OmniSwitch

7700/7800
Quick Reference
Guide
Getting Started Guide
Network Configuration Guide
(included CLI Reference Guide)


Getting Started Guide
1. Connections and Cabling
2. Booting the Switch
3. Your First Login Session
4. CLI Basics
5. Files and Directories
6. Working and Certified
Directories
7. Loading Software


Network Configuration
Guide
1 Configuring Ethernet Port
2 Managing Source Learning
3 Configuring VLANs
4 Configuring Spanning Tree
Parameters
5 Configuring 802.1Q
6 Configuring Static Link
Aggregation
7 Configuring Dynamic Link
Aggregation
8 Configuring IP
9 Configuring RIP
10 Configuring UDP Relay
11. Configuring VRRP
12 Configuring QoS
- Bandwidth Control
- Network Address
Translation(NAT)
13 Diagnosing Switch Problems
- Port Mirroring
- Switch Health
- Monitoring Memory

OmniSwitch
7700/7800
Getting Started Guide

1. Connections and Cabling

Serial Connection Default Settings
baud rate

9600

parity

none

data bits (word size)

stop bits

Ethernet Cable Requirements

EMP to a Switch

Straightthrough

EMP to a Computer or
Workstation

Crossover

ENI Port to a Switch

Crossover

ENI Port to a Computer or

Workstation

Straightthrough

Console Cable Pinouts

- DB-9 to DB-9 Serial Cable
Console Port

PC Com Port

DB-9(male)

Pins

Signals

DB-9(female)
Direction

Pins

Signals

not used

not used

TXD

RXD

RXD

TXD

not used

not used

Ground

Ground

not used

not used

not used

not used

not used

not used

not used

not used

2. Booting the Switch

Component LEDs
boot LED .

CMM OK1

On

CMM OK2

CMM TEMP

On

CMM FAN

On

NI OK1

On

NI OK2

Power Supply AC OK

On

Power Supply DC OK

On

Power Supply OVER TEMP

Off

3. Your First Login Session

Logging In to the Switch
login name password .
Login(User Name) admin
Password - switch
login admin , password switch
. , CLI command
.
login : admin
password :
Welcome to the Alcatel OmniSwitch 7000
Software Version 5.1.1.15.R02 GA, July 31, 2002.
Copyright(c), 1994-2002 Alcatel Internetworking, Inc. All Rights reserved.
OmniSwitch(TM) is a trademark of Alcatel Internetworking, Inc. registered
in the United States Patent and Trademark Office.
->

Setting IP Address Information for the EMP

Ethernet Management Port (EMP) Network Interface(NI) module CMM
. EMP default IP gateway
address . Default IP gateway address .
1. CLI prompt modify boot parameters .
-> modify boot parameters
TUE OCT 08 21:05:03 : SYSTEM (75) info message:
+++ Boot param edit session started.
Type '?' for help, 'exit' to exit the boot param parser.
Boot >

2. Boot prompt boot empipaddr EMP default IP address

.
Boot > boot empipaddr 10.100.255.100
3. Boot empgatewayipaddr EMP default gateway .
Boot > boot empgatewayipaddr 10.100.255.1
4. Show .
Boot > show
Edit buffer contents:
EMP IP Address
: 10.100.255.100
EMP Gateway IP Address : 10.100.255.1
----Default subnet mask C class(255.255.255.0) . Subnet mask
boot empnetmask .
5. Commit system .
Boot > commit system
Boot param changes committed to the running system.
WARNING: Changes are temporary and may be overridden at the next system boot.
TUE OCT 08 21:48:25 : SYSTEM (75) info message:
+++ Boot param changes committed to the running system.
Boot >
boot.params
reboot .
6. Boot.params commit file .
Boot > commit file
Boot param changes written to the NVRAM and to the file '/flash/boot.params'.
TUE OCT 08 21:57:22 : SYSTEM (75) info message:
+++ Boot param changes written to the NVRAM and to the file '/flash/boot.params'
.
Boot >
7. CLI prompt exit .
EMP IP address (remote session type)
(unlocked) , Telnet, FTP, WebView, SNMP session .

Unlocking Session Types

, (session
type) .
Unlocking All Session Types
CLI prompt .
-> aaa authentication default local
Unlocking Specified Session Types
aaa authentication
.
-> aaa authentication http local
-> aaa authentication telnet local
-> aaa authentication ftp local
How many sessions are allowed?
Telnet session

4 session

FTP session

4 session

HTTP session

4 session

session(Telnet, FTP,
console)

HTTP,

SNMP session

13 session
50 session

Changing the Login Password

Admin password .
1. admin .
2. password enter .
3. Prompt password .
4. Password prompt , password .
-> password
enter new password: ******
reenter new password: ******
->
50 .

10

Setting the System Time Zone

default timezone UTC(Coordinated Universal Time, Greenwich Mean Time ) .
timezone , GMT 9
.
-> system timezone GMT
-> system timezone +09:00

Setting the Date and Time

System time .
-> system time 10:10:30
->
TUE OCT 08 13:46:15 : SYSTEM (75) info message:
+++ System Time changed to 10:10:30
->
system date .
-> system date 10/01/2002
WED JAN 09 10:20:45 : SYSTEM (75) info message:
+++ System Date changed to 10/01/2002
->

11

4. CLI Basics
Previous Command Recall
Prompt .
<Enter> .

Command History
Show switch 30 .
, show history . Exclamation point ( ! ) history
.
-> show history
1 show cmm
2 show fan
3 show sensor
4 show system
6 show arp
7 show history
-> !4
-> show system
Prompt Exclamation point ( ! ) , .
-> !!
-> show history

Common CLI Commands

write memory

/flash/ working boot.cfg

.

show running- directory

show vlan

VLAN .

show chassis

chassis .

show module

Chassis module .

show ni

NI module ,
.

show cmm

Chassis CMM module ,

.

show system

show microcode

exit

Telnet console .

session timeout cli

Telnet console .

12

5. Files and Directories

Boot and Image Files
flash memory
. boot.cfg , boot.params , image(.img) .
boot. params File
Boot.params EMP IP address, gateway, mask .
default console port parameter , CLI prompt modify boot parameters
.
Boot.params /flash , boot
.
boot. cfg File
Boot.cfg . Boot.cfg ,
write memory /flash/ working .
Boot.cfg /flash/ working .
Image Files
Image ( .img) NI module .
, .
backup /flash/ working
/flash/ certified .
OmniSwitch 7700/7800 image .

Fos.img

OmniSwitch 7700/7800 .

Fbase.img

Frelease.img

package release number .

Fl2eth.img

Layer2 .

Frout.img

Layer3 .

Fqos.img

Quality of Service (QoS) .

Feni.img

10/100, Fast Ethernet, Gigabit Ethernet .

Fdiag.img

Fadvrout.img

Alcatel Advanced Routing package.(option)

Fsecu.img

Fweb.img

WebView .

Fwebl2eth. img

Layer2 WebView .

13

Fwebrout. img

WebView .

Frelease.img

Quality of Service (QoS) WebView .

Fwebadvrout. img

Alcatel Advanced Routing WebView .

Fwebsecu. img

WebView .

Emergency Restore of the boot.cfg File

boot.cfg reboot , configuration
. reboot boot.cfg write
memory .
-> configure write memory
-> write memory
-> configure copy running-config working

Can I Restore the boot.file While Running from Certified?

certified configuration ,
configuration .
1. /flash boot.cfg configuration
.
-> configuration snapshot all boot.cfg
2. cp /flash /flash/working boot.cfg
.
-> cp boot.cfg working/boot.cfg
3. /flash/working reboot .
-> reload working no rollback-timeout

14

6. Working and Certified Directories

Alcatel 7700/7800 32MB flash ,
boot, image . /flash /working, /certified
. image rollback .
Image rollback ("last known good")
.

Working Directory
/flash/working .
/flash/working boot.cfg .
/flash/working configuration, image
/flash/certified .

Certified Directory
/flash/certified master ("gold master")
. configuration, image , .
/flash/working reboot
/flash/certified "last known good" roll back .

Working and Certified Are Identical

/flash/working /flash/certified ,
. /flash/working
.
/flash/working , write memory
.

Working and Certified Are Different

/flash/working /flash/certified
, /flash/certified .
/flash/certified , write memory
.

How can I tell which directory the switch is currently using?

boot , /flash/working , boot.cfg
configuration . boot /flash/certified boot .
.
Show running directory directory .
-> show running- directory
Current running CMM : PRIMARY,
Current running configuration: WORKING

15

Can I save changes to the Certified directory?

/flash/certified configuration image
. configuration /flash/working boot.cfg .
configuration road test , /flash/working copy
working certified /flash/certified .

What happens when the switch boots?

Boot process /flash/ working /flash/ certified
. .

My Working and Certified directories are different. Can I force a reboot from the
Working directory?
configuration image , default
/flash/working reboot . reload working
.

16

7. Loading Software
Non-Redundant Configurations
1. Computer server .
2. FTP , /flash/working .
3. FTP client CLI rm /flash/working .img .
.img asterisk (*) wildcard .
-> rm working/*. img
boot.cfg .
. /flash/certified .
4. FTP client /flash/working .img upload .
5. /flash/working reload .
CLI prompt .
-> reload working no rollback-timeout

Redundant Configurations
1. Primary secondary CMM module OK1 LED , OK2 LED
.
2. Computer server .
3. FTP , /flash/working .
4. FTP client CLI rm primary CMM /flash/working .img
. .img asterisk (*) wildcard
.
-> rm working/*. img
5. FTP client primary CMM /flash/working .img
upload .
6. Primary secondary CMM .
-> copy flash- synchro
primary CMM flash secondary CMM
backup .

17

7. /flash/working reload .
CLI prompt .
-> reload working no rollback-timeout
/flash/working
CMM /flash/certified .
-> copy working certified flash-synchro
. /flash/working primary CMM
/flash/certified primary CMM
secondary CMM module .

18

Getting Started Guide .

19

OmniSwitch
7700/7800
Network Configuration Guide

www.dit.ne.kr

1 Configuring Ethernet Port

Ethernet Port Defaults
Parameter description

command

Default Value/Comments

Trap Port Link Messages

trap port link

Disabled

Flow Control

flow

Disabled

Flow Control Wait Time

flow wait time

0 microseconds

Interface Line Speed

interfaces speed

Auto/
100Mbps - ENI-FM 12

Duplex Mode

interfaces duplex

Auto/
Full - ENI-FM 12

Interface Configuration

interfaces admin

Up (Enabled)

Inter-Frame Gap

interfaces ifg

12 bytes

Maximum Frame Size

Configuration

interfaces max frame

1553 (untagged) Ethernet packets

1553 (tagged) Ethernet packets
10240 Gigabit Ethenet packets

Maximum Frame Size

interfaces long

Disable (Ethernet)
Enable (Gigabit Ethernet)

Minimum Frame Size

interfaces runt

Disable

Minimum Frame Size

Configuration

interfaces runtsize

64 bytes

Maximum Flood Rate

interfaces flood

Enable

Maximum Flood Rate (Multicast

Traffic)

interfaces flood multicast

Disable

Peak Flood Rate Configuration

interfaces flood rate

47Mbps (Fast Ethernet)

496Mbps (Gigabit Ethernet)

Setting Ethernet Port Parameters

Setting Flow Control
flow
flow control enable/disable .
flow [ethernet | fastethernet | gigaethernet] slot/port
no flow [ethernet | fastethernet | gigaethernet] slot/port

22

Defaults flow control disable . flow control

.
->
->
->
->

flow 2/3
flow fastethernet 2/3
no flow 2/3
no flow fastethernet 2/3

Setting Interface Line Speed

interfaces speed
Line speed .
interfaces [ethernet | fastethernet | gigaethernet] slot/port speed {10 | 100 | auto | 1000}
Default auto .
-> interfaces 2/3 speed 100
-> interfaces fastethernet 2/3 speed 100
-> interfaces 2/3 speed auto

Configuring Duplex Mode

interfaces duplex
duplex mode full duplex, half duplex, auto-negotiation . Full
duplex mode . Half duplex mode
. Gigabit ethernet full duplex .
interfaces [ethernet | fastethernet | gigaethernet] slot/port duplex {full | half | auto}
ethernet,
fastethernet,
gigaethernet

Duplex mode type , .

slot/port

Duplex mode .

full, half, auto

duplex mode , default auto.

Auto option duplex mode line speed auto-negotiation .

-> interfaces 2/3 duplex full
-> interfaces fastethernet 2/3 duplex full
-> interfaces 2/3 duplex auto

23

Enabling an Interface
interfaces admin
administrative up/down .
interfaces [ethernet | fastethernet | gigaethernet] slot/port admin {up | down}
Default admin up .
-> interfaces 2/3 admin down
-> interfaces fastethernet 2/3 admin down

Setting Statistics Counters

interfaces no l2 statistics
Layer 2 statistics counter(input/output , frames received,
unicast ) reset .
interfaces [slot/port] no l2 statistics

Verifying Ethernet Port Configuration

Show interface MAC address, input/output
.
show interfaces [type] [slot | slot/port]
-> show interfaces 3/1
Slot/Port 3/1 :
Operational Status
: up,
Type
: GigaEthernet,
MAC address
: 00:d0:95:6a:61:d8,
BandWidth (Megabits) : 1000,
Duplex
: Full,
Long Accept
: Enable,
Runt Accept
: Disable,
Long Frame Size(Bytes) : 10240,
Runt Size(Bytes) : 64
Input :
Bytes Received : 0,
Lost Frames
: 0,
Unicast Frames : 0,
Broadcast Frames : 0,
Multicast Frames : 0,
UnderSize Frames : 0,
OverSize Frames : 0,
Error Frames
:0

24

Output :
Bytes transmitted : 0,
Lost Frames
: 0,
Unicast Frames : 0,
Broadcast Frames : 0,
Multicast Frames : 0,
UnderSize Frames : 0,
Long Frames
:0

show interfaces status,

show interfaces accounting,
show interfaces counters,
show interfaces traffic,
show interfaces counters errors,
show interfaces collisions,
show interfaces port,
show interfaces flow control,
show interfaces ifg,
show interfaces flood rate
.
show interfaces [type] [slot | slot/port] status
-> show interfaces 2 status
DETECTED
Slot/Port AutoNego
Speed

CONFIGURED
Duplex
Speed
Duplex

(Mbps)
(Mbps)
----------+----------+----------+----------+----------+----------+----------02/01
02/02
02/03
02/04
02/05
02/06
------

Enable
Enable
Enable
Enable
Enable
Enable

100
100
100
-

Half
Half
Half
-

Trap

LinkUpDown

Auto
Auto
Auto
Auto
Auto
Auto
Auto
Auto
Auto
Auto
Auto
Auto

show interfaces [type] [slot | slot/port] counters

-> show interfaces 3/1 counters
InOctets
= 54367578586897979, OutOctets
= 5.78E19,
InUcastPkts = 55654265276,
OutUcastPkts = 5.78E20,
InMcastPkts = 58767867868768777, OutMcastPkts = 5465758756856,
InBcastPkts = 576567567567567576, OutBcastPkts = 786876,
InPauseFrames = 567798768768767, OutPauseFrames= 786876,

25

2 Managing Source Learning

MAC Address Table Configuration
mac-address-table
MAC address VLAN .
mac-address-table [permanent | reset | timeout] mac_address slot/port vid [bridging | filtering]
no mac-address-table [permanent | reset | timeout | learned] [mac_address] [slot/port] [vid]

permanent

reboot static MAC address . Permanent default

.

reset

reboot static MAC address

timeout

Aging timer static MAC address .

learned

static MAC address dynamic .

mac_address

MAC Address Table destination MAC address.(e.g. 00:00:39:59:F1:0C)

slot/port

MAC address .

vid

MAC address VLAN ID.

bridging

MAC address packet bridge . Bridge default

.

filtering

MAC address packet drop

mac-address-table aging-time
Static dynamic MAC address aging time .
mac-address-table aging-time seconds [vlan vid]
no mac-address-table aging-time [vlan vid]

second

Aging time , 32-3600 .

vid

VLAN ID.

26

Configuring a Static MAC Address

static MAC address VLAN .
Static MAC address silent . Silent
packet source MAC address .
Silent MAC address MAC address table
, silent .
VLAN 255 4/10 MAC address .
-> mac-address-table 00:02:DA:00:59:0C 4/10 255
VLAN 500 3/1 source MAC address
reboot filtering.
-> mac-address-table reset 00:02:DA:00:59:0C 3/1 500 filtering
VLAN 855 3/2 reset MAC address MAC address table .
-> no mac-address-table reset 00:00:02:CE:10:37 3/2 855
MAC address table MAC address .
-> no mac-address-table learned

Configuring MAC Address Table Aging Time

Source learning also tracks MAC address age and removes addresses from the MAC Address
Table that have aged beyond the aging timer value. When a device stops sending packets,
source learning keeps track of how much time has passed since the last packet was received
on the devices switch port. When this amount of time exceeds the aging time value, the MAC
is aged out of the MAC address table. Source learning always starts tracking MAC address
age from the time since the last packet was received.
VLAN 255 1200 aging time .
-> mac-address-table aging-time 1200 vlan 255
VLAN 255 aging time 300 (default ) .
-> no mac-address-table aging-time vlan 255

27

Displaying MAC Address Table Information

show mac-address-table static MAC address MAC address table MAC
address .
show mac-address-table [permanent | reset | timeout | learned] [mac_address]
[slot slot | slot/port]] [vid]
-> show mac-address-table
Legend: Mac Address: * = address not valid
Vlan
Mac Address
Type
Protocol Operation Interface
------+-------------------+--------------+-----------+------------+----------1
00:00:00:00:00:01 learned
0800
bridging
8/ 1
1
00:d0:95:6a:73:9a learned
aaaa0003 bridging
10/23
Total number of Valid MAC addresses above = 2

MAC address (learned, permanent, reset, and timeout)

MAC address show mac-address-table count .
show mac-address-table count [mac_address] [slot slot | slot/port]] [vid]
-> show mac-address-table count
Mac Address Table count:
Permanent Address Count
=1
DeleteOnReset Address Count
=0
DeleteOnTimeout Address Count
=0
Dynamic Learned Address Count
=6
Total MAC Address In Use
=7

show mac-address-table aging-time VLAN MAC address aging time

.
show mac-address-table aging-time [vlan vid]
-> show mac-address-table aging-time
Mac
Mac
Mac
Mac

Address
Address
Address
Address

Aging
Aging
Aging
Aging

Time (seconds)
Time (seconds)
Time (seconds)
Time (seconds)

for
for
for
for

Vlan
Vlan
Vlan
Vlan

1 = 300
2 = 120
50 = 900
1000 = 300

-> show mac-address-table aging-time vlan 50

Mac Address Aging Time (seconds) for Vlan 50 = 900

28

3 Configuring VLANs
VLAN Configuration
vlan
VLAN ID option VLAN .
vlan vid [enable | disable] [name description]
no vlan vid
vid

VLAN VLAN ID , 2-4094 .

enable, disable

VLAN administrative enable disable, default enable.

description

32 , default VLAN ID.

(e.g. Alcatel Test VLAN)

vlan port default

link aggregate default VLAN .
vlan vid port default {slot/port | link_agg}
vlan vid no port default {slot/port | link_agg}
vid

default VLAN ID .

slot/port

VLAN (e.g. 3 1 3/1). (-)

, (e.g 3/1-16 5/10-20).
Default VLAN 1 default VLAN.

link_agg

VLAN link aggregation ID (0-31).

vlan stp
VLAN Spanning Tree Protocol(STP) Enables disables .
vlan vid stp {enable | disable}
vid

VLAN ID (1-4094).

enable, disable

VLAN STP enable disable, default enable.

29

Creating/Modifying VLANs
Alcatel default VLAN 1 , default VLAN 1
. , VLAN 1
. VLAN , broadcast domain
.

Adding/Removing a VLAN
->
->
->
->

vlan 255 enable name IP Finance Network

vlan 321 Test_Network
vlan 780
no vlan 255

VLAN administrative status enable disable .

-> vlan 780 disable
-> vlan 321 enable

Defining VLAN Port Assignments

default VLAN 1 . vlan port default ,
default VLAN VLAN . 2 5
VLAN 1 , VLAN 955 default VLAN .
-> vlan 955 port default 2/5
-> vlan 955 no port default 2/5
link aggregation group .
-> vlan 755 port default 10

Enabling/Disabling Spanning Tree for a VLAN

VLAN VLAN STP enable . STP
VLAN redundant data path .
(flat) STP VLAN redundant data path
VLAN . VLAN 1 STP disable ,
VLAN disable . VLAN 1 VALN STP disable
, VLAN (flat) STP .
STP 1x1 , VLAN STP .
VLAN STP enable, disable 1x1 STP VLAN
.
-> vlan 255 stp disable
-> vlan 755 stp enable

30

Configuring VLAN Router Ports

VLAN IP, IPX . VLAN routing virtual
VLAN .
VLAN VLAN VLAN
.
VLAN IP IPX virtual .
MAC . multiple MAC (the
default) , 64 VLAN IP, IPX
. VLAN MAC address .
VLAN IP, IPX VLAN MAC
address .
32 MAC address . Multiple MAC 32
VLAN MAC address .
single MAC , 4094 VLAN IP, 256
VLAN IPX . VLAN chassis
MAC address . , VLAN 1
chassis MAC address .

vlan router ip
VLAN IP virtual . IP virtual IP
VLAN . Virtual ,
VLAN VLAN .
vlan vid router ip ip_address [[mask] subnet_mask] [forward | no forward]
vlan vid no router ip
vid

IP VLAN ID (1-4094).

ip_address

IP IP address.

subnet_mask

Class A, B C subnet mask. Default IP address class.

forward,
no forward

subnet IP frame enable, disable. Default forward.

vlan mtu-ip
IP VLAN (MTU) .
vlan vid mtu-ip size
vid

MTU VLAN ID (1-4094).

size

Byte (512-10222), default 1500byte.

31

vlan router mac multiple

multiple mac enables disables . Enable
MAC address .
vlan router mac multiple {enable | disable}

Defining an IP Router Port

-> vlan 955 router ip 71.0.0.1 mask 255.0.0.0 forward
-> vlan 955 router ip 71.0.0.1
-> vlan 955 no router ip
VLAN IP address IP
address . .
-> vlan 955 router ip 40.0.0.2
-> vlan 955 router ip 40.0.0.2 255.255.255.0 no forward
IP address , subnet mask default
, subnet mask default .
class A IP address 40.0.0.2 class C subnet mask 255.255.255.0
. subnet mask , class A IP address
subnet mask .
-> vlan 455 router ip 40.0.0.1 255.255.255.0 forward
MTU(Maximum Transmission Unit) IP VLAN
. MTU 1500 VLAN
, .
-> vlan 1504 mtu-ip 576

Enabling/Disabling Multiple MAC Router Mode

Multiple MAC enable , VLAN MAC
address . multiple MAC disable ,
VLAN MAC address .
-> vlan router mac multiple enable

32

Verifying the VLAN Configuration

VLAN show vlan .
show vlan [vid]
-> show vlan
vlan
admin oper stree auth ip ipx
name
+------+--------+-------+-------+------+----+-----+-------------+
1
on
off
on
off off off
VLAN 1
2
on
off
on
off off off
VLAN 2
3
on
off
on
off off off
VLAN 3
4
on
off
on
off off off
VLAN 4
5
on
off
on
off off off
VLAN 5
6
on
off
on
off off off
VLAN 6
7
on
off
on
off off off
VLAN 7
-> show vlan 1020
Administrative State : enabled
Operational State : enabled
Spanning Tree State : enabled
Authentication
: disabled
IP Router Port
: 143.113.1.1 255.255.0.0 ethernet-II
IPX Router Port
: 455ff novell active ticks:100

VLAN show vlan port .

show vlan [vid] port {slot/port | link_agg}
-> show vlan port
vlan port type
status
+-----+-------+---------+------------+
1
1/1
default inactive
2
1/2
default blocking
1/3
qtagged forwarding
11/4
qtagged forwarding
3
1/2
qtagged blocking
11/4
default forwarding

show vlan router ip VLAN IP .

show vlan router ip
-> show vlan router ip
vlan
ip address
ip mask
encap
------+-----------------+-----------------+---------+---------+------+----2 172.017.060.004 255.255.000.000
3 128.251.041.005 255.255.000.000
4 198.251.017.021 255.255.255.000

mode
e2
e2
e2

oper mtu
forward off 1500
forward on 1500
forward on 1500

show vlan router mac status,

show mac-range,
show mac-range alloc
MAC address .

33

4 Configuring Spanning Tree

Parameters
Spanning Tree Operating Modes
bridge mode
Spanning Tree flat 1x1 .
reboot .
bridge mode {flat | 1x1}
flat

Spanning Tree .

1x1

VLAN Spanning Tree , default

1x1 .

Flat Spanning Tree STP VLAN 1 . VLAN 1 STP disable

VLAN disable . VLAN STP disable VLAN STP
. VLAN untagged 802.1Q tagged
, BPDU untagged .
-> bridge mode flat
1x1 Spanning Tree untagged default VLAN
STP .
802.1Q tagged tagged VLAN (across) STP 802.1Q
STP . tagged STP STP (
VLAN ) .
VLAN tagged untagged , STP ( 802.1Q)
. VLAN tag , VLAN
BPUD tagged . VLAN default VLAN
, BPUD tagged , STP .
-> bridge mode 1x1

Configuring STP VLAN Parameters

vlan stp
VLAN STP enables disables .
vlan vid stp {enable | disable}

34

vid

VLAN ID (1-4094).

1x1

VLAN STP enable disable . Default VLAN

enable.

Selecting the VLAN Bridge Protocol (802.1D or 802.1w)

bridge protocol
VLAN 802.1D STP 802.1W RSTP .
bridge vid protocol {1d | 1w}

vid

VLAN ID (1-4094).

1d

IEEE 802.1D standard Spanning Tree Algorithm. Default

VLAN STP enable , IEEE 802.1D .

1w

IEEE 802.1w Rapid Spanning Tree Algorithm.

-> bridge 455 protocol 1w

Other Parameters
bridge priority
VLAN STP bridge . VLAN bridge STP
bridge root bridge .
bridge vid priority priority
vid

VLAN ID (1-4094).

priority

Bridge priority (0-65535) , . VLAN default

bridge priority 32768.

bridge hello time

STP root STP root Configuration BPDU
.
bridge vid hello time seconds
vid

VLAN ID (1-4094).

seconds

Hello time , 1-10 . Default 2 .

35

bridge forward delay

Forward STP .
listening, learning .
bridge vid forward delay seconds
vid

VLAN ID (1-4094).

seconds

Forward delay time , 4-30 . Default 15 .

bridge slot/port
aggregate STP enable disable .
bridge vid {slot/port | logical_port} {on | off | enable | disable}
vid

VLAN ID (1-4094).

slot/port |
logical_port

link aggregate ID (0-31)

on|off
(enable|disable)

STP on(enable) off(disable) , Default enable.

bridge slot/port priority

aggregate STP . STP root bridge
path cost ,
.
bridge vid {slot/port | logical_port} priority priority
vid

VLAN ID (1-4094).

slot/port |
logical_port

link aggregate ID (0-31)

priority

(0-15) , . Bridge default

7.

bridge slot/port path cost

STP root bridge path cost
. Path cost root bridge hop .
bridge vid {slot/port | logical_port} path cost path_cost

36

vid

VLAN ID (1-4094).

slot/port |
logical_port

link aggregate ID (0-31)

path_cost

Path cost (0-65535) , default 0.

bridge slot/port mode

forwarding, blocking dynamic .
bridge vid {slot/port | logical_port} mode {forwarding | blocking | dynamic}
vid

VLAN ID (1-4094).

slot/port |
logical_port

link aggregate ID (0-31)

forwarding |
forwarding, blocking dynamic , default dynamic.
blocking | dynamic

Verifying the Spanning Tree Configuration

VLAN STP show spantree .
show spantree [vid]
-> show spantree
Vlan STP Status Protocol Priority
-----+----------+--------+-------1
ON
802.1D 32768
2
ON
802.1D 32768
3
ON
802.1D 32768
-> show spantree 2
Spanning Tree Parameters for Vlan 2
Spanning Tree Status :
ON,
Protocol
:
IEEE 802.1D,
mode
: 1X1 (1 STP per Vlan),
Priority
:
32768 (0x8000),
Bridge ID
: 8000-00:d0:95:6a:78:ce,
Designated Root
: 8000-00:00:e8:9a:2b:e0,
Cost to Root Bridge :
48,
Root Port
: Slot 3 Interface 7,
Next Best Root Cost :
0,
Next Best Root Port :
None,
Hold Time
:
1,
Topology Changes
:
1,
Topology age
:
0:18:55

37

Current Parameters (seconds)

Max Age
= 20,
Forward Delay
= 15,
Hello Time
=2
Parameters system uses when attempting to become root
System Max Age
= 20,
System Forward Delay = 15,
System Hello Time = 2

STP show spantree ports .

show spantree [vid] ports [forwarding | blocking]
-> show spantree 30 ports
Spanning Tree Port Summary for Vlan 30
Adm Oper Man. Path Desig
Fw Prim. Adm Op
Port Pri St St mode Cost Cost Role Tx Port Cnx Cnx Desig Bridge ID
-----+---+---+----+----+-----+-----+----+---+-----+---+---+---------------------3/5 7 ENA DIS No
0
48 DIS 0 3/5 NPT NPT 8000-00:d0:95:6a:78:ce
3/6 7 ENA DIS No
0
48 DIS 0 3/6 NPT NPT 8000-00:d0:95:6a:78:ce
3/7 7 ENA FORW No 19
29 ROOT 1 3/7 NPT NPT 8000-00:d0:95:1b:72:e1
3/8 7 ENA DIS No
0
48 DIS 0 3/8 NPT NPT 8000-00:d0:95:6a:78:ce
3/9 7 ENA DIS No
0
48 DIS 0 3/9 NPT NPT 8000-00:d0:95:6a:78:ce

38

Spanning Tree Overview

Alcatel STP CMM NI STP . CMM
backup CMM link up/down STP Bridge Protocol
Data Units(BPDU) STP .
Alcatel STP flat (single STP instance per switch) 1x1 (single STP instance per VLAN)
STP 802.1D, 802.1W . STP
802.1Q tagged port link aggregate logical port .

How the Spanning Tree Topology is Calculated

Tree bridge (path) link bridge .
tree root bridge . tree root bridge
bridge . Root bridge STP loop
(block) bridge root .
Root STP bridge
path cost . bridge root (path)
. IEEE802.3D link path
cost .
Link Speed

Recommended
Value

Recommended
Range

Range

10Mbps

100

50-600

1-65535

100Mbps

19

1-60

1-65535

1Gbps

3-10

1-65535

10Gbps

1-5

1-65535

root path cost bridge . root

path cost . ( root bridge 0 .) root
path cost bridge LAN designated bridge , LAN
bridge root .
STP bridge ( ) bridge STP
. type
STP ( ) bridge
.

39

Role

Port/Bridge Properties

Designated Port

Designated bridge root LAN . Designated

port bridge LAN .

Backup Port

Root designated port designated bridge port.

Alternate Port

bridge root port port. bridge LAN

designated bridge . Alternate port bridge root port
down root bridge alternate path .

Disabled Port

. , role
.

Backup port alternate port IEEE802.1w alternate port root port

.
Role STP (discarding, learning forwarding) . administrative status
enable disable forwarding blocking .
STP (link up) administrative status enable
. 802.1D 802.1w role .
STP Port State

RSTP Port State

Port State Definition

Port Role

Disable

Discarding

down admin disable .

STP .

Disabled

Blocking

Discarding

drop ,
.

Alternate, Backup

Listening

Discarding

, STP
.

Root, Designated

Learning

Learning

MAC address , bridge

forward table
. STP
.

Root, Designated

Forwarding

Forwarding

Root, Designated

STP , LAN root bridge designated bridge ,

bridge(root bridge ) root port . redundant
bridge root .
loop .

Bridge Protocol Data Units (BPDU)

Configuration Bridge Protocol Data Units(BPDU)
layer2 . BPDU STP
. Configuration BPDU BPUD bridge .

40

Root ID

bridge bridge Bridge ID root .

Root Path Cost

Root bridge bridge port path cost .

Bridge ID

STP bridge 8byte hex . 2byte

, 6byte bridge MAC address .
MAC address . Bridge ID
MAC address .

Port ID

BPUD bridge port 16bit hex . 4bit

, 12bit .

Bridged Configuration BPDU root bridge

root .
BPUD STP .
-

bridge root bridge

bridge root bridge
LAN bridge designated bridge
bridge root port
STP role bridge (forwarding
discarding)

STP BPUD ( ) .
- Bridge , root root bridge ID bridge ID
Configuration BPDU
.
- bridge root port ( path cost)
BPDU , LAN .
- bridge designated port ( path cost)
BPDU , LAN
.
STP BPDU BPDU .
1.
2.
3.
4.

root bridge ID( (priority) , MAC address)

root path cost
root path cost , BPDU bridge bridge ID
, port ID( priority , port )

, link down ,
bridge LAN designated bridge Topology Change Notification (TCN)
BPDU . designated bridge root bridge TCN . root
bridge BPDU Topology Change (TC) flag
Configuration BPDU . STP , root
TC flag BPUD , STP .

41

5 Configuring 802.1Q
Configuring an 802.1Q VLAN
vlan 802.1q
aggregate 802.1Q tagging , .
vlan vid 802.1q {slot/port | aggregate_id} [description]
vlan vid no 802.1q {slot/port | aggregate_id}
vid

802.1Q VLAN VLAN ID

(1-4094).

slot/port |
logical_port

802.1Q tagging link aggregate ID (0-31)

description

802.1Q tag , 32 . quotation

vlan 802.1q frame type

VLAN-tagged
.
vlan 802.1q slot/port frame type {all | tagged}
slot/port |
logical_port

802.1Q tagging link aggregate ID (0-31)

all | tagged

VLAN-tagged . Default all.

Enabling Tagging
-> vlan 5 802.1q 3/4
-> vlan 5 802.1q 3/4 port tag
Link aggregation group tagging enable link
aggregation group .
-> vlan 5 802.1q 8 agg port tag
-> vlan 5 no 802.1q 8

42

Configuring the Frame Type

-> vlan 802.1q 3/4 frame type tagged
-> vlan 802.1q 3/4 frame type all
tagged untagged ,
802.1Q VLAN . VLAN untagged
. untagged VLAN default VLAN .
Link aggregation group tagged .

Verifying 802.1Q Configuration

link aggregation group 802.1Q tagging show
802.1q .
show 802.1q {slot/port | aggregate_id}
-> show 802.1q 3/4
Acceptable Frame Type : Any Frame Type
Force Tag Internal
: off
Tagged VLANS
Internal Description
-------------+-------------------------------------------------+
2
TAG PORT 3/4 VLAN 2
-> show 802.1q 2
Tagged VLANS
Internal Description
-------------+-------------------------------------------------+
3 TAG AGGREGATE 2 VLAN 3

43

6 Configuring Static Link Aggregation

Static link aggregation
static linkagg size
static aggregate group . Static aggregate group static link .
static linkagg agg_num size size [name name] [admin state {enable | disable}]
no static linkagg agg_num
agg_num

Static aggregate group number , 0-31(32 ) .

size

Aggregate group link , 2, 4, 8, 16 link .

name

Static aggregate group name , 255 .

.

admin state

Static aggregate group administrative state , default enable.

static agg agg num

Static aggregate group .
static agg [ethernet | fastethernet | gigaethernet] slot/port agg num agg_num
static agg no [ethernet | fastethernet | gigaethernet] slot/port
ethernet,
fastethernet,
gigaethernet

Static aggregate group number type , .

slot/port

Aggregate group .

agg_num

Static aggregate group number.

Configuring Static Link Aggregation Groups

1. static aggregate link .
-> static linkagg 1 size 4
2. Link aggregation group .

44

->
->
->
->

static
static
static
static

agg
agg
agg
agg

4/1
4/7
5/1
6/2

agg
agg
agg
agg

num
num
num
num

1
1
1
1

3. static link aggregate group VLAN .

-> vlan 10 port default 1

Displaying Static Link Aggregation Configuration

and Statistics
Show linkagg static link aggregation setting .
show linkagg [agg_num]
-> show linkagg 1
Static Aggregate
SNMP Id
: 40000001,
Aggregate Number
: 1,
SNMP Descriptor
: Omnichannel Aggregate Number 1 ref 40000001 size 4,
Name
:,
Admin State
: ENABLED,
Operational State
: UP,
Aggregate Size
: 4,
Number of Selected Ports : 4,
Number of Reserved Ports : 4,
Number of Attached Ports : 4,
Primary Port
: 4/1

show linkagg port .

show linkagg port [slot/port]
-> show linkagg port
Slot/Port Aggregate SNMP Id Status Agg Oper Link Prim
---------+---------+-------+----------+----+----+----+---4/1 Static
2001 ATTACHED
1 UP UP YES
4/7 Static
2002 ATTACHED
1 UP UP NO
5/1 Static
2003 CONFIGURED 1 UP UP NO
6/2 Static
2004 CONFIGURED 1 UP UP NO

45

Static Link Aggregation Operation

Static link aggregate group static dynamic 32 .
static link aggregate group link VLAN, QoS,
802.1Q .
Load balancing link link aggregation group
ingress side . Load balancing source, destination MAC
address hash code . link aggregate group
, load balancing algorithm group
port .
Static link aggregate group 10/100 Mbps, 100 Mbps, 1 Gbps link 2, 4, 8, 16
, module ,
. OmniSwitch 7700/7800 OmniSwitch 7700/7800 Omni
S/R . OmniSwitch 7700/7800
static link aggregation .

46

7 Configuring Dynamic Link

Aggregation
Dynamic Link aggregates
lacp linkagg size
lacp linkagg agg_num [size size]
[name name]
[admin state {enable | disable}]
[actor admin key actor_admin_key]
[actor system priority actor_system_priority]
[actor system id actor_system_id]
[partner system id partner_system_id]
[partner system priority partner_system_priority]
[partner admin key partner_admin_key]
noagg_num
lacp linkagg agg_num Dynamic aggregate group number , 0-31(32 ) .
size

Aggregate group link , 2, 4, 8, 16 link .

name

Static aggregate group name , 255 .

.

admin state

Static aggregate group administrative state , default

enable.

actor_admin_key

Dynamic aggregate group administrative key , 0-65535

. Default 0.

actor_system_priority

Dynamic aggregate group priority , 0-65535 . Default

0.

actor_system_id

Dynamic aggregate group MAC address , default

00:00:00:00:00:00.

partner_system_id

Link aggregate group aggregate group MAC address

, default 00:00:00:00:00:00.

partner_system_priority

Aggregation group priority , 0-65535

. Default 0.

partner_admin_key

Aggregation group administrative key , 0-65535

. Default 0.

47

lacp agg actor admin key

Dynamic aggregate group actor administrative key
.
lacp agg [ethernet | fastethernet | gigaethernet] slot/port actor admin key actor_admin_key
[actor admin state {[[no] active] [[no] timeout] [[no] aggregate] [[no] synchronize]
[[no] collect] [[no] distribute] [[no] default] [[no] expire] | none}]
[actor system id actor_system_id]
[actor system priority actor_system_priority]
[partner admin system id partner_admin_system_id]
[partner admin key partner_admin_key]
[partner admin system priority partner_admin_system_priority]
[partner admin state {[[no] active] [[no] timeout] [[no] aggregate] [[no]
synchronize] [[no] collect] [[no] distribute] [[no] default] [[no] expire] | none}]
[actor port priority actor_port_priority]
[partner admin port partner_admin_port]
[partner admin port priority partner_admin_port_priority]
lacp agg no [ethernet | fastethernet | gigaethernet] slot/port

ethernet, fastethernet,
gigaethernet

, .

slot/port

Dynamic aggregate group .

actor_admin_key

Dynamic aggregate group administrative key , 0-65535

.

actor_system_id

dynamic aggregate group MAC address.

actor_system_priority

Dynamic aggregate group priority , 0-65535 .

partner_admin_system_id

Remote dynamic aggregate group MAC address.

partner_admin_key

Dynamic aggregate group remote administrative key.

partner_admin_system_priority

Dynamic aggregate group remote priority.

actor_port_priority

priority , 0-255 .

partner_admin_port

administrative state , 0-65535 .

partner_admin_port _priority

priority , 0-255 .

48

Configuring Dynamic Link Aggregate Groups

1. Local(actor) dynamic link aggregation group
-> lacp linkagg 2 size 8
2. Aggregate actor administrative key (
group size .) .
->
->
->
->
->
->
->
->

lacp
lacp
lacp
lacp
lacp
lacp
lacp
lacp

agg
agg
agg
agg
agg
agg
agg
agg

1/1
1/4
3/3
5/4
6/1
6/2
7/3
8/1

actor
actor
actor
actor
actor
actor
actor
actor

admin
admin
admin
admin
admin
admin
admin
admin

key
key
key
key
key
key
key
key

2
2
2
2
2
2
2
2

3. dynamic link aggregate group VLAN .

-> vlan 2 port default 2

Displaying Dynamic Link Aggregation

Configuration and Statistics
Show linkagg dynamic link aggregation setting .
show linkagg [agg_num]
-> show linkagg 2
Dynamic Aggregate
SNMP Id : 40000002,
Aggregate Number : 2,
SNMP Descriptor : Dynamic Aggregate Number 2 ref 40000002 size 8,
Name : ,
Admin State : ENABLED,
Operational State : UP,
Aggregate Size : 8,
Number of Selected Ports : 8,
Number of Reserved Ports : 8,
Number of Attached Ports : 8,
Primary Port : 1/1,
LACP
MACAddress : [00:1f:cc:00:00:00],
Actor System Id : [00:20:da:81:d5:b0],
Actor System Priority : 0,
Actor Admin Key : 1,
Actor Oper Key : 0,
Partner System Id : [00:20:da:81:d5:b1],

49

Partner System Priority : 0,

Partner Admin Key : 2,
Partner Oper Key : 0

show linkagg port .

show linkagg port [slot/port]
-> show linkagg port 2/1
Dynamic Aggregable Port
SNMP Id : 2001,
Slot/Port : 2/1,
Administrative State : ENABLED,
Operational State : DOWN,
Port State : CONFIGURED,
Link State : DOWN,
Selected Agg Number : NONE,
Primary port : UNKNOWN,
LACP
Actor System Priority : 10,
Actor System Id : [00:d0:95:6a:78:3a],
Actor Admin Key : 8,
Actor Oper Key : 8,
Partner Admin System Priority : 20,
Partner Oper System Priority : 20,
Partner Admin System Id : [00:00:00:00:00:00],
Partner Oper System Id : [00:00:00:00:00:00],
Partner Admin Key : 8,
Partner Oper Key : 0,
Attached Agg Id : 0,
Actor Port : 7,
Actor Port Priority : 15,
Partner Admin Port : 0,
Partner Oper Port : 0,
Partner Admin Port Priority : 0,
Partner Oper Port Priority : 0,
Actor Admin State : act1.tim1.agg1.syn0.col0.dis0.def1.exp0
Actor Oper State : act1.tim1.agg1.syn0.col0.dis0.def1.exp0,
Partner Admin State : act0.tim0.agg1.syn1.col1.dis1.def1.exp0,
Partner Oper State : act0.tim0.agg1.syn0.col1.dis1.def1.exp0

50

Dynamic Link Aggregation Operation

Link aggregate group static dynamic 32 .
static link aggregate group link VLAN, QoS, 802.1Q
.
Dynamic link aggregate group 10/100 Mbps, 100 Mbps, 1 Gbps link 2, 4, 8, 16
, module ,
. Dynamic link aggregate group IEEE 802.3ad Link Aggregation Control
Protocol(LACP) , link aggregation dynamic aggregate group
Link Aggregation Control Protocol Data Unit(LACPDU)
.
Link aggregation group
MAC address . Load balancing link
link aggregation group ingress side . Load
balancing source, destination MAC address hash coding
.
Dynamic aggregate group OmniSwitch 7700/7800 OmniSwitch 7700/7800
OmniCORE 5010/5022/5052 . IEEE 802.3ad LACP
.

51

8 Configuring IP
Configuration IP Forwarding
IP Router Port
vlan
VLAN ID(VID) option VLAN .
vlan vid [enable | disable] [name description]
no vlan vid
vid

VLAN (2-4094) , VLAN VLAN ID .

description

VLAN , 32 . Default VLAN ID.

enable, disable

VLAN , default enable..

vlan port default

aggregate default VLAN .
vlan vid port default {slot/port | link_agg}
vlan vid no port default {slot/port | link_agg}
Vid

VLAN VLAN ID (1-4094).

slot/port

Module module ,
(e.g. 2/1-12 3/1-10 4/5-15)

link_agg

VLAN link aggregate ID (0-31).

vlan router ip
VLAN IP router port . IP router port IP router
port VLAN . router port VLAN
VLAN .
vlan vid router ip ip_address [[mask] subnet_mask] [forward | no forward]
vlan vid no router ip

52

Vid

IP address VLAN ID (1-4094).

ip_address

IP router port IP address .

subnet_mask

Class A, B, C subnet mask , default IP address class.

forward,
forward

no subnet IP , default forward.

link_agg

VLAN link aggregate ID (0-31).

Creating an IP Router Port

IP VLAN
Layer 2 . Alcatel default VLAN
1 . default VLAN , module
module VLAN 1 . VLAN
, broadcast domain
.
VLAN VLAN inactive
. active active . Active
VLAN .
VLAN VLAN router port .
router port IP forwarding .
1. VLAN VLAN 1 VLAN 2 .
-> vlan 1 name VLAN 1
-> vlan 2 name VLAN 2
2. VLAN active .
-> vlan 1 port default 1/1
-> vlan 2 port default 1/2
3. VLAN IP router port .
-> vlan 1 router ip 171.10.1.1
-> vlan 2 router ip 171.11.1.1

Static Route
ip static-route
IP static route . static route dynamic routing
protocol route . Metric route
static route .

53

ip static-route ip_network [mask mask] gateway gateway [metric metric]

no ip static-route ip_network [mask mask] gateway ip_address [metric metric]

ip_network

Static route destination IP network.

mask

Destination IP network subnet mask , class mask

.

gateway

Destination IP network next hop IP address.

metric

Static route RIP metric cost(hop count). Metric static route

, metric . 1-15 ,
default 1.

link_agg

VLAN link aggregate ID (0-31).

Creating a Static Route

Static route .
->
->
->
->

ip static-route 171.11.0.0 gateway 171.11.2.1

ip static-route 10.255.11.0 mask 255.255.255.0 gateway 171.11.2.1
ip static-route 10.255.11.0 mask 255.255.255.0 gateway 171.11.2.1 metric 5
no ip static-route 171.11.0.0 gateway 171.11.2.1

Creating a Default Route

ip static-route default route . 0.0.0.0 destination IP network
(default route), 0.0.0.0 subnet mask next hop(gateway) IP address .
-> ip static-route 0.0.0.0 mask 0.0.0.0 gateway 171.11.2.1

Configuring Address Translation Protocol(ARP)

ARP Table
arp
ARP table .
arp ip_address hardware_address
no arp ip_address

54

ip_address

ARP table IP address.

hardware_address

MAC address(e.g. 00:00:39:59:F1:0C).

clear arp-cache
ARP table dynamic entry . ARP table
no arp .
clear arp-cache

arp timeout
ARP table .
, entry table .
arp timeout seconds
seconds

ARP table entry , 1-1200 .

Default 300.

Adding a Permanent Entry to the ARP Table

-> arp 171.11.1.1 00:05:02:c0:7f:11
-> no arp 171.11.1.1

Managing IP
PING
ping {ip_address | hostname} [count count] [size packet_size] [interval seconds] [timeout
seconds]
ip_address,
hostname

PING IP address, DNS name.

count

, default 6 .

packet_size

PING packet size , byte . 1-60000Byte

, default 64Byte.

interval seconds

ICMP packet , default 1 .

timeout seconds

, default 5 .

55

traceroute
destination IP packet .
traceroute {ip_address | hostname} [max-hop max_hop_count]
ip_address, hostname IP address, DNS name.

max_hop_count

hop count.

Using the Ping Command

-> ping 10.255.11.242
PING 10.255.11.242: 56 data bytes
64 bytes from 10.255.11.242: icmp_seq=0. time=0. ms
64 bytes from 10.255.11.242: icmp_seq=1. time=0. ms
64 bytes from 10.255.11.242: icmp_seq=2. time=0. ms
64 bytes from 10.255.11.242: icmp_seq=3. time=0. ms
64 bytes from 10.255.11.242: icmp_seq=4. time=0. ms
64 bytes from 10.255.11.242: icmp_seq=5. time=0. ms
----10.255.11.242 PING Statistics---6 packets transmitted, 6 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/0/0
-> ping 172.22.2.115 count 2 size 32 interval 2 timeout 10

Tracing an IP Route
-> traceroute 128.251.17.224
traceroute to 128.251.17.224, 30 hops max, 40 byte packets
1 10.255.11.254 0 ms 0 ms 0 ms
2 172.23.0.251 0 ms 16.6667 ms 0 ms
3 128.251.14.253 0 ms 0 ms 0 ms
4 128.251.17.224 0 ms 0 ms 0 ms
-> traceroute 128.251.17.224 max-hop 3
traceroute to 128.251.17.224, 3 hops max, 40 byte packets
1 10.255.11.254 0 ms 0 ms 0 ms
2 172.23.0.251 16.6667 ms 0 ms 0 ms
3 128.251.14.253 0 ms 0 ms 0 ms

56

Verifying the IP Configuration

Show ip interface IP .
show ip interface [emp | vlan vlan_id]
-> show ip interface
Total 3 interfaces
Name
IP Address
Subnet Mask
Type
Status Forward
---------+---------------+---------------+--------+--------+---------EMP
23.23.23.23
255.0.0.0
ETH_II UP
NO
loopback 127.0.0.1
255.0.0.0
ETH_II UP
NO
vlan 1 10.255.11.223 255.255.255.0 ETH_II UP
YES
-> show ip interface vlan 1
vlan 1
Link type
= ETH_II,
Link status
= UP,
SNMP interface index
= 13600001,
Administrative status
= ENABLED,
Operational status
= ACTIVATED,
Enable trap
= NO,
Internet address
= 10.255.11.223,
Broadcast address
= 10.255.11.255,
Subnet mask
= 255.255.255.0,
Hardware address
= 00:d0:95:6a:f3:18,
Vrrp MAC
= 00:00:00:00:00:00,
Auth MAC
= 00:00:00:00:00:00,
Maximum Transfer Unit (MTU) = 1500,
Packets received
= 2160584,
Packets sent
= 582187,
Bytes received
= 150043848,
Bytes sent
= 131200820,
Multicast packets received
= 135787,
Multicast packets sent
= 0,
Broadcast packets received
= 1565122,
Broadcast packets sent
= 851,
Input errors
= 0,
Output errors
= 0,
Collisions
= 0,
Dropped
=0

IP Forwarding Table show ip route .

show ip route

57

-> show ip route

Dest Address
Subnet Mask
Gateway Addr
Age
Protocol
------------------+-----------------+-----------------+---------+----------0.0.0.0
0.0.0.0
10.255.11.254
2d 4h NETMGT
10.255.11.0
255.255.255.0
10.255.11.223
2d 4h LOCAL
23.0.0.0
255.0.0.0
23.23.23.23
2d 4h LOCAL
127.0.0.1
255.255.255.255 127.0.0.1
2d 4h LOCAL
172.17.1.10
255.255.255.255 10.255.11.225
1d 5h NETMGT

show arp ARP table . ARP table IP address list IP

address MAC address .
show arp [ip_address | hardware_address]
-> show arp
Total 8 arp entries
Flags (P=Proxy, A=Authentication, V=VRRP)
IP Addr
Hardware Addr
Type
Flags Port
-----------------+-------------------+----------+-------+--------+---------10.255.11.59
00:50:04:b2:c9:ee DYNAMIC
10.255.11.48
00:50:04:b2:ca:11 DYNAMIC
10.255.11.201
00:10:83:03:e7:e4 DYNAMIC
10.255.11.14
00:10:5a:04:19:a7 DYNAMIC
10.255.11.64
00:b0:d0:62:fa:f1 DYNAMIC
10.255.11.25
00:b0:d0:42:80:24 DYNAMIC
10.255.11.26
00:b0:d0:42:82:59 DYNAMIC
10.255.11.254
00:20:da:db:00:47 DYNAMIC

Interface
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1
3/20 vlan 1

show ip config,
show icmp statistics,
show tcp statistics,
show tcp port, show
udp statistics,
show udp port IP .

58

9 Configuring RIP
RIP Routing
ip load rip
RIP load . , RIP load .
ip load rip
RIP boot.cfg . boot.cfg
RIP reboot .

ip rip status
RIP enable/disable .
ip rip status {enable | disable}

ip rip interface
RIP . RIP enable VLAN IP router port
RIP enable .
ip rip interface ip_address
no ip rip interface ip_address

ip rip interface status

RIP enable/disable . RIP disable
enable .
ip rip interface ip_address status {enable | disable}

RIP Routing Option

ip rip interface send-version
RIP .
ip rip interface ip_address send-version {none | v1 | v1compatible | v2}

59

ip_address

RIP IP address.

none

RIP .

v1, v2

v1, v2 RIP ,
default v2.

v1compatible

RIP v2 .

ip rip interface recv-version

RIP .
ip rip interface ip_address recv-version {none | v1 | v2 | both}
ip_address

RIP IP address.

none

RIP .

v1, v2

v1, v2 RIP .

both

RIP v1, v2 , default both.

ip rip interface metric

metric cost . Metric
. RIP metric ,
metric cost route metric .
ip rip interface ip_address metric value
ip_address

RIP IP address.

value

1-15 Metric , default 1.

ip rip force-holddowntimer
RIP route holddown .
route RIP . route 180
, route holddown (holddown timer)
.
ip rip force-holddowntimer seconds
seconds

60

Holddown timer , 0-120 . Default 120 .

Configuring RIP Routing

VLAN , 4 .
1. VLAN VLAN 1 VLAN 2 .
-> vlan 1 name VLAN 1
-> vlan 2 name VLAN 2
2. VLAN .
-> vlan 1 port default 1/1
-> vlan 2 port default 1/2
3. VLAN IP router port .
-> vlan 1 router ip 171.10.1.1
-> vlan 2 router ip 171.11.1.1
4. RIP load .
-> ip load rip
5. RIP enable .
-> ip rip status enable
6. VLAN RIP .
-> ip rip interface 171.10.1.1
-> ip rip interface 171.11.1.1
7. RIP enable .
-> ip rip interface 171.10.1.1 status enable
-> ip rip interface 171.11.1.1 status enable

RIP Redistribution
ip rip redist status
OSPF, BGP, static, local route route redistribution enable/disable
.
ip rip redist status {enable | disable}

61

ip rip redist
RIP redistribution route .
ip rip redist {local | static | ospf | bgp}
no ip rip redist {local | static | ospf | bgp}

ip rip redist-filter
RIP redistribution filter . Redistribution route route
filter redistribution . filter destination
redistribution .
ip rip redist-filter {local | static | ospf | bgp} ip_network ip_mask
no ip rip redist-filter {local | static | ospf | bgp} ip_network ip_mask
ip_network

Redistribution route destination IP network.

ip_mask

IP network subnet mask.

RIP redistribution enable filter

RIP routing table load .

ip rip redist-filter effect

RIP route redistribution filter . route
filter (permit) , subnet (deny)
.
ip rip redist-filter {local | static | ospf | bgp} ip_network ip_mask effect {permit | deny}
ip_network, ip_mask

Redistribution route destination IP network subnet mask.

permit, deny

Redistribution , .

Configuring RIP Redistribution

1. RIP redistribution enable .
-> ip rip redist status enable
2. RIP redistribution .
-> ip rip redist ospf

62

3. RIP redistribution filter .

-> ip rip redist-filter ospf 10.0.0.0 255.0.0.0
-> ip rip redist-filter ospf 172.22.0.0 255.255.0.0 effect permit
-> ip rip redist-filter ospf 172.22.3.0 255.255.255.0 effect deny
Network/subnet mask 0.0.0.0 0.0.0.0 route route
redistribution .

Verifying the RIP Routing

show ip rip RIP .
show ip rip
-> show ip rip
Status = Enabled
Host Route Support = Disabled
Redistribution status = Disabled
Route Tag = 0
Hold Down Timer = 40
Log level = 0

RIP show ip rip routes .

RIP route .
show ip rip routes [ip_address ip_mask]
-> show ip rip routes
Destination
Mask
Gateway
Metric
-----------------------------------------------------11.0.0.0
255.0.0.0
11.11.11.1
1
11.11.11.0
255.255.255.0 11.11.11.1
1
12.0.0.0
255.0.0.0
12.12.12.1
1
12.12.12.0
255.255.255.0 12.12.12.1
1

show ip rip interface RIP .

show ip rip interface [ip_address]
-> show ip rip interface 11.11.11.1
Interface IP Address
= 11.11.11.1/24
Interface IP Broadcast Address
= 11.11.11.255
IP Interface Number (VLANId)
=4
IP Interface Status
= Up
Interface Config AuthType
= None
Interface Config AuthKey
=
Interface Config Send-Version
= v2

63

Interface Config Receive-Version

= both
Interface Config Default Metric
=1
RIP Config Status
= Active
Received Bad Packets
=0
Received Bad Routes
=0
Sent Updates
=8

RIP neighbor(peer) show ip rip peer .

neighbor 180 RIP .
show ip rip peer [ip_address]
-> show ip rip peer
Total Bad
Bad xxxxxxxxxx Secs since
IP Address Recvd Packets Routes Version last update
----------------+------+-------+------+-------+----------100.10.10.1
1
0
0
2
3

show ip rip redist RIP redistribution .

show ip rip redist [local] [static] [ospf] [bgp]
-> show ip rip redist
Status: ACT - Active

NIS - Not In Service

Protocol
Metric
Route-Tag Status
-------------+-----------+----------+-----BGP
1
0
ACT
OSPF
4
0
ACT

show ip rip redist-filter RIP redistribution filter .

show ip rip redist-filter [local] [static] [ospf] [bgp]
-> show ip rip redist-filter
Control:
Permit:
Status:

All-Sub - All Subnets No-Sub - No Subnets Aggreg - Aggregate

Perm - Permit
Deny - Deny
ACT
- Active
NIS - Not In Service

Proto Destination
Control Permit Metric Tag Status
-------+--------------------+-------+------+------+-----+-----OSPF 100.1.2.3/16
All-Sub Perm 0
0 ACT
BGP
100.121.122.131/24 All-Sub Perm 0
0 ACT

64

10 Configuring UDP Relay

UDP Relay
ip helper address
DHCP server IP address . UDP Relay address BOOTP/
DHCP .
ip helper address ip_address
ip helper no address [ip_address]
ip_address

DHCP server IP address. relay 8 address .

ip helper forward delay

UDP Relay forward delay .
ip helper forward delay seconds
seconds

Forward delay (1-65535) , default 3 .

ip helper maximum hops

UDP Relay hop . BOOTP/DHCP
. hop
loop .
ip helper maximum hops hops
hops

relay (1-16) , default 4 hop.

Enabling BOOTP/DHCP Relay

UDP Relay address BOOTP/DHCP .
DHCP , IP address .
relay 8 address .
-> ip helper address 125.255.17.11
-> no ip helper address 125.255.17.11

65

Forward delay UDP relay address DHCP

. delay local client
. Client UDP elapsed boot time . client boot
. UDP Relay client elapsed boot time forward delay time
. forward delay time
elapsed boot time , UDP Relay .
-> ip helper forward delay 10
Maximum hop loop . UDP hop
hop count UDP Realy .
-> ip helper maximum hops 4

Verifying the UDP Relay Configuration

UDP Relay show ip helper .
show ip helper
-> show ip helper
Forward Delay(seconds) = 3,
Max number of hops
= 4,
Forward option
= standard
Forwarding Address:
1.1.1.1
21.2.2.10
172.19.4.1

show ip helper stats UDP relay , forward delay hop

drop .
UDP Relay ip helper no stats .
show ip helper stats
ip helper no stats
-> show ip helper stats
Global Statistics :
Reception From Client :
Total Count =
200, Delta =
Forw Delay Violation :
Total Count =
0, Delta =
Max Hops Violation :
Total Count =
0, Delta =
Server Specific Statistics :
Server 2.2.2.1
Tx Server :
Total Count =
0, Delta =
Server 3.3.3.1
Tx Server :
Total Count =
0, Delta =

66

0,
0,
0,

0
0

11 Configuring VRRP
Configuring VRRP
Definition of a Virtual Router
, LAN VRRP .
.
Master Down Interval = (3 * Advertisement Interval) + Skew Time
Advertisement Interval VRRP , Skew Time VRRP
.
Skew Time = (256 - Priority) / 256

VRRP MAC Addresses

virtual VRRP
ARP VRRP MAC address
source MAC address . address
.
00-00-5E-00-01-[virtual router ID]
VRRP MAC address 255 .

vrrp
VRRP virtual .
vrrp vrid vlan_id [enable | disable | on | off] [priority priority] [preempt | no preempt]
[[advertising] interval seconds] [authenticate password | no authenticate]
no vrrp vrid vlan_id
vrid

Virtual ID , 1-255 .

vlan_id

Virtual VLAN .

enable|disable
(on|off)

Virtual enable disable, virtual IP address

enable . Default disable.

priority

virtual , 1-255
virtual IP 255 . Default 100.

preempt|
no preempt

. Default preempt.

67

seconds

VRRP , VRID
. Defaut 1 .

password

VRRP 16 password , VRID

VRRP .

no authenticate

VRRP . virtual enable ,

VRID VRRP enable .

vrrp ip
Virtual IP address .
vrrp vrid vlan_id ip ip_address
vrrp vrid vlan_id no ip ip_address
vrid

Virtual ID , 1-255 .

vlan_id

Virtual VLAN.

ip_address

virtual virtual IP address

Creating a Virtual Router

-> vrrp 23 4
Virtual VRID VLAN ID .
priority, preempt mode, advertising interval, VRRP authentication
.
-> vrrp 24 2 priority 75 no preempt interval 2 authenticate hanatech
VLAN VRID virtual advertising interval
. IP MAC address .
virtual password .

Specifying an IP Address for a Virtual Router

IP address virtual enable .
-> vrrp 23 4 ip 10.10.2.3
-> vrrp 23 4 enable
OmniSwitch 7700/7800 virtual IP address .
OmniSwitch virtual IP address , address virtual
. OmniSwitch virtual IP address

68

VRRP backup , IP address virtual

.
Virtual IP address disable
. advertisement interval, priority, preempt mode, authenticate ,
virtual disable .
-> vrrp 23 4 disable
-> vrrp 23 4 no ip 10.10.2.3

Verifying the VRRP Configuration

virtual virtual show vrrp
.
show vrrp [vrid]
-> show vrrp
VRRP trap generation: Enabled
IP
Admin
Adv
VRID VLAN Address(es) Status
Priority AuthType Preempt Interval
----+ ----+ -------------+----------+----------+----------+--------+--------1
1 192.168.170.1 Enabled
255
SimpleText Yes
1
192.168.170.2
2 15 10.2.25.254
Disabled
100
None
No
1
-> show vrrp 1
Virtual Router VRIP = 1 on VLAN = 1
Admin Status
= Enabled
Priority
= 255
AuthType
= SimpleText
Preempt
=1
Virtual MAC
= 00-00-5E-00-01-01
IP Address(es)
192.168.170.1
192.168.170.2

show vrrp statistics virtual VRRP .

show vrrp [vrid] statistics
-> show vrrp statistics
Checksum Version
VRID
Errors
Errors
Errors
----------+-----------+--------0
0
0
VRID VLAN State
UpTime
Become Master Adv. Rcvd
----+ ----+ -------------+----------+--------------+-----------1
1 master
378890
1
0
2
15 backup
4483
0
64783
7
2 initialize
0
0
0

69

12 Configuring QoS(Bandwidth & NAT)

QoS Specifications
Maximum number of policy rules

256

Maximum number of policy conditions

256

Maximum number of policy actions

256

Maximum number of policy services

128

Maximum number of groups (network, MAC,

service, port)

256

Maximum number of group entries

512 per group

Maximum number of flows

64000

Configuring Global QoS Parameters

Enabling/Disabling QoS
qos
QoS enable disable .
qos {enable | disable}
enable|disable

QoS enable disable. Default enable.

qos apply
QoS, policy setting . .
qos apply
QoS enable . QoS policy ,
, policy action . policy rule policy
rule enable disable .
-> qos disable
-> qos enable
QoS QoS event show qos
config show qos statistics .

70

Creating Policies
policy condition
QoS policy condition . Condition flow
. Condition condition
.
policy condition condition_name
[source ip ip_address [mask netmask]]
[destination ip ip_address [mask netmask]]
[multicast ip ip_address [mask netmask]]
[source network group network_group]
[destination network group network_group]
[multicast network group multicast_group]
[source ip port port]
[destination ip port port]
[service service]
[service group service_group]
[ip protocol protocol]
[tos tos_value tos_mask]
[dscp dscp_value dscp_mask]
[source mac mac_address [mask mac_mask]]
[destination mac mac_address [mask mac_mask]]
[source mac group group_name]
[destination mac group mac_group]
[source vlan vlan_id]
[destination vlan vlan_id]
[802.1p 802.1p_value]
[source port slot/port]
[source port group group_name}
[destination port slot/port]
[destination port group group_name]
[source interface type type]
[destination interface type type]
no policy condition condition_name

condition_name

Condition .

Policy condition policy action policy rule .

condition .

policy action
QoS action . QoS action queue
flow .

71

policy action action_name

[disposition {accept | drop | deny}]
[shared]
[priority priority_value]
[minimum bandwidth bps]
[maximum bandwidth bps]
[maximum depth bytes]
[latency microseconds]
[jitter microseconds]
[tos tos_value]
[802.1p 802.1p_value]
[dcsp dcsp_value]
[map {802.1p | tos | dscp} to {802.1p | tos| dscp} using map_group]
[source rewrite ip ip_address [mask netmask]]
[source rewrite ip network group net_group]
[destination rewrite ip ip_address [mask netmask]]
[destination rewrite network group net_group]
policy no action action_name
action_name

Action .

accept|drop|deny

Default accept.

share

action queue enable. Default not shared.

policy rule
policy rule . Rule condition( ) action(
) .
policy rule rule_name [enable | disable] [precedence precedence] [condition condition] [action
action] [reflexive] [save] [log]
no policy rule rule_name
policy rule rule_name [no reflexive] [no save] [no log]
rule_name

Policy rule .

enable|disable

Policy rule enable disable, default enable.

precedence

condition rule , 0-65535 .

precedence . Default 0.

condition

rule condition .

action

rule action .

reflexive

source, destination IP address port flow , Access

Control List . Default not reflexive.

save

configuration capture policy rule .

log

Policy rule flow log message .

72

QoS Ports
default queue QoS queue queue . Default
queue queue . flow policy rule
queue .
policy flow QoS queue , policy
flow default queue .

qos port
QoS .
qos port slot/port [enable | disable]
[default queues {2 | 4}]
[trusted]
[maximum reserve bandwidth bps]
[maximum signal bandwidth bps]
[maximum default bandwidth bps]
[maximum default depth bytes]
[maximum default buffers max_default_buffers]
[default 802.1p value]
[default dscp value]
slot/port

enable|disable

QoS enable disable. Default enable.

netmask

Destination IP address mask.

Maximum Reserve Bandwidth

policy .
policy action ,
queue event log .
. .
bps , 1k, 2k .
bps , . 1-1024
1K, 1025-2048 2K .
-> qos port 4/1 maximum reserve bandwidth 1000
-> qos port 4/1 maximum reserve bandwidth 1k
Default queue
.
-> qos port 3/1 maximum default bandwidth 10000
-> qos port 3/1 maximum default bandwidth 10k
qos apply .

73

Verifying QoS Ports

QoS show qos port .
show qos port [slot/port]
-> show qos port
Slot/ QoS
Port Act Enabled
1/1 No Yes
1/2 Yes Yes
3/1 Yes Yes
3/2 Yes Yes
3/3 No Yes
3/4 No Yes
3/5 No Yes

Deflt
Queues
Bandwidth
Trust P/DSCP Deflt Tot Physical Reserved
Type
No
0/ 0 4
0
0K 0K/<phy>
ethernet
No
0/ 0 4
0 1.00M 0K/<phy>
ethernet-1G
No
0/
4
0
100K 0K/<phy>
ethernet-100
No
0/
4
0
100K 0K/<phy>
ethernet-100
No
0/
4
0
0K 0K/<phy>
ethernet
No
0/
4
0
0K 0K/<phy>
ethernet
No
0/
4
0
0K 0K/<phy>
ethernet

-> show qos port 3/2

Slot/ QoS
Deflt
Queues
Bandwidth
Port Act Enabled Trust P/DSCP Deflt Tot Physical Reserved
Type
3/2 Yes Yes
No
0/
4
0
100K 0K/<phy>
ethernet-100
show qos queue QoS queue queue
.
show qos queue [slot/port]
-> show qos queue
Slot/
Bandwidth Max Max Packets
Port VPN QID Pri Min Max Bufs Depth Xmit/Drop (Type/Action)
3/1 1 0 0 * * *
*
/
(Default)
3/1 1 2 2 * * *
*
/
(Default)
3/1 1 4 4 * * *
*
/
(Default)
4/1 3 0 0 * * *
*
/
(Default)
4/1 3 32 2 * * *
*
/
(Default)
5/1 33 0 0 62K 62K 128 125K
0/0
(Flood)
-> show qos queue 3/1
Slot/
Bandwidth Max Max Packets
Port VPN QID Pri Min Max Bufs Depth Xmit/Drop (Type/Action)
3/1 1 0 0 * * *
*
/
(Default)
3/1 1 2 2 * * *
*
/
(Default)
3/1 1 4 4 * * *
*
/
(Default)

74

Basic QoS Policies

policy action priority
QoS flow queuing .
policy action action_name priority priority_value
policy action action_name no priority
action_name

Action .

priority_value

Output . 0-7 .

policy action shared

action queue enable . action
queue (are not shared).
policy action action_name shared
policy action action_name no shared

action_name

Action .

policy action minimum bandwidth

Policy action .
.
policy action action_name minimum bandwidth bps
policy action action_name no minimum bandwidth
action_name

Action .

bps

Bit per second , kbps ( 10000, 10k)

. 1000byte , 1 1024byte 1K,
1025 2048byte 2K .

policy action maximum bandwidth

Configures a maximum bandwidth value for a policy action.
policy action action_name maximum bandwidth bps
policy action action_name no maximum bandwidth

75

action_name

Action .

bps

Bit per second , kbps ( 10000, 10k)

. 1000byte , 1 1024byte 1K,
1025 2048byte 2K .

policy action maximum buffers

policy action queue buffer .
policy action action_name maximum buffers max_buffers
policy action action_name no maximum buffers
action_name

Action .

max_buffers

Action name action queue .

, 0 2048
.

Traffic Prioritization Example

IP 10.10.4.0 OmniSwitch 7800 route .

1 policy rule
condition .
condition ip_traffic .
action . action high . Policy rule rule1 condition
action .
-> policy condition ip_traffic source ip 10.10.4.0 mask 255.255.255.0
-> policy action high priority 7
-> policy rule rule1 condition ip_traffic action high
Rule qos apply . Rule ,
10.10.4.0 flow .

76

Bandwidth Shaping Example

source IP address flow queue
. condition . condition ip_traffic2 .
Policy action flowShape flow .
-> policy condition ip_traffic2 source ip 10.10.5.3
-> policy action flowShape maximum bandwidth 1k
-> policy rule rule2 condition traffic2 action flowShape
Rule qos apply . Rule ,
source IP address 10.10.5.3 flow 1k .

Shared Queues Example

queue flow . Flow policy policy action
, queue . queue
queue flow .
flow 5Mbps queue 10Mbps 5Mbps
flow .
Queue , .
802.1Q tag flow queue policy ,
queue . flow 801.1Q tag , flow
VLAN queue .
source IP address policy rule
. Policy rule action . source IP address
condition(net1, net2) . action(act40)
( action queue .) . policy
rule(net1max, net2max) condition act40 .
qos apply .
->
->
->
->
->
->

policy condition net1 source ip 198.60.82.0 mask 255.255.255.0

policy condition net2 source ip 143.209.92.0 mask 255.255.255.0
policy action act4 maximum bandwidth 40m
policy rule net1max condition net1 action act4
policy rule net2max condition net2 action act4
qos apply

flow net1max, net2max , 40Mbps

queue . act40
policy action shared .
-> policy action act4 shared
-> qos apply
Flow net1max, net2max , 40Mbps
queue . Flow queue
, .

77

Network Address Translation

policy condition source ip
Policy condition source IP address .
policy condition condition_name source ip ip_address [mask netmask]
policy condition condition_name no source ip
condition_name

Condition .

ip_address

Layer 3 flow source IP address.

netmask

Source IP address mask.

policy condition destination ip

Policy condition destination IP address .
policy condition condition_name destination ip ip_address [mask netmask]
policy condition condition_name no destination ip
condition_name

Condition .

ip_address

Layer 3 flow destination IP address.

netmask

Destination IP address mask.

policy action source rewrite ip

IP . action outgoing flow source IP
address . source address condition flow source
IP address .
policy action action_name source rewrite ip ip_address [mask netmask]
policy action action_name no source rewrite ip
action_name

Action .

ip_address

Flow outgoing source IP address IP address.

netmask

IP address network mask.

78

policy action source rewrite network group

IP . action outgoing flow source
network group . Action policy rule , source rewrite network group
address condition source IP address .
policy action action_name source rewrite network group network_group
policy action action_name no source rewrite network group
action_name

Action .

network_group

Policy network group network group .

policy action destination rewrite ip

IP . action outgoing flow destination
IP address . destination address condition flow
destination IP address .
policy action action_name destination rewrite ip ip_address [mask netmask]
policy action action_name no destination rewrite ip
action_name

Action .

ip_address

Flow outgoing destination IP address IP address.

netmask

IP address network mask.

policy action destination rewrite network group

IP . action outgoing flow destination
network group . Action policy rule , destination rewrite network
group address condition destination network group destination IP address
.
policy action action_name destination rewrite network group network_group
policy action action_name no destination rewrite network group
action_name

Action .

network_group

Policy network group network group .

79

policy network group

Network group name IP address . group policy condition
. Condition policy action network group
member .
policy network group net_group ip_address1 [mask net_mask1] [ip_address2 [mask
net_mask2]...]
no policy network group net_group
policy network group net_group no ip_address [mask netmask] [ip_address2 [mask
net_mask2]...]
net_group

Network group ( 31 ).

ip_address1

Network group IP address.

net_mask

IP address mask.

ip_address2

Network group IP address(option). Network group IP

address .

net_mask

IP address mask.

policy rule
policy rule . Rule condition(incoming ) action
(outgoing ) .
policy rule rule_name [enable | disable] [condition condition] [action action]
no policy rule rule_name
rule_name

Policy rule .

enable|disable

Policy rule enable disable. Default enable.

condition

Rule condition .

action

Rule action .

80

Basic Network Address Translation

Destination rewrite network group destination rewrite IP address action
. Source rewrite network group source rewrite IP address
.
IP (priority, bandwidth shaping ) , source
and destination rewrite action . Network Address
Translation(NAT) , rewrite group IP address
proxy ARP server .

Static Address Translation

Single Address Example
Static address IP address IP address
. IP address , workstation
, address workstation
static address policy .

1 Destination address policy rule .

-> policy condition cond4 destination ip 128.110.124.120
-> policy action action2 destination rewrite ip 155.100.39.163
-> policy rule trans_rule1 condition cond4 action action2
Destination address 128.110.124.120 ,
destination address 155.100.39.163 .
2 Source address rule .
-> policy condition cond5 source ip 155.100.39.163
-> policy action action3 source rewrite ip 128.110.124.120
-> policy rule trans_rule2 condition cond5 action action2
Source IP address 155.100.39.163 , source
address 128.110.124.120 .
3 rule qos apply .

81

Subnet to Subnet Example

IP address (subnet) address group
. private 10.0.1.0 ISP public
198.60.82.0 private . address IP address
address . condition address policy action
address .

1 , 198.60.82.0 incoming policy

rule .
-> policy condition cond6 destination ip 198.60.82.0 mask 255.255.255.0
-> policy action act6 destination rewrite ip 10.0.1.0 mask 255.255.255.0
-> policy rule incoming cond6 action act6
2 outgoing rule .
-> policy condition cond7 source ip 10.0.1.0 mask 255.255.255.0
-> policy action act7 source rewrite ip 198.60.82.0 mask 255.255.255.0
-> policy rule outgoing condition cond7 action act7
3 rule qos apply .

Dynamic Address Translation

static address address dynamic address
.

82

Dynamic address policy rule . address

condition , address address action .
TCP/UDP private IP address ,
mapping , Flow rule .
NAT rule .
-> policy condition internal source ip 10.0.0.0 mask 255.0.0.0
-> policy action external source rewrite ip 143.209.92.42
-> policy rule nat condition internal action external
Policy NAT source address 10.0.0.0 internet address
143.209.92.42 . 10.0.0.0 dynamic TCP/
UDP IP address .
rule qos apply .

Verifying Basic QoS Policies & NAT

policy condition action show policy
condition show policy action .
show [applied] policy condition [condition_name]
show [applied] policy action [action_name]
-> show policy condition
Condition Name:
From
Src
->
Dest
pgroup1
cli
*IP
:
Any
->
198.60.82.0/255.255.255.0
+c4
cli
*IP
: 10.11.2.0/255/255/255.0
->
Any
*TCP :
Any
->
600

show policy rule policy rule policy

rule .
show [applied] policy rule [rule_name]
-> show policy rule
Policy
my_rule
Cnd/Act:
+my_rule5
Cnd/Act:

From Prec Enab Inact Refl Log Save

cli 0 Yes Yes No No Yes
cond5 -> action2
cli 0 Yes No
cond2 -> pri2

No

No Yes

active(enable) policy rule show active

policy rule .

83

13 Diagnosing Switch Problems

Port Mirroring
port mirroring
enable, disable .
[no] port mirroring {port_mirror_sessionid} {enable | disable}
port_mirror_sessionid

enable|disable

enable disable, disable.

port mirroring source destination

source destination ,
enable, disable .
port mirroring {port_mirror_sessionid} source slot/port destination slot/port [unblocked vlan_id]
[enable | disable]
port_mirror_sessionid

slot/port

enable|disable

enable disable, disable.

, source(mirrored) destination(mirroring)
VLAN . ( ) destination
source .
.
source .
destination disable
.

Quick Steps for Configuring Port Mirroring

1 . ID, source destination , unblocked
VLAN ID( VLAN RMON probe source
, STP VLAN unblock
.) .
-> port mirroring 6 source 2/3 destination 6/4 unblocked 750

84

2 enable .
-> port mirroring 6 enable
3 disable ( enable
. disable .)
.
-> port mirroring 6 disable
-> no port mirroring 6

Verifying Port Mirroring

show port mirroring status .
show port mirroring status {port_mirror_sessionid}
-> show port mirroring status 6
+---------+----------+----------+----------+------------+
Session Mirrored Mirroring Mirroring Mirroring
slot/port slot/port Vlan
Status
+---------+----------+----------+----------+------------+
6.
1/14
1/16
5
OFF

85

Switch Health
health threshold
Input , input/output , , CPU .
, Health Monitoring NMS trap .
health threshold [{rx | txrx | memory | cpu} percentage | temperature degrees]
rx | txrx |
memory | cpu

Input , input/output , memory, CPU .

percent(0-100) , 80%.

degrees

(Celsius ) . 50.

health interval
Health .
health interval seconds
seconds

( ). 1, 2, 3, 4, 5, 6, 10, 12, 15, 20, 30 ,

5 .

Quick Steps for Configuring Switch Health

1 Health .
-> show health threshold
2 .
Rx Threshold = 80
TxRx Threshold = 80
Memory Threshold = 80
CPU Threshold = 80
Temperature Threshold = 50
3 . health
.
-> health threshold memory 85
-> health statistics reset

86

Verifying Port Mirroring

health show health .
show health [slot/port] [statistics]
-> show health
* - current value exceeds threshold
Device
1 Min 1 Hr 1 Hr
Resources
Limit Curr Avg Avg Max
----------------+-------+-----+------+-----+-----+------Receive
80 01
01 01 01
Transmit/Receive
80 01
01 01 01
Memory
80 66
66 66 66
CPU
80 41
40 32 30
Temperature Cmm
50 33
33 33 33
Temperature Cmm Cpu
50 32
32 32 32
-> show health 4/3
* - current value exceeds threshold
Port 04/03
1 Min 1 Hr 1 Hr
Resources
Limit Curr Avg Avg Max
----------------+-------+-----+-------+-----+------Receive
80 01
01 01 01
Transmit/Receive
80 01
01 01 01

health show health threshold ,

show health threshold [rx | txrx | memory | cpu | temperature]
health show health interval .

87

Monitoring Memory
debug memory monitor
Memory enable disable .
debug memory monitor {enable | disable}
enable | disable

Memory enable disable, disable.

debug memory monitor show log

Memory log .
debug memory monitor show log [global | task | size]

Quick Steps for Configuring Switch Health

1 Memory enable . disable .
-> debug memory monitor enable
2 Memory log .
-> debug memory monitor show log
Task
Memory Memory Addr of OS func Calling Previous
Name Comments Addr Size OS call Called Function Caller
---------+--------+-------+------+---------+---------+----------+-----------tssApp_2* TCB Stac 00ca1550 20680 0013a180 objAllocEx taskSpawn ssAppChild
tssApp_2* Vx B Sem 02317ca8 28 001374d0 objAlloc pipe
ssAppChild
tssApp_2* Vx B Sem 02317f78 28 001374d0 objAlloc pipe
ssAppChild
tssApp_2*
0107be78 5121 0012cfc8 malloc
pipe
ssAppChild
tssApp_2*
023182b0 16 0012cfa8 malloc pipe
ssAppChild
tssApp_2*
024fdc90 9
00105fb0 malloc
pipe
ssAppChild
tssApp_2*
016d6548 288 000af228 malloc ssAppChild mip_msg_qu
CliShell0 Vx C Sem 035fe590 28 0011f038 semCCreate zcSelect mip_msg_do
3 memory monitor show log task .

88