page 455
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-11 i. Creating static route if you select static route mode for ce-pe route switching, you should then configure a private static route pointing to pe on ce. Perform the following configuration in the system view. Table 37...
Page 456
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-12 37.2.2 configuring pe router i. Configuring basic mpls capability it includes configuring mpls lsr id, enable mpls globally and enable mpls in the corresponding vlan interface view. See mpls basic capacity configure for...
Page 457
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-13 3) configure vpn-instance description perform the following configuration in vpn-instance view table 37-5 configure vpn-instance description operation command configure vpn-instance description description vpn-instance-...
Page 458
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-14 by default, the value is both. In general all sites in a vpn can be interconnected, and the import-extcommunity and export-extcommunity attributes are the same, so you can execute the command only with the both option. ...
Page 460
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-16 z both vlan id and ip address-based packet redirection. Perform the following configuration in the ethernet port view. Table 37-12 configure packet redirection at the ethernet port on the b card operation command config...
Page 461
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-17 you can configure a static route pointing to ce on pe for it to learn vpn routing information from ce. Perform the following configuration in the system view. Table 37-14 configure static route in vpn-instance routing t...
Page 462
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-18 routes should also be imported into ospf. Here only introduces ospf multi-instance configuration in detail. First step: configure ospf procedure. Perform the following configuration in the system view. Table 37-16 confi...
Page 463
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-19 caution: the configured value will not take effect unit the command reset ospf is executed. Step 3: configure tag for imported vpn route (optional) if a vpn site links to multiple pes, routing ring may present when the ...
Page 465
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-21 by default, bgp neighbor is active while mbgp neighbor is inactive. You should activate mbgp neighbor in vpnv4 sub-address family view. Perform the following configuration in vpnv4 sub-address family view. Table 37-22 a...
Page 466
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-22 in the case of standard bgp, bgp tests routing loop via as number to avoid generating routing loop. In the case of hub&spoke networking, however, pe carries the as number of the local autonomous system when advertising ...
Page 468
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-24 table 37-29 enable/disable ibgp peer group operation command enable a peer group peer group-name enable disable a specific peer group undo peer group-name enable step 4: configure the local address as the next hop in ro...
Page 470
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-26 ii. Displaying ip routing table associated with vpn-instance after the above configuration, you can execute display command in any view to display the corresponding information in the ip routing tables related to vpn-in...
Page 471
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-27 v. Displaying mpls l3vpn-lsp information table 37-38 display mpls l3vpn-lsp information operation command display mpls l3vpn lsp information display mpls l3vpn-lsp [ verbose] include text display mpls l3vpn lsp vpn-inst...
Page 472
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-28 ii. Network diagram as 65430 as 65410 as 65430 as 65440 vpn-b ce4 pe1 rd(100:1) p vpn-a ce3 vlan201 168.3.1.1/16 168.3.1.2/16 as 65420 vpn-b ce2 vpn-a ce1 vlan201 168.1.1.1/16 vlan202 168.1.1.2/16 vlan301 vlan201 172.1....
Page 473
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-29 note: the configuration on the other three ce switches (ce2 to ce4) is similar to that on ce1, the details are omitted here. 2) configure pe1 configure vpn-instance for vpn-a on pe1, as well as other associated attribut...
Page 474
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-30 [pe1] mpls lsr-id 202.100.1.1 [pe1] mpls [pe1-mpls] quit [pe1] mpls ldp [pe1] vlan 201 [pe1-vlan201] port gigabitethernet 2/1/1 [pe1-vlan201] quit [pe1] interface vlan-interface 201 [pe1-vlan-interface201] ip address 17...
Page 475
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-31 [p-loopback 0] quit [p] vlan 301 [p-vlan301] port gigabitethernet 3/1/1 [p-vlan301] quit [p] interface vlan-interface 301 [p-vlan-interface301] ip address 172.1.1.2 255.255.0.0 [p-vlan-interface301] mpls [p-vlan-interfa...
Page 476
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-32 [p-ospf-1] import-route direct 4) configure pe3 note: the configuration on pe3 is similar to that on pe1, you should pay more attention to vpn routing attribute setting on pe3 to get information about how to control adv...
Page 477
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-33 [pe3] mpls lsr-id 202.100.1.3 [pe3] mpls [pe3-mpls] quit [pe3] mpls ldp [pe3] vlan 201 [pe3-vlan201] interface gigabitethernet 2/1/1 [pe3-vlan201] quit [pe3] interface vlan-interface 201 [pe3-vlan-interface201] ip addre...
Page 478
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-34 z two switch 8800s serve as pe devices, which support mpls feature. Ce-1 and ce-2 are two mid-range switches; a layer 2 switch serves as both ce-3 and ce-4, which is accessed directly with users. Z two pes are configure...
Page 479
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-35 note: the configuration on vpn-b is similar to that on vpn-a and only vpn-a configuration is detailed here. [pe1] ip vpn-instance vpna [pe1-vpn-vpna] route-distinguisher 100:1 [pe1-vpn-vpna] vpn-target 100:1 both [pe1-v...
Page 480
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-36 globally enable mpls. [pe1] mpls lsr-id 1.1.1.9 [pe1] mpls [pe1] mpls ldp configure the public network interface and enable mpls on it. [pe1] interface loopback0 [pe1-loopback0] ip address 1.1.1.9 255.255.255.255 [pe1-l...
Page 481
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-37 note: the configuration on vpn-b is similar to that on vpn-a and only vpn-a configuration is detailed here. [pe2] ip vpn-instance vpna [pe2-vpn-vpna] route-distinguisher 100:1 [pe2-vpn-vpna] vpn-target 100:1 both [pe2-v...
Page 482
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-38 [pe2-bgp-af-vpn] peer 2 enable [pe2-bgp-af-vpn] peer 1.1.1.9 group 2 globally enable mpls. [pe2] mpls lsr-id 2.2.2.9 [pe2] mpls [pe2] mpls ldp configure the public network interface and enable mpls on it. [pe2] interfac...
Page 483
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-39 note: cautions and configuration limitations in hybrid networking: z for a trunk port on the common interface card, you can configure to redirect mpls vpn of multiple vlans to the same destination port. Z in a vlan you ...
Page 484
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-40 37.4.3 extranet configuration example i. Network requirements company a and company b are located at city a and city b respectively. Their headquarters is located at city c. They respectively own vpn1 and vpn2. In this ...
Page 485
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-41 iii. Configuration procedure note: this configuration procedure has omitted configurations between pe and p, and configurations on ces. For these details refer to the former example. 1) configure pe-a: configure vpn-ins...
Page 486
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-42 [pe-a-mpls] quit [pe-a] mpls ldp set up mp-ibgp adjacency between pes to exchange inter-pe vpn routing information and activate mp-ibgp peer in vpnv4 sub-address family view. [pe-a] bgp 100 [pe-a-bgp] group 20 internal ...
Page 487
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-43 [pe-c-loopback0] ip address 20.1.1.1 255.255.255.255 [pe-c-loopback0] quit configure mpls basic capacity. [pe-c] mpls lsr-id 20.1.1.1 [pe-c] mpls [pe-c-mpls] quit [pe-c] mpls ldp set up mp-ibgp adjacency between pes to ...
Page 488
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-44 [pe-b] vlan 301 [pe-b-vlan301] port gigabitethernet 3/1/1 [pe-b-vlan301] quit [pe-b] interface vlan-interface 301 [pe-b-vlan-interface301] ip binding vpn-instance vpn-instance3 [pe-b-vlan-interface301] ip address 172.17...
Page 489
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-45 z set up ibgp adjacency between pe1 and pe2 or pe1 and pe3, but not between pe2 and pe3, that is, vpn routing information cannot be exchanged between pe2 and pe3. Z create two vpn-instances on pe1, import vpn routes of ...
Page 490
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-46 ii. Network diagram internet ce1 pe1 ce2 pe2 pe3 20.1.1.2 ce3 hub site spoke site spoke site vlan201 172.18.0.1/16 vlan201 172.16.0.1/16 vlan202 172.17.0.1/16 vlan201 172.15.0.1/16 loopback0 22.1.1.1/32 loopback0 33.1.1...
Page 491
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-47 [pe1] bgp 100 [pe1-bgp] ipv4-family vpn-instance vpn-instance2 [pe1-bgp-af-vpn-instance] import-route static [pe1-bgp-af-vpn-instance] import-route direct [pe1-bgp-af-vpn-instance] group 17216 external [pe1-bgp-af-vpn-i...
Page 492
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-48 [pe1-bgp] peer 22.1.1.1 group 22 as-number 100 [pe1-bgp] peer 22.1.1.1 connect-interface loopback 0 [pe1-bgp] group 33 [pe1-bgp] peer 33.1.1.1 group 33 as-number 100 [pe1-bgp] peer 33.1.1.1 connect-interface loopback 0 ...
Page 493
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-49 [pe2-loopback0] quit set up mp-ibgp adjacency between pe2 and pe1 to exchange inter-pe vpn routing information and activate mp-ibgp peer in vpnv4 sub-address family view. [pe2] bgp 100 [pe2] group 11 [pe2-bgp] peer 11.1...
Page 494
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-50 [pe3] interface loopback 0 [pe3-loopback0] ip address 33.1.1.1 255.255.255.255 [pe3-loopback0] quit set up mp-ibgp adjacency between pe3 and pe1 to exchange inter-pe vpn routing information and activate mp-ibgp peer in ...
Page 495
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-51 ii. Network diagram as:100 ce1 pe1 ce2 pe2 pe3 loopback0 1.1.1.1/32 loopback0 2.2.2.2/32 loopback0 3.3.3.3/32 vlan211 172.11.11.2/24 vlan211 172.11.11.1/24 vlan212 172.21.21.2/24 vlan212 172.21.21.1/24 as:65002 as:65001...
Page 496
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-52 [pe1-vpn-vpn-instance1.2] quit set up mp-ebgp adjacency between pe1 and ce1, import intra-ce1 vpn routes learned into vpn-instance 1.1. [pe1] bgp 100 [pe1-bgp] ipv4-family vpn-instance vpn-instance1.1 [pe1-bgp-af-vpn-in...
Page 497
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-53 configure mpls basic capacity, enable ldp on the interface connecting pe1 and pe2 and the interface connecting pe1 and pe3. [pe1] mpls lsr-id 1.1.1.1 [pe1] mpls [pe1-mpls] quit [pe1] mpls ldp [pe1] vlan 213 [pe1-vlan213...
Page 498
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-54 [pe1-bgp] peer 3.3.3.3 group 3 [pe1-bgp] peer 3.3.3.3 connect-interface loopback 0 [pe1-bgp] ipv4-family vpnv4 [pe1-bgp-af-vpn] peer 2 enable [pe1-bgp-af-vpn] peer 2.2.2.2 group 2 [pe1-bgp-af-vpn] peer 3 enable [pe1-bgp...
Page 499
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-55 [pe2-bgp-af-vpn-instance] peer 172.22.22.2 group 17222 as-number 65002 [pe2-bgp-af-vpn] quit [pe2-bgp] quit bind the interface connecting pe2 and ce1 to vpn-instance 2.1 and the interface connecting pe2 and ce2 to vpn-i...
Page 500
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-56 [pe3-bgp-af-vpn-instance] import-route direct [pe3-bgp-af-vpn-instance] import-route static [pe3-bgp-af-vpn-instance] group 192 external [pe3-bgp-af-vpn-instance] peer 192.168.13.2 group 192 as-number 65003 [pe3-bgp-af-...
Page 501
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-57 ii. Network diagram p1 vlan205 10.1.1.2/24 20.1.1.1/24 ce1 ce2 172.12.12.2/24 pc1 pc2 ce4 pc4 ce3 172.21.21.2/24 pc3 192.168.11.10 192.168.21.10 192.168.12.10 192.168.22.10 172.21.21.1/24 172.11.11.1/24 10.1.1.1/24 20.1...
Page 502
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-58 [pe1] vlan 205 [pe1-vlan205] port gigabitethernet 2/2/1 [pe1-vlan205] quit [pe1] interface vlan-interface 205 [pe1-vlan-interface205] mpls [pe1-vlan-interface205] mpls ldp enable [pe1-vlan-interface205] ip address 10.1....
Page 503
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-59 [pe2] mpls [pe2-mpls] quit [pe2] mpls ldp configure the vlan interface connecting ce. [pe2] vlan 203 [pe2-vlan203] port gigabitethernet 2/1/1 [pe2-vlan203] quit [pe2] vlan 204 [pe2-vlan204] port gigabitethernet 2/1/2 [p...
Page 504
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-60 [pe2-bgp-af-vpn-instance] import-route direct [pe2-bgp-af-vpn-instance] group 172-12 external [pe2-bgp-af-vpn-instance] peer 172.12.12.2 group 172-12 as-number 65012 [pe2-bgp] ipv4-family vpn-instance vpnb [pe2-bgp-af-v...
Page 505
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-61 [p1-vlan-interface206] mpls ldp enable [p1-vlan-interface206] ip address 98.98.98.1 255.255.255.0 [p1-vlan-interface206] quit configure ibgp neighbors and ebgp neighbors. [p1] bgp 100 [p1-bgp] group 1 internal [p1-bgp] ...
Page 506
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-62 iii. Configuration procedure z configuring ospf on the mpls backbone network z configuring basic mpls capability on the mpls backbone network z configuring a vpn instance on pes. Z configuring mp-bgp 1) configure ospf a...
Page 507
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-63 [pe2] interface pos1/1/0 [pe2-pos1/1/0] ip address 162.1.1.2 255.255.0.0 [pe2-pos1/1/0] quit [pe2] ospf [pe2-ospf-1] area 0 [pe2-ospf-1-area-0.0.0.0] network 162.1.0.0 0.0.255.255 [pe2-ospf-1-area-0.0.0.0] network 202.2...
Page 508
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-64 [pe1-pos1/1/0] mpls ldp [pe1-pos1/1/0] quit configure basic mpls capability on asbr-pe1, enable ldp on the interface connected to pe1, and enable mpls on the interface connected to asbr-pe2. [asbr-pe1] mpls lsr-id 172.1...
Page 509
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-65 3) create a vpn instance on each pe, and bind the instance to the interface connected to the corresponding ce. Configure ce1 [ce1] interface ethernet 1 [ce1-ethernet1] ip address 168.1.1.2 255.255.0.0 [ce1-ethernet1] qu...
Page 510
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-66 note: z enable the exchanging of label-carried ipv4 route between the following routers: pe1 and asbr-pe1, pe2 and asbr-pe2, asbr-pe1 and asbr-pe2. Z make each asbr-pe change the next hop to its own when it advertises r...
Page 511
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-67 [asbr-pe1-acl-basic-2001] quit [asbr-pe1] route-policy rtp-ebgp permit node 1 [asbr-pe1-route-policy] if-match acl 2001 [asbr-pe1-route-policy] apply mpls-label [asbr-pe1-route-policy] quit [asbr-pe1] route-policy rtp-i...
Page 512
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-68 [pe2-bgp] group 30 external [pe2-bgp] peer 30 ebgp-max-hop [pe2-bgp] peer 202.100.1.2 group 30 as-number 100 [pe2-bgp] peer 202.100.1.2 connect-interface loopback0 [pe2-bgp] ipv4-family vpnv4 [pe2-bgp-af-vpn] peer 30 en...
Page 513
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-69 networks at the city level into a single mpls vpn will impose a high requirement in performance on the equipment on the entire network, in the event that the network topology size is large. However, the requirement in e...
Page 514
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-70 [spe] mpls ldp configure vpn-instance [spe] ip vpn-instance vpn1 [spe-vpn-vpn1] route-distinguisher 100:1 [spe-vpn-vpn1] vpn-target 100:1 both configure interfaces (so far as a pe router concerned, its loopback 0 interf...
Page 515
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-71 configure the basic mpls capability. [upe] mpls lsr-id 1.0.0.1 [upe] mpls [upe-mpls] quit [upe] mpls ldp configure vpn-instance [upe] ip vpn-instance vpn1 [upe-vpn-vpn1] route-distinguisher 100:1 [upe-vpn-vpn1] vpn-targ...
Page 516
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-72 37.4.9 ospf multi-instance sham link configuration example i. Network requirements as shown in the following picture, a company connects to a wan through ospf multi-instance function of a router. Ospf is bind to vpn1.Mp...
Page 517
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-73 [pe1] vlan 203 [pe1-vlan203] port gigabitethernet 2/1/3 [pe1-vlan203] quit [pe1] interface vlan-interface 203 [pe1-vlan-interface203] ip address 168.1.12.1 255.255.255.0 [pe1-vlan-interface203] mpls [pe1-vlan-interface2...
Page 518
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-74 [pe1-bgp-af-vpn-instance] import-route ospf-ase 100 [pe1-bgp-af-vpn-instance] import-route ospf-nssa 100 [pe1-bgp-af-vpn-instance] import-route direct [pe1-bgp-af-vpn-instance] undo synchronization create and activate p...
Page 519
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-75 [pe2-vlan-interface203] mpls ldp enable [pe2-vlan-interface203] quit [pe2] vlan 201 [pe2-vlan201] port gigabitethernet 2/1/1 [pe2-vlan201] quit [pe2] interface vlan-interface 201 [pe2-vlan-interface201] ip binding vpn-i...
Page 520
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-76 [pe2-bgp-af-vpn] peer fc enable [pe2-bgp-af-vpn] peer fc advertise-community [pe2-bgp-af-vpn] peer 50.1.1.1 group fc configure ospf and import bgp and direct-connect route. [pe2] ospf 100 router-id 2.2.2.2 vpn-instance ...
Page 521
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-77 [ce1-ospf-100-area-0.0.0.0] network 12.1.1.0 0.0.0.255 4) configure ce2 configure interface. [ce2] vlan 202 [ce2-vlan202] port gigabitethernet 2/1/2 [ce2-vlan202] quit [ce2] interface vlan-interface 202 [ce2-vlan-interf...
Page 522
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-78 ii. Network diagram vpn3 vpn2 vpn1 as50002 vpn1 as50001 prov_pe1 5.5.5.5 cust_pe1 6.6.6.6 ce1 ce2 ce3 ce4 vpn2 vpn1 as50003 ce5 vpn3 ce6 ce7 cust_pe2 7.7.7.7 prov_pe2 4.4.4.4 pos1/1/0: 10.1.1.1/8 pos1/1/0: 10.1.1.2/8 po...
Page 523
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-79 [prov_pe1-ospf-area-0.0.0.0] network 10.0.0.0 0.255.255.255 configure prov_pe2 system-view [sw8800] sysname prov_pe2 [prov_pe2] interface loopback0 [prov_pe2-loopback0] ip address 4.4.4.4 255.255.255.255 [prov_pe2-loopb...
Page 524
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-80 [prov_pe1-bgp] quit configure prov_pe2 [prov_pe2] bgp 100 [prov_pe2-bgp] group ibgp internal [prov_pe2-bgp] peer 5.5.5.5 group ibgp [prov_pe2-bgp] peer 5.5.5.5 connect-interface loopback0 [prov_pe2-bgp] ipv4-family vpnv...
Page 525
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-81 [prov_pe2-pos3/1/0] ip binding vpn-instance customer_vpn [prov_pe2-pos3/1/0] link-protocol ppp [prov_pe2-pos3/1/0] ip address 2.1.1.2 255.0.0.0 [prov_pe2-pos3/1/0] mpls [prov_pe2-pos3/1/0] quit configure cust_pe1 system...
Page 526
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-82 [prov_pe1-bgp-af-vpn] peer ebgp vpn-instance customer_vpn enable [prov_pe1-bgp-af-vpn] peer 1.1.1.1 vpn-instance customer_vpn group ebgp [prov_pe1-bgp-af-vpn] peer 1.1.1.1 vpn-instance customer_vpn route-policy comm imp...
Page 527
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-83 4) on each customer pe, configure the sub-vpn that accesses the network through the customer pe. Configure cust_pe1 [cust_pe1] ip vpn-instance vpn1 [cust_pe1-vpn-instance] route-distinguisher 1:1 [cust_pe1-vpn-instance]...
Page 528
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-84 ii. Network diagram mpls network pe vpn2 vpn1 multi-vpn-instance ce ospf 100 vpn1 ospf 300 vpn2 vlan201 10.1.1.2/24 vlan204 20.2.1.2/24 vlan202 10.2.1.2/24 vlan203 20.1.1.2/24 mpls network pe vpn2 vpn1 multi-vpn-instanc...
Page 529
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-85 [ce] vlan 203 [ce-vlan203] port gigabitethernet 2/1/3 [ce-vlan203] quit [ce] interface vlan-interface 203 [ce-vlan-interface203] ip binding vpn-instance vpn2 [ce-vlan-interface203] ip address 20.1.1.2 255.255.255.0 conf...
Page 530
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-86 ii. Network diagram pc2 172.16.0.1/16 192.168.1.1/24 192.168.1.2/24 ethernet2/1/0 20.1.1.2/24 ethernet2/1/0 172.16.0.2/16 ethernet1/1/0 20.1.1.1/24 ce2 pe1 pe2 pc3 172.19.0.1/16 ethernet2/1/0 172.19.0.2/ ethernet1/1/0 2...
Page 531
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-87 [pe2-loopback0] ip address 2.2.2.9 32 [pe2-loopback0] quit [pe2] interface ethernet1/1/0 [pe2-ethernet1/1/0] ip address 192.168.1.2 24 [pe2-ethernet1/1/0] quit [pe2] ospf [pe2-ospf-1] area 0 [pe2-ospf-1-area-0.0.0.0] ne...
Page 532
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-88 [pe2] mpls lsr-id 2.2.2.9 [pe2-mpls] lsp-trigger all [pe2-mpls] quit [pe2] mpls ldp [pe2-mpls-ldp] quit [pe2] interface ethernet1/1/0 [pe2-ethernet1/1/0] mpls [pe2-ethernet1/1/0] mpls ldp [pe2-ethernet1/1/0] quit create...
Page 533
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-89 [ce3-ethernet1/1/0] quit [ce3] bgp 65430 [ce3-bgp] import-route direct [ce3-bgp] group 10 external [ce3-bgp] peer 20.3.1.2 group 10 as-number 100 [ce3-bgp] quit configure pe1: set up ibgp peer relation with pe2 in bgp-v...
Page 534
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-90 [pe2-bgp] quit configure multi-role host feature. Configure a default route pointing to pe1 on ce2. [ce2] ip route-static 0.0.0.0 0.0.0.0 20.1.1.2 if routing protocol is used between ce2 and pe1, to avoid routing loop, ...
Page 535
3com switch 8800 configuration guide chapter 37 bgp/mpls vpn configuration 37-91 iii. Symptom 3 in hub&spoke networking mode, spoke pe cannot learn the private networking route of hub pe. Solution: z check whether the lsp tunnel is established using the display mpls lsp command. Z check whether the ...
Page 536
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-1 chapter 38 mstp region-configuration 38.1 introduction to mstp mstp stands for multiple spanning tree protocol, which is compatible with spanning tree protocol (stp) and rapid spanning tree protocol (rstp). Stp is not fas...
Page 537
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-2 c a b bpdu bpdu bpdu cist: common and internal spanning tree msti: multiple spanning tree instance cst: common spanning tree area a0 vlan 1 mapped to instance 1 vlan 2 mapped to instance 2 other vlans mapped to cist d are...
Page 538
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-3 iv. Cst common spanning tree (cst): a lan has only one cst. Cst connects the spanning trees of all mst regions. Regard every mst region as a “switch”, and the cst is generated by the computing of “switches” through stp/rs...
Page 539
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-4 z master port is the port connecting the entire region to the common root bridge and located on the shortest path between them. Z an alternate port is a backup of the mater port, and also a backup port of a root port in t...
Page 540
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-5 figure 38-3 bpdu packet format figure 38-4 msti information format of the last part in bpdu packets besides field root bridge priority, root path cost, local bridge priority and port priority, the field flags which takes ...
Page 541
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-6 7 6 5 4 3 2 1 0 tc proposal learning forwarding agreem ent tcack 7 6 5 4 3 2 1 0 tc proposal learning forwarding agreem ent tcack figure 38-5 meaning of 1-byte flags in bpdu packets the second and third bits together indi...
Page 542
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-7 switch a switch c switch b cp2 bp2 cp1 bp1 ap2 ap1 lan figure 38-6 designated bridge and designated port for a switch, the designated bridge is a switch in charge of forwarding bpdu to the local switch via a port called t...
Page 543
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-8 priorities of switch a, b and c are 0, 1 and 2 and the path costs of their links are 5, 10 and 4 respectively. 1) initial state when initialized, each port of the switches generates the configuration bpdu taking itself as...
Page 544
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-9 bpdu for every port: substituting the root id with the root id in the configuration bpdu of the root port, the cost of path to root with the value made by the root path cost plus the path cost corresponding to the root po...
Page 545
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-10 cp2 receives from the bp2 of switch b the configuration bpdu {1, 0, 1, bp2} that has not been updated and then the updating process is launched. The configuration bpdu is updated as {1, 0, 1, bp2}. Cp1 receives the confi...
Page 546
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-11 configuration bpdus besides the first four items will make modifications according to certain rules. The basic calculation process is described below: in addition, with identical priority, the path cost of an aggregation...
Page 547
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-12 38.2 configuring mstp mstp configuration includes: z configuring the mst region for a switch z specifying the switch as a primary or a secondary root bridge z configuring the mstp running mode z configuring the bridge pr...
Page 548
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-13 setting the timeout factor of a specific bridge z configuring the max transmission speed on a port z configuring a port as an edge port or non-edge port z configuring the path cost of a port z stp path cost calculation s...
Page 549
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-14 table 38-1 enter mst region view operation command enter mst region view (from system view) stp region-configuration restore the default settings of mst region undo stp region-configuration ii. Configuring parameters for...
Page 550
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-15 iii. Activating the mst region configuration,and exit the mst region view perform the following configuration in mst region view. Table 38-3 activate the mst region configuration and exit the mst region view operation co...
Page 551
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-16 if the primary root is down or powered off, the secondary root will take its place, unless you configure a new primary root. Of two or more configured secondary root bridges, mstp selects the one with the smallest mac ad...
Page 552
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-17 restore the default mstp running mode undo stp mode generally, if there is a stp switch on the switching network, the port connected to it will automatically transit from mstp mode to stp-compatible mode. But the port ca...
Page 553
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-18 discards the configuration bpdu with 0 hops left. This makes it impossible for the switch beyond the max hops to take part in the spanning tree calculation, thereby limiting the scale of the mst region. You can use the f...
Page 554
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-19 note: the stp bridge-diameter command configures the switching network diameter and determines the three mstp time parameters (hello time, forward delay, and max age) accordingly. 38.2.7 configuring the time parameters o...
Page 555
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-20 caution: the forward delay configured on a switch depends on the switching network diameter. Generally, the forward delay is supposed to be longer when the network diameter is longer. Note that too short a forward delay ...
Page 556
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-21 38.2.8 setting the timeout factor of a specific bridge a switch transmits hello packet regularly to the adjacent bridges to check if there is link failure. Generally, if the switch does not receive the stp packets from t...
Page 557
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-22 ii. Configuration in ethernet port view perform the following configuration in ethernet port view. Table 38-12 configure the max transmission speed on a port operation command configure the max transmission speed on a po...
Page 558
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-23 table 38-14 configure a port as an edge port or a non-edge port operation command configure a port as an edge port. Stp edged-port enable configure a port as a non-edge port. Stp edged-port disable restore the default se...
Page 559
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-24 i. Configuration in system view perform the following configuration in system view. Table 38-15 configure the path cost of a port operation command configure the path cost of a port. Stp interface interface-list[ instanc...
Page 560
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-25 the actual rate counts. 2) calculating the path cost z full-duplex and non-aggregation port at a rate less than 1 ge path cost = [200,000,000 / (rate × 10)] – 1 z other ports path cost = 200,000,000 / (rate × 10) ii. Dot...
Page 561
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-26 the rate of the primary port in an aggregation group is determined by the sum of the port rates in this group. No calculation is performed for secondary port. Z non-aggregation port the actual rate counts, but the rate i...
Page 562
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-27 table 38-20 configure the port priority operation command configure the port priority. Stp interface interface-list instance instance-id port priority priority restore the default port priority. Undo stp interface interf...
Page 563
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-28 operation command configure mstp to automatically detect if the port is directly connected with the point-to-point link. Stp interface interface-list point-to-point auto configure mstp to automatically detect if the port...
Page 564
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-29 by default, the parameter is configured as auto. 38.2.15 configuring the mcheck variable of a port the port of an mstp switch operates in either stp-compatible or mstp mode. Suppose a port of an mstp switch on a switchin...
Page 565
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-30 you can configure mcheck variable on a port with either of the earlier-mentioned measures. Note that the command can be used only if the switch runs mstp. The command does not make any sense when the switch runs in stp-c...
Page 566
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-31 note: for the loop protection-enabled port, if the port participates in stp calculation, all the instances of the port will be always set to be in discarding state regardless of the port role. Iv. Tc-protection as a gene...
Page 567
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-32 operation command configure tc protection of the switch (from system view) stp tc-protection enable disable tc protection (from system view) stp tc-protection disable by default, only the protection from tc-bpdu packet a...
Page 568
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-33 table 38-27 enable/disable mstp on a device operation command enable mstp on a device. Stp enable disable mstp on a device. Stp disable restore the disable state of mstp, as defaulted. Undo stp only if mstp has been enab...
Page 569
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-34 disabled, upon receiving tc/tcn packets, the port broadcasts tc packets to delete the mac address entries of the port in the stp active state on the bridge. Perform the following configuration in system view. Table 38-29...
Page 570
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-35 table 38-31 enable/disable mstp on a port operation command enable mstp on a port. Stp enable disable mstp on a port. Stp disable you can enable/disable mstp on a port with either of the earlier-mentioned measures. Note ...
Page 572
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-37 iii. Configuration procedure 1) configurations on switch a mst region [sw8800] stp region-configuration [sw8800-mst-region] region-name example [sw8800-mst-region] instance 1 vlan 10 [sw8800-mst-region] instance 3 vlan 3...
Page 573
3com switch 8800 configuration guide chapter 38 mstp region-configuration 38-38 mst region [sw8800] stp region-configuration [sw8800-mst-region] region-name example [sw8800-mst-region] instance 1 vlan 10 [sw8800-mst-region] instance 3 vlan 30 [sw8800-mst-region] instance 4 vlan 40 [sw8800-mst-region...
Page 574
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-1 chapter 39 802.1x configuration 39.1 802.1x overview 39.1.1 802.1x standard overview ieee 802.1x (hereinafter simplified as 802.1x) is a port-based network access control protocol that is used as the standard for lan user acce...
Page 575
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-2 is to be encapsulated in the packets of other aaa upper layer protocols (e.G. Radius) so as to go through the complicated network to reach the authentication server. Such procedure is called eap relay. There are two types of p...
Page 576
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-3 802.1x provides an implementation solution of user id authentication. However, 802.1x itself is not enough to implement the scheme. The administrator of the access device should configure the aaa scheme by selecting radius or ...
Page 577
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-4 checking the users that log on the switch via proxy z setting supplicant number on a port z setting the authentication in dhcp environment z configuring authentication method for 802.1x user z enabling/disabling guest vlan z s...
Page 578
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-5 configuring 802.1x timers z enabling/disabling quiet-period timer among the above tasks, the first one is compulsory, otherwise 802.1x will not take any effect. The other tasks are optional. You can perform the configurations ...
Page 579
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-6 auto (automatic identification mode, which is also called protocol control mode). That is, the initial state of the port is unauthorized. It only permits eapol packets receiving/transmitting and does not permit the user to acc...
Page 580
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-7 39.2.4 checking the users that log on the switch via proxy the following commands are used for checking the users that log on the switch via proxy. Perform the following configuration in system view or ethernet port view. Tabl...
Page 581
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-8 perform the following configuration in system view. Table 39-6 set the authentication in dhcp environment operation command disable the switch to trigger the user id authentication over the users who configure static ip addres...
Page 582
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-9 perform the following configuration in system view or ethernet interface view. Table 39-8 enable/disable guest vlan operation command enable guest vlan dot1x guest-vlan vlan -id [ interface interface -list ] disable guest vlan...
Page 583
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-10 39.2.10 configuring 802.1x timers the following commands are used for configuring the 802.1x timers. Perform the following configuration in system view. Table 39-10 configure 802.1x timers operation command configure timers d...
Page 584
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-11 supp -timeout-value: specifies how long the duration of an authentication timeout timer of a supplicant is. The value ranges from 10 to 120 in units of second and defaults to 30. Tx-period : specifies the transmission timeout...
Page 586
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-13 ii. Network diagram supplicant authentication servers (radius server cluster ip address: 10.11.1.1 10.11.1.2) internet authenticator switch supplicant authentication servers (radius server cluster ip address: 10.11.1.1 10.11....
Page 587
3com switch 8800 configuration guide chapter 39 802.1x configuration 39-14 [sw8800-radius-radius1] primary accounting 10.11.1.2 set the ip address of the secondary authentication/accounting radius servers. [sw8800-radius-radius1] secondary authentication 10.11.1.2 [sw8800-radius-radius1] secondary a...
Page 588: Configuration
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-1 chapter 40 aaa and radius/tacacs+ protocol configuration 40.1 aaa and radius/tacacs+ protocol overview 40.1.1 aaa overview authentication, authorization and accounting (aaa) provide a uniform framewor...
Page 589
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-2 in pstn environment or ethernet switch with access function in ethernet environment), nas, namely radius client end, will transmit user aaa request to the radius server. Radius server has a user datab...
Page 590
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-3 table 40-1 tacacs+ vs. Radius tacacs+ radius adopts tcp, providing more reliable network transmission. Adopts udp. Encrypts the entire packet except for the standard tacacs+ header. Encrypts only the ...
Page 591
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-4 z the tacacs server sends back an authentication response, requesting for the login password. Upon receiving the response, the tacacs client requests the user for the login password. Z after receiving...
Page 592
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-5 user tacacs client tacacs server user logs on authentication start packet authentication response packet, requesting username the user inputs username authentication continuance packet, sending userna...
Page 593
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-6 figure 40-3 network diagram for using radius to authenticate 40.2 aaa configuration the following sections describe aaa configuration tasks. Z creating/deleting an isp domain z configuring relevant at...
Page 594
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-7 switch 8800 isp domain view, you can configure a complete set of exclusive isp domain attributes on a per-isp domain basis, which includes aaa policy ( radius scheme applied etc.) for the switch 8800,...
Page 595
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-8 users already online. An isp is in active state once it is created, that is, at that time, all the users in the domain are allowed to request network services. Z maximum number of supplicants specifie...
Page 596
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-9 once this function is enabled on the switch, users can locate the self-service server through the following operations: z select "change user password" on the 802.1x client. Z after the client opens t...
Page 597
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-10 40.2.5 setting the attributes of a local user the attributes of a local user include its password display mode, state, service type and some other settings. I. Setting the password display mode perfo...
Page 598
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-11 operation command set the priority of the specified user level level restore the default priority of the specified user undo level configure the attributes of lan-access users attribute { ip ip-addre...
Page 599
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-12 table 40-9 configure vlan delivering mode operation command configure the vlan delivering mode to be of string type private-group-id mode standard revert to the default vlan delivering mode. Undo pri...
Page 600
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-13 among the above tasks, creating radius scheme and setting ip address of radius server are required, while other takes are optional and can be performed as your requirements. 40.3.1 creating/deleting ...
Page 601
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-14 table 40-11 set ip address and port number of radius server operation command set ip address and port number of primary radius authentication/authorization server. Primary authentication ip -address ...
Page 602
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-15 4 radius servers, or specify one of the two servers as primary authentication/authorization server and secondary accounting server and the other one as secondary authentication/authorization server a...
Page 603
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-16 set radius accounting packet encryption key key accounting string restore the default radius accounting packet encryption key undo key accounting by default, the encryption keys of radius authenticat...
Page 604
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-17 by default, radius request packet will be retransmitted up to three times. 40.3.6 enabling the selection of radius accounting option if no radius server is available or if radius accounting server fa...
Page 605
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-18 table 40-17 recommended real-time accounting intervals for different number of users number of users real-time accounting interval in minutes 1 to 99 3 100 to 499 6 500 to 999 12 ≥1000 ≥15 by default...
Page 606
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-19 40.3.9 enabling/disabling stopping accounting request buffer because the stopping accounting request concerns account balance and will affect the amount of charge, which is very important for both th...
Page 607
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-20 40.3.11 setting the supported type of radius server the switch 8800 supports the standard radius protocol and the extended radius service platforms, such as ip hotel, 201+ and portal. You can use the...
Page 608
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-21 40.3.13 setting the username format transmitted to radius server as mentioned above, the supplicants are generally named in userid@isp-name format. The part following “@” is the isp domain name. The ...
Page 609
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-22 by default, the default data unit is byte and the default data packet unit is one packet. 40.3.15 creating/deleting a local radius authentication server radius service, which adopts authentication/au...
Page 610
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-23 configuring tacacs+ authentication servers z configuring tacacs+ authorization servers z configuring tacacs+ accounting servers and the related attributes z configuring the source address for tacacs+...
Page 611
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-24 40.4.2 configuring tacacs+ authentication servers perform the following configuration in tacacs+ view. Table 40-27 configure tacacs+ authentication servers operation command configure the tacacs+ pri...
Page 612
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-25 note: if only authentication and accounting servers are configured and no authorization server is configured, both authentication and accounting can be performed normally for the ftp, telnet, and ssh...
Page 613
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-26 table 40-30 configure stop-accounting packet retransmission operation command enable stop-accounting packet retransmission and set the allowed maximum number of transmission attempts retry stop-accou...
Page 614
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-27 table 40-32 set a key for securing the communication with the tacacs+ server operation command configure a key for securing the communication with the accounting, authorization or authentication serv...
Page 615
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-28 40.4.9 setting timers regarding tacacs server i. Setting the response timeout timer since tacacs+ is implemented on the basis of tcp, server response timeout or tcp timeout may terminate the connecti...
Page 616
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-29 table 40-37 set a real-time accounting interval operation command set a real-time accounting interval timer realtime-accounting minutes restore the default real-time accounting interval undo timer re...
Page 619
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-32 ii. Network topology authentication servers ( ip address:10.110.91.164 ) internet switch telnet user internet figure 40-4 network diagram for the remote radius authentication of telnet users iii. Con...
Page 620
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-33 40.6.2 configuring authentication at local radius authentication server local radius authentication of telnet/ftp users is similar to the remote radius authentication described in section 40.6.1 . Bu...
Page 621
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-34 iii. Configuration procedure configure the telnet user. Here it is omitted. Note: the configuration of the ftp and telnet users can refer to user interface configuration of getting started operation ...
Page 622
3com switch 8800 configuration guide chapter 40 aaa and radius/tacacs+ protocol con figuration 40-35 z there might be some communication fault between nas and radius/tacacs+ server, which can be discovered through pinging radius/tacacs+ server from nas. So please ensure the normal communication betw...
Page 623
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-1 chapter 41 vrrp configuration 41.1 introduction to vrrp virtual router redundancy protocol (vrrp) is a fault-tolerant protocol. In general, a default route (for example, 10.100.10.1 as shown in the following internetworking diag...
Page 624
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-2 ethernet master host 1 host 2 host 3 10.100.10.7 10.100.10.8 10.100.10.9 virtual ip address10.100.10.1 network backup virtual ip address10.100.10.1 actual ip address10.100.10.2 actual ip address10.100.10.3 figure 41-2 network di...
Page 625
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-3 41.2.1 enabling/disabling the function to ping the virtual ip address this operation enables or disables the function to ping the virtual ip address of the virtual router. The standard protocol of vrrp does not support the ping ...
Page 626
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-4 due to the chips installed, some switches support matching one ip address to multiple mac addresses. The switch 8800 not only guarantees correct data forwarding in the sub-net, but also support such function: the user can choose...
Page 627
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-5 the virtual-address can be an unused address in the network segment where the virtual router resides, or the ip address of an interface in the virtual router. If the ip address is of the switch in the virtual router, it can also...
Page 628
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-6 is higher than that of the current master switch. Accordingly, the former master switch will become the backup switch. Together with preemption settings, a delay can also be set. In this way, a backup will wait for a period of t...
Page 629
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-7 to authenticate the vrrp packets. In this case an authentication key not exceeding 8 characters should be configured. Those packets failing to pass the authentication will be discarded and a trap packet will be sent to the netwo...
Page 630
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-8 table 41-8 configure virtual router timer operation command configure virtual router timer vrrp vrid virtual-router-id timer advertise adver-interval clear virtual router timer undo vrrp vrid virtual-router-id timer advertise by...
Page 631
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-9 41.3 displaying and debugging vrrp after the above configuration, execute display command in any view to display the running of the vrrp configuration, and to verify the configuration. Execute debugging command in user view to d...
Page 632
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-10 ii. Networking diagram virtual ip address: 202.38.160.111 switch_a host a 202.38.160.3 vlan-interface2: 202.38.160.1 internet switch_b vlan-interface2: 202.38.160.2 v lan-interface3: 10.100.10.2 host b 10.2.3.1 figure 41-3 netw...
Page 633
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-11 [lsw-b-vlan-interface2] ip address 202.38.160.2 255.255.255.0 [lsw-b-vlan-interface2] quit configure vrrp. [lsw-b] vrrp ping-enable [lsw-b] interface vlan 2 [lsw-b-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 [lsw-b-v...
Page 634
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-12 [lsw_a-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 set the priority for the virtual router. [lsw_a-vlan-interface2] vrrp vrid 1 priority 110 set the authentication key for the virtual router. [lsw_a-vlan-interface2] ...
Page 635
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-13 switch for virtual router 2 and vice versa for switch b. Some hosts employ virtual router 1 as the gateway, while others employ virtual router 2 as the gateway. In this way, both load balancing and mutual backup are implemented...
Page 636
3com switch 8800 configuration guide chapter 41 vrrp configuration 41-14 41.5 troubleshooting vrrp as the configuration of vrrp is not very complicated, almost all the malfunctions can be found through viewing the configuration and debugging information. Here are some possible failures you might mee...
Page 637
3com switch 8800 configuration guide chapter 42 ha configuration 42-1 chapter 42 ha configuration 42.1 introduction to ha ha (high availability) is to achieve a high availability of the system and to recover the system as soon as possible in the event of fabric failures so as to shorten the mtbf (me...
Page 638
3com switch 8800 configuration guide chapter 42 ha configuration 42-2 z configuring the load mode of the fabric and slave board 42.2.1 restarting the slave system manually in the environment in which the slave system is available, the user can restart the slave system manually. Perform the following...
Page 639
3com switch 8800 configuration guide chapter 42 ha configuration 42-3 table 42-3 enable/disable automatic synchronization operation command enable automatic synchronization slave auto-update config disable automatic synchronization undo slave auto-update config by default, the automatic synchronizat...
Page 640
3com switch 8800 configuration guide chapter 42 ha configuration 42-4 caution: when a single fabric is in position, the load-balance mode is not effective and the fabric changes to the load-single mode automatically. 42.3 displaying and debugging ha configuration after the above configuration, execu...
Page 641
3com switch 8800 configuration guide chapter 43 file system management 43-1 chapter 43 file system management 43.1 file system configuration 43.1.1 file system overview the ethernet switch provides a file system module for user’s efficient management over the storage devices such as flash memory. Th...
Page 642
3com switch 8800 configuration guide chapter 43 file system management 43-2 43.1.2 directory operation the file system can be used to create or delete a directory, display the current working directory, and display the information about the files or directories under a specified directory. You can u...
Page 643
3com switch 8800 configuration guide chapter 43 file system management 43-3 caution: when you use the delete command without the unreserved option to delete a file, the file is in fact saved in the recycle bin and still occupies some of the storage space. So, the frequent uses of this command may re...
Page 644
3com switch 8800 configuration guide chapter 43 file system management 43-4 43.1.5 setting the prompt mode of the file system the following command can be used for setting the prompt mode of the current file system. Perform the following configuration in system view. Table 43-4 file system operation...
Page 645
3com switch 8800 configuration guide chapter 43 file system management 43-5 will begin the initialization with the default parameters. Relative to the saved-configuration, the configuration in effect during the operating process of the system is called current-configuration. You can use the followin...
Page 646
3com switch 8800 configuration guide chapter 43 file system management 43-6 43.2.4 erasing configuration files from flash memory the reset saved-configuration command can be used to erase configuration files from flash memory. The system will use the default configuration parameters for initializati...
Page 647
3com switch 8800 configuration guide chapter 43 file system management 43-7 note: the system supports ftp services over vpn. 43.3.1 ftp overview ftp (file transfer protocol) is a universal method for transmitting files on the internet and ip networks. In this method, files are copied from one system...
Page 648
3com switch 8800 configuration guide chapter 43 file system management 43-8 table 43-11 lists the configuration of the switching as ftp server. Table 43-11 configuration of the switch as ftp server device configuration default description start ftp server. Ftp server is disabled. You can view the co...
Page 649
3com switch 8800 configuration guide chapter 43 file system management 43-9 authorized users. You can use the following commands to configure ftp server authentication and authorization. The authorization information of ftp server includes the top working directory provided for ftp clients. Perform ...
Page 650
3com switch 8800 configuration guide chapter 43 file system management 43-10 43.3.5 displaying and debugging ftp server after the above configuration, execute display command in any view to display the running of the ftp server configuration, and to verify the effect of the configuration. Table 43-1...
Page 651
3com switch 8800 configuration guide chapter 43 file system management 43-11 the switch application switch.App is stored on the pc. Using ftp, the switch can download the switch.App from the remote ftp server and upload the vrpcfg.Cfg to the ftp server under the switch directory for backup purpose. ...
Page 652
3com switch 8800 configuration guide chapter 43 file system management 43-12 use the put command to upload the vrpcfg.Cfg to the ftp server. [ftp] put vrpcfg.Cfg use the get command to download the switch.App from the ftp server to the flash directory on the ftp server. [ftp] get switch.App use the ...
Page 653
3com switch 8800 configuration guide chapter 43 file system management 43-13 [sw8800] ftp server enable [sw8800] local-user switch [sw8800-luser-switch] service-type ftp ftp-directory flash: [sw8800-luser-switch] password simple hello 2) run ftp client on the pc and establish ftp connection. Upload ...
Page 654
3com switch 8800 configuration guide chapter 43 file system management 43-14 switch pc network switch switch pc network figure 43-4 tftp configuration table 43-17 lists the configuration of the switch as tftp client. Table 43-17 configuration of the switch as tftp client device configuration default...
Page 655
3com switch 8800 configuration guide chapter 43 file system management 43-15 43.4.3 uploading files by means of tftp to upload a file, the client sends a request to the tftp server and then transmits data to it and receives the acknowledgement from it. You can use the following commands to upload fi...
Page 656
3com switch 8800 configuration guide chapter 43 file system management 43-16 system-view [sw8800] caution: if the flash memory of the switch is not enough, you need to first delete the existing programs in the flash memory and then upload the new ones. Configure ip address 1.1.1.1 for the vlan inter...
Page 657
3com switch 8800 configuration guide chapter 44 mac address table management 44-1 chapter 44 mac address table management 44.1 mac address table management overview an ethernet switch maintains a mac address table for fast forwarding packets. A table entry includes the mac address of a device and th...
Page 658
3com switch 8800 configuration guide chapter 44 mac address table management 44-2 you can configure (add or modify) the mac address entries manually according to the actual networking environment. The entries can be static ones or dynamic ones. 44.2 mac address table management configuration the fol...
Page 659
3com switch 8800 configuration guide chapter 44 mac address table management 44-3 if aging time is set too short, the ethernet switch may delete valid mac address table. You can use the following commands to set the mac address aging time for the system. Perform the following configuration in system...
Page 660
3com switch 8800 configuration guide chapter 44 mac address table management 44-4 44.3.1 maximum mac address number learned by a port and forwarding option configuration tasks maximum mac address number learned by a port and forwarding option configuration tasks are described in the following table:...
Page 661
3com switch 8800 configuration guide chapter 44 mac address table management 44-5 sequence number configuration item command description 5 set the maximum number of mac addresses learned by an ethernet port, and when the current number of mac addresses exceeds the threshold value, whether the switch...
Page 662
3com switch 8800 configuration guide chapter 44 mac address table management 44-6 execute the debugging command in user view to debug mac address table configuration. Table 44-4 display and debug mac address tables operation command display the information in the address table display mac-address [ ...
Page 663
3com switch 8800 configuration guide chapter 44 mac address table management 44-7 ii. Network diagram console port network port switch internet figure 44-2 network diagram for address table management configuration iii. Configuration procedure enter the system view of the switch. System-view add a m...
Page 664
3com switch 8800 configuration guide chapter 45 device management 45-1 chapter 45 device management 45.1 device management overview with the device management function, the ethernet switch can display the current running state and event debugging information about the slots, thereby implementing the...
Page 665
3com switch 8800 configuration guide chapter 45 device management 45-2 table 45-2 enable the timing reboot function operation command enable the timing reboot function of the switch, and set specified time and date schedule reboot at hh:mm [ yyyy/mm/dd ] enable the timing reboot function of the swit...
Page 666
3com switch 8800 configuration guide chapter 45 device management 45-3 45.2.4 upgrading bootrom you can use followed command to upgrade the bootrom with the bootrom program in the flash memory. This configuration task facilitates the remote upgrade. You can upload the bootrom program file from a rem...
Page 667
3com switch 8800 configuration guide chapter 45 device management 45-4 main control board of a 16 mb flash, the service processing board cannot be updated according to the original procedure. To update it, you need to execute the following command to download host software containing the app file of...
Page 668
3com switch 8800 configuration guide chapter 45 device management 45-5 display cpu occupancy display cpu [slot slot-no ] 45.4 device management configuration example 45.4.1 using the switch as an ftp client to implement the remote upgrade i. Network requirements the user logs into the switch using t...
Page 669
3com switch 8800 configuration guide chapter 45 device management 45-6 caution: if the flash memory of the switch is not enough, you need to first delete the existing programs in the flash memory and then download the new ones to the memory. Enter the corresponding command in user view to establish ...
Page 670
3com switch 8800 configuration guide chapter 45 device management 45-7 45.4.2 use the switch as an ftp server to implement the remote upgrade i. Network requirements the switch serves as an ftp server and the pc as an ftp client. The configuration on the ftp server is as follows: an ftp user is conf...
Page 671
3com switch 8800 configuration guide chapter 45 device management 45-8 caution: if the flash memory on the switch is not sufficient, delete the original application program in the flash before uploading the new one into the flash of the switch. 3) after uploading, performs upgrading on the switch. Y...
Page 672
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-1 chapter 46 system maintenance and debugging 46.1 basic system configuration the basic system configuration and management include: z switch name setting z system clock setting z time zone setting z summer time sett...
Page 676
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-5 46.4 testing tools for network connection 46.4.1 ping the ping command can be used to check the network connection and if the host is reachable. Perform the following configuration in any view. Table 46-8 the ping ...
Page 677
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-6 46.4.3 tracert the tracert is used for testing the gateways passed by the packets from the source host to the destination one. It is mainly used for checking if the network is connected and analyzing where the faul...
Page 678
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-7 the description of the components of log information is as follows: 1) % in practical output, some of the information is started with the % character, which means a logging is necessary. 2) priority the priority is...
Page 679
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-8 module name description dev device management module dhcp dynamic host configuration protocol module diagcli diagnosis module dns domain name server module drvmpls multiprotocol label switching drive module drvl2 l...
Page 680
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-9 module name description mpm multicast port management module msdp multicast source discovery protocol module mstp multiple spanning tree protocol module nat network address translation module ntp network time proto...
Page 681
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-10 switch information falls into three categories: log information, debugging information and trap information. The info-center classifies every kind of information into 8 severity or urgent levels. The log filtering...
Page 682
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-11 logging buffer 4 logbuf snmp 5 snmpagent log file 6 logfile note: the settings in the 7 directions are independent from each other. The settings will take effect only after enabling the information center. The inf...
Page 683
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-12 table 46-15 send the configuration information to the console terminal. Device configuration default value configuration description enable info-center by default, info-center is enabled. Other configurations are ...
Page 684
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-13 table 46-17 send the configuration information to the log buffer device configuration default value configuration description enable info-center by default, info-center is enabled. Other configurations are valid o...
Page 685
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-14 set the information output direction to snmp — — set information source — you can define which modules and information to be sent out and the time-stamp format of information, and so on. You must turn on the switc...
Page 687
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-16 every channel has been set with a default record, whose module name is default and the module number is 0xffff0000. However, for different channels, the default record may have different default settings of log, t...
Page 688
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-17 note: info-center is enabled by default. After info-center is enabled, system performances are affected when the system processes much information because of information classification and outputting. 2) configuri...
Page 689
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-18 may have different default settings of log, trap and debugging. When there is no specific configuration record for a module in the channel, use the default one. Note: if you want to view the debugging information ...
Page 690
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-19 enable terminal display function of trap information terminal trapping disable terminal display function of trap information undo terminal trapping 46.5.5 sending the configuration information to telnet terminal o...
Page 692
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-21 this configuration will affect the timestamp of the displayed information. Perform the following configuration in system view: table 46-32 configure the output format of time-stamp operation command configure the ...
Page 693
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-22 1) enabling info-center perform the following configuration in system view. Table 46-34 enable/disable info-center operation command enable info-center info-center enable disable info-center undo info-center enabl...
Page 694
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-23 modu-name specifies the module name; default represents all the modules; all represents all the information filter configuration in channelnum chunnel except default; level refers to the severity levels; severity ...
Page 695
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-24 disable info-center undo info-center enable note: info-center is enabled by default. After info-center is enabled, system performances are affected when the system processes much information because of information...
Page 696
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-25 every channel has been set with a default record, whose module name is default and the module number is 0xffff0000. However, for different channels, the default record may have different default settings of log, t...
Page 697
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-26 note: info-center is enabled by default. After info-center is enabled, system performances are affected when the system processes much information because of information classification and outputting. 2) configuri...
Page 698
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-27 every channel has been set with a default record, whose module name is default and the module number is 0xffff0000. However, for different channels, the default record may have different default settings of log, t...
Page 700
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-29 iii. Configuration steps 1) configuration on the switch enable info-center [sw8800] info-center enable set the host with the ip address of 202.38.1.10 as the loghost; set the severity level threshold value as info...
Page 701
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-30 kill -hup 147 after the above operation, the switch system can record information in related log files. Note: to configure facility, severity, filter and the file syslog.Conf synthetically, you can get classificat...
Page 702
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-31 2) configuration on the loghost this configuration is performed on the loghost. Step 1: perform the following command as the super user (root). Mkdir /var/log/sw8800 touch /var/log/sw8800/information step 2: edit ...
Page 703
3com switch 8800 configuration guide chapter 46 system maintenance and debugging 46-32 note: to configure facility, severity, filter and the file syslog.Conf synthetically, you can get classification in great detail and filter the information. 46.5.12 configuration examples of sending log to the con...
Page 704
3com switch 8800 configuration guide chapter 47 snmp configuration 47-1 chapter 47 snmp configuration 47.1 snmp overview by far, the simple network management protocol (snmp) has gained the most extensive application in the computer networks. Snmp has been put into use and widely accepted as an indu...
Page 705
3com switch 8800 configuration guide chapter 47 snmp configuration 47-2 a 2 6 1 5 2 1 1 2 1 b figure 47-1 architecture of the mib tree the mib (management information base) is used to describe the hierarchical architecture of the tree and it is the set defined by the standard variables of the monito...
Page 706
3com switch 8800 configuration guide chapter 47 snmp configuration 47-3 mib attribute mib content references dhcp mib — qacl mib — adbm mib — rstp mib — vlan mib — device management — private mib interface management — 47.3 configuring snmp the following sections describe the snmp configuration task...
Page 709
3com switch 8800 configuration guide chapter 47 snmp configuration 47-6 table 47-6 set the lifetime of trap message operation command set lifetime of trap message snmp-agent trap life seconds restore lifetime of trap message undo snmp-agent trap life by default, the lifetime of trap message is 120 s...
Page 710
3com switch 8800 configuration guide chapter 47 snmp configuration 47-7 47.3.8 setting the source address of trap you can use the following commands to set or remove the source address of the trap. Perform the following configuration in system view. Table 47-9 set the source address of trap operatio...
Page 711
3com switch 8800 configuration guide chapter 47 snmp configuration 47-8 47.3.10 creating/updating view information or deleting a view you can specify the view to control the access to the mib by snmp manager. You can use either the predefined views or the self-defined views. You can use the followin...
Page 712
3com switch 8800 configuration guide chapter 47 snmp configuration 47-9 47.4 displaying and debugging snmp after the above configuration, execute the display command in any view to display the running of the snmp configuration, and to verify the effect of the configuration. Table 47-14 display and d...
Page 713
3com switch 8800 configuration guide chapter 47 snmp configuration 47-10 ii. Network diagram ethernet nms 129.102.0.1 129.102.149.23 figure 47-2 network diagram for snmp configuration iii. Configuration procedure enter the system view. System-view set the community name, group and user. [sw8800] snm...
Page 714
3com switch 8800 configuration guide chapter 47 snmp configuration 47-11 users can query and configure the ethernet switch through the network management system. For details, see the manuals for the network management products..
Page 715
3com switch 8800 configuration guide chapter 48 rmon configuration 48-1 chapter 48 rmon configuration 48.1 rmon overview remote network monitoring (rmon) is a type of ietf-defined mib. It is the most important enhancement to the mib ii standard. It mainly used for monitoring the data traffic on a se...
Page 716
3com switch 8800 configuration guide chapter 48 rmon configuration 48-2 note: before configuring rmon, you must ensure that the snmp agent is properly configured. See chapter 50 ssh terminal service for the snmp agent configuration. The following sections describe the rmon configuration tasks. Z add...
Page 719
3com switch 8800 configuration guide chapter 48 rmon configuration 48-5 delete an entry from the history control table. Undo rmon history entry-number history control entry calculates various data at the sampling time interval.You can use the display rmon history command to view the information of t...
Page 720
3com switch 8800 configuration guide chapter 48 rmon configuration 48-6 display the event log of rmon display rmon eventlog [ event-number ] 48.4 rmon configuration example i. Network requirements set an entry in rmon ethernet statistics table for the ethernet port performance, which is convenient f...
Page 721
3com switch 8800 configuration guide chapter 48 rmon configuration 48-7 packets received according to length (in octets): 64 :644 , 65-127 :518 , 128-255 :688 256-511:101 , 512-1023:3 , 1024-1518:0
Page 722
3com switch 8800 configuration guide chapter 49 ntp configuration 49-1 chapter 49 ntp configuration 49.1 brief introduction to ntp 49.1.1 ntp functions as the network topology gets more and more complex, it becomes important to synchronize the clocks of the equipment on the whole network. Network ti...
Page 723
3com switch 8800 configuration guide chapter 49 ntp configuration 49-2 z before synchronizing the system clocks on ethernet switch a and b, the clock on ethernet switch a is set to 10:00:00am, and that on b is set to 11:00:00am. Z ethernet switch b serves as an ntp time server. That is, ethernet swi...
Page 724
3com switch 8800 configuration guide chapter 49 ntp configuration 49-3 time server of the local equipment. In this case the local ethernet switch works as an ntp client. If you set a remote server as a peer of the local ethernet switch, the local equipment operates in symmetric active mode. If you c...
Page 725
3com switch 8800 configuration guide chapter 49 ntp configuration 49-4 ii. Configuring ntp peer mode set a remote server whose ip address is ip-address as the peer of the local equipment. In this case, the local equipment operates in symmetric active mode. Ip-address specifies a host address other t...
Page 726
3com switch 8800 configuration guide chapter 49 ntp configuration 49-5 iv. Configuring ntp broadcast client mode designate an interface on the local ethernet switch to receive ntp broadcast messages and operate in broadcast client mode. The local ethernet switch listens to the broadcast from the ser...
Page 727
3com switch 8800 configuration guide chapter 49 ntp configuration 49-6 vi. Configuring ntp multicast client mode designate an interface on the local ethernet switch to receive ntp multicast messages and operate in multicast client mode. The local ethernet switch listens to the multicast from the ser...
Page 728
3com switch 8800 configuration guide chapter 49 ntp configuration 49-7 table 49-8 configure ntp authentication key operation command configure ntp authentication key ntp-service authentication-keyid number authentication-mode md5 value remove ntp authentication key undo ntp-service authentication-ke...
Page 729
3com switch 8800 configuration guide chapter 49 ntp configuration 49-8 ntp-service unicast-server or ntp-service unicast-peer command also designates a transmitting interface, use the one designated by them. 49.2.6 setting ntp master clock this configuration task is to set the external reference clo...
Page 730
3com switch 8800 configuration guide chapter 49 ntp configuration 49-9 server: allow local ntp time service request and control query. However, the local clock will not be synchronized by a remote server. Peer: allow local ntp time service request and control query. And the local clock will also be ...
Page 731
3com switch 8800 configuration guide chapter 49 ntp configuration 49-10 49.4 ntp configuration example 49.4.1 configuring a ntp server i. Network requirements on sw88001, set local clock as the ntp master clock at stratum 2. On sw88002, configure sw88001 as the time server in server mode and set the...
Page 732
3com switch 8800 configuration guide chapter 49 ntp configuration 49-11 clock stratum: 16 reference clock id: none nominal frequency: 100.0000 hz actual frequency: 100.0000 hz clock precision: 2^17 clock offset: 0.0000 ms root delay: 0.00 ms root dispersion: 0.00 ms peer dispersion: 0.00 ms referenc...
Page 733
3com switch 8800 configuration guide chapter 49 ntp configuration 49-12 ii. Network diagram see figure 7-2. Iii. Configuration procedure configure ethernet switch sw88003: enter system view. System-view set the local clock as the ntp master clock at stratum 2. [sw88003] ntp-service refclock-master 2...
Page 734
3com switch 8800 configuration guide chapter 49 ntp configuration 49-13 reference time: 19:21:32.287 utc oct 24 2004(c5267f3c.49a61e0c) by this time, sw88004 has been synchronized by sw88005 and it is at stratum 2, or higher than sw88005 by 1. Display the sessions of sw88004 and you will see sw88004...
Page 735
3com switch 8800 configuration guide chapter 49 ntp configuration 49-14 configure ethernet switch sw88001: enter system view. System-view enter vlan-interface2 view. [sw88001] interface vlan-interface 2 [sw88001-vlan-interface2] ntp-service broadcast-client the above examples configured sw88004 and ...
Page 736
3com switch 8800 configuration guide chapter 49 ntp configuration 49-15 their respective vlan-interface2. (note: sw88003 supports to configure the local clock as the master clock) ii. Network diagram see figure 7-2. 1) configuration procedure configure ethernet switch sw88003: enter system view. Sys...
Page 737
3com switch 8800 configuration guide chapter 49 ntp configuration 49-16 49.4.5 configure authentication-enabled ntp server mode i. Network requirements sw88001 sets the local clock as the ntp master clock at stratum 2. Sw88002 sets sw88001 as its time server in server mode and itself in client mode ...
Page 738
3com switch 8800 configuration guide chapter 49 ntp configuration 49-17 [sw88001] ntp-service authentication-keyid 42 authentication-mode md5 anicekey configure the key as reliable. [sw88001] ntp-service reliable authentication-keyid 42.
Page 739
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-1 chapter 50 ssh terminal service 50.1 ssh terminal service 50.1.1 ssh overview this chapter introduces the secure shell (ssh) feature. When a user telnets to the switch from an insecure network, the ssh feature can provide secu...
Page 740
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-2 local switch local ethernet wan server ssh client pc laptop laptop w orkstation w orkstation remote ethernet remote switch server ssh server local ethernet wan server pc ssh pc laptop laptop w orkstation remote ethernet server...
Page 741
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-3 z the server initiates a procedure to authenticate the user. If the server is configured not to authenticate the user, the process proceeds to session request phase directly. Z the client employs an authentication mode to auth...
Page 743
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-5 num item command description 15 configure the ssh compatibility mode [sw8800] ssh server compatible_ssh1x enable optional by default, the server is compatible with the ssh1.X client. I. Configuring the protocol the current use...
Page 744
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-6 z the minimum and maximum lengths for the host key and the server key are 512 bits and 2048 bits respectively. Perform the following configuration in system view. Table 50-3 generate an rsa key pair operation command generate ...
Page 745
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-7 table 50-5 configure the updating cycle of the server key operation command configure the updating cycle of the server key ssh server rekey-interval hours cancel the updating cycle configuration undo ssh server rekey-interval ...
Page 746
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-8 table 50-8 public key configuration operation command enter the public key view rsa peer-public-key key-name exit the public view and return to the system view peer-public-key end note: the configuration commands are applicabl...
Page 747
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-9 while the generator is running, move your mouse over the blank area of the window. Save the pair of keys as publickey and privatekey. File names are aaa.Pub and aaa.Pri.
Page 748
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-10 convert the file aaa.Pub into key configuration data in hex. Convert the converted result into the cli of the switch unit [sw8800-rsa-key-code] [sw8800-rsa-key-code]30818602 81806123 9f5a4d90 9049c7f4 3ac1cac6 221bac8b [sw880...
Page 749
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-11 x. Exiting the public key edit view use this configuration task to return from the public key edit view to the public key view and save the input public key. Before saving the input public key, the system will check the valid...
Page 750
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-12 50.1.3 ssh client configuration the following sections describe the ssh client configuration tasks. Z set to perform the first-time authentication on the ssh server to be accessed z specifying the public key of the server z c...
Page 751
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-13 perform the following configuration in system view. Table 50-16 configure the first-time authentication of the server operation command configure the first-time authentication of the server ssh client first-time enable cancel...
Page 752
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-14 ii. Network diagram switch pc ssh client switch ssh server pc figure 50-3 network diagram for ssh server iii. Configuration procedure 1) generate the rsa key. [sw8800] rsa local-key-pair create note: if the configuration for ...
Page 753
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-15 note: you can use the default values for ssh authentication timeout and retries. After completing the above configurations, you can run the ssh 2.0-enabled client software on any other terminal connected with the switch and a...
Page 754
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-16 50.1.6 ssh client configuration example i. Network requirements as shown in figure 50-4: z switch a is used as an ssh client. Z switch b is used as the ssh server, and the ip address is 10.165.87.136. Ii. Network diagram pc i...
Page 755
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-17 [sw8800] ssh client first-time enable access the remote server and perform operations. Z employ rsa public key authentication mode, and start using the corresponding encryption algorithm configured. [sw8800] ssh2 10.165.87.13...
Page 757
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-19 num item command description sftp-client> bye sftp-client> exit 3 shut down the sftp client sftp-client> quit optional chang the current directory sftp-client> cd [remote-path ] return to the upper directory sftp-client> cdup...
Page 759
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-21 operation command directory ls [ remote-path ] create a new directory on the server mkdir remote-path delete a directory from the server rmdir remote-path note: the dir command and the ls command have the same functionality. ...
Page 760
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-22 table 50-25 display help information for client commands operation command display help information for client commands help [ command-name ] 50.2.4 sftp configuration example i. Network requirements as shown in figure 50-5: ...
Page 761
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-23 [sw8800-rsa-public-key] public-key-code begin [sw8800-rsa-key-code] 308186028180739a291abda704f5d93dc8fdf84c427463 [sw8800-rsa-key-code] 1991c164b0df178c55fa833591c7d47d5381d09ce82913 [sw8800-rsa-key-code] d7edf9c08511d83ca4e...
Page 762
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-24 -rwxrwxrwx 1 noone nogroup 225 aug 24 08:01 pubkey2 -rwxrwxrwx 1 noone nogroup 283 aug 24 07:39 pubkey1 drwxrwxrwx 1 noone nogroup 0 sep 01 06:22 new -rwxrwxrwx 1 noone nogroup 225 sep 01 06:55 pub create a new directory new1...
Page 763
3com switch 8800 configuration guide chapter 50 ssh terminal service 50-25 sftp-client> exit sftp. Sftp-client> quit bye.
Page 764
3com switch 8800 configuration guide chapter 51 poe configuration 51-1 chapter 51 poe configuration 51.1 poe overview 51.1.1 poe on the switch the switch 8800 supports power-over-ethernet (poe). Equipped with external power supply and poe-capable cards, switch 8800s can provide 48 vdc power for remo...
Page 765
3com switch 8800 configuration guide chapter 51 poe configuration 51-2 51.1.2 external pse4500-a power system if pse4500-a power system is taken as the external power supply of the switch, the power distribution is as follows: 1) input voltage: 90 vac to 160 vac z one psu (power supply unit) of the ...
Page 766
3com switch 8800 configuration guide chapter 51 poe configuration 51-3 table 51-1 poe configuration tasks on the switch 8800 no item command description 1 enter system view system-view — 2 enter ethernet port view interface interface-type interface-number as a result of this command, a port view pro...
Page 767
3com switch 8800 configuration guide chapter 51 poe configuration 51-4 to cancel the configurations, use the corresponding undo commands. For details about the parameters, refer to the command manual. Note: z when setting the maximum poe power supplied by the switch, you must set it to a value great...
Page 768
3com switch 8800 configuration guide chapter 51 poe configuration 51-5 ii. Network diagram figure 51-1 poe remote power supplying iii. Configuration procedure set the maximum power to 400 w on the card in slot 3. By default, the power of each card is full, so the power on the card in slot 5 need not...
Page 769
3com switch 8800 configuration guide chapter 52 poe psu supervision configuration 52-1 chapter 52 poe psu supervision configuration 52.1 introduction to poe psu supervision the poe-capable switch 8800 can monitor the external poe psus through the power supervision module on the poe external power sy...
Page 770
3com switch 8800 configuration guide chapter 52 poe psu supervision configuration 52-2 note: z you can set the thresholds to any appropriate values in the range, but make sure the lower threshold is less than the upper threshold. Z for 220 vac input, it is recommended to set the upper threshold to 2...
Page 771
3com switch 8800 configuration guide chapter 52 poe psu supervision configuration 52-3 52.3.1 dc output alarm thresholds configuration tasks table 52-2 dc output alarm thresholds configuration tasks no operation command description 1 enter system view system-view — 2 set the overvoltage alarm thresh...
Page 772
3com switch 8800 configuration guide chapter 52 poe psu supervision configuration 52-4 [sw8800] poe-power output-thresh lower 45.0 display the dc output state of the poe psus. [sw8800] display poe-power dc-output state display the dc output voltage/current values of the poe psus. [sw8800] display po...
Page 773
3com switch 8800 configuration guide chapter 52 poe psu supervision configuration 52-5 ii. Network diagram figure 52-1 network diagram for poe supervision configuration iii. Configuration procedure enter system view. System-view set the overvoltage alarm threshold of ac input for poe psus to 264.0 v...