Accton Technology ES4710BD User Manual

Manual is about: Accton 10 Slots L2/L3/L4 Chassis Switch

Page of 547

Download

Print this page

Bookmark us

www.edge-core.com

ES4710BD

10 Slots L2/L3/L4 Chassis Switch

User’s Guide

1 2 3 4 5 6 7 Next › »

Summary of ES4710BD

Page 1
Www.Edge-core.Com es4710bd 10 slots l2/l3/l4 chassis switch user’s guide.
Page 2
1 e es4710bd 10 slots l2/l3/l4 chassis switch preface es4710bd is a high performance routing switch released by edge-core that can be deployed as the core layer device for campus and enterprise networks, or as an aggregation device for ip metropolitan area networks (man). Es4710bd provides 10 slots,...
Page 3
2 e es4710bd 10 slots l2/l3/l4 chassis switch content chapter 1 product overview............................................................................................31 1.1 p roduct b rief ............................................................................................................
Page 4
3 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.2.4 em4700bd- 2 xg-xenpak ........................................................................................... 44 1.4.2.4.1 front panel ..............................................................................................................
Page 5
4 e es4710bd 10 slots l2/l3/l4 chassis switch 2.3.1.2 rack-mounting es4710bd............................................................................................................ 61 2.3.1.3 wearing an esd wrist strap ................................................................................
Page 6
5 e es4710bd 10 slots l2/l3/l4 chassis switch 4.2.1.1.3.2 vlan mode ................................................................................................................... 88 4.2.1.1.3.3 dhcp address pool mode..................................................................................
Page 7
6 e es4710bd 10 slots l2/l3/l4 chassis switch 5.2.2.3.2 telnet ..................................................................................................................................... 100 5.2.2.3.3 telnet-server enable........................................................................
Page 8
7 e es4710bd 10 slots l2/l3/l4 chassis switch 5.4.4.2.6 snmp-server securityip.......................................................................................................... 116 5.4.5 typical snmp configuration examples ........................................................................
Page 9
8 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.2.3 configure ip address of snmp manager...................................................................................... 141 5.6.2.4 snmp statistics ..................................................................................................
Page 10
9 e es4710bd 10 slots l2/l3/l4 chassis switch 6.4.1 reset specific module..........................................................................................................155 6.4.2 show slot.........................................................................................................
Page 11
10 e es4710bd 10 slots l2/l3/l4 chassis switch 7.2.4.1 introduction to port mirroring...................................................................................................... 170 7.2.4.2 port mirroring configuration task sequence.............................................................
Page 12
11 e es4710bd 10 slots l2/l3/l4 chassis switch 8.4.1.1 show mac-address-table aging-time ............................................................................................. 185 8.4.1.2 show mac-address-table static ..............................................................................
Page 13
12 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.2.2.5 clearing port mac.................................................................................................................... 199 8.6.2.3 mac binding attribution configuration...............................................................
Page 14
13 e es4710bd 10 slots l2/l3/l4 chassis switch 9.5.1.1 create/remove vlan .................................................................................................................. 217 9.5.1.1.1 vid allocation......................................................................................
Page 15
14 e es4710bd 10 slots l2/l3/l4 chassis switch 10.2.2.9 spanning-tree link-type p2p........................................................................................................ 232 10.2.2.10 spanning-tree maxage.................................................................................
Page 16
15 e es4710bd 10 slots l2/l3/l4 chassis switch 10.5.4 show mstp setting...........................................................................................................250 10.5.4.1 instance information............................................................................................
Page 17
16 e es4710bd 10 slots l2/l3/l4 chassis switch 12.1.3 access list action and global default action ...................................................................266 12.2 acl configuration ..............................................................................................................
Page 18
17 e es4710bd 10 slots l2/l3/l4 chassis switch 13.4 p ort c hannel t roubleshooting h elp ................................................................................290 13.4.1 monitor and debug commands ........................................................................................290 ...
Page 19
18 e es4710bd 10 slots l2/l3/l4 chassis switch 14.5 dhcp t roubleshooting h elp ...........................................................................................313 14.5.1 monitor and debug commands ........................................................................................313...
Page 20
19 e es4710bd 10 slots l2/l3/l4 chassis switch 15.3.1.1 show sntp .................................................................................................................................. 329 15.3.1.2 debug sntp...................................................................................
Page 21
20 e es4710bd 10 slots l2/l3/l4 chassis switch 16.4.1.4 show mls qos maps ................................................................................................................... 354 16.4.1.5 show class-map......................................................................................
Page 22
21 e es4710bd 10 slots l2/l3/l4 chassis switch 17.2.1 introduction to ip forwarding............................................................................................369 17.2.2 ip route aggregation configuration...................................................................................
Page 23
22 e es4710bd 10 slots l2/l3/l4 chassis switch 18.2.3.2.1 ip route ................................................................................................................................ 380 18.2.3.2.2 show ip route ..............................................................................
Page 24
23 e es4710bd 10 slots l2/l3/l4 chassis switch 18.4 ospf .........................................................................................................................................404 18.4.1 introduction to ospf .............................................................................
Page 25
24 e es4710bd 10 slots l2/l3/l4 chassis switch 18.4.2.2.34 debug ip ospf spf............................................................................................................... 429 18.4.3 typical ospf scenario ..................................................................................
Page 26
25 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 19 multicast protocol configuration .................................................. 457 19.1 m ulticast p rotocol o verview ............................................................................................457 19.1.1 introduction to...
Page 27
26 e es4710bd 10 slots l2/l3/l4 chassis switch 19.4.4.1.2 show ip pim interface .......................................................................................................... 475 19.4.4.1.3 show ip pim mroute sm ...............................................................................
Page 28
27 e es4710bd 10 slots l2/l3/l4 chassis switch 19.6.2.2.3 ip igmp query-interval ........................................................................................................ 496 19.6.2.2.4 ip igmp query-max-response-time ......................................................................
Page 29
28 e es4710bd 10 slots l2/l3/l4 chassis switch 19.7.6.5 show ip pim mroute sm..................................................................................................507 19.7.6.6 show ip pim rp ....................................................................................................
Page 30
29 e es4710bd 10 slots l2/l3/l4 chassis switch 20.4.1.3 show aaa authenticating-user .................................................................................................... 524 20.4.1.4 show radius count ......................................................................................
Page 31
30 e es4710bd 10 slots l2/l3/l4 chassis switch 21.4.1 create vrrp number .......................................................................................................543 21.4.2 configure vrrp dummy ip.............................................................................................
Page 32: 1.1 Product Brief
31 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 1 product overview recommendation: please read this manual first before using the switch, following the instructions to avoid damaging the device. 1.1 product brief fig 1-1 es4710bd switch 1.1.1 introduction edge-core es4710bd is a high performa...
Page 33
32 e es4710bd 10 slots l2/l3/l4 chassis switch 1.1.2 features advanced architecture the design for the es4710bd core routing switch is fully distributed architecture. With a powerful asic chip dedicated to high-speed route lookup and traffic forwarding through “longest-match” and “packet-by-packet” ...
Page 34
33 e es4710bd 10 slots l2/l3/l4 chassis switch layer 3 forwarding layer 3 forwarding is the forwarding of layer 3 packets (ip packet) across vlans, which es4710bd uses switch chip hardware to forward ip packets, facilitating the on-chip host route entries and default routing table entries, allowing ...
Page 35
34 e es4710bd 10 slots l2/l3/l4 chassis switch igmp snooping es4710bd supports igmp snooping based on multi-casting applications enabling various multi-cast services (e.G. Multimedia playback, remote education and recreation) in an access network with lowered network traffic. Broadcast storm control...
Page 36
35 e es4710bd 10 slots l2/l3/l4 chassis switch restart and reset to factory setting can be done both locally and remotely tftp /ftp firmware upgrade available can be installed into standard 19-inch chassis 1.2 technical specifications protocols and standards □ ieee802.3 10base-t ethernet □ ieee802.3...
Page 37: 1.4 Hardware Components
36 e es4710bd 10 slots l2/l3/l4 chassis switch 1.3 physical specifications management port □ one rj-45 serial port for each management module ac power input □ 90 ~ 264vac, 50 ~ 60hz □ built-in universal power supply dc power input □ dc: -36 ~ -72vdc □ built-in universal power supplies power consumpt...
Page 38
37 e es4710bd 10 slots l2/l3/l4 chassis switch a grounding post has been provided on each side of the rack for grounding connections. In addition, on both sides of the lower section of the chassis, a handler is provided for easier transport. Fig 1-2 es4710bd front panel view management slot: 2 manag...
Page 39
38 e es4710bd 10 slots l2/l3/l4 chassis switch the panel as run ) are provided for each board . On the main control cards there is master-slave indicator (printed on the panel as m/s ) there is also a power module status indicator (printed on the panel as power: fail/ok ), fan assembly status indica...
Page 40
39 e es4710bd 10 slots l2/l3/l4 chassis switch z 12 fiber gb ports line card (em4700bd-12gx-sfp): supporting 12 sfp gb fiber ports for layer 2 and layer 3 switching and routing. Z dual 10gb fiber line card ( em4700bd-2xg-xenpak ): supporting 2 10gbase-x fiber port (xenpak) for layer 2 and layer 3 sw...
Page 41
40 e es4710bd 10 slots l2/l3/l4 chassis switch off cards are powered off and can be removed on (green) master master-slave indicator m/s off slave on (green) power supply module operating normally ok off power supply module malfunctioning or not present (with fail off) on (yellow) power supply modul...
Page 42
41 e es4710bd 10 slots l2/l3/l4 chassis switch property specification connector rj-45 (receptacle) connector type z 10/100mbps auto sensing z cat 5 utp: 300 m 1.4.2.1.5 front panel – reset button em4710bd-agent provides a reset button for resetting the board. 1.4.2.1.6 front panel – swap button the ...
Page 43
42 e es4710bd 10 slots l2/l3/l4 chassis switch on (green, blinks at 8 hz) system is loading (booting after card hot swapping) on (yellow, blinks at 8 hz) system is shutting down (shutting down after swap button pressed) on (red, blinks at 8 hz) malfunction status indicator off card is powered off an...
Page 44
43 e es4710bd 10 slots l2/l3/l4 chassis switch fig 1-5 em4700bd-12gx-sfp front panel view 1.4.2.3.2 front panel - indicator the following table describes the em4700bd-12gx-sfp’s front panel indicators: table 1. 6 em4700bd-12gx-sfp indicator descriptions led panel symbol status description on (green)...
Page 45
44 e es4710bd 10 slots l2/l3/l4 chassis switch table 1. 7 em4700bd-12gx-sfp port description port type specification sfp z sfp-sx transceiver: 62.5/125 µm multi-mode fiber: 275 m 50.0/125 µm multi-mode fiber: 550m z sfp-lx transceiver: 9/125 µm single-mode fiber: 10 km z sfp-lh-40 transceiver: 9/125...
Page 46
45 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.2.4.2 front panel - indicator the following table describes the front panel indicators for the em4700bd- 2 xg-xenpak: table 1.8 description of the em4700bd-2xg-xenpak indicators led indicator panel symbol status description on (green) card powered. ...
Page 47
46 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.2.4.5 front panel – swap button the em4700bd-2xg-xenpak provides a swap button for hot swapping the module during operation. Before removing the modules, users should first press the swap button. The module will then prepare for a hot-swap and the s...
Page 48
47 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.2.5.2 front panel - indicator the following table describes the front panel indicators for em-7600-es and em-7600-es-2gb: table 1.9 description of the em-7600-es and em-7600-es-2gb indicators led panel symbol status description on (green) card power...
Page 49
48 e es4710bd 10 slots l2/l3/l4 chassis switch table 1.10 em-7600-es-2gb port description port type specification sfp z sfp-sx transceiver: 62.5/125 µm multi-mode fiber: 275m 50.0/125 µm multi-mode fiber: 550m z sfp-lx transceiver: 9/125 µm single-mode fiber: 10km z sfp-lh-40 transceiver: 9/125 µm s...
Page 50
49 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.3.1 em4710bd-ac (alternating current power module) when powered by ac inputs, the ac power module em4710bd-ac and corresponding ac distribution box should be used in the es4710bd. The input voltage of the em4710bd-ac is 110v/220 vac, with ranges bet...
Page 51
50 e es4710bd 10 slots l2/l3/l4 chassis switch vac input socket for the positioning of power cords and easier wiring. In addition, on the left side of the ac distribution panel is a power supply switch used to control the modules’ power output . Please turn this power supply switch on during normal ...
Page 52
51 e es4710bd 10 slots l2/l3/l4 chassis switch 1.4.8 rear panel the rear panel of the es4710bd covers the switch backplane. To ensure safe operation of the switch, please do not open the rear panel. There are two reversible handles on the rear panel, they are used only for the installation and remov...
Page 53: 1.5
52 e es4710bd 10 slots l2/l3/l4 chassis switch 1.5 system features table 1.11 es4710bd system features sdram 128mb flash 32mb status indicator: port: traffic, link general: power status, system status, hot-swap indicator weight 65kg (max full configuration weight) physical dimensions 436mm x 797mm x...
Page 54: 2.1 Safety Information
53 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 2 hardware installation 2.1 safety information during the installation and use of the es4710bd switch, please follow the safety guidelines listed below: basic guidelines 1. Disconnect power supplies from the chassis before disassembly or moving ...
Page 55
54 e es4710bd 10 slots l2/l3/l4 chassis switch (including rings, necklaces, watches and bracelets). 2. Metal objects will cause short circuits and damage the device when in contact with both powered items and the ground. 3. An improper connection between the device and power sockets may be hazardous...
Page 56
55 e es4710bd 10 slots l2/l3/l4 chassis switch ! Watch out for potential dangers, e.G. Wet floors, ungrounded power lines, and worn power lines. ! Have an emergency switch installed inside the workshop, so that power can be cut off promptly should an accident occur. ! Do not work alone if potential ...
Page 57
56 e es4710bd 10 slots l2/l3/l4 chassis switch temperature: relative humidity long term condition short term condition long term condition short term condition 15 ~ 30°c 0 ~ 40°c 40 ～ 65% 10 ～ 90% a sample of ambient temperature and humidity should be taken at 1.5m above the floor and 0.4m in front ...
Page 58
57 e es4710bd 10 slots l2/l3/l4 chassis switch 2.1.4 preventing electrostatic discharge damage static electric discharges can cause damage to internal circuits, even the entire switch. Follow these guidelines for preventing esd damage: 1. Ensure proper earth grounding of the device 2. Perform regula...
Page 59
58 e es4710bd 10 slots l2/l3/l4 chassis switch 2.1.7 power supply requirements the es4710bd is designed to use modular switching power supplies, supporting 2 +1 redundant backup of power modules. The power input specification is shown below: nominal input voltage ac: 90 ~ 264 vac, 50 ~ 60hz dc: -36 ...
Page 60: 2.3 Hardware Installation
59 e es4710bd 10 slots l2/l3/l4 chassis switch a basic configuration es4710bd should include the following: item no. Part name number memo 1 es4710bd ethernet switch 1 2 ac cable 3 3 serial port cable 1 4 grounding cord 1 5 chassis hanger 2 6 hanger screw 12 8 manual cd 1 9 qualification certificate...
Page 61
60 e es4710bd 10 slots l2/l3/l4 chassis switch & cards and modules installation & connecting to the console connecting to the console port & connecting to the management port connecting to the ethernet port & sfp transceiver installation install the sfp transceiver in the sfp slot & xenpak transceiv...
Page 62
61 e es4710bd 10 slots l2/l3/l4 chassis switch & copper cable/fiber cable connection ethernet cable connection fiber cable connection & power supply connection 2.3.1 switch installation 2.3.1.1 desktop installation z note: ● choose a smooth level workbench ● verify that the workbench is strong enoug...
Page 63
62 e es4710bd 10 slots l2/l3/l4 chassis switch the figure below shows the steps for mounting the hangers: fig 2-1 installing es4710bd switch hangers step 2: put the hanger-mounted switch smoothly into a standard 19’’ rack. Because of the size and weight of a es4710bd, 2 people are required to comple...
Page 64
63 e es4710bd 10 slots l2/l3/l4 chassis switch z proper grounding when using an ac power source, the device must be grounded with the green and yellow ground cables, otherwise, shock hazards may occur when insulation resistance between the internal power supply and the chassis degrades. Z lightning ...
Page 65
64 e es4710bd 10 slots l2/l3/l4 chassis switch 2.3.3.1 removing and installing the cards the installation procedure is the same for all cards, as shown below: step 1: power down the switch (hot-swapping is supported by optional cards for the switch. However, for better convenience, it is recommended...
Page 66
65 e es4710bd 10 slots l2/l3/l4 chassis switch front panel of the fan tray will lock automatically. Upon removal, hold the handle in the front panel of fan tray with your middle and ring fingers, press the locker slightly down, and the fan tray can be drawn out smoothly. Note: the fan trays are inst...
Page 67
66 e es4710bd 10 slots l2/l3/l4 chassis switch z cleaning of power supply dust gauze: dust gauzes are provided in the front panels of the em4710bd-ac and em-7608-dc power supply modules, which can be installed and removed easily. Dust gauze is meant to prevent large debris or particles in the air fr...
Page 68
67 e es4710bd 10 slots l2/l3/l4 chassis switch 2.3.5 connecting to the management port the em4710bd-agent provides a rj-45 (female) ethernet port. Users can connect to this administration port through a backend host with ethernet interface for program loading, or use this port to connect to remote d...
Page 69
68 e es4710bd 10 slots l2/l3/l4 chassis switch step 4: tighten (clockwise) the panel fasteners in the front of xenpak transceiver until fastened to the front panel of the 10gb line card. Note: the xenpak 10gb fiber transceiver is hot swappable do not stare directly at the 2 fiber bore in the xenpak ...
Page 70
69 e es4710bd 10 slots l2/l3/l4 chassis switch step 1: before connecting the ac power cable, ensure that the es4710bd is properly grounded and the output switch of the power supply module in the ac distribution box is off. Step 2: insert one end of the three power cables into the power source socket...
Page 71: 3.1 Setup Configuration
70 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 3 setup configuration setup configuration refers to the initial operation of the switch after the user purchases the switch. For first-time users of the es4710bd, this chapter provides a very practical instruction. When using cli (command line i...
Page 72
71 e es4710bd 10 slots l2/l3/l4 chassis switch selection number: the corresponding menu items in chinese are: 配置菜 [0]: 配置交机主机名 [1]: 配置 vlan1 的接口 [2]: 配置交机 telnet 服器 [3]: 配置交机 web 服器 [4]: 配置 snmp [5]: 退出 setup 模式不保存配置果 [6]: 退出 setup 模式保存配置果序号 : 3.1.2 setup submenu 3.1.2.1 configuring switch h...
Page 73
72 e es4710bd 10 slots l2/l3/l4 chassis switch the corresponding prompt in chinese is: 配置 vlan1 接口 [0]: 配置 vlan1 接口的 ip 地址 [1]: 配置 vlan1 接口的状 [2]: 返回上一菜序号 : select “0” in the vlan1 interface configuration menu and press enter, the following screen will appear: please input interface-vlan1 ip addre...
Page 74
73 e es4710bd 10 slots l2/l3/l4 chassis switch [0]: add telnet user [1]: config telnet server status [2]: exit selection number: the corresponding prompt in chinese is: 配置 telnet 服器 [0]: 添加 telnet 服器用 [1]: 配置 telnet 服器的状 [2]: 返回上一菜序号 : select “0” in the telnet server configuration menu and pres...
Page 75
74 e es4710bd 10 slots l2/l3/l4 chassis switch enable telnet service. The telnet server configuration menu will then appear. Select “2” in the telnet server configuration menu to return to the setup main menu. 3.1.2.4 configuring web server select “3” in the setup main menu and press enter to start ...
Page 76
75 e es4710bd 10 slots l2/l3/l4 chassis switch note: valid password length is 1 to 8 characters. After configuring the username and password, the menu will return to the web server configuration section. Select “1” in the web server configuration menu and press enter, the following screen appears: e...
Page 77
76 e es4710bd 10 slots l2/l3/l4 chassis switch [2]: 配置 traps 主机 ip 地址和体字符串 [3]: 配置交机 snmp 状 [4]: 配置交机 traps 状 [5]: 添加 snmp 管理站安全 ip 地址 [6]: 返回上一菜序号 : select “0” in the snmp configuration menu and press enter, the following screen will appear: please input the read-write access community string[...
Page 78
77 e es4710bd 10 slots l2/l3/l4 chassis switch select “3” in the snmp configuration menu and press enter, the following screen will appear: enable snmp-server? (y/n) [y]: the corresponding prompt in chinese is: 是否使能交机 snmp? (y/n) [y]: type “n” and press enter to disable snmp service. Type “y” and p...
Page 79: 4.1 Management Options
78 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 4 switch management 4.1 management options after purchasing the switch, the user needs to configure the switch for network management. Es4710bd provides two management options: in-band management and out-of-band management. 4.1.1 out-of-band man...
Page 80
79 e es4710bd 10 slots l2/l3/l4 chassis switch step 2 entering the hyperterminal. Open hyperterminal in windows after the connection has been established. The example below is based on hyperterminal that is included in windows xp. 1) click start menu - programs – accessories – communications - hyper...
Page 81
80 e es4710bd 10 slots l2/l3/l4 chassis switch fig 4-4 opening hyperterminal (3) 4) com1 properties appears, select “9600” for “baud rate”, “8” for “data bits”, “none” for “parity checksum”, “1” for “stop bits” and “none” for “flow control”; or, you can also click “restore default” and click “ok”. F...
Page 82
81 e es4710bd 10 slots l2/l3/l4 chassis switch fig 4-6 opening hyperterminal (5) step 3 entering switch cli interface: power on the switch. The following appears in the hyperterminal windows, this is the cli configuration mode for es4710bd. Es4710bd management switch copyright (c) 2001-2004 by edge-...
Page 83
82 e es4710bd 10 slots l2/l3/l4 chassis switch current time is wed apr 20 09:37:52 2005 es4710bd series switch operating system, software packet version es4704bd_2.2.10.0 copyright (c) 2001-2004 by accton technology corp. Http://www.Edge-core.Com es4710bd switch (mpc8245-266m) processor es4710bd> th...
Page 84
83 e es4710bd 10 slots l2/l3/l4 chassis switch fig 4-7 managing the switch by telnet step 1: configure the ip addresses for the switch and start the telnet function on the switch. First, the configuration of the host’s ip address should be within the same network segment as the switch’s vlan1 interf...
Page 85
84 e es4710bd 10 slots l2/l3/l4 chassis switch run the telnet client program included in windows with the specified telnet target. Fig 4-8 running the telnet client program included in windows step 3: log in to the switch log in to the telnet configuration interface. Valid login name and password ar...
Page 86: 4.2 Management Interface
85 e es4710bd 10 slots l2/l3/l4 chassis switch fig 4-9 telnet configuration interface 4.1.2.2 managing the switch through ecview to manage the switch with ecview, the following conditions should be met: 1) switch has an ip address configured 2) the host’s ip address and the switch’s vlan interface i...
Page 87
86 e es4710bd 10 slots l2/l3/l4 chassis switch 4.2.1 cli interface cli interface is familiar to most users. As aforementioned, out-of-band management and telnet login are all performed through cli interface to manage the switch. Cli interface is supported by shell program, which consists of a set of...
Page 88
87 e es4710bd 10 slots l2/l3/l4 chassis switch 4.2.1.1.2 admin mode admin mode prompt “switch#” can be entered under the user mode by running the enable command and entering the corresponding admin user password, if set. Or, when the exit command is run under global mode, it will return to the admin...
Page 89
88 e es4710bd 10 slots l2/l3/l4 chassis switch under global mode. Mode, speed, etc. 4.2.1.1.3.2 vlan mode using the vlan command under global mode, you can enter the corresponding vlan mode. Under vlan mode the user can configure all member ports of the corresponding vlan. Run the exit command to ex...
Page 90
89 e es4710bd 10 slots l2/l3/l4 chassis switch extended command under global mode. For extended ip acl mode return to global mode. 4.2.1.2 configuration syntax es4710bd provides various configuration commands. Although all the commands are different, they all abide by the syntax of es4710bd configur...
Page 91
90 e es4710bd 10 slots l2/l3/l4 chassis switch right “ → ” the cursor moves one character to the right. Ctrl+p the same as up key “ ↑ ”. Ctrl+n the same as down key “ ↓ ”. Ctrl+b the same as left key “ ← ”. Ctrl+f the same as right key “ → ”. Ctrl+z returns to the admin mode directly from the other ...
Page 92
91 e es4710bd 10 slots l2/l3/l4 chassis switch unrecognized command or illegal parameter! The entered command does not exist, or there is error in parameter scope, type or format. Ambiguous command at least two interpretation are possible based on the current input. Invalid command or parameter the ...
Page 93
92 e es4710bd 10 slots l2/l3/l4 chassis switch 4.3.2 module front panel when entering username, password and passing authentication, you will see the following web management main page. On the left of the management page is the main management menu and on the right of the page system information and...
Page 94
93 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 5 basic switch configuration 5.1 basic switch configuration commands this section covers the basic configuration for the switch, including all the commands for entering and exiting the admin mode and interface mode, setting and displaying switch...
Page 95
94 e es4710bd 10 slots l2/l3/l4 chassis switch user password are all wrong, it remains in the user mode. Set the admin user password under global mode with the “ enable password ” command. Example: switch>enable password: ***** (admin) switch# related command: enable password 5.1.4 enable password c...
Page 96
95 e es4710bd 10 slots l2/l3/l4 chassis switch default: the default value is 5 minutes. Usage guide: to ensure security for the switch and prevent malicious operation of unauthorized users, timeout count will start after the last configuration by the admin user. The system will automatically exit th...
Page 97
96 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: is the host name, up to 15 characters are allowed; is the corresponding ip address for the host name and takes a decimal format. Command mode: global mode usage guide: sets the association between host and ip address, which can be used in co...
Page 99
98 e es4710bd 10 slots l2/l3/l4 chassis switch function: the switch sends an icmp packet to remote devices to verify the connectivity between the switch and remote devices. Parameters: is the target host ip address for ping, in decimal format. Default: sends 5 icmp packets of 56 bytes each, timeout ...
Page 100
99 e es4710bd 10 slots l2/l3/l4 chassis switch telnet is a simple remote terminal protocol for remote login. Using telnet, the user can login to a remote host with its ip address of hostname from his own workstation. Telnet can send the user’s keystrokes to a remote host and send the remote host’s o...
Page 101
100 e es4710bd 10 slots l2/l3/l4 chassis switch information. 2. Telnet to a remote host from the switch 5.2.2.3 telnet commands 5.2.2.3.1 monitor command: monitor no monitor function: enables debugging information for telnet clients logged in to the switch, the console end debug display will be disa...
Page 102
101 e es4710bd 10 slots l2/l3/l4 chassis switch connecting host 20.1.1.123 port 23... Service port is 23 connected to 20.1.1.123login:123 password:*** router> 5.2.2.3.3 telnet-server enable command: telnet-server enable no telnet-server enable function: enables the telnet server function in the swit...
Page 104
103 e es4710bd 10 slots l2/l3/l4 chassis switch switch#show clock current time is tue aug 22 11 ： 00 ： 01 2002 related command: clock set 5.2.4.2 show debugging command: show debugging function: displays the debugging switch status. Usage guide: if a user needs to check what debugging switches have ...
Page 105
104 e es4710bd 10 slots l2/l3/l4 chassis switch enable config interface ethernet 1/3 enable show flash show ftp 5.2.4.5 show memory command: show memory function: displays the contents in the memory. Command mode: admin mode usage guide: this command is used for switch debugging purposes. The comman...
Page 106
105 e es4710bd 10 slots l2/l3/l4 chassis switch switch#show running-config 5.2.4.7 show startup-config command: show startup - config function: displays the switch parameter configurations written in the flash memory at the current operation, those are usually also the configuration files used for t...
Page 107
106 e es4710bd 10 slots l2/l3/l4 chassis switch 5.2.4.9 show tcp command: show tcp function: displays the current tcp connection status established to the switch. Command mode: admin mode example: switch#show tcp localaddress localport foreignaddress foreignport state 0.0.0.0 23 0.0.0.0 0 listen 0.0...
Page 108
107 e es4710bd 10 slots l2/l3/l4 chassis switch example: switch#show telnet login authenticate login by local. Login user: aa switch# 5.2.4.12 show telnet user command: show telnet user function: displays authorized telnet client’s information usage guide: this command can be used to check for all c...
Page 109
108 e es4710bd 10 slots l2/l3/l4 chassis switch 5.3 configuring switch ip addresses all ethernet ports of es4710bd perform layer 2 forwarding. The vlan interface represents a layer 3 interface function, which can be assigned an ip address, this is also the ip address of the switch. All vlan interfac...
Page 110
109 e es4710bd 10 slots l2/l3/l4 chassis switch 3.Dhcp command explanation ip dhcp-client enable no ip dhcp-client enable enables the switch to be a dhcp client and obtain ip address and gateway address through dhcp negotiation; the “ no ip dhcp-client enable ” command disables the dhcp client funct...
Page 111: 5.4 Configuring Snmp
110 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config)#interface vlan 1 switch(config-if-vlan1)#ip bootp-client enable switch (config-if-vlan1)#exit switch (config)# related command: ip address, ip dhcp-client enable 5.3.2.3 ip dhcp-client enable command: ip dhcp-client enable no ip dhcp-cli...
Page 112
111 e es4710bd 10 slots l2/l3/l4 chassis switch snmp protocol provide a relatively direct way of exchanging management information between two points in the network. Snmp employs a polling mechanism of message query transmitted through udp (a connectionless transport layer protocol), and is therefor...
Page 113
112 e es4710bd 10 slots l2/l3/l4 chassis switch fig 5-1 asn.1 tree instance in this figure, the oid of object a is 1.2.1.1. Nms can find this object without ambiguity through the object’s unique oid to get the standard variable contained in the object. Mib will define a set of standard variables for...
Page 114
113 e es4710bd 10 slots l2/l3/l4 chassis switch statistics: maintains basic utilization and error statistics for each subnet monitored by the agent. History: records periodical statistic samples available from statistics. Alarm: allows users to set any count or integer for sample intervals and alert...
Page 115
114 e es4710bd 10 slots l2/l3/l4 chassis switch configured secure address. 4. Configuring trap command explanation snmp-server enable traps no snmp-server enable traps sets the switch to enable to send trap messages; the “ no snmp-server enable traps ” command disables trap messages. Snmp-server hos...
Page 117
116 e es4710bd 10 slots l2/l3/l4 chassis switch 5.4.4.2.5 snmp-server host command: snmp-server host no snmp-server host function: sets the ip address and trap community string of the nms to receive snmp trap message; the “ no snmp-server host ” command deletes the ip address of the nms to receive s...
Page 118
117 e es4710bd 10 slots l2/l3/l4 chassis switch 1. 1. 1. 5 1. 1. 1. 9 fig 5-2 snmp configuration example the ip address of nms is 1.1.1.5; the switch (agent) ip address is 1.1.1.9. Scenario 1: the nms network administrative software uses snmp protocol to obtain data from the switch. The configuratio...
Page 119
118 e es4710bd 10 slots l2/l3/l4 chassis switch function: displays all snmp counter information. Command mode: admin mode example: switch#show snmp 0 snmp packets input 0 bad snmp version errors 0 unknown community name 0 illegal operation for community name supplied 0 encoding errors 0 number of re...
Page 120
119 e es4710bd 10 slots l2/l3/l4 chassis switch mib objects bad values errors number of “bad_values” error snmp packets general errors number of “general_errors” error snmp packets response pdus number of response packets sent trap pdus number of trap packets sent 5.4.6.1.2 show snmp status command:...
Page 121: 5.5 Switch Upgrade
120 e es4710bd 10 slots l2/l3/l4 chassis switch 5.4.6.1.3 debug snmp packet command: debug snmp packet no debug snmp packet function: enables the snmp debug function: the “ no debug snmp packe t” command disables this debug function. Command mode: admin mode usage guide: when problems occur in snmp,...
Page 122
121 e es4710bd 10 slots l2/l3/l4 chassis switch 5.5.1 bootrom upgrade there are two methods for bootrom upgrade: tftp and ftp, which can be selected at bootrom command settings. Fig -5-3 typical topology for switch upgrade in bootrom mode the upgrade procedures are listed below: step 1: as shown in ...
Page 123
122 e es4710bd 10 slots l2/l3/l4 chassis switch 219.32 bogomips sst39vf040 cpu: powerpc mpc8245mh266, revision 14 version: 1.4.1 creation date: apr 14 2005, 09:33:18 attached tcp/ip interface to lnpci0. [boot]: step 3: under bootrom mode, run “setconfig” to set the ip address and mask of the switch ...
Page 124
123 e es4710bd 10 slots l2/l3/l4 chassis switch mirror file. [boot]: write nos.Img programming... Program ok. [boot]: step 6: after successful upgrade, execute the “run” command in bootrom mode to return to cli configuration interface. [boot]:run （ or reboot ） other commands in bootrom mode 1. Dir c...
Page 125
124 e es4710bd 10 slots l2/l3/l4 chassis switch to establish management connection on port 21 in the server, and negotiate a data connection through the management connection. There are two types of data connections: active connection and passive connection. In active connection, the client transmit...
Page 126
125 e es4710bd 10 slots l2/l3/l4 chassis switch backup and update of the configurations. Start up configuration file: refers to the configuration sequence used in switch start up. Es4710bd start up configuration file stores in flash only, corresponding to the so called configuration save. To prevent...
Page 128
127 e es4710bd 10 slots l2/l3/l4 chassis switch 3. Tftp server configuration （ 1 ） start tftp server command explanation global mode tftp-server enable no tftp-server enable starts tftp server, the “ no ftp-server enable ” command shuts down tftp server and prevents tftp users from logging in. （ 2 ）...
Page 129
128 e es4710bd 10 slots l2/l3/l4 chassis switch special keywords in filename keyword source/target ip address running-config active configuration file startup-config start up configuration file nos.Img system file boot.Rom system boot file command mode: admin mode usage guide: the command provides c...
Page 130
129 e es4710bd 10 slots l2/l3/l4 chassis switch example: viewing the file list of the ftp server 10.1.1.1 with the username “ switch” and password “ edgecore ”. Switch# config switch( config)#dir ftp:// switch:edgecore@10.1.1.1 5.5.2.2.5 ftp-server enable command: ftp-server enable no ftp-server ena...
Page 132
131 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: the command provides command line prompt messages. If the user enters a command like copy tftp:// or copy tftp:// and presses enter, the following prompt will appear: tftp server ip address> tftp filename> this prompts for the tftp server ...
Page 133
132 e es4710bd 10 slots l2/l3/l4 chassis switch 5.5.2.2.10 tftp-server retransmission-number command: tftp-server retransmission-number number> function: sets the retransmission time for tftp server parameters: is the time to re-transfer, the valid range is 1 to 20. Default: the default value is 5 r...
Page 134
133 e es4710bd 10 slots l2/l3/l4 chassis switch scenario 1: the switch is used as ftp/tftp client. The switch connects from one of its ports to a computer, which is a ftp/tftp server with an ip address of 10.1.1.1; the switch acts as a ftp/tftp client, the ip address of the switch management vlan is...
Page 135
134 e es4710bd 10 slots l2/l3/l4 chassis switch switch (config)#inter vlan 1 switch (config-if-vlan1)#ip address 10.1.1.2 255.255.255.0 switch (config-if-vlan1)#no shut switch (config-if-vlan1)#exit switch (config)#ftp-server enable switch(config)#ip ftp switch password 0 edgecore computer side conf...
Page 136
135 e es4710bd 10 slots l2/l3/l4 chassis switch “edgecore”. Save “profile1”, “profile2” and “profile3” in the appropriate ftp server directory on the computer. The configuration procedures of the switch are listed below: switch (config)#inter vlan 1 switch (config-if-vlan1)#ip address 10.1.1.2 255.2...
Page 137
136 e es4710bd 10 slots l2/l3/l4 chassis switch ftp configuration pc side: start the ftp server software on the pc and set the username as “switch”, and the password as “edgecore”. Es4710bd ： switch (config)#inter vlan 1 switch (config-if-vlan1)#ip address 10.1.1.2 255.255.255.0 switch (config-if-vl...
Page 138
137 e es4710bd 10 slots l2/l3/l4 chassis switch example: switch#show ftp timeout :600 displayed information description timeout timeout time. 5.5.2.4.3 show tftp command: show tftp function: displays the parameter settings for the tftp server default: there is no display by default. Command mode: ad...
Page 139
138 e es4710bd 10 slots l2/l3/l4 chassis switch send file 150 opening ascii mode data connection for nos.Img. 226 transfer complete. Close ftp client. & the following is the message displays when files are successfully received. Otherwise, please verify link connectivity and retry “copy” command aga...
Page 140: 5.6 Web Management
139 e es4710bd 10 slots l2/l3/l4 chassis switch & the following is the message displayed when files are successfully received. Otherwise, please verify link connectivity and retry the “copy” command again. Begin to receive file,wait... Recv 1526037 ************************ write ok transfer complete...
Page 141
140 e es4710bd 10 slots l2/l3/l4 chassis switch z basic host configuration – configures the mapping relationship between the switch and the ip address. Please refer to the cli command 5.1.8. Example: configure the hostname as “london” and ip address as 200.121.1.1 and then click on the “apply” butto...
Page 142
141 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.2.2 trap manager configuration users should click “switch basic configuration”, “snmp configuration”, and “trap manager configuration” to configure the ip address of the management station which will receive snmp trap messages and trap community st...
Page 143
142 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.2.4 snmp statistics when users click “switch basic configuration”, “snmp configuration” and “snmp statistics”, a variety of counter information will appear. Please refer to the cli command 5.4.6.1.1. 5.6.2.5 rmon and trap configuration users should...
Page 144
143 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.3 switch upgrade users should click “switch basic configuration” and “switch update” to configure the upgrade node tree diagram. Two categories are explained below: z tftp upgrade, including 9 tftp client service – to configure tftp client 9 tftp s...
Page 145
144 e es4710bd 10 slots l2/l3/l4 chassis switch server state － status of the server. (“open” or “close”) please refer to the cli command 5.5.2.2.10 tftp timeout － the timeout. Please refer to the cli command 5.5.2.2.12. Tftp retransmit times － times of retransmission. Please refer to the cli command...
Page 146
145 e es4710bd 10 slots l2/l3/l4 chassis switch configuration.” words and phrases of “user configuration” are explained in the following: z ftp server state － status of the server. (“open” or “close”.) please refer to the cli command 5.5.2.2.5. Z ftp timeout － the timeout. Please refer to the cli co...
Page 147
146 e es4710bd 10 slots l2/l3/l4 chassis switch z show telnet user － to display all telnet client messages with authenticated switch access through telnet. Please refer to the cli command 5.2.4.12. Z show version － to display the number/version of the switch. Please refer to the cli command 5.2.4.13...
Page 148
147 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.4.3 others other parts are easier to configure. Users just click a configuration node and the relating messages will appear. Example: to display the clock: to display flash files: 5.6.5 basic introduction to switch users should click “switch basic ...
Page 149
148 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.6 switch on-off information users should click “switch on-off information” to enter into the configuration page and make configuration nodes. Words and phrases are explained in the following: rip status － on-off switch of rip. (“open” or “close”) r...
Page 150
149 e es4710bd 10 slots l2/l3/l4 chassis switch 5.6.7.2 exit current web configuration users should quit the web-login by clicking “switch maintenance” and “exit current web configuration.” 5.6.7.3 save current running-config users should save the current running-config by clicking “switch maintenan...
Page 151
150 e es4710bd 10 slots l2/l3/l4 chassis switch z telnet server state － to choose from the drop-down list. (“open” and “close” service) please refer to the cli command 5.2.2.3.3. User name － a specific name of the telnet user password － to configure a specific password encrypted text － to configure ...
Page 152
151 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 6 device management 6.1 device management brief the device management function of es4710bd provides information about line card status, line card operation debugging, power supply and fan status. This function enables the maintenance and manage...
Page 153
152 e es4710bd 10 slots l2/l3/l4 chassis switch example: switch # show slot m1 ------------------slot : m1------------------ inserted: yes module type: em4710bd-agent work mode: active master work state: running software version: 1.0.3.0 hardware version: v001 bootrom version: 1.4.1 serial number: d...
Page 155
154 e es4710bd 10 slots l2/l3/l4 chassis switch if the cards need to be replaced during normal operation, the following guidelines should be followed: display a message of processing card hot removal. The card can be removed when the run indicator for the card to be removed goes off and the status o...
Page 156
155 e es4710bd 10 slots l2/l3/l4 chassis switch 6.4.1 reset specific module click “device management”, “reset specific module”, select a module number and click “apply”, then that module will be hot-swapped. This function is equal to the cli command showing in 6.2.1. Click the reset button to confir...
Page 157
156 e es4710bd 10 slots l2/l3/l4 chassis switch 6.4.3 show fan click “device management”, “show power”. The information column displayed on the right will show the current power status and display even if the power is plugged in or not. This function is equal to cli command 6.2.2.1.3. 6.4.4 show pow...
Page 158: 7.1 Introduction To Port
157 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 7 port configuration 7.1 introduction to port es4710bd comes with line cards and master control boards. Line cards provide various network ports. The master control boards provide no network ports, only console interface and network management ...
Page 159: 7.2 Port Configuration
158 e es4710bd 10 slots l2/l3/l4 chassis switch 7.2 port configuration 7.2.1 network port configuration 7.2.1.1 network port configuration task sequence 1. Enter the network port configuration mode 2. Configure the properties for the network ports （ 1 ） configure combo mode for combo ports （ 2 ） ena...
Page 161
160 e es4710bd 10 slots l2/l3/l4 chassis switch the port. For example, a bandwidth limit of 101 m (or more) cannot be set for a 10/100m ethernet port. But for a 10/100/1000m port working under 100m, a bandwidth limit of 101m (or more) is permitted. Example: setting the bandwidth limit of ports 1 – 8...
Page 162
161 e es4710bd 10 slots l2/l3/l4 chassis switch note: & combo port is a conception involving the physical layer and the llc sublayer of the datalink layer. The status of a combo port will not affect any operation in the mac sublayer of the datalink layer and upper layers. If the bandwidth limit for ...
Page 163
162 e es4710bd 10 slots l2/l3/l4 chassis switch 7.2.1.2.4 interface ethernet command: interface ethernet function: enters ethernet interface mode from global mode. Parameters: stands for port number. Command mode: global mode usage guide: run the exit command to exit the ethernet interface mode to g...
Page 164
163 e es4710bd 10 slots l2/l3/l4 chassis switch example: setting the cable type support of ethernet ports 3/5 – 8 to straight-through cable only. Switch(config)#interface ethernet 3/5-8 switch(config-port-range)#mdi normal 7.2.1.2.7 name command: name no name function: sets a name for the specified ...
Page 167
166 e es4710bd 10 slots l2/l3/l4 chassis switch 2. Configure the ip address for vlan interface and enables vlan interface. Command explanation vlan mode ip address [secondary] no ip address [ ] configures the vlan interface ip address; the “ no ip address [ ]” command deletes the vlan interface ip a...
Page 168
167 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: is the ip address in decimal format; is the subnet mask in decimal format; [secondary] indicates the ip configured is a secondary ip address. Command mode: vlan interface mode default: no ip address is configured by default. Usage guide: th...
Page 170
169 e es4710bd 10 slots l2/l3/l4 chassis switch 7.2.3.2.2 interface ethernet command: interface ethernet function: enters network management port configuration mode from global mode. Parameters: stands for port number, the default value is 0. Command mode: global mode usage guide: run the exit comma...
Page 171
170 e es4710bd 10 slots l2/l3/l4 chassis switch 7.2.3.2.5 shutdown command: shutdown no shutdown function: shuts down the network management port; the “ no shutdown ” command opens the port. Command mode: network management port configuration mode default: network management port is open by default....
Page 172
171 e es4710bd 10 slots l2/l3/l4 chassis switch mirror destination port. A protocol analyzer (such as sniffer) or rmon monitoring instrument is often attached to the mirror destination port to monitor and manage the network and diagnostic. Es4710bd support one mirror destination port only. The numbe...
Page 173
172 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: stands for mirror session value, only 1 may be used at present; stands for mirror source port list, special characters like “-“ and “;” are supported; cpu slot stands for use the cpu of the card in the specified slot as mirror source, to mi...
Page 174
173 e es4710bd 10 slots l2/l3/l4 chassis switch function: displays information about mirror source/destination ports. Command mode: admin mode usage guide: this command displays the mirror source port(s) and destination port currently configured. Example: switch#show monitor 7.2.4.5.2 device mirrori...
Page 175
174 e es4710bd 10 slots l2/l3/l4 chassis switch no vlan has been configured in the switches, default vlan1 is used. Switch port property sw1 2/7 ingress bandwidth limit: 150 m sw2 1/8 mirror source port 3/9 100mbps full, mirror source port 4/12 1000mbps full, mirror destination port sw3 4/10 100mbps...
Page 176: 7.5 Web Management
175 e es4710bd 10 slots l2/l3/l4 chassis switch default: port statistics are not cleared by default. Usage guide: if no port is specified, then statistics of all ports will be cleared. Example: clearing the statistics for ethernet port 1/1. Switch#clear counters ethernet 1/1 7.4.1.2 show interface c...
Page 177
176 e es4710bd 10 slots l2/l3/l4 chassis switch 7.5.1 ethernet port configuration click “port configuration”, “ethernet port configuration” to open the ethernet port configuration management table to configure ethernet port duplex, speed, bandwidth control and so on. 7.5.1.1 physical port configurat...
Page 178
177 e es4710bd 10 slots l2/l3/l4 chassis switch z bandwidth control level: port bandwidth control. The unit is mbps and the value range is 1~10000mbps z control type: ingress means to control port bandwidth when receiving data packet sent from outside the switch. Egress means to control port bandwid...
Page 179
178 e es4710bd 10 slots l2/l3/l4 chassis switch 7.5.2.2 l3 port ip addr mode configuration click “port configuration”, “vlan interface configuration”, “l3 port ip addr mode configuration” to set up l3 port ip address mode configuration. Z port: l3 port z ip mode: specifies the ip address, meaning us...
Page 180
179 e es4710bd 10 slots l2/l3/l4 chassis switch configure mirroring destination port. Equals to cli command 7.2.3.3.2. Z session: mirroring dialog value z destination interface z tag: setting the vlan tag function means all mirroring packets carry vlan tags; preserve means that if the ingress mirror...
Page 181
180 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 8 mac table configuration 8.1 introduction to mac table mac table identifies the mapping relationship between destination mac addresses and switch ports. Mac addresses can be categorized as static mac addresses and dynamic mac addresses. Static...
Page 182
181 e es4710bd 10 slots l2/l3/l4 chassis switch period. When the switch receives a data frame to be forwarded, it stores the source mac address of the data frame and creates a mapping to the destination port. Then, the mac table is queried for the destination mac address, if hit, the data frame is f...
Page 183
182 e es4710bd 10 slots l2/l3/l4 chassis switch added to the switch mac table. 2. At the same time, the switch learns the message is destined to 00-01-33-33-33-33, as the mac table contains only a mapping entry of mac address 00-01-11-11-11-11 and port 1/5, and no port mapping for 00-01-33-33-33-33 ...
Page 184
183 e es4710bd 10 slots l2/l3/l4 chassis switch are configured in the switch, the mac table will be adapted accordingly to add vlan information. In this case, the switch will not forward the received broadcast frames to all ports, but forward the frames to all ports in the same vlan. 2. Multicast fr...
Page 186: 8.4 Troubleshooting Help
185 e es4710bd 10 slots l2/l3/l4 chassis switch 1/ 7 1/ 9 1/ 11 1/ 5 pc1 mac 00-01-11-11-11-11 pc4 mac 00-01-44-44-44-44 pc3 mac 00-01-33-33-33-33 pc2 mac 00-01-22-22-22-22 fig 8-2 mac table typical configuration example scenario: four pcs as shown in the above figure are connected to ports 1/5, 1/7...
Page 187
186 e es4710bd 10 slots l2/l3/l4 chassis switch 8.4.1.2 show mac-address-table static command: show mac-address-table [static] [address mac-addr> ] [vlan vlan-id> ] [interface interface-name> ] function: displays the content of the current mac table in the switch. Parameters: static stands for stati...
Page 188
187 e es4710bd 10 slots l2/l3/l4 chassis switch support for a solution. 8.5 mac address function extension 8.5.1 mac address binding 8.5.1.1 introduction to mac address binding most switches support mac address learning, allowing each port to dynamically learn several mac addresses so that forwardin...
Page 189
188 e es4710bd 10 slots l2/l3/l4 chassis switch 2. Lock the mac addresses for a port command explanation interface mode switchport port-security lock no switchport port-security lock locks the port. When a port is locked, the mac address learning function for the port will be disabled: the “ no swit...
Page 190
189 e es4710bd 10 slots l2/l3/l4 chassis switch 8.5.1.2.2 mac address binding configuration commands 8.5.1.2.2.1 switchport port-security command: switchport port-security no switchport port-security function: enables the mac address binding function for the port: the “ no switchport port-security” ...
Page 191
190 e es4710bd 10 slots l2/l3/l4 chassis switch function: locks the port. When a port is locked, the mac address learning function for the port will be disabled: the “ no switchport port-security lock” command restores the mac address learning function for the port. Command mode: interface mode defa...
Page 192
191 e es4710bd 10 slots l2/l3/l4 chassis switch address can be added. Example: adding mac 00-03-0f-fe-2e-d3 to port1. Switch(config)#interface ethernet 1/1 switch(config-ethernet1/1)#switchport port-security mac-address 00-03-0f-fe-2e-d3 8.5.1.2.2.6 clear port-security dynamic command: clear port-se...
Page 194
193 e es4710bd 10 slots l2/l3/l4 chassis switch displayed information explanation security port name of port that is configured as a secure port. Maxsecurityaddr the maximum number of secure mac addresses set for the secure port. Currentaddr current number of secure mac addresses for the secure port...
Page 195
194 e es4710bd 10 slots l2/l3/l4 chassis switch port security is port enabled as a secure port? Port status port secure status violation mode violation mode set for the port. Maximum mac addresses the maximum number of secure mac addresses set for the port total mac addresses current number of secur...
Page 196: 8.6 Web Management
195 e es4710bd 10 slots l2/l3/l4 chassis switch 8.5.1.3.2 mac address binding troubleshooting help enabling mac address binding for ports may fail on some occasions. Here are some possible causes and solutions: & if mac address binding cannot be enabled for a port, make sure the port is not executin...
Page 197
196 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.1.2 delete unicast address click “mac address table configuration”, “mac address table configuration”, to delete a unicast address and mac address. Equals to cli command 8.2.2: z delete by vid: deletes static mac by the specified vid. Select delete...
Page 198
197 e es4710bd 10 slots l2/l3/l4 chassis switch example: select vid 1 and select query by vid. Click search starting query. The new page will show the query results 8.6.1.4 show mac address table click “mac address table configuration”, “mac address table configuration”, “show mac-address-table” to ...
Page 199
198 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.2.1 enable port mac-binding click “mac address table configuration”, “mac address binding configuration”, “enable port mac-binding”, to enable port mac-binding list to set up port security function. 8.6.2.1.1 enable port mac-binding click “mac addr...
Page 200
199 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.2.2.3 enable port security timeout click “mac address table configuration”, “mac address binding configuration”, “lock port”, “enable port security timeout” to lock port security. Equals to cli command 8.5.1.2.2.4: z port: specifies the configurati...
Page 201
200 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.2.3 mac binding attribution configuration click “mac address table configuration”, “mac address binding configuration”, “mac binding attribution configuration” to enable port security configuration management lists to set up port security types. 8....
Page 202
201 e es4710bd 10 slots l2/l3/l4 chassis switch 8.6.2.4 mac binding debug click “mac address table configuration”, “mac address binding configuration”, “mac binding debug” to open port security debug window to check port security debugging information. 8.6.2.4.1 show mac binding security address cli...
Page 203: 9.1 Introduction To Vlan
202 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 9 vlan configuration 9.1 introduction to vlan vlan (virtual local area network) is a technology that divides the logical addresses of devices within the network to separate network segments based on functions, applications or management require...
Page 204: 9.2 Vlan Configuration
203 e es4710bd 10 slots l2/l3/l4 chassis switch conveniences: z improved network performance z savings on network resources z simplified network management z lowered network cost z enhanced network security vlan and gvrp (garp vlan registration protocol) are defined by ieee 802.1q and implemented by...
Page 205
204 e es4710bd 10 slots l2/l3/l4 chassis switch 4. Set the switch port type 5. Set trunk port 6. Set access port 7. Disable/enable vlan ingress rules 9.2.2 vlan configuration commands 9.2.2.1 vlan command: vlan vlan-id> no vlan vlan-id> function: creates a vlan and enters vlan configuration mode. In...
Page 206
205 e es4710bd 10 slots l2/l3/l4 chassis switch configure a vlan name and the switch ports assigned to the vlan. The “ no vlan vlan-id> ” command deletes specified vlans. Parameters: vlan-id> is the vlan id to be created/deleted, valid range is 1 to 4094. Command mode: global mode default: vlan1 is ...
Page 207
206 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-ethernet1/8)#switchport mode access switch(config-ethernet1/8)#switchport access vlan 100 switch(config-ethernet1/8)#exit 9.2.2.4 switchport interface command: switchport interface interface-list> no switchport interface interface-list> f...
Page 209
208 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: interface mode default: vlan ingress rules are enabled by default. Usage guide: when vlan ingress rules are enabled on the port and the system receives data, it will check the source port first, then forwards the data to the destination p...
Page 210
209 e es4710bd 10 slots l2/l3/l4 chassis switch vlan200 site a and site b switch port 8 – 10. Trunk port site a and site b switch port 11 . Connect the trunk ports of both switches for a trunk link to convey the cross-switch vlan traffic. Connect all network devices to the other ports of the corresp...
Page 211: 9.3 Gvrp Configuration
210 e es4710bd 10 slots l2/l3/l4 chassis switch 9.3 gvrp configuration garp (generic attribute registration protocol) can be used to dynamically distribute, populate and register property information between switch members within a switch network, the property can be vlan information, multicast mac ...
Page 212
211 e es4710bd 10 slots l2/l3/l4 chassis switch 9.3.2 gvrp commands 9.3.2.1 garp timer join command: garp timer join timer-value> no garp timer join function: sets the join timer for garp; the “ no garp timer join ” command restores the default timer setting. Parameters: is the value for join timer,...
Page 213
212 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-ethernet1/10)#garp timer leave 3000 9.3.2.3 garp timer hold command: garp timer hold timer-value> no garp timer hold function: sets the hold timer for garp; the “ no garp timer hold ” command restores the default timer setting. Parameters...
Page 214
213 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: interface mode and global mode. Default: gvrp is disabled by default. Usage guide: port gvrp can only be enabled after global gvrp is enabled. When global gvrp is disabled, port gvrp configurations are also void. Note gvrp can only be ena...
Page 215
214 e es4710bd 10 slots l2/l3/l4 chassis switch configuration item configuration description vlan100 port 2 – 6 of switch a and c trunk port port 11 of switch a and c, port 10, 11 of switch b global gvrp switch a, b, c: port gvrp port 11 of switch a and c, port 10, 11 of switch b connect the two wor...
Page 217
216 e es4710bd 10 slots l2/l3/l4 chassis switch total existing vlans is:2 displayed information explanation vlan vlan number name vlan name type vlan property, of statically configured or dynamically learned. Media vlan interface type: ethernet ports access port within a vlan universal vlan universa...
Page 218: 9.5 Web Management
217 e es4710bd 10 slots l2/l3/l4 chassis switch debugging function . Command mode: admin mode default: gvrp debugging information is disabled by default. Usage guide: use this command to enable gvrp debugging, gvrp packet processing information can be displayed. Example: enabling gvrp debug. Switch#...
Page 219
218 e es4710bd 10 slots l2/l3/l4 chassis switch vlan id information window will display current vlans of the switch: 9.5.1.1.2 vid attribution configuration click “vlan configuration”, “vlan configuration”, “create/remove vlan”, “vid attribution configuration” to setup vid type: z vlan id: specified...
Page 220
219 e es4710bd 10 slots l2/l3/l4 chassis switch information display shows the vlan allocation result: 9.5.1.3 port type configuration click “vlan configuration”, “vlan configuration”, ”port type configuration” to open port type configuration list. 9.5.1.3.1 set port mode(trunk/access) click “vlan co...
Page 221
220 e es4710bd 10 slots l2/l3/l4 chassis switch 9.5.1.4 trunk port configuration click “vlan configuration”, “vlan configuration”, “trunk port configuration” to open trunk port vlan configuration list . 9.5.1.4.1 vlan setting for trunk port click “vlan configuration”, “vlan configuration”, “trunk po...
Page 222
221 e es4710bd 10 slots l2/l3/l4 chassis switch 9.5.1.5 set allow vlan click “vlan configuration”, “vlan configuration”, “access port configuration” to open access port vlan configuration list to allocate access port vlan. 9.5.1.5.1 vlan setting for access port click “vlan configuration”, “vlan conf...
Page 223
222 e es4710bd 10 slots l2/l3/l4 chassis switch click “vlan configuration”, “vlan configuration”, “enable/disable vlan filter rule” to open vlan ingress configuration list to setup vlan filter function. 9.5.1.6.1 disable vlan ingress rule click “vlan configuration”, “vlan configuration”, to enable/d...
Page 224
223 e es4710bd 10 slots l2/l3/l4 chassis switch click “vlan configuration”, “gvrp configuration”, “gvrp configuration” to configure gvrp parameters of the switch ： z port: specified port z join timer (100~327650ms): configures the value of garp join timer. Equals to cli command 9.3.2.1 z leave timer...
Page 225
224 e es4710bd 10 slots l2/l3/l4 chassis switch 9.5.3.2 show garp click “vlan configuration”, “vlan debug” and “maintenance”, “show garp” the information window in the right will display all related garp information. Equals to cli command 9.4.1.2 9.5.3.3 show gvrp click “vlan configuration”, ”vlan d...
Page 226
225 e es4710bd 10 slots l2/l3/l4 chassis switch spanning tree instances (msti). It applies the fast converging properties, enabling multiple vlan of the same topology to map to one spanning tree instance, while that spanning tree topology is independent of the other spanning tree instances. This mec...
Page 227
226 e es4710bd 10 slots l2/l3/l4 chassis switch cist regional root. The root port in the field cist regional root is master port to all the msti in the field. When mstp initializes, it will send a bpdu announcing itself as the cist regional root and setting the route code to the cist root and cist r...
Page 228: 10.2 Mstp Configuration
227 e es4710bd 10 slots l2/l3/l4 chassis switch 10.2 mstp configuration 10.2.1 mstp configuration task sequence 1. Enable mstp and set the running mode 2. Configure instance parameters 3. Configure mstp field parameter 4. Configure mstp time parameter 5. Configure the fast migrate feature for mstp 1...
Page 229
228 e es4710bd 10 slots l2/l3/l4 chassis switch 4. Configure mstp time parameters 5. Configure the fast migrate feature for mstp command explanation global mode spanning-tree mst configuration no spanning-tree mst configuration enters mstp field configuration mode; the no spanning-tree mst configura...
Page 230
229 e es4710bd 10 slots l2/l3/l4 chassis switch 10.2.2 introduction to mstp configuration commands 10.2.2.1 abort command: abort function: discards the configuration in mstp field and exits from mst mode to global mode. Command mode: mstp field mode. Usage guide: when using this command to exit mst ...
Page 231
230 e es4710bd 10 slots l2/l3/l4 chassis switch to instance 0. Usage guide: this command is used to set vlan-instance mapping. Switches are considered to be in the same mstp field only if they have identical mapping and other mstp field parameters. All vlans belong to instance 0 when no instance has...
Page 232
231 e es4710bd 10 slots l2/l3/l4 chassis switch 10.2.2.6 spanning-tree command: spanning-tree no spanning-tree function: enables mstp in global mode and port mode; the " no spanning-tree " command disables mstp. Command mode: global mode and port mode default: mstp is disabled by default. Usage guid...
Page 233
232 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: global mode default: the default hello time is 2 seconds. Usage guide: the interval for switch to send a bpdu is referred to as hello time. The hello time, forward delay time, and max age time are associated. When configuring these time p...
Page 234
233 e es4710bd 10 slots l2/l3/l4 chassis switch bridge_max_age >= 2 ×(bridge_hello_time + 1.0 seconds) example: setting the maximum age time to 25 seconds in global mode. Switch(config)#spanning-tree maxage 25 10.2.2.11 spanning-tree max-hop command: spanning-tree max-hop no spanning-tree max-hop fu...
Page 236
235 e es4710bd 10 slots l2/l3/l4 chassis switch 10.2.2.15 spanning-tree mst cost command: spanning-tree mst cost no spanning-tree mst cost function: sets the route cost for the current ethernet port; “ no spanning-tree mst cost ” command restores the default value. Parameters: is the instance id of ...
Page 237
236 e es4710bd 10 slots l2/l3/l4 chassis switch priority. Example: setting the priority for port 1/2 of instance1 to 32. Switch(config)#interface ethernet 1/2 switch(config-ethernet1/2)#spanning-tree mst 1 port-priority 32 10.2.2.17 spanning-tree mst priority command: spanning-tree mst priority no s...
Page 238: 10.3 Mstp Example
237 e es4710bd 10 slots l2/l3/l4 chassis switch 10.3 mstp example the following is a typical mstp application scenario: sw1 sw2 sw3 sw4 1 1 2 2 3 5 4 2 3 1 6 7 5 4 6 7 x x x x x figure 00-2 mstp typical application example as illustrated in the figure above by the lines between sw1-sw4, mstp is runn...
Page 239
238 e es4710bd 10 slots l2/l3/l4 chassis switch port 4 200000 200000 port 5 200000 200000 port 6 200000 200000 port 7 200000 200000 by default, mstp will establish a topology (in blue lines) rooted with sw1, the ports marked with “x” are in the discarding status, the other ports are in the forwardin...
Page 240
239 e es4710bd 10 slots l2/l3/l4 chassis switch sw2(config)#spanning-tree switch sw3: sw3(config)#vlan 20 sw3(config-vlan20)#exit sw3(config)#vlan 30 sw3(config-vlan30)#exit sw3(config)#vlan 40 sw3(config-vlan40)#exit sw3(config)#vlan 50 sw3(config-vlan50)#exit sw3(config)#spanning-tree mst configur...
Page 241
240 e es4710bd 10 slots l2/l3/l4 chassis switch sw4(config-port-range)#exit sw4(config)#spanning-tree sw4(config)#spanning-tree mst 4 priority 0 after the above configuration, all instance cist (instance0) of the entire network take sw1 as the root bridge, and in the mstp fields in which sw2, sw3 an...
Page 242
241 e es4710bd 10 slots l2/l3/l4 chassis switch sw2 sw3 sw4 2 3 5 4 2 3 6 7 5 4 6 7 x x x x figure 00-4 instance3 topology in the mstp field after mstp change sw2 sw3 sw4 2 3 5 4 2 3 6 7 5 4 6 7 x x x x figure 00-5 instance4 topology in the mstp field after mstp change 10.4 mstp troubleshooting help...
Page 243
242 e es4710bd 10 slots l2/l3/l4 chassis switch mstp information can be displayed with the “show spanning-tree” command. Example: displaying mstp information, the displayed contents are shown below. Switch#sh spanning-tree -- mstp bridge config info -- standard : ieee 802.1s bridge mac : 00:03:0f:01...
Page 244
243 e es4710bd 10 slots l2/l3/l4 chassis switch ########################### instance 4 ########################### self bridge id : 32768.00:03:0f:01:0e:30 region root id : this switch int.Rootpathcost : 0 root port id : 0 current port list in instance 4: ethernet1/1 ethernet1/2 (total 2) portname i...
Page 245
244 e es4710bd 10 slots l2/l3/l4 chassis switch 10.4.1.2 show mst configuration command: show spanning-tree mst config function: displays the effective mstp field parameter configurations in admin mode. Command mode: admin mode usage guide: the command displays the current effective parameter of the...
Page 246
245 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-mstp-region)# 10.4.1.4 debug spanning-tree command: debug spanning-tree no debug spanning-tree function: enables mstp debug information: the “ no debug spanning-tree” command disables mstp debug information . Command mode: admin mode usag...
Page 247: 10.5 Web Management
246 e es4710bd 10 slots l2/l3/l4 chassis switch 10.5 web management click “mstp control” to enter mstp control configuration mode to manage mstp features for the switch. 10.5.1 mstp field operation click “mstp control” to enter mstp field operation. 10.5.1.1 instance configuration click “mstp contro...
Page 248
247 e es4710bd 10 slots l2/l3/l4 chassis switch 10.5.2 mstp port operation 10.5.2.1 edge port setting click “mstp control” to enter mstp field operation, then "portfast config". Set the port to be an edge port configure port 1/5 to be edge ports. 10.5.2.2 port priority setting click “mstp control” t...
Page 249
248 e es4710bd 10 slots l2/l3/l4 chassis switch 10.5.2.5 link type configuration click “mstp control” to enter mstp port operation, then "link_type config". Set the link type of the current port. Set the link of port 1/7 to be forced point-to-point type. 10.5.2.6 mstp port configuration click “mstp ...
Page 250
249 e es4710bd 10 slots l2/l3/l4 chassis switch click “mstp control” to enter mstp global control, then "hello_time config". Set the hello time for the switch. Set mstp hello time to 5 seconds in global mode. 10.5.3.4 set the max age time for bpdu information in the switch click “mstp control”, mstp...
Page 251
250 e es4710bd 10 slots l2/l3/l4 chassis switch click “mstp control”, “mstp global control”, enter the "priority config" to set bridge priority for the switch for the specified instance. Set bridge priority of the specified instance for the switch configure switch instance2 priority to 4096. 10.5.4 ...
Page 252: 11.2 Igmp
251 e es4710bd 10 slots l2/l3/l4 chassis switch chapter11 igmp snooping configuration 11.1 introduction to igmp snooping igmp (internet group management protocol) is a protocol used in ip multicast. Igmp is used by multicast enabled network devices (such as a routers) for host membership query, and ...
Page 253
252 e es4710bd 10 slots l2/l3/l4 chassis switch ip igmp snooping vlan no ip igmp snooping vlan enables igmp snooping for specified vlan ip igmp snooping vlan mrouter interface no ip igmp snooping vlan mrouter sets the specified vlan the port for connecting m-router ip igmp snooping vlan immediate-le...
Page 254
253 e es4710bd 10 slots l2/l3/l4 chassis switch command disables the igmp snooping function. Command mode: global mode default: igmp snooping is disabled by default. Usage guide: enabling igmp snooping allows the switch to monitor multicast traffic in the network and decide which ports will receive ...
Page 255
254 e es4710bd 10 slots l2/l3/l4 chassis switch 11.2.2.4 ip igmp snooping vlan static command: ip igmp snooping vlan static interface –name> no ip igmp snooping vlan static function: enables the igmp snooping static multicast group membership: the “ no ip igmp snooping vlan static ” command disables...
Page 256
255 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: is the valn number specified. Command mode: global mode default: igmp query is disabled by default. Usage guide: before enabling the igmp query function for the specified vlan, the switch must have a corresponding vlan configured and igmp s...
Page 257: 11.3 Igmp
256 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: vlan-id> is the specified vlan number; is maximum query response time, valid range is 10 to 25. Command mode: global mode default: the maximum response time is 10 seconds. Example: setting the maximum igmp query response time of vlan 100 to...
Page 258
257 e es4710bd 10 slots l2/l3/l4 chassis switch switch(c onfig)#ip igmp snooping switch(c onfig)#ip igmp snooping vlan 100 switch(c onfig)#ip igmp snooping vlan 100 mrouter interface ethernet 1/1 multicast configuration suppose two programs are provided in the multicast server using multicast addres...
Page 259: 11.4 Igmp
258 e es4710bd 10 slots l2/l3/l4 chassis switch the configuration of switch2 is the same as the switch in scenario 1, switch1 takes the place of multicast router in scenario 1. Let’s assume vlan 60 is configured in switch1, including ports 1, 2, 6, 10 and 12. Port 1 connects to the multicast server,...
Page 260
259 e es4710bd 10 slots l2/l3/l4 chassis switch igmp information for vlan 1: igmp snooping vlan status :disabled igmp snooping vlan query :disabled igmp snooping vlan mrouter port :(null)-------------------------------- igmp information for vlan 2: igmp snooping vlan status :enabled igmp snooping vl...
Page 261
260 e es4710bd 10 slots l2/l3/l4 chassis switch displayed information explanation igmp snooping status whether “igmp snooping” function is enabled. Igmp snooping vlan status “igmp snooping” status of all vlans in the switch (enabled or not) igmp snooping vlan query query status of all vlans in the s...
Page 262
261 e es4710bd 10 slots l2/l3/l4 chassis switch -------------------------------------------------------------------------- ethernet1/4 members_present snoop_group_addr 239.255.48.189 0 -------------------------------------------------------------------------- ethernet1/5 members_present snoop_group_...
Page 263: 11.5 Web Management
262 e es4710bd 10 slots l2/l3/l4 chassis switch command disables this debug function . Command mode: admin mode default: igmp snooping debug is disabled by default. Usage guide: use this command to enable igmp snooping debug, igmp packet processing information can be displayed. Example: enabling igm...
Page 264
263 e es4710bd 10 slots l2/l3/l4 chassis switch 11.5.2 igmp snooping configuration click “igmp snooping configuration” node to enter the igmp snooping configuration page. This page is divided into 3 sections: query configuration, snooping configuration and configuration display. 11.5.2.1 query confi...
Page 265
264 e es4710bd 10 slots l2/l3/l4 chassis switch 11.5.3 igmp snooping static multicast configuration click “igmp snooping static multicast configuration” to enter the configuration screen. The page is divided into configuration section and display section. 11.5.3.1 igmp snooping static multicast conf...
Page 266
265 e es4710bd 10 slots l2/l3/l4 chassis switch.
Page 267: 12.1 Introduction To Acl
266 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 12 acl configuration 12.1 introduction to acl acl (access control list) is an ip packet filtering mechanism employed in switches, providing network traffic control by granting or denying access through the switches, effectively safeguarding the...
Page 268: 12.2 Acl Configuration
267 e es4710bd 10 slots l2/l3/l4 chassis switch the following rules apply: z an access list can consist of several rules. Filtering of packets compares packet conditions to the rules, from the first rule to the first matched rule; the rest of the rules will not be processed. Z global default action ...
Page 270
269 e es4710bd 10 slots l2/l3/l4 chassis switch a. Create a name-based standard ip access list command explanation global mode ip access standard no ip access standard creates a standard ip access list based on nomenclature; the “ no ip access standard ” command delete the name-based standard ip acc...
Page 273
272 e es4710bd 10 slots l2/l3/l4 chassis switch default: no ip address is configured by default. Usage guide: when the user first specifies a specific , the acl of this number will be created, and entries can be added to that acl. Example: creating an extensive ip access list numbered as 110. Denyin...
Page 277
276 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-ethernet1/10)#ip access-group 110 in switch(config-ethernet1/10)#exit switch(config)#exit configuration result.: switch#show firewall firewall status: enable. Firewall default rule: permit. Switch#show access lists access list 110(used 1 ...
Page 278
277 e es4710bd 10 slots l2/l3/l4 chassis switch displayed information explanation access list 10(used 0 time(s)) numbered acl10, reference time: 1 access list 10 deny any-source denies all ip packets passage access list 100(used 1 time(s)) numbered acl100, reference time: 1. Access list 100 deny ip ...
Page 279
278 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: admin mode usage guide: example: switch#show firewall firewall status: enable. Firewall default rule: permit. Displayed information explanation firewall status: enable. Enables packet filtering function firewall default rule: permit. The ...
Page 280
279 e es4710bd 10 slots l2/l3/l4 chassis switch 12.5.1 numeric standard acl configuration click “numeric acl configuration”, and then “add standard numeric acl” section to enter the configuration page. Equals to its cli command of 12.2.2.2. The explanations of each section are: acl number – 1- 99 ru...
Page 281
280 e es4710bd 10 slots l2/l3/l4 chassis switch there are several sub-sections in this category ： z acl number (100-199) z rule － permit or deny z source address type － specified ip address or any randomly allocated ip address z source ip address z reverse network mask z target address type － specif...
Page 282
281 e es4710bd 10 slots l2/l3/l4 chassis switch 12.5.4 configure standard acl name configuration and delete the standard acl name configuration click “acl name configuration” to open up the sub-sections, next click “acl name configuration” to enter the configuration page. The way to configure the “a...
Page 283
282 e es4710bd 10 slots l2/l3/l4 chassis switch 12.5.5 configure extended acl name configuration click “acl name configuration”, the configuration sections will then be shown. There are 6 types of extended acl name configurations: z ip extended acl name configuration z icmp extended acl name configu...
Page 284
283 e es4710bd 10 slots l2/l3/l4 chassis switch 12.5.7 acl port binding click “filter configuration”, and then select “acl port binding” to enter the configuration page. Equal to cli command: 12.2.2.7 there are five items in this section. Z port – the target port to bind to acl z acl name – the targ...
Page 285
284 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 13 port channel configuration 13.1 introduction to port channel to understand port channel, port group should be introduced first. Port group is a group of physical ports in the configuration level, only physical ports in the port group can tak...
Page 286
285 e es4710bd 10 slots l2/l3/l4 chassis switch ) all ports are in full-duplex mode. ) ports are of the same speed. ) all ports are access ports and belong to the same vlan or are all trunk ports. ) if the ports are trunk ports, then their “allowed vlan” and “native vlan” property should also be the...
Page 289
288 e es4710bd 10 slots l2/l3/l4 chassis switch 13.3 port channel example scenario 1: configuring port channel in lacp. Fig 14-2 configuring port channel in lacp example: the switches in the description below are all es4710bd switches and as shown in the figure, ports 1, 2, 3 of switch 1 are access ...
Page 290
289 e es4710bd 10 slots l2/l3/l4 chassis switch switch2 (config-if-port-channel2)# configuration result: shell prompts ports aggregated successfully after a while, now ports 1, 2, 3 of switch 1 form an aggregated port named “port-channel1”, ports 6, 8, 9 of switch 2 forms an aggregated port named “p...
Page 291
290 e es4710bd 10 slots l2/l3/l4 chassis switch switch2 (config)#interface eth 1/6 switch2 (config-ethernet1/6)#port-group 2 mode on switch2 (config-ethernet1/6)#exit switch2 (config)# interface eth 1/8-9 switch2 (config-port-range)#port-group 2 mode on switch2 (config-port-range)#exit configuration...
Page 292
291 e es4710bd 10 slots l2/l3/l4 chassis switch number of ports in group port number in the port group maxports maximum number of ports allowed in a group number of port-channels whether aggregated to port channel or not max port-channels maximum port channel number can be formed by port group. 2. D...
Page 293
292 e es4710bd 10 slots l2/l3/l4 chassis switch the machine state and port state of the port are as follows: mux_state: detch rcvm_state: p_dis prm_state: no_per actor_oper_port_state : l_a___f_ partner_oper_port_state: _ta___f_ displayed information explanation portnumber port number actor_port_agg...
Page 294
293 e es4710bd 10 slots l2/l3/l4 chassis switch port state lacp activety . 1 lacp timeout . . Aggregation 1 1 synchronization . . Collecting . . Distributing . . Defaulted 1 1 expired . . Partner part administrative operational system 000000-000000 000000-000000 system priority 0x8000 0x8000 key 0x0...
Page 295
294 e es4710bd 10 slots l2/l3/l4 chassis switch collecting whether status of port bound status machine is “collecting” or not. Distributing whether status of port bound status machine is “distributing” or not. Defaulted whether the local port is using default partner end parameter. Expired whether s...
Page 296: 13.5 Web Management
295 e es4710bd 10 slots l2/l3/l4 chassis switch switch# debug lacp 13.4.2 port channel troubleshooting help if problems occur when configuring port aggregation, please first check the following for causes. & ensure all ports in a port group have the same properties, i.E., whether they are in full-du...
Page 297
296 e es4710bd 10 slots l2/l3/l4 chassis switch apply to add the group. After finishing the group configuration, the configured port information will be shown under the configuration table. 13.5.2 lacp port configuration click lacp port configuration to enter configuration page equivalent to cli com...
Page 298
297 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 14 dhcp configuration 14.1 introduction to dhcp dhcp [rfc2131] is the acronym for dynamic host configuration protocol. It is a protocol that assigns dynamically ip addresses to request host from the address pool as well as other network configu...
Page 299
298 e es4710bd 10 slots l2/l3/l4 chassis switch obtained dynamically can be different every time; manually bound ip address will be the same all the time. 2) the lease period of ip address obtained dynamically is the same as the lease period of the address pool and is limited; the lease of manually ...
Page 300
299 e es4710bd 10 slots l2/l3/l4 chassis switch dns-server [address1[address2[…address8]]] no dns-server configures dns server for dhcp clients domain-name no domain-name configures domain name for dhcp clients; the “ no domain-name ” command deletes the domain name. Netbios-name-server [address1[ad...
Page 301
300 e es4710bd 10 slots l2/l3/l4 chassis switch client-identifier no client-identifier specifies the unique id of the user when binding an address manually client-name no client-name configures a client name when binding an address manually 3. Enable logging for address conflicts command explanation...
Page 302
301 e es4710bd 10 slots l2/l3/l4 chassis switch ip address defined in “host” command to the client. Example: specifying the ip address 10.1.128.160 to be bound to user with the unique id of 00-10-5a-60-af-12 in manual address binding. Switch(dhcp-1-config)#client-identifier 00-10-5a-60-af-12 switch(...
Page 303
302 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: dhcp address pool mode usage guide: up to 8 dns server addresses can be configured. The dns server address assigned first has the highest priority, therefore address 1 has the highest priority, and address 2 has the second, and so on. Exa...
Page 304
303 e es4710bd 10 slots l2/l3/l4 chassis switch function: specifies the ip address to be assigned to the user when binding addresses manually; the “ no host ” command deletes the ip address. Parameters: is the ip address in decimal format; is the subnet mask in decimal format; means mask is indicate...
Page 305
304 e es4710bd 10 slots l2/l3/l4 chassis switch function: specifies addresses excluding from dynamic assignment; the “ no ip dhcp excluded-address [ ] ” command cancels the setting. Parameters: is the starting ip address, [ ] is the ending ip address. Default: only individual address is excluded by ...
Page 308
307 e es4710bd 10 slots l2/l3/l4 chassis switch function: sets the network parameter specified by the option code; the “ no option ” command cancels the setting for option. Parameters: is the code for network parameters; is the ascii string up to 255 characters; is a value in hex that is no greater ...
Page 309
308 e es4710bd 10 slots l2/l3/l4 chassis switch fig 14-2 dhcp relay as shown in the above figure, the dhcp client and the dhcp server are in different networks, the dhcp client performs the four dhcp steps as usual yet dhcp relay is added to the process. 1. The client broadcasts a dhcpdiscover packe...
Page 310
309 e es4710bd 10 slots l2/l3/l4 chassis switch 4. Disable dhcp relay from forwarding dhcp broadcast packet. Command explanation global mode ip dhcp relay information policy drop no ip dhcp relay information policy drop when layer 3 switches are used as dhcp relays, this command sets the relay forwa...
Page 311
310 e es4710bd 10 slots l2/l3/l4 chassis switch 14.3.2.3 ip dhcp relay information policy drop command: ip dhcp relay information policy drop no ip dhcp relay information policy drop function: when layer 3 switches are used as dhcp relays, this command sets the relay forwarding policy to drop dhcp p...
Page 312
311 e es4710bd 10 slots l2/l3/l4 chassis switch switch(dhcp-a-config)#default-route 10.16.1.200 10.16.1.201 switch(dhcp-a-config)#dns-server 10.16.1.202 switch(dhcp-a-config)#netbios-name-server 10.16.1.209 switch(dhcp-a-config)#netbios-node-type h-node switch(dhcp-a-config)#exit switch(config)#ip d...
Page 313
312 e es4710bd 10 slots l2/l3/l4 chassis switch scenario 2: fig 14-3 dhcp relay configuration as shown in the above figure, es4710bd is configured as a dhcp relay. The dhcp server address is 10.1.1.10, tftp server address is 10.1.1.20, the configuration steps are as follows: switch(config)# service ...
Page 314
313 e es4710bd 10 slots l2/l3/l4 chassis switch client will be requesting the ip address in the same segment of the vlan interface after vlan interface forwarding, and the vlan interface ip address is 10.16.1.2/24, therefore the ip address assigned to the client will belong to 10.16.1.0/24. If the d...
Page 315
314 e es4710bd 10 slots l2/l3/l4 chassis switch conflicting for use. The “clear ip dhcp conflict” command can be used to delete the conflict record for an address. If "all” is specified, then all conflict records in the log will be removed. When records are removed from the log, the addresses are av...
Page 316
315 e es4710bd 10 slots l2/l3/l4 chassis switch type type of assignment: manual binding or dynamic assignment. 14.5.1.5 show ip dhcp conflict command: show ip dhcp conflict function: displays log information for addresses that have a conflict record. Command mode: admin mode example: switch# show ip...
Page 317
316 e es4710bd 10 slots l2/l3/l4 chassis switch bootreply 1911 dhcpoffer 6 dhcpack 6 dhcpnak 0 dhcprelay 1907 dhcpforward 0 switch# displayed information explanation address pools number of dhcp address pools configured. Database agents number of database agents. Automatic bindings number of address...
Page 318: 14.6 Web Management
317 e es4710bd 10 slots l2/l3/l4 chassis switch 14.5.2 dhcp troubleshooting help if the dhcp clients cannot obtain ip addresses and other network parameters, the following procedures can be followed after dhcp client hardware and cables have been verified to be ok. & verify the dhcp server is runnin...
Page 319
318 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.2.1 address pool configuration click “dhcp configuration”, “dhcp server configuration”, “address pool configuration” to configure the dhcp address pool function: z dhcp pool name (1-32 characters) – defines a dhcp address pool in global mode. Same...
Page 320
319 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.2.2 client’s default gateway configuration click “dhcp configuration”, “dhcp server configuration”, “client's default gateway configuration” to configure the default gateway for dhcp client. Same as cli command 14.2.2.4: z dhcp pool name – selects...
Page 321
320 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.2.4 client wins server configuration click dhcp configuration, dhcp server configuration, client wins server configuration. Configure wins server address. Same as cli command 14.2.2.14: z dhcp pool name – choose one dhcp address pool z wins server...
Page 322
321 e es4710bd 10 slots l2/l3/l4 chassis switch configuration” to configure the dhcp client boot file name and client server address which is for save the boot file: z dhcp pool name - choose one dhcp address pool z dhcp client bootfile name (1-128 characters) - boot file name. Same as cli command 1...
Page 323
322 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.2.7 manual address pool configuration click “dhcp configuration”, “dhcp server configuration”, “manual address pool configuration” to configure dhcp to manually allocate address: z dhcp pool name – choose one dhcp address pool z hardware address –...
Page 324
323 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.2.9 dhcp packet statistics click “dhcp configuration”, “dhcp server configuration”, “dhcp packet statistics” to display dhcp server statistics information of all kinds of dhcp data packets. Same as cli command 14.5.1.3: 14.6.3 dhcp relay configura...
Page 325
324 e es4710bd 10 slots l2/l3/l4 chassis switch click “dhcp configuration”, “dhcp relay configuration”, “dhcp relay configuration” to configure the switch’s dhcp relay function: dhcp forward udp configuration configures dhcp relay to forward broadcast messages to a udp port. Same as cli command 14.3...
Page 326
325 e es4710bd 10 slots l2/l3/l4 chassis switch 14.6.4.2 delete conflict log click “dhcp configuration”, “dhcp debugging” to delete conflicting logs. Example: choose delete all conflict address as yes. Click apply button and all conflicting addresses in address conflict log will be removed. 14.6.4.3...
Page 327
326 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 15 sntp configuration the network time protocol (ntp) is widely used for clock synchronization for global computers connected to the internet. Ntp can assess packet sending/receiving delay in the network, and estimate the computer’s clock devia...
Page 328
327 e es4710bd 10 slots l2/l3/l4 chassis switch 15.1 sntp configuration commands 15.1.1 sntp server command: sntp server [version ] no sntp server function: sets the sntp/ntp server address and server version; the “ no sntp server ” command deletes the sntp/ntp server address. Parameters: is the ip ...
Page 329
328 e es4710bd 10 slots l2/l3/l4 chassis switch default: the default time difference setting is “add 8”. Command mode: global mode example: setting the time zone to beijing. Switch#config switch(config)#sntp timezone beijing add 8 15.2 typical sntp configuration examples switch1 switch2 switch3 sntp...
Page 330: 15.4 Web Management
329 e es4710bd 10 slots l2/l3/l4 chassis switch 15.3 sntp troubleshooting help 15.3.1 monitor and debug commands 15.3.1.1 show sntp command: show sntp function: displays current sntp client configuration and server status. Parameters: n/a. Command mode: admin mode example: displaying current sntp co...
Page 331
330 e es4710bd 10 slots l2/l3/l4 chassis switch 15.4.2 request interval configuration click “sntp configuration”, “request interval configuration” to configure the sending request time interval from sntp client to ntp/sntp server. Same as cli command 15.1.2. Example: configure interval as 128 minute...
Page 332: 16.1 Introduction To Qos
331 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 16 qos configuration 16.1 introduction to qos qos (quality of service) is a set of capabilities that allow you to create differentiated services for network traffic, thereby providing better service for selected network traffic. Qos is a guaran...
Page 333
332 e es4710bd 10 slots l2/l3/l4 chassis switch robin). In profile: traffic within the qos policy range (bandwidth or burst value) is called “in profile". Out of profile: traffic out the qos policy range (bandwidth or burst value) is called “out of profile". 16.1.2 qos implementation to implement la...
Page 334
333 e es4710bd 10 slots l2/l3/l4 chassis switch fig 16-3 basic qos model classification: classifies traffic according to packet classification information and generates internal dscp value based on the classification information. For different packet types and switch configurations, classification i...
Page 335
334 e es4710bd 10 slots l2/l3/l4 chassis switch fig 1 6 -4 classification process policing and remark: each packet in classified ingress traffic is assigned an internal dscp value and can be policed and remarked. Policing can be performed based on dscp value to configure different policies that allo...
Page 336
335 e es4710bd 10 slots l2/l3/l4 chassis switch fig 1 6 -5 policing and remarking process queuing and scheduling: packets at the egress will re-map the internal dscp value to cos value, the queuing operation assigns packets to appropriate queues of priority according to the cos value; while the sche...
Page 337: 16.2 Qos Configuration
336 e es4710bd 10 slots l2/l3/l4 chassis switch fig 16-6 queuing and scheduling process 16.2 qos configuration 16.2.1 qos configuration task sequence 1 ． enable qos qos can be enabled or disabled in global mode. Qos must be enabled first in global mode to configure other qos commands. 2 ． configure ...
Page 338
337 e es4710bd 10 slots l2/l3/l4 chassis switch set up a classification rule according to acl, vlan id, ip precedence or dscp to classify the data stream. Different classes of data streams will be processed with different policies. 3 ． configure a policy map. After data steam classification, a polic...
Page 339
338 e es4710bd 10 slots l2/l3/l4 chassis switch policy-map policy-map-name> no policy-map policy-map-name> creates a policy map and enters policy map mode; the “ no policy-map policy-map-name> ” command deletes the specified policy map. Class class-map-name> no class class-map-name> after a policy m...
Page 340
339 e es4710bd 10 slots l2/l3/l4 chassis switch priority cos >] no mls qos trust disables the current trust status of the port. Mls qos cos { } no mls qos cos configures the default cos value of the port; the “ no mls qos cos ” command restores the default setting. Service-policy {input policy-map-n...
Page 343
342 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: class-map-name> is the class map name used by the class. Default: no policy class is configured by default. Command mode: policy map configuration mode usage guide: before setting up a policy class, a policy map should be created and the po...
Page 344
343 e es4710bd 10 slots l2/l3/l4 chassis switch according to policed-dscp mapping when specified speed is exceeded. Default: there is no policy by default. Command mode: policy class map configuration mode usage guide: the ranges of rate-kbps> and are quite large, if the setting exceeds the actual s...
Page 345
344 e es4710bd 10 slots l2/l3/l4 chassis switch 16.2.2.9 police aggregate command: police aggregate aggregate-policer-name> no police aggregate aggregate-policer-name> function: applies a policy set to classified traffic; the “ no police aggregate aggregate-policer-name> ” command deletes the specif...
Page 346
345 e es4710bd 10 slots l2/l3/l4 chassis switch example: configuring ethernet port 1/1 to trust cos value, i.E., classifying the packets according to cos value, dscp value should not be changed. Switch(config)#interface ethernet 1/1 switch(config-ethernet1/1)#mls qos trust cos pass-through-dscp 16.2...
Page 347
346 e es4710bd 10 slots l2/l3/l4 chassis switch 16.2.2.13 mls qos dscp-mutation command: mls qos dscp-mutation dscp-mutation-name> no mls qos dscp-mutation dscp-mutation-name> function: applies dscp mutation mapping to the port; the “ no mls qos dscp-mutation dscp-mutation-name> ” command restores t...
Page 348
347 e es4710bd 10 slots l2/l3/l4 chassis switch function: configures the queue out mode. The “ no priority-queue out ” command restores the default value and default queue out weights. Parameters: default: non-priority-queue mode. Command mode: interface mode usage guide: when priority-queue out mod...
Page 349: 16.3 Qos
348 e es4710bd 10 slots l2/l3/l4 chassis switch dscp1...Dscp8> are the 8 dscp value corresponding to the 0 to 7 cos value, each dscp value is delimited with space, ranging from 0 to 63; dscp-cos dscp-list> to cos> defines the mapping from dscp to cos value, dscp-list> is a list of dscp value consist...
Page 350
349 e es4710bd 10 slots l2/l3/l4 chassis switch the port in trust cos mode without changing dscp value, and set the default cos value of the port to 5. The configuration steps are listed below: switch#config switch(config)#mls qos switch(config)#interface ethernet 1/1 switch(config-ethernet1/1)#wrr-...
Page 351
350 e es4710bd 10 slots l2/l3/l4 chassis switch an acl name 1 is set to matching segment 192.168.1.0. Qos was enabled globally, a class map named c1 was created, matching acl1 in class map; another policy map named p1 was created and refers to c1 in p1, appropriate policies were set to limit bandwid...
Page 352
351 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-classmap)# exit switch(config)#policy-map p1 switch(config-policymap)#class c1 switch(config--policy-class)#set ip precedence 5 switch(config--policy-class)#exit switch(config-policymap)#exit switch(config)#interface ethernet 1/1 switch(c...
Page 353
352 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: admin mode usage guide: example: switch #show mls qos aggregate-policer policer1 aggregate-policer policer1 80000 80 exceed-action drop not used by any policy map displayed information explanation aggregate-policer policer1 80000 80 excee...
Page 354
353 e es4710bd 10 slots l2/l3/l4 chassis switch 0x200 0x200 0x200 0x200 0x200 0x200 0x200 0x200 displayed information explanation packet number of 8 queue: 0x200 0x200 0x200 0x200 0x200 0x200 0x200 0x200 available packet number for all 8 queues out on the port, this is a fixed setting that cannot be...
Page 356
355 e es4710bd 10 slots l2/l3/l4 chassis switch policed-dscp map: d1 : d2 0 1 2 3 4 5 6 7 8 9 0: 0 1 2 3 4 5 6 7 8 9 1: 10 11 12 13 14 15 16 17 18 19 2: 20 21 22 23 24 25 26 27 28 29 3: 30 31 32 33 34 35 36 37 38 39 4: 40 41 42 43 44 45 46 47 48 49 5: 50 51 52 53 54 55 56 57 58 59 6: 60 61 62 63 16....
Page 357: 16.5 Web Management
356 e es4710bd 10 slots l2/l3/l4 chassis switch policy map p1 class map name: c1 police 16000000 2000 exceed-action drop displayed information explanation policy map p1 name of policy map class map name:c1 name of the class map referred to police 16000000 8000 exceed-action drop policy implemented 1...
Page 358
357 e es4710bd 10 slots l2/l3/l4 chassis switch z qos status － close or open. To enable qos, select open, then click apply. 16.5.2 class-map configuration click “class-map configuration” to display the extension, including the following two sections: 1. Add/remove class-map 2. Class-map configuratio...
Page 359
358 e es4710bd 10 slots l2/l3/l4 chassis switch match value 1, select set to operation type, and then click apply. 16.5.3 policy-map priority configuration click “policy-map configuration” to display the extension, which has five sections: z add/remove policy-map z policy-map priority configuration ...
Page 360
359 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.3.2 policy-map priority configuration click “policy-map priority configuration” to entry configure page. Equivalent to cli command 16.2.2.6. Terms are described as following: z policy-map name z class-map name z priority type. Dscp value or ip pre...
Page 361
360 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.3.4 add/remove aggregate policy click add/remove aggregate policer to entry configure page. It is equivalent to cli command 16.2.2.8. Terms are described as following: z aggregate policer name z rate － average baud rate for classified bandwidth, k...
Page 362
361 e es4710bd 10 slots l2/l3/l4 chassis switch example: apply the aggregate policer agg1 by c1 class-map, input the graphic presentation value, and then click add. 16.5.4 apply qos to port click “apply qos to port” to enter the configuration page, which include four sections: z port trust mode conf...
Page 363
362 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.4.2 port default cos configuration click “port default cos configuration” to entry configure page. Equivalent to cli command 16.2.2.11. Terms are described as following: z port z default cos value － startup cos value z reset － will set column as s...
Page 364
363 e es4710bd 10 slots l2/l3/l4 chassis switch z port name z dscp mutation name z operation － set or remove example: set the dscp mutation in ethernet port 1/1. Choose port name as ethernet1/1, input mu1 for dcsp mutation name, to select set for operation, and then click apply. 16.5.5 egress-queue ...
Page 365
364 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.5.2 egress-queue work mode configuration click “egress-queue work mode configuration” to enter the configuration page. Equivalent to cli command 16.2.2.15. Terms are described as following: z port name z reset － will set column as startup defaults...
Page 366
365 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.6 qos mapping configuration click “qos mapping configuration” to display extensions, including the following: 1. Cos-to-dscp mapping 2. Dscp-to-cos mapping 3. Dscp mutation mapping 4. Ip-precedence-to-dscp mapping 5. Dscp mark down mapping these c...
Page 367
366 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.6.2 dscp-to-cos mapping click “dscp-to-cos mapping” to entry configure page. Terms are described as following: z dscp 1-8 － dscp value z cos value － dscp value mapping to cos value z operation type － add or remove example: to make dscp value 20 ma...
Page 368
367 e es4710bd 10 slots l2/l3/l4 chassis switch 16.5.6.4 ip-precedence-to-dscp mapping click “ip-precedence-to-dscp mapping” to enter the configuration page. Terms are described as following: z ip-precedence － ip precedence value 0 ～ 7 z dscp － ip precedence value mapping to dscp value z operation t...
Page 369: 17.1 Layer 3 Interface
368 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 17 l3 forward configuration es4710bd supports layer 3 forwarding which forwards layer 3 protocol packets (ip packets) across vlans. Such forwarding uses ip addresses, when a port receives a ip packet, it will index it in its own route table and...
Page 370: 17.2 Ip Forwarding
369 e es4710bd 10 slots l2/l3/l4 chassis switch ” command deletes the vlan interface (layer 3 interface) created in the switch. 17.1.2.2 layer 3 interface configuration commands 17.1.2.2.1 interface vlan command: interface vlan no interface vlan function: creates a vlan interface (a layer 3 interfac...
Page 371
370 e es4710bd 10 slots l2/l3/l4 chassis switch no ip fib optimize aggregation algorithm; the “ no ip fib optimize ” disables the optimized ip route aggregation algorithm. 17.2.2.2 ip route aggregation configuration command 17.2.2.2.1 ip fib optimize command: ip fib optimize no ip fib optimize funct...
Page 372
371 e es4710bd 10 slots l2/l3/l4 chassis switch 0 fragmented, 0 couldn't fragment, 0 fragment sent sent: 0 generated, 0 forwarded 0 dropped, 0 no route icmp statistics: rcvd: 0 total 0 errors 0 time exceeded 0 redirects, 0 unreachable, 0 echo, 0 echo replies 0 mask requests, 0 mask replies, 0 quench...
Page 373: 17.3 Arp
372 e es4710bd 10 slots l2/l3/l4 chassis switch and packets without route. Icmp statistics ： icmp packet statistics. Rcvd ： 0 total 0 errors 0 time exceeded 0 redirects, 0 unreachable, 0 echo, 0 echo replies 0 mask requests, 0 mask replies, 0 quench 0 parameter, 0 timestamp, 0 timestamp replies stat...
Page 374
373 e es4710bd 10 slots l2/l3/l4 chassis switch es4710bd supports the configuration of proxy arp for some applications. For instance, when an arp request is received on the port, requesting an ip address in the same ip segment of the port but not the same physical network, if the port has enabled pr...
Page 375
374 e es4710bd 10 slots l2/l3/l4 chassis switch 17.3.2.2.2 ip proxy-arp command: ip proxy-arp no ip proxy-arp function: enables proxy arp for vlan interface; the “no ip proxy-arp” command disables proxy arp. Default: proxy arp is disabled by default. Command mode: vlan interface mode usage guide: wh...
Page 376
375 e es4710bd 10 slots l2/l3/l4 chassis switch 50.1.1.9 00-00-00-00-00-09 vlan50 ethernet1/1 static 150.1.1.2 00-00-58-fc-48-9f vlan150 ethernet3/4 dynamic displayed information explanation total arp items total number of arp entries. The matched arp entry number matching the filter conditions inco...
Page 377: 17.4 Web Management
376 e es4710bd 10 slots l2/l3/l4 chassis switch 17.3.3.2 arp troubleshooting help if ping from the switch to directly connected network devices fails, the following can be used to check the possible cause and create a solution. Z check whether the corresponding arp has been learned by the switch. Z ...
Page 378
377 e es4710bd 10 slots l2/l3/l4 chassis switch configuration. 17.4.3.1 configure static arp click “arp configuration” to configure static arp. Equivalent to cli command 17.3.2.2.1: z ip address: specifies the ip address of related static arp z mac address: specifies the mac address of related stati...
Page 379: 18.1 Route Table
378 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 18 routing protocol configuration to communicate with a remote host over the internet, a host must choose a proper route via a set of routers/l3 switches. Both routers and layer 3 switches calculate the route using cpu. The difference is that l...
Page 380: 18.2 Static Route
379 e es4710bd 10 slots l2/l3/l4 chassis switch the route table mainly consists of the following: z destination address: used to identify the destination address or the destination network of a packet. Z network mask: used together with destination address to identify the destination host or the seg...
Page 381
380 e es4710bd 10 slots l2/l3/l4 chassis switch priority according to the priority of routing protocols. At same time, static routes can be introduced (redistribute) in dynamic route, and change the priority of the static route introduced. 18.2.2 introduction to default route default route is a stat...
Page 382
381 e es4710bd 10 slots l2/l3/l4 chassis switch [ ]” command deletes a static route entry. Parameters: and are the ip address and subnet mask, in decimal format; is the ip address for the next hop in decimal format; is the route priority, ranging from 1 to 255, the smaller preference indicates highe...
Page 383
382 e es4710bd 10 slots l2/l3/l4 chassis switch destination mask nexthop interface pref c 2.2.2.0 255.255.255.0 0.0.0.0 vlan2 0 c 4.4.4.0 255.255.255.0 0.0.0.0 vlan4 0 s 6.6.6.0 255.255.255.0 9.9.9.9 vlan9 1 r 7.7.7.0 255.255.255.0 8.8.8.8 vlan8 120 displayed information explanation c - connected di...
Page 384
383 e es4710bd 10 slots l2/l3/l4 chassis switch switch-2 pc1 £ º 10.1.1.2 pc2 £ º 10.1.4.2 pc3 £ º 10.1.5.2 vlan3 £ º 10.1.5.1 vlan1 £ º 10.1.1.1 vlan2 £ º 10.1.2.1 vlan2 £ º 10.1.4.1 vlan2 £ º 10.1.2.2 vlan1 £ º 10.1.3.2 switch-1 switch-3 vlan1 £ º 10.1.3.1 fig 1 8 -1 static route configurations co...
Page 385: 18.3 Rip
384 e es4710bd 10 slots l2/l3/l4 chassis switch uses the “show ip route” command to display the information about static route in the route table: destination ip address, network mask, next hop ip address, forwarding interface, etc. For example: switch#show ip route codes: c - connected, s - static,...
Page 386
385 e es4710bd 10 slots l2/l3/l4 chassis switch switch will be selected with the metrics increasing progressively. This greatly affects the route selection and route aggregation time. To avoid “infinite count”, rip provides a mechanism such as “split horizon” and “triggered update” to solve route lo...
Page 387
386 e es4710bd 10 slots l2/l3/l4 chassis switch 18.3.2 rip configuration 18.3.2.1 rip configuration task sequence 1. Enable rip (required) (1) enable/disable rip module. (2) enable interface to send/receive rip packets 2. Configure rip parameters (optional) (1) configure rip sending mechanism a. Con...
Page 388
387 e es4710bd 10 slots l2/l3/l4 chassis switch (1) configure rip sending mechanism a. Configure regular rip packets transmission b. Configure rip advertisement command explanation rip configuration mode [no] rip broadcast indicates rip layer 3 switch allows all ports to send broadcast/multicast pac...
Page 391
390 e es4710bd 10 slots l2/l3/l4 chassis switch z show ip rip z debug ip rip packet z debug ip rip recv z debug ip rip send 18.3.2.2.1 auto-summary command: auto-summary no auto-summary function: configures route aggregation; the “ no auto-summary” command disables route aggregation. Parameters: n/a...
Page 392
391 e es4710bd 10 slots l2/l3/l4 chassis switch command: ip rip authentication key-chain no ip rip authentication key-chain function: specifies the key to use for rip authentication; the “ no ip rip authentication key-chain ” command cancels the rip authentication. Parameters: is a string, up to 16 ...
Page 393
392 e es4710bd 10 slots l2/l3/l4 chassis switch 18.3.2.2.6 ip rip metricout command: ip rip metricout value > no ip rip metricout function: sets the additional route weight sending rip packets on the interface; the “ no ip rip metricout ” command restores the default setting. Parameters: is the addi...
Page 395
394 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: sets split horizon to prevent routing loops, i.E., prevent layer 3 switches from broadcasting the route leaned from the same interface. Example: disabling split horizon for interface vlan1. Switch(config)#interface vlan1 switch(config-if-v...
Page 396
395 e es4710bd 10 slots l2/l3/l4 chassis switch default: zero fields are check in rip-i packets by default. Command mode: rip configuration mode usage guide: rip-i packet must have zero field, this command can be used to enable/disable check for rip-i packet zero field. If non-zero zero field found ...
Page 397
396 e es4710bd 10 slots l2/l3/l4 chassis switch function: adjusts the time of rip timers for update, expire, and hold down; the “ no timer basic ” command restores the default setting. Parameter stands for the interval in seconds to send update packets, ranging from 1 to 2,147,483,647; for the inter...
Page 398
397 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: the user can decide whether the routing protocols configured are correct and perform routing troubleshooting according to the output of this command. Example: switch#sh ip protocols rip information rip is turning on default metrict 16 neig...
Page 399
398 e es4710bd 10 slots l2/l3/l4 chassis switch default metric 16 neighbour is preference is 100 displayed information explanation rip is turning on rip routing is enabled default metric 16 the default metric for introduced route is 16 neighbour is the specified destination address preference is 100...
Page 400
399 e es4710bd 10 slots l2/l3/l4 chassis switch received a rip packet from 159.226.42.1 rip packet cmd ： 2 version ： 1 18.3.2.2.23 debug ip rip recv command: debug ip rip recv no debug ip rip recv function: enables the rip packet debug function for receiving: the “ no debug ip rip recv ” command dis...
Page 401
400 e es4710bd 10 slots l2/l3/l4 chassis switch 00 ： 02 ： 50 ： start at 170********************* send packets to 11.11.11.2 packet header ： cmd ： response, version ： 1 no. Dest dest_mask gatedway metric 1 ： 159.226.0.0 0.0.0.0 0.0.0.0 1 00 ： 02 ： 50 ： start at 170********************* send packets t...
Page 402
401 e es4710bd 10 slots l2/l3/l4 chassis switch (10.1.1.2) only, update information is not exchanged between switcha and switchc vlan2 (20.1.1.2). The configuration for switcha, switchb and switchc is shown below: a) configuration of layer 3 switch switcha !Configuration of the ip address for interf...
Page 403
402 e es4710bd 10 slots l2/l3/l4 chassis switch switchc#config switchc(config)# interface vlan 2 switchc(config-if-vlan2)# ip address 20.1.1.2 255.255.255.0 switchc (c config-if-vlan2)#exit ！ enable rip switchc(config)#router rip switchc(config-router-rip)#exit ！ enable vlan2 to send/receive rip pac...
Page 404
403 e es4710bd 10 slots l2/l3/l4 chassis switch automatic network summarization is not in effect disable rip auto aggregation default metric for redistribute is :16 the default metric for introduced route is 16. Neigbour is the specified destination address. Preference is :100 rip routing priority i...
Page 405: 18.4 Ospf
404 e es4710bd 10 slots l2/l3/l4 chassis switch default metric for redistribute is : rip protocol default metric value. Neigbour is: the neighbor layer 3 switch connecting to this rip switch. Preference rip routing priority. Rip version information displays the version information for rip, including...
Page 406
405 e es4710bd 10 slots l2/l3/l4 chassis switch • state of the connecting link link-state information is flooded throughout the network so that all layer 3 switches can get firsthand information. Link-state layer 3 switches will not broadcast all information contained in their route tables; instead,...
Page 407
406 e es4710bd 10 slots l2/l3/l4 chassis switch exchange link-state information with the other ospf layer 3 switches to formal a link-state database describing the whole autonomous system. Each layer 3 switch builds a shortest path tree rooted in itself according to the link-state database, this tre...
Page 408
407 e es4710bd 10 slots l2/l3/l4 chassis switch 1 ） each ospf-enabled layer 3 switch maintains a database (ls database) describing the link-state of the topology structure of the whole autonomous system. Each layer 3 switch generates a link-state advertisement according to its surrounding network to...
Page 409
408 e es4710bd 10 slots l2/l3/l4 chassis switch (3) configure other ospf protocol parameters a. Configure ospf routing protocol priority b. Configure cost for ospf stub area and default route c. Configure ospf virtual link d. Configure the priority of the interface when electing designated layer 3 s...
Page 410
409 e es4710bd 10 slots l2/l3/l4 chassis switch d. Configure ospf packet sending timer parameter (timer of broadcast interface sending hello packet to poll, timer of neighboring layer 3 switch invalid timeout, timer of lsa transmission delay and timer of lsa retransmission. Command explanation inter...
Page 411
410 e es4710bd 10 slots l2/l3/l4 chassis switch (3) configure other ospf protocol parameters a. Configure ospf routing protocol priority b. Configure cost for ospf stub area and default route c. Configure ospf virtual link command explanation ospf protocol configuration mode preference [ ase ] prefe...
Page 412
411 e es4710bd 10 slots l2/l3/l4 chassis switch z ip opsf dead-interval z ip ospf enable area z ip ospf hello-interval z ip ospf passive-interface z ip ospf priority z ip ospf retransmit-interval z ip ospf transmit-delay z network z preference z redistribute ospfase z router id z router ospf z stub ...
Page 413
412 e es4710bd 10 slots l2/l3/l4 chassis switch 18.4.2.2.2 default redistribute interval command: default redistribute interval time > no default redistribute interval function: sets the interval for introducing external routes; the “ no default redistribute interval ” command restores the default s...
Page 415
414 e es4710bd 10 slots l2/l3/l4 chassis switch example: setting the ospf route cost of interface vlan1 to 3. Switch(config-if-vlan1)#ip ospf cost 3 18.4.2.2.8 ip ospf dead-interval command: ip ospf dead-interval no ip ospf dead-interval function: specifies the interval before regarding a neighbor l...
Page 416
415 e es4710bd 10 slots l2/l3/l4 chassis switch default: the default hello-packet-sending interval is 10 seconds. Command mode: interface mode usage guide: the hello packet is a most common packet sent to neighboring layer 3 switches regularly for discovering and maintaining the neighborhood and the...
Page 417
416 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-if-vlan1)#ip ospf priority 0 18.4.2.2.13 ip ospf retransmit-interval command: ip ospf retransmit-interval no ip ospf retransmit-interval function: sets the interval for retransmission of link-state advertisement among neighbor layer 3 swi...
Page 419
418 e es4710bd 10 slots l2/l3/l4 chassis switch respectively; tag specifies the tag of the routes, is the tag value for the routes, ranging from 0 to 4,294,967,295; metric specifies the weight of the route; for weight value, ranging from 1 to 16,777,215. Default: exterior routes are not introduced i...
Page 420
419 e es4710bd 10 slots l2/l3/l4 chassis switch 18.4.2.2.20 stub cost command: stub cost area no stub area function: sets an area to stub area; the “ no stub area ” command cancels the setting. Parameters: is the default route cost for the stub area, ranging from 1 to 65535; is the area number of th...
Page 421
420 e es4710bd 10 slots l2/l3/l4 chassis switch command: show ip ospf function: displays major ospf information. Default: nothing displayed by default command mode: admin mode example: switch#show ip ospf my router id is 11.11.4.1 preference=10 ase perference=150 export metric=1 export tag=-21474836...
Page 422
421 e es4710bd 10 slots l2/l3/l4 chassis switch destination advrouter nexthop age seqnumber type cost 10.1.1.125 11.11.1.2 11.1.1.2 3 300 2 20 displayed information explanation destination target network segment or address advrouter route election nexthop next hop address age aging time seqnumber se...
Page 423
422 e es4710bd 10 slots l2/l3/l4 chassis switch db entry count 6 ls_rtr 3 ls_net 3 ls_sum_net 1 ls_sum_asb 0 ls_ase 3 as internal route 4 as external route 0 displayed information explanation io cumulative statistics for ospf packets in/out. Type packet type: including hello packet, dd packet, ls re...
Page 424
423 e es4710bd 10 slots l2/l3/l4 chassis switch (net's ip) 11.11.1.0 11.11.4.1 0 2147483656 1 6777215 11.11.2.255 11.11.4.1 0 2147483649 1 6777215 11.11.3.255 11.11.4.1 0 2147483680 1 6777215 asbr summary lsas ls id adv rtr age sequence cost checksum (asbr's rtr id) area 2>>>>>>>> area id ： 1 router...
Page 425
424 e es4710bd 10 slots l2/l3/l4 chassis switch ospf router id the id of the layer 3 switch. Area 1>>>>>>>> area id ： 0 represent the lsa database information from area 1 to area 0. Router lsas route lsa network lsas network lsa summary network lsas summary network lsa asbr summary lsas autonomous s...
Page 426
425 e es4710bd 10 slots l2/l3/l4 chassis switch authentication key ospf packet authentication key timer hell, poll, dea, retrans ospf protocol timer: including time set for hello packet, poll interval packet, route invalid, route retransmission, etc. Number of neigbors the number of neighboring laye...
Page 427
426 e es4710bd 10 slots l2/l3/l4 chassis switch router ip addr ip address of the interface in the neighboring layer 3 switch state link-state status priority priority dr id of the designated layer 3 switch bdr id of the backup designated layer 3 switch last hello the last hello packet last exch the ...
Page 428
427 e es4710bd 10 slots l2/l3/l4 chassis switch function: displays ospf virtual link information. Default: nothing displayed by default command mode: admin mode example: switch#show ip ospf virtual-links no virtual-link 18.4.2.2.30 show ip protocols command: show ip protocols function: displays the ...
Page 429
428 e es4710bd 10 slots l2/l3/l4 chassis switch protocol 18.4.2.2.31 debug ip ospf event command: debug ip ospf event no debug ip ospf event function: enables the ospf debugging function for all events: the “ no debug ip ospf event ” command disables the debug function. Default: debugging is disable...
Page 430
429 e es4710bd 10 slots l2/l3/l4 chassis switch 02 ： 40 ： 58 ： receive a hello packet from 11.11.4.2 via broadcast interface 11.11.4.1 02 ： 40 ： 58 ： 18.4.2.2.34 debug ip ospf spf command: debug ip ospf spf no debug ip ospf spf function: enables the ospf debug function for shortest path algorithm; t...
Page 431
430 e es4710bd 10 slots l2/l3/l4 chassis switch ! Configuration of the ip address for interface vlan2 switch1(config)# interface vlan 2 switch1(config-if-vlan2)# ip address 100.1.1.1 255.255.255.0 switch1 (config-if-vlan2)#exit ！ enable ospf protocol, configure the area number for interface vlan1 an...
Page 432
431 e es4710bd 10 slots l2/l3/l4 chassis switch switch3#config switch3(config)# interface vlan 3 switch3(config-if-vlan1)# ip address 20.1.1.2 255.255.255.0 switch3(config-if-vlan3)#no shut-down switch3(config-if-vlan3)#exit ！ enable ospf protocol, configure the ospf area interfaces vlan3 resides in...
Page 433
432 e es4710bd 10 slots l2/l3/l4 chassis switch switch5(config-if-vlan3)#exit ！ enable ospf protocol, configure the number of the area in which interface vlan2 and vlan3 reside in. Switch5(config)#router ospf switch5(config-router-ospf)#exit switch5(config)#interface vlan 2 switch5(config-if-vlan2)#...
Page 434
433 e es4710bd 10 slots l2/l3/l4 chassis switch switch11 are edge layer 3 switches of the area, switch5 and switch7 are edge layer 3 switches of the autonomous system. To area1, layer 3 switches switch1 and switch2 are both in-area switches, area edge switches switch3 and switch4 are responsible for...
Page 435
434 e es4710bd 10 slots l2/l3/l4 chassis switch switch1(config-if-vlan2)#exit ！ enable ospf protocol, configure the area number for interface vlan2. Switch1(config)#router ospf switch1(config-router-ospf)#exit switch1(config)#interface vlan 2 switch1(config-if-vlan2)#ip ospf enable area 1 !Configure...
Page 436
435 e es4710bd 10 slots l2/l3/l4 chassis switch switch3(config-if-vlan2)#exit ！ enable ospf protocol, configure the area number for interface vlan2. Switch3(config)#router ospf switch3(config-router-ospf)#exit switch3(config)#interface vlan 2 switch3(config-if-vlan2)#ip ospf enable area 1 !Configure...
Page 437
436 e es4710bd 10 slots l2/l3/l4 chassis switch switch4(config-if-vlan1)# ip address 10.1.6.1 255.255.255.0 switch4(config-if-vlan1)#ip ospf enable area 0 !Configure md5 key authentication. Switch4(config-if-vlan1)#ip ospf authentication md5 dcs switch4(config-if-vlan1)exit switch4(config)#exit swit...
Page 438
437 e es4710bd 10 slots l2/l3/l4 chassis switch （ 1 ） show ip ospf example: switch#show ip ospf my router id is 11.11.4.1 preference=10 ase perference=150 export metric=1 export tag=-2147483648 area id 0 interface count ： 1 80times spf has been run for this area net range ： lsrefreshtime is1800 area...
Page 439
438 e es4710bd 10 slots l2/l3/l4 chassis switch a 5.1.2.0 255.255.255.0 12.1.1.2 vlan12 150 a 5.1.3.0 255.255.255.0 12.1.1.2 vlan12 150 a 5.1.4.0 255.255.255.0 12.1.1.2 vlan12 150 a 5.1.5.0 255.255.255.0 12.1.1.2 vlan12 150 a 5.1.6.0 255.255.255.0 12.1.1.2 vlan12 150 a 5.1.7.0 255.255.255.0 12.1.1.2...
Page 440
439 e es4710bd 10 slots l2/l3/l4 chassis switch type in out hello 1048 253 dd 338 337 ls req 62 219 ls update 753 295 ls ack 495 308 ase count 0 checksum 0 original lsa 340 ls_rtr 179 ls_net 1 ls_sum_net 160 ls_sum_asb 0 ls_ase 0 received lsa 325 areaid 0 nbr count 1 interface count 1 spf times 120 ...
Page 441
440 e es4710bd 10 slots l2/l3/l4 chassis switch 11.11.4.2 11.11.4.2 18 2147483863 1 6777215 router lsa 11.11.4.1 11.11.4.1 0 2147483808 0 42401 11.11.4.2 11.11.4.2 18 2147483863 1 6777215 network lsas ls id adv rtr age sequence cost checksum (dr's ip) 11.11.4.2 11.11.4.2 1 2147483662 1 35126 summary...
Page 442
441 e es4710bd 10 slots l2/l3/l4 chassis switch 11.11.1.3 14.14.14.1 15 2147483705 1 53384 summary network lsas ls id adv rtr age sequence cost checksum (net's ip) 11.11.4.255 11.11.4.1 0 2147483677 1 6777215 asbr summary lsas ls id adv rtr age sequence cost checksum (asbr's rtr id) as external lsas...
Page 443
442 e es4710bd 10 slots l2/l3/l4 chassis switch cost cost value state status type layer 3 switch type, such as designated priority configure the priority in electing designated layer 3 switch. Transit delay the delay value for interface to transfer las dr the designated layer 3 switch bdr backup des...
Page 444
443 e es4710bd 10 slots l2/l3/l4 chassis switch area id the id of the area for the interface router id the id of the neighbor layer 3 switch router ip addr ip address of the neighboring layer 3 switch state link-state status priority priority dr id of the designated layer 3 switch bdr id of the back...
Page 445
444 e es4710bd 10 slots l2/l3/l4 chassis switch my router id is 100.1.1.1 preference=10 ase perference=150 export metric=1 export tag=-2147483648 area id 1 interface count:2 7times spf has been run for this area net range: lsrefreshtime is1800 rip information rip is shutting down displayed informati...
Page 446: 18.5
445 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5 web management click “ route configuration ” to open “ routing protocol configuration ” to configure the items as follows: z static route configuration z rip configuration z ospf configuration z show ip route 18.5.1 static route click “ static rou...
Page 447
446 e es4710bd 10 slots l2/l3/l4 chassis switch click rip configuration to open rip configuration including: z enable rip: enable rip including 9 enable rip: enable 9 enable port to receive/transmit rip packet z rip parameter configuration (optional) including: 9 enable imported route 9 metricin/out...
Page 448
447 e es4710bd 10 slots l2/l3/l4 chassis switch z redistribute imported route cost z operation type: add or remove example: for protocol select ospf, cost as 5, then select add. Click apply button to redistribute imported route cost 5 with ospf routing protocol to rip. 18.5.2.2.2 metricin/out config...
Page 449
448 e es4710bd 10 slots l2/l3/l4 chassis switch 18.3.2.2.3 z rip authentication type: sets up rip authentication type. Text means text authentication; md5 means normal md5 authentication; cisco md5 means cisco md5 authentication; cancel means back to default. Equivalent to cli command 18.3.2.2.4. Ex...
Page 450
449 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5.2.2.5 set rip timer click “rip timer configuration” to enter the configuration page. Equivalent to cli command 18.3.2.2.18 z update time: sending update packet time interval z invalid timer: rip route invalid time z holddown timer: specified inval...
Page 451
450 e es4710bd 10 slots l2/l3/l4 chassis switch click “ospf enable” to enter the configuration page. Equivalent to cli command 18.4.2.2.19. Z ospf enable: select from ospf enable or ospf disable z reset: clears selection example: select ospf enable and click apply button to enable ospf protocol 18.5...
Page 452
451 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5.3.1.4 configure ospf area for port click “ospf area configuration” to enter the configuration page for port. Equivalent to cli command 18.4.2.2.9 z vlan port: port list z area id: area number z reset: resets each column value to default in this pa...
Page 453
452 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5.3.2.2 passive interface configuration click “passive interface configuration” to enter the configuration page. Equivalent to cli command 18.4.2.2.11. Z port: port list z passive interface configuration: sets up to receive ospf packets only z cance...
Page 454
453 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5.3.3 ospf imported route parameter configuration click “ospf imported route parameter configuration” to open the configuration table, includes: z imported route parameter configuration: configure imported route default parameter z import external r...
Page 455
454 e es4710bd 10 slots l2/l3/l4 chassis switch z reset: resets each column value to default in this page and this action will not change settings z apply: valid each column value. This action will change settings. Z default: resets to default settings. This action will change settings. 18.5.3.4 oth...
Page 456
455 e es4710bd 10 slots l2/l3/l4 chassis switch 18.5.3.4.3 ospf virtual link configuration click “ospf virtual link configuration” to enter the configuration page. Equivalent to cli command 8.4.2.2.21 z router_id: neighbor virtual lick id z transit area: transit area number z hello interval: sending...
Page 457
456 e es4710bd 10 slots l2/l3/l4 chassis switch z show ip ospf cumulative: displays ospf statistic information. Equivalent to cli command 18.4.2.2.24 z show ip ospf database: displays ospf link status data information. Equivalent to cli command 18.4.2.2.25 z show ip ospf interface: displays ospf int...
Page 458
457 e es4710bd 10 slots l2/l3/l4 chassis switch chapter 19 multicast protocol configuration 19.1 multicast protocol overview 19.1.1 introduction to multicast when sending information (including data, voice and video) to a small number of users in the network, there are several ways of transmission. ...
Page 459
458 e es4710bd 10 slots l2/l3/l4 chassis switch group at any time. A multicast group can be either a perpetual one or temporary one. Part of multicast addresses are assigned officially and referred to as the perpetual multicast group. The ip address of a perpetual multicast group remains the same, b...
Page 460
459 e es4710bd 10 slots l2/l3/l4 chassis switch multicast group address in the destination address field of the ip packet. The multicast model differs from the unicast model in that a multicast packet must be forwarded to several external interfaces to send the packet to all receiving stations, i.E....
Page 461
460 e es4710bd 10 slots l2/l3/l4 chassis switch function: displays the ip multicast packet forwarding entries. Parameters: [ group_address ] specifies the group address for the forwarding entry to be displayed; [ source_address ] specifies the source address for the forwarding entry to be displayed ...
Page 462: 19.3 Pim-Dm
461 e es4710bd 10 slots l2/l3/l4 chassis switch 19.3 pim-dm 19.3.1 introduction to pim-dm pim-dm (protocol independent multicast ， dense mode) is a dense mode multicast protocol. It is good for use in small networks as the multicast group members are relatively concentrated in such network environme...
Page 463
462 e es4710bd 10 slots l2/l3/l4 chassis switch if a pruned downstream node needs to restore to the forwarding state, the node will send a graft packet to ask the upstream to restore multicast data forwarding. 19.3.2 pim-dm configuration 19.3.2.1 pim-dm configuration task sequence 1. Enable pim-dm b...
Page 464
463 e es4710bd 10 slots l2/l3/l4 chassis switch command : ip pim dense-mode no ip pim dense-mode function: enables pim-dm protocol on the interface; the “ no ip pim dense-mode ” command disables pim-dm protocol on the interface. Parameters: n/a. Default: pim-dm protocol is disabled by default. Comma...
Page 465
464 e es4710bd 10 slots l2/l3/l4 chassis switch switcha switchb et her net 1/ 1 vl an2 et her net 1/ 1 vl an1 et her net 1/ 2 vl an2 et her net 1/ 2 vl an1 fig 19-1 typical pim-dm environment the followings are the configurations of switcha and switchb. (1) configuration of switcha: switch (config)#...
Page 466
465 e es4710bd 10 slots l2/l3/l4 chassis switch debug ip pim enables the debugging function for displaying detailed pim information; the “ no ” format of this command disables this debug function. 19.3.4.2 show ip pim mroute dm command: show ip pim mroute dm function: displays the pim-dm packet forw...
Page 467
466 e es4710bd 10 slots l2/l3/l4 chassis switch outgoing interface list outgoing interface list. Prune interface list downstream prune interface list. 19.3.4.3 show ip pim neighbor command: show ip pim neighbor [ ifname> ] function: displays information for neighbors of the pim interface. Parameters...
Page 468
467 e es4710bd 10 slots l2/l3/l4 chassis switch 2.1.1.1 vlan1 00:26:23 00:01:39 switch# displayed information explanation interface (the former) interface name and interface ip owner multicast routing protocol of the interface vif corresponding virtual interface index to the interface hello interval...
Page 469
468 e es4710bd 10 slots l2/l3/l4 chassis switch information to edge-core technical service center. 19.4 pim-sm 19.4.1 introduction to pim-sm pim-sm (protocol independent multicast ， sparse mode) is a sparse mode multicast protocol, the mode is protocol independent. It is mainly used in large scale n...
Page 470
469 e es4710bd 10 slots l2/l3/l4 chassis switch on receiving bsr advertised c-rp messages, multicast routers will calculate the rp corresponding to a certain multicast group with the same algorithm. It should be noted that one rp can service multiple multicast groups or all multicast groups. Each mu...
Page 471
470 e es4710bd 10 slots l2/l3/l4 chassis switch 1) configure a switch as the candidate bsr. Command explanation interface mode ip pim bsr-candidate ifname> [ hashlength ] [ priority ] no ip pim bsr-candidate this command is a global candidate bsr configuration command. It is used to configure inform...
Page 472
471 e es4710bd 10 slots l2/l3/l4 chassis switch command: ip pim sparse-mode no ip pim sparse-mode function: enables pim-sm protocol on the interface; the “ no ip pim sparse-mode ” command disables pim-sm protocol on the interface. Parameters: n/a. Default: pim-sm protocol is disabled by default. Com...
Page 473
472 e es4710bd 10 slots l2/l3/l4 chassis switch specified period, that neighbor is considered to be lost. This time setting must be no greater than the neighbor timeout time. Example: configuring pim-sm hello interval on interface vlan1. Switch (config)#interface vlan 1 switch(config-if-vlan1)#ip pi...
Page 474
473 e es4710bd 10 slots l2/l3/l4 chassis switch this command is configured. Example: setting the interface vlan1 as the candidate rp announcing message sending interface. Switch (config)# ip pim rp-candidate vlan1 group-list 5 switch (config)# access-list 5 permit 239.255.2.0 0.0.0.255 19.4.3 typica...
Page 475
474 e es4710bd 10 slots l2/l3/l4 chassis switch switch (config)#interface vlan 2 switch(config-if-vlan2)# ip pim sparse-mode switch(config-if-vlan2)# exit switch (config)# ip pim rp-candidate vlan2 group-list 5 switch (config)# access-list 5 permit 239.255.2.0 0.0.0.255 (3) configuration of switchc:...
Page 476
475 e es4710bd 10 slots l2/l3/l4 chassis switch pimv2 bootstrap information bsr address: 192.4.1.3 priority: 192, hash mask length: 30 expires : 00:02:13. Switch # displayed information explanation bsr address bsr-router address priority bsr-router priority hash mask length bsr-router hash mask leng...
Page 477
476 e es4710bd 10 slots l2/l3/l4 chassis switch expires the remaining time before considering the neighbor to be invalid. 19.4.4.1.3 show ip pim mroute sm command: show ip pim mroute sm function: displays the pim-sm packet forwarding entry parameters: n/a. Default: no display by default. Command mod...
Page 478
477 e es4710bd 10 slots l2/l3/l4 chassis switch 192.2.1.1 vlan2 31 00:11:39 00:01:16 / 192.4.1.4 vlan4 33 00:11:39 00:01:44 dr 192.4.1.3 vlan4 33 00:11:39 00:01:17 / switch # displayed information explanation neighbor-address neighbor address interface the neighbor interface discovered ifindex inter...
Page 479
478 e es4710bd 10 slots l2/l3/l4 chassis switch 00:17:52: pim: received v2 join/prune on vlan2 from 192.3.1.3 to 192.3.1.2 00:17:52: pim: receive join-list: (192.1.1.1/32, 225.0.0.1/32), s-bit set 00:17:54: pim: received v2 hello on vlan4 from 192.4.1.4, holdtime 105 00:17:57: pim: received v2 hello...
Page 480: 19.5 Dvmrp
479 e es4710bd 10 slots l2/l3/l4 chassis switch correctness must be ensured. Pim-sm protocol requires the support of rp and bsr. So “ show ip pim bsr-router ” command should be run first for brs information, if no bsr exists, then the unicast route to bsr should be checked. Use the “ show ip pim rp ...
Page 481
480 e es4710bd 10 slots l2/l3/l4 chassis switch information, they know the route metric for each other to get to the source network, and the switch has the smallest metric to the source network becomes the designated forwarder of that subnet; if the metrics are same, the one with lower ip address ru...
Page 482
481 e es4710bd 10 slots l2/l3/l4 chassis switch command explanation interface mode [no] ip dvmrp enable enable dvmrp; the “ no ip dvmrp enable ” command disables dvmrp (required) 2. Configure connectivity with cisco routers/switches cisco does not really implemented dvmrp, but provides connectivity ...
Page 483
482 e es4710bd 10 slots l2/l3/l4 chassis switch ip dvmrp report-interval time_val > no ip dvmrp report-interval sets the interval for sending dvmrp report messages; the “ no ip dvmrp report interval ” command restores the default setting. D. Configuring dvmrp route timeout time command explanation g...
Page 484
483 e es4710bd 10 slots l2/l3/l4 chassis switch 19.5.2.2.1 ip dvmrp cisco-compatible command: ip dvmrp cisco-compatible no ip dvmrp cisco-compatible function: enables connectivity with cisco neighbor a, b, c, d; the “ no ip dvmrp cisco-compatible ” command disables connectivity with cisco neighbors....
Page 485
484 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: if a new receiver joins that interface when an interface is in the pruned state, the interface will send a graft message to the upstream; if no graft ack message from the upstream is received, it will keep sending graft message to the upst...
Page 486
485 e es4710bd 10 slots l2/l3/l4 chassis switch 19.5.2.2.6 ip dvmrp probe-interval command: ip dvmrp probe-interval time_val > no ip dvmrp probe-interval function: sets the interval for sending dvmrp probe messages; the “ no ip dvmrp probe interval ” command restores the default setting. Parameters:...
Page 487
486 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: is the time to timeout a route, the valid range is 20 to 1400 seconds.. Default: the default timeout setting for dvmrp routes is 140 seconds. Command mode: global mode usage guide: if no updating report message for a route from the neighbor...
Page 488
487 e es4710bd 10 slots l2/l3/l4 chassis switch fig 19 -3 dvmrp network topology the followings are the configurations of switcha and switchb. (1) configuration of switcha: switch (config)#interface vlan 1 switch(config-if-vlan1)#ip dvmrp enable (2) configuration of switchb: switch (config)#interfac...
Page 489
488 e es4710bd 10 slots l2/l3/l4 chassis switch outgoing interface list: (vlan2), protos: 0x2 upstream prune interface list: downstream prune interface list: displayed information explanation (192.168.1.0, 224.1.1.1) forwarding entry incoming interface incoming interface, or rpf interface outgoing i...
Page 490
489 e es4710bd 10 slots l2/l3/l4 chassis switch command mode: admin mode usage guide: this command is used to display dvmrp route table entries; dvmrp maintains separated unicast route tables for rpf check. Example: displaying dvmrp routing information. Switch #show ip dvmrp route switch # destinati...
Page 491
490 e es4710bd 10 slots l2/l3/l4 chassis switch 19.5.4.1.5 debug ip dvmrp detail command: debug ip dvmrp detail function: enables the debug function for displaying detailed dvmrp information; the “ no ” format of this command disables this debug function. Parameters: n/a. Default: disabled. Command ...
Page 492: 19.6 Igmp
491 e es4710bd 10 slots l2/l3/l4 chassis switch dvmrp pruning debug is on 02:22:20:26: dvmrp: received prune on vlan2 from 105.1.1.2, len 20 02:22:20:26: dvmrp: prune vers: majorv 3, minorv 255 02:22:20:26: dvmrp: prune source 192.168.1.105, group 224.1.1.1 02:22:20:40: dvmrp: received graft on vlan...
Page 493
492 e es4710bd 10 slots l2/l3/l4 chassis switch network segments connecting to its interfaces. As to the hosts, they only need to keep the information about the multicast groups joined. Igmp is asymmetric for hosts and switches: the hosts respond igmp query packets sent by the multicast switches, i....
Page 494
493 e es4710bd 10 slots l2/l3/l4 chassis switch b. Configure maximum response time for igmp queries c. Configure timeout setting for igmp queries (3) configure igmp version 3 、 disable igmp 1. Enable igmp there is no special command for enabling igmp in es4710bd layer 3 switches, the igmp automatica...
Page 495
494 e es4710bd 10 slots l2/l3/l4 chassis switch ip igmp static-group a.B.C.D > no ip igmp static -group a.B.C.D > joins the interface to a static igmp group; the “ no ip igmp static -group ” command cancels the join. (2) configure igmp query parameters. A. Configure transmission interval of query pa...
Page 497
496 e es4710bd 10 slots l2/l3/l4 chassis switch 19.6.2.2.3 ip igmp query-interval command: ip igmp query-interval time_val > no ip igmp query-interval function: sets the interval for sending igmp query messages; the “ no ip igmp query interval ” command restores the default setting. Parameters: time...
Page 498
497 e es4710bd 10 slots l2/l3/l4 chassis switch as the querier for that shared network, the other switches act as timers monitoring the status of the querier; if no query packet from the querier is received after the query timeout time, a new switch will be elected to be the new querier. Example: co...
Page 499
498 e es4710bd 10 slots l2/l3/l4 chassis switch appropriate vlan, and pim-dm protocol is enabled on each vlan interface. Switcha switchb et her net 1/ 1 vl an1 et her net 1/ 1 vl an1 et her net 1/ 2 vl an2 fig 19 -4 igmp network topology the followings are the configurations of switcha and switchb. ...
Page 500
499 e es4710bd 10 slots l2/l3/l4 chassis switch switch#show ip igmp groups igmp connect group membership (1 group(s) joined) group address interface uptime expires last reporter 239.255.255.250 vlan123 02:57:30 00:03:36 123.1.1.2 switch# displayed information explanation group address multicast grou...
Page 501
500 e es4710bd 10 slots l2/l3/l4 chassis switch command disables this debug function. Parameters: n/a. Default: disabled command mode: admin mode usage guide: if detailed information about igmp events is required, this debugging command can be used. Example: switch# debug ip igmp event igmp event de...
Page 502: 19.7 Web Management
501 e es4710bd 10 slots l2/l3/l4 chassis switch 19.7 web management click “root page” left content column “multicast protocol configuration” to enter into multicast protocol configuration root node and make configuration for multicast protocol. Z click multicast common configuration to enter into mu...
Page 503
502 e es4710bd 10 slots l2/l3/l4 chassis switch z query-interval － configures local interface pim-dm hello message interval time z vlan port － assigns layer 3 interface （ select from scroll bar menu ） z apply － runs according to configured parameter z default － restores local interface pim-dm hello ...
Page 504
503 e es4710bd 10 slots l2/l3/l4 chassis switch 19.7.3.4 set router as bsr candidate click set router as bsr candidate for configure pim-sm candidate bsr information ， for compete with other candidate bsr for bsr router. This is the same as cli command 19.4.2.2.4 z set router as bsr candidate － yes ...
Page 505
504 e es4710bd 10 slots l2/l3/l4 chassis switch z vlan port － assigns layer 3 interface （ select from scroll bar menu ） z apply － runs according to configured parameter z default － disables dvmrp protocol 19.7.4.2 cisco-compatible configuration click “cisco-compatible configuration” to startup the c...
Page 506
505 e es4710bd 10 slots l2/l3/l4 chassis switch same as cli command 19.5.2.2.3 z interval of sending probe packet － configures the interval of sending probe packet. This is the same as cli command 19.5.2.2.6 z interval of sending report packet － configures the interval of sending report packet. This...
Page 507
506 e es4710bd 10 slots l2/l3/l4 chassis switch z igmp query timeout － configures igmp query timeout. This is the same as cli command 19.6.2.2.5 z vlan port － assigns layer 3 interface （ select from scroll bar menu ） z apply － runs according to configured parameter z default － restores the interface...
Page 508
507 e es4710bd 10 slots l2/l3/l4 chassis switch click “show ip pim neighbor” to display pim interface neighbor information. This is the same as cli command 19.3.4.3 19.7.6.4 show ip pim bsr-router click “show ip pim bsr-router” to display the running pim-sm protocol bsr information. This is the same...
Page 509
508 e es4710bd 10 slots l2/l3/l4 chassis switch chapter20 802.1x configuration 20.1 introduction to 802.1x ieee 802.1x is a port-based network access management method, which authenticates and manages the accessing devices on the physical access level of the lan device. The physical access level her...
Page 510: 20.2 802.1X Configuration
509 e es4710bd 10 slots l2/l3/l4 chassis switch in the ieee 802.1x application environment, es4710bd is used as the access management unit, and the user connection device is the device with 802.1x client software. An authenticating server usually reside in the carrier’s aaa center and usually is a r...
Page 511
510 e es4710bd 10 slots l2/l3/l4 chassis switch 2. Access management unit property configuration 1) configure port authentication status 2) configure port access management method command explanation global mode aaa enable no aaa enable enables the aaa authentication function in the switch; the “ no...
Page 512
511 e es4710bd 10 slots l2/l3/l4 chassis switch 3) configure expanded 802.1x function: for the switch. 3. Supplicant related property configuration command explanation global mode dot1x max-req count> no dot1x max-req sets the number of eap request/md5 frame to be sent before the switch re-initials ...
Page 513
512 e es4710bd 10 slots l2/l3/l4 chassis switch global mode radius-server key no radius-server key specifies the key for radius server; the “no radius-server key” command deletes the key for radius server. 2) configuring radius server command explanation global mode radius-server authentication host...
Page 514
513 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: the aaa authentication for the switch must be enabled first to enable ieee 802.1x authentication for the switch. Example: enabling aaa function for the switch. Switch(config)#aaa enable 20.2.2.2 aaa-accounting enable command: aaa-accountin...
Page 515
514 e es4710bd 10 slots l2/l3/l4 chassis switch 20.2.2.4 dot1x eapor enable command: dot1x eapor enable no dot1x eapor enable function: enables the eap relay authentication function in the switch; the “ no dot1x eapor enable ” command sets eap local end authentication. Command mode: global mode defa...
Page 516
515 e es4710bd 10 slots l2/l3/l4 chassis switch authentication packets support must be enabled in the switch, otherwise many application would not be available. For detailed information, please refer to the introduction of edge-core overall solution, standard 802.1x client would not be authenticated...
Page 517
516 e es4710bd 10 slots l2/l3/l4 chassis switch default: the default maximum user allowed is 1. Usage guide: this command is available for ports using mac-based access management, if mac address authenticated exceeds the number of allowed user, additional users will not be able to access the network...
Page 518
517 e es4710bd 10 slots l2/l3/l4 chassis switch specified port. Parameters: stands for port number, omitting the parameter for all ports. Command mode: admin mode usage guide: this command is an admin mode command. It makes the switch to re-authenticate the client at once without waiting for re-auth...
Page 519
518 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: is the interval for re-authentication, in seconds, the valid range is 1 to 65535. Command mode: global mode default: the default value is 3600 seconds. Usage guide: dot1x re-authentication must be enabled first before supplicant re-authenti...
Page 520
519 e es4710bd 10 slots l2/l3/l4 chassis switch servers, and all the accounting servers can be backup servers for each other. If primary is specified, then the specified radius server will be the primary server. Example: sets the radius accounting server of ip address to 100.100.100.60 as the primar...
Page 521
520 e es4710bd 10 slots l2/l3/l4 chassis switch 20.2.2.20 radius-server key command: radius-server key no radius-server key function: specifies the key for the radius server (authentication and accounting); the “no radius-server key” command deletes the key for radius server. Parameters: is a key st...
Page 522
521 e es4710bd 10 slots l2/l3/l4 chassis switch time, the switch resends the request packet or sets the server as invalid according to the current conditions. Example: setting the radius authentication timeout timer value to 30 seconds. Switch(config)# radius-server timeout 30 20.3 802.1x applicatio...
Page 523
522 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-ethernet1/2)#exit 20.4 802.1x troubleshooting 2o.4.1 802.1x debug and monitor commands 20.4.1.1 show aaa config command: show aaa config function: displays the configured commands for the switch as a radius client. Command mode: admin mod...
Page 524
523 e es4710bd 10 slots l2/l3/l4 chassis switch .Udp port = 1813 .Is primary = 0 .Is server dead = 0 .Socket no = 0 time out = 3 retransmit = 3 dead time = 5 account time interval = 0 displayed information description is aaa enabled indicates whether aaa authentication is enabled or not. 1 for enabl...
Page 525
524 e es4710bd 10 slots l2/l3/l4 chassis switch usage guide: usually the administrator is concerned only with the online user information, the other information displayed is used for troubleshooting by technical support. Example: switch#show aaa authenticated-user ------------------------- authentic...
Page 526
525 e es4710bd 10 slots l2/l3/l4 chassis switch the total user num is: 1 2. Display the statistics for radius authenticated users and others. Switch #sho radius authencating-user count --------------------- radius user statistic--------------------- the authencating user num is: 0 the stopping user ...
Page 527
526 e es4710bd 10 slots l2/l3/l4 chassis switch supplicant 00-03-0f-fe-2e-d3 authenticator state machine state authenticated backend state machine state idle reauthentication state machine state stop displayed information explanation global 802.1x parameters global 802.1x parameter information reaut...
Page 528
527 e es4710bd 10 slots l2/l3/l4 chassis switch process and is helpful in troubleshooting. Example : enabling aaa debugging information. Switch#debug aaa 20.4.1.7 debug dot1x command: debug dot1x no debug dot1x function: enables dot1x debugging information; the “ no debug dot1x” command disables the...
Page 529: 20.5 Web Management
528 e es4710bd 10 slots l2/l3/l4 chassis switch 20.5 web management click “authentication configuration”, to open authentication configuration management list.Users may configure switch 802.1x authentication function. 20.5.1 radius client configuration click “authentication configuration”, “radius c...
Page 530
529 e es4710bd 10 slots l2/l3/l4 chassis switch 20.5.1.2 radius authentication configuration click “authentication configuration”, “radius client configuration”, “radius authentication configuration” to configure the radius authentication server ip address and monitor port id. Equivalent to cli comm...
Page 531
530 e es4710bd 10 slots l2/l3/l4 chassis switch 20.5.1.3 radius accounting configuration click “authentication configuration”, “radius client configuration”, “radius accounting configuration” to configure the radius accounting server’s ip address and monitor port id. Equivalent to cli command 20.2.2...
Page 532
531 e es4710bd 10 slots l2/l3/l4 chassis switch suppliant. Equivalent to cli command 20.2.2.12. Z holddown time for authentication failure(1-65535 second) - configures suppliant quiet-period status time after authentication failure. Same as cli command 20.2.2.13. Z re-authenticate client interval(1-...
Page 533
532 e es4710bd 10 slots l2/l3/l4 chassis switch z authentication mode – configures the access control method for a specific port. Mac-based is access control method which is based on mac address; port-based access control method which is based on port. Same as cli command 20.2.2.10. Z port maximum u...
Page 534
533 e es4710bd 10 slots l2/l3/l4 chassis switch port 802.1x configuration information, and make re-authentication for the specific port. Same as cli command 1.2.2.11. Z port – assign port z 802.1x status – port 802.1x status z authentication type – authentication type z authentication status – authe...
Page 535
534 e es4710bd 10 slots l2/l3/l4 chassis switch chapter21 vrrp configuration 21.1 introduction to vrrp vrrp (virtual router redundancy protocol) is a fault tolerant protocol designed to enhance connection reliability between routes (or l3 ethernet switches) and external devices. It is developed by t...
Page 536
535 e es4710bd 10 slots l2/l3/l4 chassis switch 2) configure vrrp priority 3) configure vrrp timer intervals 4) configure vrrp interface monitor 1. Create/remove the virtual router command explanation global mode [no] router vrrp vrid > creates/removes the virtual router 2. Configure vrrp dummy ip a...
Page 539
538 e es4710bd 10 slots l2/l3/l4 chassis switch must be configured first before starting virtual router. Example : activating the virtual router of number 10 switch(config)# router vrrp 10 switch(config-router-vrrp)# enable 21.1.2.5 disable commands: disable function : deactivates vrrp parameters: n...
Page 540
539 e es4710bd 10 slots l2/l3/l4 chassis switch parameters: string > stands for the vrrp authentication string. Default : there is no authentication string by default. Command mode : interface mode usage guide : this command keeps the vrrp standby cluster from the disturbance of unauthorized members...
Page 541
540 e es4710bd 10 slots l2/l3/l4 chassis switch switch(config-router-vrrp)# priority 150 21.1.2.10 advertisement-interval commands: advertisement-interval adver_interva l > no advertisement-interval function : sets the vrrp timer values; the “no advertisement-interval” command restores the default s...
Page 542
541 e es4710bd 10 slots l2/l3/l4 chassis switch backup cannot changes its status due to lower priority than the master when the master fails. Example : configuring vrrp monitor interface to vlan 2 and decreasing amount of priority to 10. Switch(config-router-vrrp)# circuit-failover vlan 2 10 21.2 ty...
Page 543
542 e es4710bd 10 slots l2/l3/l4 chassis switch 21.3.1 monitor and debug commands 21.3.1.1 show vrrp commands: show vrrp [ vrid > ] function : displays status and configuration information for the vrrp standby cluster. Command mode : all modes example: switch# show vrrp vrid state is initialize virt...
Page 544: 21.4 Web Management
543 e es4710bd 10 slots l2/l3/l4 chassis switch default : debugging information is disabled by default. Command mode : admin mode example: switch# debug vrrp vrrp send[hello]: advertisement sent for vrid=[10], virtual-ip=[10.1.10.1] vrrp send[hello]: advertisement sent for vrid=[10], virtual-ip=[10....
Page 545
544 e es4710bd 10 slots l2/l3/l4 chassis switch 21.4.2 configure vrrp dummy ip click “vrrp control” to configure vrrp and enter "vrrp dummy ip config". Example: enter the created virtual router number 1, vrrp dummy ip address 192.168.2.100 and select the vrrp number type to be master. Click apply to...
Page 546
545 e es4710bd 10 slots l2/l3/l4 chassis switch to configure the preemptive mode for virtual router number 1 to "true". 21.4.6 configure vrrp priority click “vrrp control” to configure vrrp and enter "vrrp priority". Example: enter the created virtual router number "1" and priority. Click enable to ...
Page 547
546 e es4710bd 10 slots l2/l3/l4 chassis switch example: choose created "vlan1" for port and "yes" for authenmode. Click apply to finish port vlan1 authentication mode configuration. 21.4.10 configure authentication string for vrrp click “vrrp control” to enter "vrrp authenstring" and configure vrrp...