1. DL manuals
  2. Cabletron Systems
  3. Network Hardware
  4. SEHI-22/24
  5. User Manual

Cabletron Systems SEHI-22/24 User Manual

Manual is about: Portable Management Application

Summary of SEHI-22/24

  • Page 1

    Portable management application for the sehi-22/24 and sehi-32/34 user’s guide ® the complete networking solution.

  • Page 3: Notice

    I notice cabletron systems reserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult cabletron systems to determine whether any such changes have been made. The hardware, firmware, or software de...

  • Page 4: Restricted Rights Notice

    Ii restricted rights notice (applicable to licenses to the united states government only.) 1. Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c) (1) (ii) of the rights in technical data and computer software clause at dfars 252.227-7013. Cab...

  • Page 5: Contents

    Iii contents chapter 1 introduction to spma for the sehi-22/24 and sehi-32/34 using the sehi user’s guide...................................................................................... 1-1 what’s not in the sehi user’s guide . . . ........................................................ 1-3 c...

  • Page 6

    Contents iv viewing and configuring link/seg traps for ports ........................................ 3-5 chapter 4 repeater redundancy setting network circuit redundancy........................................................................ 4-1 configuring a redundant circuit.........................

  • Page 7: Chapter 1

    1-1 chapter 1 introduction to spma for the sehi-22/24 and sehi-32/34 how to use the sehi user’s guide; manual conventions; contacting cabletron technical support; sehi firmware versions supported by spma the sehi-22/24 and sehi-32/34 are intelligent repeating hubs that provide front panel ports for ...

  • Page 8

    Introduction to spma for the sehi-22/24 and sehi-32/34 1-2 using the sehi user’s guide applications can be accessed from the icon menu (if you are using a management platform) and from the command line (if you are running in stand-alone mode); in addition, several applications can also be accessed f...

  • Page 9: Conventions

    Conventions 1-3 introduction to spma for the sehi-22/24 and sehi-32/34 what’s not in the sehi user’s guide . . . The following standard spma tools are available through the sehi module and are explained in the spectrum portable management application tools guide : • charts, graphs and meters • mac a...

  • Page 10

    Introduction to spma for the sehi-22/24 and sehi-32/34 1-4 conventions some windows within spma applications can be re-sized; those windows will display the standard window resizing handles employed by your windowing system. Re-sizing a window doesn’t re-size the information in the window; it just c...

  • Page 11

    Conventions 1-5 introduction to spma for the sehi-22/24 and sehi-32/34 figure 1-2. The history window using the mouse the unix mouse has three buttons. Procedures within the spma document set refer to these buttons as follows: figure 1-3. Mouse buttons if you’re using a two-button mouse, don’t worry...

  • Page 12: Getting Help

    Introduction to spma for the sehi-22/24 and sehi-32/34 1-6 getting help whenever possible, we will instruct you on which mouse button to employ; however, menu buttons within spma applications will operate according to the convention employed by the active windowing system. By convention, menu button...

  • Page 13: Sehi Firmware

    Sehi firmware 1-7 introduction to spma for the sehi-22/24 and sehi-32/34 for additional information about cabletron systems products, visit our world wide web site: http://www.Cabletron.Com/ sehi firmware spma for the sehi has been tested against firmware versions 1.10.04 and 1.05.03; if you have an...

  • Page 14

    Introduction to spma for the sehi-22/24 and sehi-32/34 1-8 sehi firmware.

  • Page 15: Chapter 2

    2-1 chapter 2 using the sehi hub view navigating through the hub view, monitoring hub performance; managing the hub the heart of the spectrum portable management application (spma) for the sehi is the hub view, a graphical interface that gives you access to many of the functions that provide control...

  • Page 16

    Using the sehi hub view 2-2 using the hub view navigating through the hub view within the hub view ( figure 2-1 ), you can click mouse buttons in different areas of the window to access various menus and initiate certain management tasks. The following sections describe the information displayed in ...

  • Page 17

    Using the hub view 2-3 using the sehi hub view uptime the time that the device has been running without interruption. The counter resets to 0 days 00:00:00 (x days hh:mm:ss) when one of the following occurs: • power to the device is cycled. • the device is reset manually. Date and time the date and ...

  • Page 18

    Using the sehi hub view 2-4 using the hub view clicking on the device button displays the device menu, figure 2-2 . Figure 2-2. Sehi hub view device menu the device menu lets you perform the following: • open the device status window • open the repeater status window • open the polling intervals win...

  • Page 19

    Using the hub view 2-5 using the sehi hub view if you need to call cabletron’s technical support about a problem with the hub view application, you’ll need the information provided in the info window ( figure 2-3 ): figure 2-3. Hub information window clicking mouse button 1 on the quit button closes...

  • Page 20

    Using the sehi hub view 2-6 using the hub view figure 2-4. Mousing around a ports display hub view port color codes the port status boxes in the hub view are color coded to indicate the port’s connection status. The colors are consistent for all port display forms except admin status; the exceptions...

  • Page 21: Monitoring Hub Performance

    Monitoring hub performance 2-7 using the sehi hub view • blue indicates that the port has been disabled through management. • yellow indicates that the port is enabled but does not currently have a valid connection. This usually indicates that the device at the other end of the segment is turned off...

  • Page 22

    Using the sehi hub view 2-8 monitoring hub performance • device, module, and port status descriptions. • device, module, and port statistics, which provide a complete breakdown of packet activity. • device, module, and port-level pie charts, graphs and meters, for a graphic representation of the typ...

  • Page 23

    Monitoring hub performance 2-9 using the sehi hub view for error type descriptions, see checking statistics , page 2-15 . Frame sizes displays a percentage for each active port that represents what portion of that port’s traffic is of a specific size, measured in bytes. You can display any one of th...

  • Page 24

    Using the sehi hub view 2-10 monitoring hub performance • active ports displays either yes or no for any active (green) port, indicating whether or not that port has seen any traffic at all since the device was last initialized or the counters were last reset; this port display form can tell you whe...

  • Page 25

    Monitoring hub performance 2-11 using the sehi hub view date and time displays the current date and time from the sehi’s internal clock. Although the fields are static in the window, the front panel display is a real-time presentation. To change the name, location, contact, date, or time: 1. Highlig...

  • Page 26

    Using the sehi hub view 2-12 monitoring hub performance 2. Press enter or return on the keyboard to save your changes. Active users displays the number of active source addresses communicating through this module. Module type the type of module you are viewing (seh- or sehi-22, 24, 32, or 34). Check...

  • Page 27

    Monitoring hub performance 2-13 using the sehi hub view checking port status you can open a port status window ( figure 2-9 ) for any port in the sehi- controlled hubstack. To open the port status window: 1. Click mouse button 1 in the port index box. Or 1. Click mouse button 3 in the port index or ...

  • Page 28

    Using the sehi hub view 2-14 monitoring hub performance • inactive — the device at the other end of the cable is turned off, there is a break in the cable, or there is no device or cable connected. • not supported — the selected port does not support the link feature, so the sehi cannot determine li...

  • Page 29

    Monitoring hub performance 2-15 using the sehi hub view • multi-mode fiber: st epim • single-mode fiber: st epim topology type indicates how the port is being used. The available types are: • station —the port is receiving packets from no devices, a single device, or two devices. Note that a port in...

  • Page 30

    Using the sehi hub view 2-16 monitoring hub performance to view device statistics at the device, module, or port levels: 1. Display the device, module, or port menu by clicking mouse button 3 in the appropriate area (refer to figure 2-5 , page 2-7 ). 2. Drag down to statistics and then right to eith...

  • Page 31

    Monitoring hub performance 2-17 using the sehi hub view multicast packets the number of multicast packets received by this device, module, or port since the window was last opened or reset. Multicast packets are simultaneously addressed to more than one address, but fewer than all addresses. Collisi...

  • Page 32

    Using the sehi hub view 2-18 monitoring hub performance 802.3 specifications, or a node on the net is transmitting without first listening for carrier sense (and beginning its illegal transmission more than 51.2 µ s after the first station began transmitting). Note that in both cases, the occurrence...

  • Page 33

    Monitoring hub performance 2-19 using the sehi hub view counted as crc errors had only crc errors — they were of legal size (not runts or giants) and had no truncated bytes. You also know that any packet less than 64 bytes long has been counted as a runt, even if it also had alignment and/or crc pro...

  • Page 34: Managing The Hub

    Using the sehi hub view 2-20 managing the hub figure 2-11. The port source address list to view a port’s source address list: 1. Display the port menu by clicking mouse button 3 in the appropriate port status box. 2. Drag down to source address list and release. The source address list window displa...

  • Page 35

    Managing the hub 2-21 using the sehi hub view figure 2-12. Sehi polling intervals setting the polling intervals to set the polling intervals used by spma and the sehi: 1. Click on the device button to display the device menu. 2. Drag down to polling intervals, and release. The sehi polling intervals...

  • Page 36

    Using the sehi hub view 2-22 managing the hub device general status this polling interval controls how often the hub view front panel information — such as uptime, device name, and so forth — and some port status information is updated. Device configuration this polling interval controls how often a...

  • Page 37

    Managing the hub 2-23 using the sehi hub view ! Caution when disabling all ports on a module, make sure you don’t disable the port through which your management station is communicating with the hubstack, or you will lose contact with the stack..

  • Page 38

    Using the sehi hub view 2-24 managing the hub.

  • Page 39: Chapter 3

    3-1 chapter 3 link/seg traps what are link and segmentation traps; enabling and disabling these traps at the device, module, and port levels among the traps which cabletron devices are designed to generate are traps which indicate when a repeater port gains or loses a link signal, when the repeater ...

  • Page 40: What Is A Link Trap?

    Link/seg traps 3-2 what is a link trap? What is a link trap? Some cabletron ethernet repeater ports — including rj45 twisted pair and fiber optic ports — generate a link signal to monitor the status of their connection with the device at the other end of the cable segment. If the cable is removed or...

  • Page 41

    Enabling and disabling link/seg traps 3-3 link/seg traps from the hub view: 1. Click on to display the device menu. 2. Drag down to link/seg traps and release. From the command line (stand-alone mode): 1. From the appropriate directory, type spmarun r4hwtr the main repeater link/seg traps window, fi...

  • Page 42

    Link/seg traps 3-4 enabling and disabling link/seg traps configuring link/seg traps for the repeater to enable or disable link and segmentation traps for all ports on a repeater: 1. In the repeater link/seg traps window, click mouse button 1 on the repeater interface for which you would like to conf...

  • Page 43

    Enabling and disabling link/seg traps 3-5 link/seg traps figure 3-3. The module traps window 3. In the module traps window, click mouse button 1 to select the module for which you wish to configure link and segmentation traps. If the set trap status for field displays selected modules (the default s...

  • Page 44

    Link/seg traps 3-6 enabling and disabling link/seg traps 2. Click mouse button 1 on ; the port traps window, figure 3-4 , will appear. Figure 3-4. The port traps window 3. In the port traps window, click mouse button 1 to select the port or ports for which you wish to configure traps. If the set tra...

  • Page 45: Chapter 4

    4-1 chapter 4 repeater redundancy this chapter describes how to configure and enable redundant circuits. Setting network circuit redundancy the redundancy application gives you the ability to define redundant circuits for your sehi to ensure that critical network connections remain operational. Each...

  • Page 46

    Repeater redundancy 4-2 setting network circuit redundancy spmarun r4red the main repeater redundancy window, figure 4-1 , will appear. Figure 4-1. The repeater redundancy window configuring a redundant circuit to establish or edit a redundant circuit: 1. In the repeater redundancy window, click mou...

  • Page 47

    Setting network circuit redundancy 4-3 repeater redundancy figure 4-2. The channel x redundancy window 2. If you want to change a circuit’s name or the number of retries, highlight the appropriate circuit and click . The change circuit window, figure 4-3 , will appear. Figure 4-3. The change circuit...

  • Page 48

    Repeater redundancy 4-4 setting network circuit redundancy of retries you can enter into this field is 0-16. Be sure to click on before exiting the window to save your changes. 3. With the appropriate circuit name highlighted, click to access the add circuit address window, figure 4-4 . Figure 4-4. ...

  • Page 49: Monitoring Redundancy

    Monitoring redundancy 4-5 repeater redundancy different port to be primary or active, the original primary or active port automatically resets to backup/inactive. 6. Once you have configured all the ports that compose the redundant circuit, enable the circuit by clicking . To clear the settings in o...

  • Page 50

    Repeater redundancy 4-6 monitoring redundancy 1. In the all circuits box, type in a new value in the poll interval field and click . Poll interval is the time in seconds between retries (if the first attempt is unsuccessful). To set the test time: 1. In the all circuits box, type a new test time in ...

  • Page 51: Chapter 5

    5-1 chapter 5 source addressing displaying the source address list; setting the ageing time; selecting the hash type; effects of source address locking; configuring source address traps; finding a source address. Displaying the source address list the source address list, or table (sat), contains th...

  • Page 52

    Source addressing 5-2 displaying the source address list the repeater source address window, figure 5-1 , will appear. Figure 5-1. The repeater source address window the repeater source address window provides a list of the repeater interfaces available on the sehi, as well as command buttons that a...

  • Page 53

    Displaying the source address list 5-3 source addressing figure 5-2. The source address list window the source address list window displays addresses of all devices that have transmitted packets through the sehi within a time period less than the sat’s defined ageing time (addresses that have not tr...

  • Page 54: Setting The Hash Type

    Source addressing 5-4 setting the hash type setting the ageing time the source address list ageing time determines the minimum amount of time an inactive source address will remain in the source address table before it is purged. The source address timer runs continuously beginning at the time the d...

  • Page 55: Locking Source Addresses

    Locking source addresses 5-5 source addressing 2. Click mouse button 1 on ; the channel x source address list window, figure 5-2 ( page 5-3 ), will appear. 3. In the hash type field, click mouse button 1 on the appropriate selection to apply dec or nondec hashing toall ports on the selected repeater...

  • Page 56

    Source addressing 5-6 locking source addresses in addition to activating the security measures as configured via the security application, locking source addresses has the following effects: • on devices running older versions of firmware, unlinked ports will be disabled immediately after locking ha...

  • Page 57

    Configuring source address traps 5-7 source addressing • a port’s topology status (station or trunk) remains fixed while locking is in effect, even if the number of detected addresses changes. • any ports disabled due to a violation (or because they were unlinked when locking was enabled) must be ma...

  • Page 58

    Source addressing 5-8 configuring source address traps • porttypechanged traps are issued when a port’s topology status changes from station to trunk, or vice versa. The interesting information includes the board and port index, and the port’s new topology status. • a lockstatuschanged trap is gener...

  • Page 59

    Configuring source address traps 5-9 source addressing as with device-level trap status, a status of other for any module indicates that there is some combination of enabled and disabled source address traps on the ports in that module. To configure trap status for all ports on a selected module or ...

  • Page 60

    Source addressing 5-10 configuring source address traps figure 5-3. The module source address traps window to enable or disable port-level traps: 1. In the port source address traps window ( figure 5-4 , page 5-11 ), click mouse button 1 to select the port or ports for which you wish to enable or di...

  • Page 61: Finding A Source Address

    Finding a source address 5-11 source addressing figure 5-4. The port source address traps window 2. Click on the appropriate selection in the trap status field to enable or disable traps for the selected port(s), as desired. 3. Click on to save your changes. Finding a source address you can use the ...

  • Page 62

    Source addressing 5-12 finding a source address to find a source address: 1. Click mouse button 1 on in the source address list window ( figure 5-2 , page 5-3 ); the find source address window, figure 5-5 , will appear. Figure 5-5. Find source address window 2. In the mac address field, enter the so...

  • Page 63

    Finding a source address 5-13 source addressing figure 5-6. Results of mac address search 4. Click on to exit the window..

  • Page 64

    Source addressing 5-14 finding a source address.

  • Page 65: Chapter 6

    6-1 chapter 6 security launching the security application; lanview secure defined; configuring security; enabling security and traps at the repeater, hub, and port levels; security on non-lanview secure hubs the security application allows you to configure and manage the lanview secure feature incor...

  • Page 66: What Is

    Security 6-2 what is lanviewsecure? From the command line (stand-alone mode): 1. From the appropriate directory, type spmarun r4sec the repeater security window, figure 6-1 , will appear. Figure 6-1. The repeater security window the repeater security window provides a list of the repeater interfaces...

  • Page 67

    What is lanviewsecure? 6-3 security secure port, and can be configured to secure both station and trunk ports; eavesdropper protection scrambles the data portion of any packet transmitted via a secure port to all but the destination port, and can be extended to broadcast and multicast packets as wel...

  • Page 68: Lanview

    Security 6-4 what is lanviewsecure? Configurable violation response before lanview s ecure , any locked port which experienced a violation was shut down automatically; now, you can choose to allow ports to remain enabled even after an unsecured address has attempted to access a locked port. If you c...

  • Page 69: Lanview

    What is lanviewsecure? 6-5 security forced non-secure status with the original version of lanview secure , all ports except those which had been forced to trunk status could be locked, and would be locked automatically if locking were enabled at the repeater or hub level. With the enhanced version o...

  • Page 70: Configuring Security

    Security 6-6 configuring security intruder will be to issue a trap after the first violation; all packets, regardless of source address, will be allowed to pass. Forced non-secure status with the enhanced version of lanview secure , even ports on non- lanview secure hubs can be forced to an unsecura...

  • Page 71

    Configuring security 6-7 security figure 6-2. Channel a port security window the top portion of the window contains a list box which displays each port communicating on the selected channel, designated by hub and port number. Each port’s current lock status, violation response, security level, and t...

  • Page 72

    Security 6-8 configuring security from the selected ports: a trap will be sent after the first violation, but all packets, regardless of source address, will be allowed to pass. Ports in this state still have active eavesdropper protection. 3. The security level field allows you to select which pack...

  • Page 73

    Configuring security 6-9 security figure 6-3. The addresses window 3. On the left side of the window, the learned addresses list box will display all source addresses detected by the selected port during the last ageing interval (see chapter 4, source address, for more information on the ageing inte...

  • Page 74

    Security 6-10 configuring security figure 6-4. Add mac address window d. Enter the desired mac address in an xx:xx:xx:xx:xx:xx format, then click on . A confirmation window will appear; if you click on yes to secure the address, it will appear in the secure addresses list box. 4. To secure addresses...

  • Page 75

    Configuring security 6-11 security 4. Click to select the reset learned addresses option. A confirmation window will appear; click on to reset addresses, or on to cancel. The port’s address table will be cleared of all learned and secure addresses, and the learning process will restart. Tips for suc...

  • Page 76: Enabling Security And Traps

    Security 6-12 enabling security and traps enabling security and traps you can enable or disable all applicable protections by locking or unlocking ports via the repeater, hub, or port security window, as described in the sections below. There are two levels of lock status to choose from: if you sele...

  • Page 77

    Enabling security and traps 6-13 security repeater-level security and traps locking ports at the repeater, or channel, level applies all applicable security (as configured via the port security window) to every port on the channel. To enable or disable security and traps for all ports on a repeater:...

  • Page 78

    Security 6-14 enabling security and traps figure 6-5. Channel a security window 3. In the security mode field, click mouse button 1 on the appropriate selection to apply full or continuous lock status to all ports on the selected repeater channel, or to unlock all ports on the channel. (note that if...

  • Page 79

    Enabling security and traps 6-15 security displayed in the list box; a repeater whose ports have different security mode or trap settings will display a status of “mismatch.” figure 6-6. Channel a module security window 3. Use the set security for field or the mouse to select the hub or hubs for whi...

  • Page 80

    Security 6-16 enabling security and traps 1. In the repeater security window, click to selected the desired repeater interface, or channel, in the scroll list. 2. Click ; the channel a port security window, figure 6-7 , will appear. Figure 6-7. Channel a port security window 3. Use the set security ...

  • Page 81

    Enabling security and traps 6-17 security 5. Click on the appropriate selection in the send trap field to enable or disable traps for the selected port(s). 6. Click on to save your changes; each port’s new status will be displayed in the list box. Click on to close the window..

  • Page 82

    Security 6-18 enabling security and traps.

  • Page 83: Appendix A

    A-1 appendix a sehi mib structure sehi management information base configuration ietf mib support in addition to its proprietary features, the sehi-22/24 and sehi-32/34 currently support the following ietf mib: • rfc 1213 mib for network management of tcp/ip-based internets: mib-ii sehi mib structur...

  • Page 84

    Sehi mib structure a-2 sehi mib structure community names; the chassis mgr community names are the same as those assigned via local management. Sehi lim the sehi lim, or local management, component contains the objects that provide out-of-band management via the console port on the sehi’s front pane...

  • Page 85

    Sehi mib structure a-3 sehi mib structure newer versions of devices with this component-based mib architecture have been simplified somewhat; these devices support a single, global set of community names, with small modifications added automatically to accommodate multiple instances of the same mib ...

  • Page 86

    Sehi mib structure a-4 sehi mib structure.

  • Page 87: Index

    Index-1 index a active port 4-4 active users 2-12, 2-14, 2-20 add circuit address 4-4 admin status 2-9 admin/link status 2-9 ageing time 5-3, 5-4 ageing timer 2-20 alignment errors 2-17 avg packet size 2-16 b broadcast packets 2-16 c change name/retries 4-3 charts and meters 1-3 chassis mgr a-1 circ...

  • Page 88

    Index index-2 info window 2-5 intruder protection 6-2 ip address 2-3 ip services a-2 l lanviewsecure 6-2 on non-secure mims 6-5 learnmodechange trap 6-12 learnstatechange trap 6-12 lim a-2 link signal 2-6, 2-9 link status 2-13 link traps 3-1 link/seg traps 2-4 load 2-8 local management a-2 location ...

  • Page 89

    Index-3 index set trap status for 3-5, 3-6, 5-9, 5-10 setting network circuit redundancy 4-1 source address 2-4 source address list 5-1 source address locking 5-5 source address traps 5-8 sourceaddresstimeout trap 5-7, 6-12 spmarun 3-3, 5-1, 6-2 stand-alone mode 1-3, 2-4 station 2-15 station ports 5...

  • Page 90

    Index index-4.