To reduce the risk of being attacked by malicious users against opened socket and enhance switch
security, the Switch 4500 series Ethernet switches provide the following functions, so that a cluster
socket is opened only when it is needed:
z
Opening UDP port 40000 (used for cluster) only when the cluster function is implemented,
z
Closing UDP port 40000 at the same time when the cluster function is closed.
On member devices, the preceding functions are implemented as follows:
z
When you execute the
add-member
command on the management device to add a candidate
device to a cluster, the candidate device changes to a member device and its UDP port 40000 is
opened at the same time.
z
When you execute the
auto-build
command on the management device to have the system
automatically add candidate devices to a cluster, the candidate devices change to member devices
and their UDP port 40000 is opened at the same time.
z
When you execute the
administrator-address
command on a device, the device's UDP port
40000 is opened at the same time.
z
When you execute the
delete-member
command on the management device to remove a
member device from a cluster, the member device's UDP port 40000 is closed at the same time.
z
When you execute the
undo build
command on the management device to remove a cluster, UDP
port 40000 of all the member devices in the cluster is closed at the same time.
z
When you execute the
undo administrator-address
command on a member device, UDP port
40000 of the member device is closed at the same time.
Enabling NDP globally and on specific ports
Follow these steps to enable NDP globally and on specific ports:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable NDP globally
ndp enable
Required
In system view
ndp enable interface
port-list
Enter Ethernet
port view
interface interface-type
interface-number
Enable
NDP on
specified
ports
In
Ethernet
port view
Enable NDP on
the port
ndp enable
Required
Use either
approach.
Enabling NTDP globally and on a specific port
Follow these steps to enable NTDP globally and a specific port:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable NTDP globally
ntdp enable
Required
48-15