Sun Microsystems Sun Fire B1600 Administration, Administration Manual

Page 1: ...4150 Network Circle Santa Clara CA 95054 U S A 650 960 1300 Send comments about this document to docfeedback sun com Sun FireTM B1600 Blade System Chassis Switch Administration Guide Part No 817 2576 10 June 2003 Revision A ...

Page 2: ...HAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID Copyright 2003 Sun Microsystems Inc 4150 Network Circle Santa Clara California 95054 Etats Unis Tous droits réservés Sun Microsystems Inc a les droits de propriété intellectuels relatants à la technologie incorporée dans le produit qui est décrit dans ce document En particulier et sans la limitation ces droits de propriété intellectuels peuvent i...

Page 3: ...laris Sun Fire et le logo 100 Pure Java sont des marques de fabrique ou des marques déposées de Sun Microsystems Inc aux Etats Unis et dans d autres pays Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques déposées de SPARC International Inc aux Etats Unis et dans d autres pays Les produits protant les marques SPARC sont basés sur une architecture dé...

Page 4: ......

Page 5: ... 1 Up link Ports 1 3 1 2 1 2 Internal Ports 1 4 1 2 2 Status LEDs 1 5 1 3 Features of the Switch 1 6 1 4 Switch Default Settings 1 9 2 Initial Configuration 2 1 2 1 Connecting to the Switch Interface 2 2 2 1 1 Configuration Options 2 2 2 1 1 1 Configuring the Switch Through the Built in Switch Interfaces 2 2 2 2 Enabling SNMP Management Access 2 3 2 2 1 Community Strings 2 3 2 2 2 Trap Receivers 2...

Page 6: ...3 2 1 3 MIB Variables Identification Details 3 11 3 2 2 Setting the IP Address 3 12 3 2 2 1 Manual Configuration 3 13 3 2 2 2 Using DHCP BOOTP 3 16 3 2 3 Displaying Switch Software Versions 3 18 3 2 3 1 Web Interface Displaying Switch Software Version Information 3 18 3 2 3 2 Comand line Interface Displaying Switch Software Version Information 3 19 3 2 3 3 MIB Variables Associated With Software Ve...

Page 7: ...on 3 54 3 3 2 1 Configuring IGMP Snooping Parameters 3 55 3 3 2 2 Specifying Interfaces Connected to Multicast Routers 3 59 3 3 2 3 Configuring Multicast Services 3 64 3 3 3 Broadcast Storm Control Global Setting 3 67 3 3 3 1 Web Interface Using Broadcast Storm Control 3 67 3 3 3 2 Command line Interface Using Broadcast Storm Control 3 68 3 3 4 Spanning Tree Algorithm Configuration 3 70 3 3 4 1 Co...

Page 8: ...ring Interface Connections 3 105 3 4 3 Configuring Aggregated Links 3 107 3 4 3 1 Dynamically Configuring an Aggregated Link with LACP 3 108 3 4 3 2 Statically Configuring an Aggregated Link 3 111 3 4 4 Configuring VLAN Behavior for Interfaces 3 114 3 4 4 1 Web Interface Configuring VLAN Behavior for Interfaces 3 115 3 4 4 2 Command line Interface Configuring VLAN Behavior for Interfaces 3 117 3 4...

Page 9: ... Port Mirroring 3 139 3 5 1 1 Web Interface Configuring Port Mirroring 3 139 3 5 1 2 Command line Interface Configuring Port Mirroring 3 140 3 5 1 3 MIB Variables Associated With Port Mirroring 3 141 3 5 2 Showing Port Statistics 3 141 3 5 2 1 Web Interface Viewing Port Statistics 3 145 3 5 2 2 Command line Interface Viewing Port Statistics 3 147 3 5 2 3 MIB Variables Associated With Port Statisti...

Page 10: ...iation 4 5 4 1 2 3 Command Completion 4 5 4 1 2 4 Getting Help on Commands 4 5 4 1 2 5 Showing Commands 4 6 4 1 2 6 Partial Keyword Lookup 4 7 4 1 2 7 Negating the Effect of Commands 4 7 4 1 2 8 Using Command History 4 7 4 1 2 9 Understanding Command Modes 4 7 4 1 2 10 Exec Commands 4 8 4 1 2 11 Configuration Commands 4 9 4 1 2 12 Command Line Processing 4 10 4 2 Command Groups 4 11 4 3 Detailed C...

Page 11: ... password 4 30 4 3 3 4 ip http port 4 31 4 3 3 5 ip http server 4 32 4 3 3 6 jumbo frame 4 33 4 3 3 7 logging on 4 34 4 3 3 8 logging history 4 35 4 3 3 9 clear logging 4 36 4 3 3 10 show logging 4 37 4 3 3 11 show startup config 4 38 4 3 3 12 show running config 4 40 4 3 3 13 show system 4 42 4 3 3 14 show users 4 44 4 3 3 15 show version 4 44 4 3 4 Authentication Commands 4 45 4 3 4 1 authentica...

Page 12: ... 5 SNMP Commands 4 54 4 3 5 1 snmp server community 4 55 4 3 5 2 snmp server contact 4 56 4 3 5 3 snmp server location 4 57 4 3 5 4 snmp server host 4 57 4 3 5 5 snmp server enable traps 4 59 4 3 5 6 show snmp 4 60 4 3 6 Line Commands 4 62 4 3 6 1 line 4 62 4 3 6 2 login 4 63 4 3 6 3 password 4 64 4 3 6 4 exec timeout 4 66 4 3 6 5 password thresh 4 66 4 3 6 6 silent time 4 67 4 3 6 7 show line 4 6...

Page 13: ...witchport broadcast packet rate 4 91 4 3 8 9 clear counters 4 93 4 3 8 10 show interfaces status 4 93 4 3 8 11 show interfaces counters 4 95 4 3 8 12 show interfaces switchport 4 96 4 3 9 Address Table Commands 4 98 4 3 9 1 mac address table static 4 99 4 3 9 2 clear mac address table dynamic 4 100 4 3 9 3 show mac address table 4 100 4 3 9 4 mac address table aging time 4 101 4 3 9 5 show mac add...

Page 14: ...ree edge port 4 115 4 3 11 12 spanning tree protocol migration 4 116 4 3 11 13 spanning tree link type 4 117 4 3 11 14 show spanning tree 4 118 4 3 12 VLAN Commands 4 120 4 3 12 1 vlan database 4 121 4 3 12 2 vlan 4 121 4 3 12 3 interface vlan 4 123 4 3 12 4 switchport mode 4 123 4 3 12 5 switchport acceptable frame types 4 124 4 3 12 6 switchport ingress filtering 4 125 4 3 12 7 switchport native...

Page 15: ... ip igmp snooping query max response time 4 146 4 3 14 10 ip igmp snooping router port expire time 4 147 4 3 14 11 ip igmp snooping vlan mrouter 4 148 4 3 14 12 show ip igmp snooping mrouter 4 149 4 3 15 Priority Commands 4 150 4 3 15 1 switchport priority default 4 151 4 3 15 2 queue bandwidth 4 152 4 3 15 3 queue cos map 4 153 4 3 15 4 show queue bandwidth 4 155 4 3 15 5 show queue cos map 4 156...

Page 16: ...Bs A 2 A 2 Supported Traps A 3 B Troubleshooting B 1 B 1 Diagnosing Switch Indicators B 2 B 2 Diagnosing Port Connections B 2 B 3 Accessing the Management Interface B 2 B 4 Using System Logs B 4 B 4 1 Log Messages B 4 B 5 Error Messages B 5 B 5 1 Command Line Error Detection B 5 B 5 2 System Errors B 6 B 5 3 Command Line Errors B 6 B 5 4 Web Interface Errors B 9 C Specifications C 1 C 1 Switch Arc...

Page 17: ...Contents xvii Glossary Glossary 1 Index Index 1 ...

Page 18: ...xviii Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 ...

Page 19: ...hassis The manual assumes a working knowledge of local area network operations and familiarity with networking protocols Before You Read This Book Before you start configuring the switch Install your system chassis by following the instructions in the Sun Fire B1600 Blade System Chassis Hardware Installation Guide and the Sun Fire B1600 Blade System Chassis Software Setup Guide How This Book Is Or...

Page 20: ...onsole interface commands and parameters Appendix A lists the Management Information Bases MIB and traps supported by this switch Appendix B provides basic troubleshooting information including how to interpret the system and port LEDs how to solve problems that might prevent you from accessing the management interface and how to use the system logs Appendix C provides detailed specifications of t...

Page 21: ...uter output enable Password AaBbCc123 Book titles new words or terms words to be emphasized Replace command line variables with real names or values Read Chapter 6 in the Sun Fire B1600 Installation and Maintenance Guide These are called class options You must be an administrator to do this To delete a file type del filename Application Title Part Number Installation Sun Fire B1600 Blade System Ch...

Page 22: ...t go to http www sun com service contacting Sun Welcomes Your Comments Sun is interested in improving its documentation and welcomes your comments and suggestions You can submit your comments by going to http www sun com hwdocs feedback Please include the title and part number of your document with your feedback Sun Fire B1600 Blade System Chassis Switch Administration Guide part number 816 3365 0...

Page 23: ...l full duplex Gigabit ports on this switch provide high capacity connectivity within the chassis while the eight external full duplex Gigabit ports connect to the wider network This chapter contains the following sections Section 1 1 Overview on page 1 2 Section 1 2 Description of Hardware on page 1 3 Section 1 3 Features of the Switch on page 1 6 Section 1 4 Switch Default Settings on page 1 9 ...

Page 24: ...and line interface and to the console for each server blade installed in the chassis 1 1 1 Switch Architecture The switch employs a high speed switching fabric that enables simultaneous transport of multiple packets at low latency on all ports The switch also uses store and forward technology to ensure maximum data integrity In this mode the entire packet must be received into a port buffer and ch...

Page 25: ...ports support IEEE 802 3x auto negotiation of speed duplex mode and flow control Each port can operate at 10 Mbit sec 100 Mbit sec and 1000 Mbit sec full and half duplex and control the data stream to prevent buffers from overflowing The up link ports can be connected to other IEEE 802 3ab 1000BASE T compliant devices up to 100 m 328 ft away using Category 5 twisted pair cable These ports also fea...

Page 26: ...rts that connect to the blades in the chassis These ports are fixed at 1000 Mbit sec full duplex The internal ports are named SNP0 to SNP15 in the configuration interface The switch also includes an internal 10 100BASE TX port called NETMGT which is connected to the SC s network port and to the external management port on the SSC s front panel through an internal hub ...

Page 27: ...on Status SSC Active On Green The SSC is functioning normally Service Required On Amber The SSC requires service Ready to Remove On Blue The SSC can now be removed RJ 45 Ports Link On Green Port has established a valid network connection Speed On Amber Link is operating at 1 Gbps Off Link is operating at less than 1 Gbps SERIAL MGT 4 0 5 1 6 2 7 3 NET MGT Ready to Remove Service Required Active Li...

Page 28: ... entering the network and wasting bandwidth To avoid dropping frames on congested ports the switch provides 128 Kbytes of frame buffering per port This buffer can queue packets awaiting transmission on congested networks Spanning Tree Protocol The switch supports these spanning tree protocols Spanning Tree Protocol STP IEEE 802 1D This protocol adds a level of fault tolerance by allowing two or mo...

Page 29: ... four up link ports per aggregated link or up to two down link ports per aggregated link Port Security Port security prevents unauthorized users from accessing your network It enables each port to learn or be assigned a list of MAC addresses for devices authorized to access the network through that port Any packet received on the port must have a source address that appears in the authorized list ...

Page 30: ...ue Address Filtering This switch provides a packet filter for all traffic entering the CPU port and potentially forwarded or routed to the management network The packet filter is rule pattern based and constitutes a set of patterns that when matched DROPS the packet and a further set of patterns that when matched ACCEPTS the packet Multicast Switching Specific multicast traffic can be assigned to ...

Page 31: ...er admin password admin user guest password guest Change from Normal Exec to Privileged Exec super Serial Port Baud rate 9600 Data bits 8 Stop bits 1 Parity none IP Settings Address 0 0 0 0 Subnet mask 255 0 0 0 Port Status Port Speed Port SNP0 15 1000 Mbps Port NETP0 7 10 100 1000 Mbps auto negotiated Port NETMGT 10 100 Mbps auto negotiated Duplex Mode Port SNP0 15 full Port NETP0 7 NETMGT half a...

Page 32: ...TP0 7 Address Aging 300 seconds Virtual LANs GVRP Disabled Default VLAN PVID 1 for untagged frames Management VLAN VLAN 2 for the management port Tagging RX All frames TX Untagged frames Ingress Filtering Disabled Multicast Filtering IGMP Snooping Enabled ARP Enabled Cache Timeout 20 minutes TABLE 1 2 Switch Default Settings Continued Function Default ...

Page 33: ...ng the initial configuration of the switch refer to the Sun Fire B1600 Blade System Chassis Software Setup Guide This chapter contains the following sections Section 2 1 Connecting to the Switch Interface on page 2 2 Section 2 2 Enabling SNMP Management Access on page 2 3 ...

Page 34: ...client identifier on your DHCP server SUNW SWITCH_ID serial number of chassis 0 for the switch in SSC0 or SUNW SWITCH_ID serial number of chassis 1 for the switch in SSC1 For information about preparing the network to receive the system chassis and about all procedures for performing the initial configuration of the switch refer to the Sun Fire B1600 Blade System Chassis Software Setup Guide 2 1 1...

Page 35: ...anning Tree Download system firmware 2 2 Enabling SNMP Management Access The switch can be configured to accept management commands from Simple Network Management Protocol SNMP v1 v2c or v3 applications such as Soltice Domain Manager You can configure the switch to respond to SNMP requests and or generate SNMP traps When SNMP management stations send requests to the switch either to return informa...

Page 36: ...r 2 To remove an existing string type no snmp server community string where string is the community access string to remove Press Enter 2 2 2 Trap Receivers You can also specify SNMP stations that are to receive traps from the SSC To configure a trap receiver 1 From the Global Configuration mode prompt type snmp server host host address community string where host address is the IP address for the...

Page 37: ...Chapter 2 Initial Configuration 2 5 3 Save the configuration settings by following the instructions in the Sun Fire B1600 Blade System Chassis Software Setup Guide ...

Page 38: ...2 6 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 ...

Page 39: ... tasks and includes the following sections Section 3 1 Using the Web Interface on page 3 2 Section 3 2 Basic Configuration on page 3 8 Section 3 3 Configuring Global Network Protocols on page 3 39 Section 3 4 Port Configuration on page 3 96 Section 3 5 Monitoring Port and Management Traffic on page 3 139 ...

Page 40: ...ire B1600 Blade System Chassis Software Setup Guide 2 Set a user name and password using an out of band serial connection Access to the web agent is controlled by the same user names and passwords as the command line interface For information on how to do this refer to the Sun Fire B1600 Blade System Chassis Software Setup Guide Note If the path between your management station and the switch does ...

Page 41: ...ault administrator user name and password is admin 3 1 1 1 Home Page When your web browser connects with the switch s web agent the home page is displayed The configuration options are displayed in the menu tabs and corresponding menu items listed in the row beneath the menu tabs at the top of the page The menu tabs and subordinate menu items are used to access the configuration menus and display ...

Page 42: ...sions of stored pages to Every visit to the page Note When using Internet Explorer 5 0 you might have to click the web browser s refresh button to manually refresh the screen after making configuration changes 3 1 2 Panel Display The web agent displays an image of the switch s up link ports indicating whether each link is active Clicking on the image of a port opens the Port Configuration page whi...

Page 43: ...ote access authentication service using RADIUS or TACACS 3 28 Communication Sets the SNMP community access strings trap managers and type of traps to issue 3 34 VLANs Displays basic VLAN information enables GVRP multicast protocol configures VLANs 3 39 Static VLAN Port Membership Adds static members to VLANs 3 50 Broadcast Multicast Sets broadcast storm control configures multicast protocols inclu...

Page 44: ...egated links 3 107 VLANs Specifies port attributes including default PVID switchport mode ingress filtering GVRP GARP timers configures static VLAN members 3 114 Static Addresses Displays or edits static entries in the Address Table enables and disables learning of permanent entries 3 121 Spanning Tree Configures port settings for the global spanning tree 3 125 Spanning Tree Protocol Configures ST...

Page 45: ...t PVID switchport mode ingress filtering GVRP GARP timers configures static VLAN members 3 114 Packet Filtering Filters traffic entering the management port from the up link ports 3 134 Monitoring Switch monitoring functions 3 139 Port Mirroring Sets the source and target ports for mirroring 3 139 Port Statistics Displays statistics on port traffic including information from the Interfaces Group E...

Page 46: ...cription The system hardware description assigned by the manufacturer Serial Number1 The serial number of the main board System OID string2 The MIB II object ID for switch s network management subsystem MAC Address3 The physical layer address for the switch Web server2 The operational status of web HTTP management access on the switch Web server port2 The TCP port number used by the web interface ...

Page 47: ...Chapter 3 General Management of the Switch 3 9 FIGURE 3 3 Switch Setup System Identity Window ...

Page 48: ... show system System description Sun Fire B1600 System OID string 1 3 6 1 4 1 674 10895 4 System information System Up time 0 days 0 hours 55 minutes and 54 91 seconds System Name NONE System Location NONE System Contact NONE MAC address 00 00 e8 00 00 01 Web server enable Web server port 80 Web secure server enable Web secure server port 443 POST result Performing Power On Self Tests POST UART Loo...

Page 49: ...5 System Up Time MIB II system sysUpTime Read only Timeticks in centiseconds System Description MIB II system sysDescr Read only String size 0 255 System Object Identification MIB II system sysObjectID Read only Object identifier MAC Address MIB II interfaces ifTable ifEntry ifPhysAddress Read only Physical address HTTP State Web Server sun ipMgt ipHttpState Read write enabled 1 disabled 2 enabled...

Page 50: ...Address The current address of the VLAN interface that is allowed management access MAC Address4 The physical layer address for this switch Management VLAN The VLAN through which you can manage the switch By default the management port NETMGT is configured as a member of this VLAN that is VLAN 2 However if you change the Management VLAN you will lose management access to the switch unless the NETM...

Page 51: ...nd separated by periods The default is 0 0 0 0 Subnet Mask The mask that identifies the host address bits used for routing to specific subnets The default is 255 0 0 0 Broadcast Address5 The IP broadcast address used for sending datagrams on the interface associated with the IP address This value applies to both the subnet and network broadcast addresses used by the switch The default is 0 0 0 1 G...

Page 52: ...Switch Administration Guide June 2003 FIGURE 3 5 Open Switch Setup Network Identity Window Note If you receive an error message saying that the data you have entered is invalid confirm that you have specified each of the IP addresses correctly ...

Page 53: ... Specifying the Management VLAND and IP Details Field Name MIB Variable Access Value Range Default Value Management VLAN sun switchMgt switchManagementVla n Read write Integer 1 4094 1 IP Address Mode sun vlanMgt vlanTable vlanEntry vlanAddressMethod Read write user 1 bootp 2 dhcp 3 user IP Address Configuration MIB II ip ipAddrTable ipAddrEntry ipAdEntAddr Read write IP address Subnet Mask Config...

Page 54: ...By default the System Controller in the chassis provides a client identifier to the switch The client identifier is SUNW SWITCH_ID serial number of chassis 0 or SUNW SWITCH_ID serial number of chassis 1 depending on whether the switch is in SSC0 or SSC1 You can specify a client identifier in the Enable Client ID checkbox but it will be overwritten the next time the System Controller resets or boot...

Page 55: ...d line Interface Using Dynamic IP Configuration Services 1 Specify the management interface 2 Set the IP address mode to DHCP or BOOTP 3 Issue the ip dhcp restart command DHCP may lease addresses to clients indefinitely or for a specific period of time If the address expires or the switch is moved to another network segment you will lose management access to the switch In this case you can reboot ...

Page 56: ...ys be 1 3 2 3 1 Web Interface Displaying Switch Software Version Information Open Switch Status Software TABLE 3 5 MIB Variables Associated With Dynamic IP Configuration Services Field Name MIB Variable Access Value Range Default Value Management VLAN sun switchMgt switchManagementVlan Read write Integer 1 4094 1 IP Address Mode sun vlanMgt vlanTable vlanEntry vlanAddressMethod Read write user 1 b...

Page 57: ...ying Switch Software Version Information Use the following command to display version information Console show version Unit1 Serial number 1 Service tag Hardware version R0B Number of ports 25 Main power status up Redundant power status not present Agent master Unit id 1 Loader version 0 0 6 5 Boot rom version 0 0 7 3 Operation code version 1 0 0 1 Console ...

Page 58: ...itchMgt switchInfoTable switchInfoEntry swHardwareVer Read only Display string size 0 20 Switch Port Number SUN switchMgt switchInfoTable switchInfoEntry swPortNumber Read only Integer 25 Switch Unit Index SUN switchMgt switchInfoTable switchInfoEntry swUnitIndex Not accessible Integer 1 Switch Loader Version sun switchMgt switchInfoTable switchInfoEntry swLoaderVer Read only String size 0 20 Swit...

Page 59: ...ignated startup version of this file cannot be deleted If there are two copies of the System Software file present you can delete the one that is not currently designated as the startup version and replace it with a new file or you can copy a new one into the directory using one of the existing file names Alternatively you can remove the startup designation from the current startup file delete tha...

Page 60: ...access permissions for TFTP transfer Alternatively it is possible that there is not enough memory available on the switch If you download to a new destination file select the new file from the pull down menu for the operation code used at startup and click Save To start the new firmware reboot the system by clicking Save and Restart FIGURE 3 9 The Switch Status Software Window at the End of the Do...

Page 61: ...2 2 Source file name v10 bix Destination file name V10000 Write to FLASH Programming Write to FLASH finish Success Console config Console config boot system opcode V10000 Console config exit Console reload TABLE 3 7 MIB Variables Associated With Downloading Firmware Field Name MIB Variable Access Value Range Switch Operation Code Image Files Not defined TFTP Server IP Address sun tftpMgt tftpServe...

Page 62: ...pStatus Read write tftpSuccess 1 tftpStatusUnknown 2 tftpGeneralError 3 tftpNoResponseFromServer 4 tftpDownloadChecksumError 5 tftpDownloadIncompatible Image 6 tftpTftpFileNotFound 7 tftpTftpAccessViolation 8 Restart Operation Code File sun restartMgt restartOpCodeFile Read write Display String Size 0 127 Restart Action sun restartMgt restartControl Read write running 1 warmBoot 2 coldBoot 3 TABLE...

Page 63: ...aracters are A Z a z 0 9 and _ The maximum number of user defined configuration files is limited by available memory 3 2 5 1 Downloading Configuration Settings From a Server You can download the configuration file under a new file name and then set it as the startup file or you can specify the current startup configuration file as the destination file to overwrite it Note that Factory_Default_Conf...

Page 64: ...m the pull down menu and click Save To use the new settings reboot the system by clicking Save and Restart FIGURE 3 11 The Switch Setup Software Window enabling you to specify the operation code and configuration file to use at startup Command line Interface Downloading a File of Configuration Settings 1 Type the IP address of the TFTP server 2 Specify the source file on the server 3 Set the start...

Page 65: ...ramming Write to FLASH finish Success Console reload System will be restarted continue y n y Console config Console config boot system config startup new Console config exit Console reload System will be restarted continue y n y TABLE 3 8 MIB Variables Associated With Downloading Configuration Settings Field Name MIB Variable Access Value Range TFTP Server IP Address sun tftpMgt tftpServer Read wr...

Page 66: ...ication By default management access is always checked against the authentication database stored on the local switch If a remote authentication server is used you must specify the authentication sequence and the corresponding parameters for each remote authentication protocol specified Remote Authentication Dial in User Service RADIUS and Terminal Access Controller Access Control System Plus TACA...

Page 67: ...level must be configured on the authentication server You can specify one to three authentication methods for any user to indicate the authentication sequence For example if you select 1 RADIUS and 2 Local the user name and password on the RADIUS server are verified first If the RADIUS server is not available then the local user name and password are checked When configuring user authentication us...

Page 68: ...um number of users is 5 Access Level The user level Specify Normal or Privileged Password The user password A plain text string of between 1 and 8 characters that is case sensitive 3 2 6 1 Web Interface Configuring User Authentication 1 Open the Switch Config Security window 2 Specify the authentication sequence by selecting local or remote methods for each of the three preferences 3 Type paramete...

Page 69: ...tch 3 31 FIGURE 3 12 The Switch Config Security Window for Use With Authentication Servers To configure authentication parameters for local access 1 Type a user name 2 Select an access level Normal or Privileged 3 Type a password 4 Click Add ...

Page 70: ...ired settings for RADIUS and TACACS remote client authentication Console config username bob access level 15 Console config username bob password 0 smith Console config authentication login local tacacs radius Console config tacacs server host 192 168 1 24 Console config tacacs server port 181 Console config tacacs server key green Console config radius server host 192 168 1 25 Console config radi...

Page 71: ...te IP address 10 11 12 13 RADIUS Server Port Number sun securityMgt radiusMgt radiusServerPortNumber Read write Integer 1 65535 1812 RADIUS Server Encryption Key sun securityMgt radiusMgt radiusServerKey Read write Read always returns 0 String size 0 20 RADIUS Server Retransmit sun securityMgt radiusMgt radiusServerRetransmit Read write Integer 1 65535 2 RADIUS Server Timeout sun securityMgt radiu...

Page 72: ...ommunity strings and related trap functions are described in the following sections 3 2 7 1 Configuring SNMP Access You can configure up to five community strings authorized for management access For security reasons consider removing the default strings When configuring SNMP community strings using the web interface or CLI the following parameters can be configured Community A password between 1 ...

Page 73: ...ving Community Strings Command line Interface Adding and Removing Community Strings The following example adds the string blueberry with read write access MIB Variables Associated With Community Strings Note There are no MIB variables for these functions Console config snmp server community blueberry rw Console config ...

Page 74: ...dress of the host the targeted recipient The maximum number of host IP addresses is 5 Community The password like string between 1 and 32 characters sent with the notification operation Although you can set this string in the Trap Managers table it is recommended to define this string in the SNMP Protocol table as well Version The SNMP version 1 or version 2c that the host is running Generate SNMP...

Page 75: ...e Traps From the Switch Command line Interface Specifying Trap Management Stations This example adds a trap manager and enables link up down and authentication traps Console config snmp server host 10 1 0 19 private version 1 Console config snmp server enable traps link up down Console config snmp server enable traps authentication ...

Page 76: ...stAddress No access IP address Trap Destination Community sun trapDestMgt trapDestTable trapDestEntry trapDestCommunity Read create String size 0 127 Trap Destination Version sun trapDestMgt trapDestTable trapDestEntry trapDestStatus Read create version 1 1 version 2 2 Trap Destination Status sun trapDestMgt trapDestTable trapDestEntry trapDestStatus Read create valid 1 invalid 2 Enable Link up do...

Page 77: ...es to a new VLAN without having to change any physical connections VLANs can be organized to reflect departmental groups such as Marketing or R D usage groups such as e mail or multicast groups used for multimedia applications such as videoconferencing VLANs provide greater network efficiency by reducing broadcast traffic and enable you to make network changes without having physically change netw...

Page 78: ...are manually tied to specific ports The switch s forwarding decision is based on the destination MAC address and its associated port Therefore to make valid forwarding or flooding decisions the switch must learn the relationship of the MAC address to its related port and thus to the VLAN at run time However when GVRP is enabled this process can be fully automatic Automatic VLAN Registration GARP V...

Page 79: ...passing tagged or untagged frames When forwarding a frame from this switch along a path that contains any VLAN aware devices the switch should include VLAN tags When forwarding a frame from this switch along a path that does not contain any VLAN aware devices including the destination host the switch must first strip off the VLAN tag before forwarding the frame When the switch receives a tagged fr...

Page 80: ...rmation Type the following command Console show bridge ext Max support vlan numbers 32 Max support vlan ID 4094 Extended multicast filtering services No Static entry individual port Yes VLAN learning IVL Configurable PVID tagging Yes Local VLAN capable Yes Traffic classes Enabled Global GVRP status Disabled GMRP Disabled Console ...

Page 81: ...B II dot1dBridge BridgeMIB BridgeMIBObjects dot1qBase dot1qMaxVlanId Read only Integer 4094 Maximum Number of Supported VLANs MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qBase dot1qMaxSupportedV lans Read only Integer 255 Device Capabilities MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dExtBase dot1dDeviceCapabi lities Read only Bit String ExtendedFiltering dot1dServices 0 dot1dTraf...

Page 82: ...rue 1 false 2 true GMRP Status MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dExtBase dot1dGmrpStatus Read write enabled 1 disabled 2 disabled GVRP Status MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qBase dot1qGvrpStatus Read write enabled 1 disabled 2 disabled TABLE 3 11 MIB Variables Associated With Basic VLAN Information Continued Field Name MIB Variable Access Value Range Default...

Page 83: ... by host devices and propagated throughout the network GVRP must be enabled to permit automatic VLAN registration and to support VLANs which extend beyond the local switch Web Interface Enabling or Disabling GVRP Global Setting 1 Open Switch Config VLANs 2 Select Enable or Disable 3 Click Save FIGURE 3 16 The Switch Config VLANs Window showing radio buttons for enabling GVRP Command line Interface...

Page 84: ...od by which the VLAN was added to the switch Dynamic GVRP Dynamic9 Automatically learned through GVRP Permanent Static9 Manually configured as a static entry Ports Channel groups9 The interfaces that are members of the VLAN Web Interface Configuring VLANs To create a new VLAN follow these steps 1 Open Switch Config VLANs 2 Type the new VLAN ID and name 3 Set the status to Enabled or Disabled 4 Cli...

Page 85: ...ch 3 47 2 Click Enable Disable or Remove To add interfaces to a VLAN 1 Select an entry 2 Click Membership See Adding Static Members to VLANs on page 3 50 FIGURE 3 17 The Switch Config VLANs Window With the Default VLAN Configuration Displayed ...

Page 86: ...tion Console config vlan database Console config vlan vlan 3 name R D media ethernet state active Console config vlan Console show vlan VLAN Type Name Status Ports Channel groups 1 Static DefaultVlan Active SNP0 SNP1 SNP2 SNP3 SNP4 SNP5 SNP6 SNP7 SNP8 SNP9 SNP10 SNP11 SNP12 SNP13 SNP14 SNP15 NETP0 NETP1 NETP2 NETP3 NETP4 NETP5 NETP6 NETP7 2 Static MgtVlan Active NETMGT 3 Static R D Active Console ...

Page 87: ...IB qBridgeMIBObjects dot1qVlan dot1qVlanCurrentT able dot1qVlanCurrentE ntry dot1qVlanIndex No access Integer 1 VLAN Name MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanStaticTa ble dot1qVlanStaticEn try dot1qVlanStaticNa me Read create Octet string size 0 32 VLAN Status MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanStaticTa ble dot1qVlanStaticEn try dot1qV...

Page 88: ...ts The interfaces added to the selected VLAN as tagged or untagged or restricted from being automatically added through GVRP Membership Type Specify VLAN membership by highlighting the required interface and clicking the appropriate Add button VLAN Type MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanCurrentT able dot1qVlanCurrentE ntry dot1qVlanStatus Read only other 1 permanen...

Page 89: ...face is forbidden from automatically joining the VLAN through GVRP See Automatic VLAN Registration on page 3 40 Remove Removes the selected interface from the VLAN Web Interface Adding Ports Manually to a VLAN To add an interface to a VLAN 1 Open Switch Config VLANs 2 Highlight a VLAN in the static list and click Membership 3 From the port membership page select an interface from the All Ports lis...

Page 90: ...g GVRP and finally displays the VLAN s membership Console config interface ethernet NETP1 Console config if switchport allowed vlan add 3 tagged Console config if exit Console config interface ethernet NETP2 Console config if switchport allowed vlan add 3 untagged Console config if exit Console config interface ethernet SNP13 Console config if switchport forbidden vlan add 3 Console config if end ...

Page 91: ...taticTable dot1qVlanStaticEntry dot1qVlanStaticName Read create Octet string size 0 32 Up Time at Creation MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanCurrentTable dot1qVlanCurrentEntry dot1qVlanCreationTime Read only Timeticks in centiseconds VLAN Status MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanCurrentTable dot1qVlanCurrentEntry dot1qVlanStatus Rea...

Page 92: ...ocol IGMP to query for any attached hosts that want to receive a specific multicast service It identifies the ports containing hosts requesting to join the service and sends data out to those ports only It then propagates the service request up to any neighboring multicast switch router to ensure that it will continue to receive the multicast service This procedure is called multicast filtering VL...

Page 93: ... if they want to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Note Multicast routers use this ...

Page 94: ...m its list The default is 10 seconds Router Port Expire Time The time between 300 and 500 seconds the switch waits after the previous querier stops querying before it determines that the interface which had been receiving query packets is no longer attached to a querier The default is 300 seconds Note All systems on the subnet must support the same version Some attributes are only enabled for IGMP...

Page 95: ...Chapter 3 General Management of the Switch 3 57 FIGURE 3 19 The Switch Config Broadcast Multicast Window ...

Page 96: ...r Console config ip igmp snooping query count 10 Console config ip igmp snooping query interval 100 Console config ip igmp snooping query max response time 20 Console config ip igmp router port expire time 300 Console config ip igmp snooping version 2 Console config exit Console show ip igmp snooping Igmp Snooping Configuration Service status Enabled Querier status Enabled Query count 10 Query int...

Page 97: ...e current multicast groups supported by the connected router This can ensure that multicast traffic is passed on to all the appropriate interfaces within the switch TABLE 3 15 MIB Variables Associated With IGMP Parameters Field Name MIB Variable Access Value Range Default Value Snooping Status sun igmpSnoopMgt igmpSnoopStatus Read write enabled 1 disabled 2 enabled Snooping Querier sun igmpSnoopMg...

Page 98: ...ally connected to multicast routers Available Ports The interfaces that have not been assigned to the selected VLAN as multicast router ports Current Static Ports The interfaces that have already been assigned to the selected VLAN as multicast router ports Web Interface Specifying Interfaces Connected to Multicast Routers 1 Open Switch Config Broadcast Multicas Multicast Router Ports 2 Select a VL...

Page 99: ...Chapter 3 General Management of the Switch 3 61 FIGURE 3 20 The Switch Config Broadcast Multicast Window Multicast Router Ports selected ...

Page 100: ... 3 16 MIB Variables Associated With Interfaces Connected to Multicast Routers Field Name MIB Variable Access Value Range Snooping Multicast Router Current VLAN sun igmpSnoopMgt igmpSnoopRouterCurrentTable igmpSnoopRouterCurrentEntry dot1qVlanIndex Index Integer VLAN Name MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanStaticTable dot1qVlanStaticEntry dot1qVlanStaticName Read cre...

Page 101: ...y igmpSnoopRouterStaticPorts Read create Octet string port list Snooping Multicast Router Static Status sun igmpSnoopMgt igmpSnoopRouterStaticTable igmpSnoopRouterStaticEntry igmpSnoopRouterStaticStatus Read create valid 1 invalid 2 TABLE 3 16 MIB Variables Associated With Interfaces Connected to Multicast Routers Field Name MIB Variable Access Value Range ...

Page 102: ...ll known ports and Multicast Services supported on VLAN VLAN The VLAN on the switch The pull down menu includes the VLAN ID and name IP Address The IP address for a specific multicast service Interface The interfaces that are connected to multicast routers and whether the assignment was static User or dynamic IGMP Ports and Multicast Services statically configured on VLAN IP Address The IP address...

Page 103: ...lticast service in the text field 3 Click Add FIGURE 3 21 The Switch Config Broadcast Multicast Window Multicast Services selected Note If you receive an error message saying that the data you have entered is invalid check that you have specified each of the IP addresses correctly ...

Page 104: ...3 17 MIB Variables Associated With Configuring Multicast Services Field Name MIB Variable Access Value Range Snooping Multicast Router Static Vlan Index sun igmpSnoopMgt igmpSnoopMulticastStaticTable igmpSnoopMulticastStaticEntry dot1qVlanIndex Index Integer Snooping Multicast Static IP Address sun igmpSnoopMgt igmpSnoopMulticastStaticTable igmpSnoopMulticastStaticEntry igmpSnoopMulticastStaticIPA...

Page 105: ...ng broadcast storm control on the required ports Any broadcast packets exceeding the specified threshold are dropped Note the following points about broadcast storm control Broadcast storm control is enabled by default Broadcast control does not affect IP multicast traffic When configuring broadcast storm control through the web interface or CLI the following parameter can be configured Broadcast ...

Page 106: ...stration Guide June 2003 FIGURE 3 22 The Switch Config Broadcast Multicast Window Broadcast Storms selected 3 3 3 2 Command line Interface Using Broadcast Storm Control The following example shows how to set the broadcast threshold to 64 packets per second ...

Page 107: ...guration Name External RJ 45 connector NET7 Port admin Up Speed duplex Auto Capabilities 10half 10full 100half 100full 1000full Broadcast storm Enabled Broadcast storm limit 64 packets second Flow control Disabled Lacp Disabled Current status Link status Up Port operation status Up Operation speed duplex 1000full Flow control type None Console TABLE 3 18 MIB Variables Associated With Broadcast Sto...

Page 108: ...se for ports insensitive to changes in the tree structure when reconfiguration occurs 3 3 4 1 Configuring Basic STA Settings Global settings apply to the entire switch Note the following points about basic STA settings Rapid Spanning Tree Protocol RSTP supports connections to either STP or RSTP nodes by monitoring the incoming protocol messages and dynamically adjusting the type of protocol messag...

Page 109: ...interfaces which includes both ports and aggregated links Root Forward Delay The maximum time in seconds the switch waits before changing states for example from discarding to learning to forwarding This delay is required because every device must receive information about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information tha...

Page 110: ...lay 1 The default is 20 seconds Forward Delay The maximum time in seconds the switch waits before changing states for example from discarding to learning to forwarding This delay is required because every device must receive information about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information that would make it return to a dis...

Page 111: ...h Config Spanning Tree Basic Configuration Window Note If you receive an error saying that the data you have entered is invalid check that the values you have given for Priority Hello Time Maximum Age and Forward Delay are within the specified ranges for these parameters ...

Page 112: ...Spanning tree information Spanning tree mode RSTP Spanning tree enable disable enable Priority 32768 Bridge Hello Time sec 2 Bridge Max Age sec 20 Bridge Forward Delay sec 15 Root Hello Time sec 2 Root Max Age sec 20 Root Forward Delay sec 15 Designated Root 32768 0000E8666672 Current root port 0 Current root cost 0 Number of topology changes 0 Last topology changes time sec 9142 Transmission limi...

Page 113: ...tInstanceCfgEntry mstInstanceCfgRootPort Read only Integer Root Cost sun xstMgt mstInstanceCfgTable mstInstanceCfgEntry mstInstanceCfgRootCost Read only Integer Hello Time sun staMgt xstMgt mstInstanceCfgTable mstInstanceCfgEntry mstInstanceCfg HelloTime Read only Integer 200 centiseconds Maximum Age sun staMgt xstMgt mstInstanceCfgTable mstInstanceCfgEntry mstInstanceCfgMaxAge Read only Integer 2...

Page 114: ... to its neighbours to inform them that the configured ports are still linked The maximum transmission rate for BPDUs is specified by setting the minimum interval between the transmission of consecutive protocol messages The default is 3 Web Interface Configuring Advanced STA Settings 1 Open Switch Config Spanning Tree Advanced Configuration 2 Modify the required parameters 3 Click Save Bridge Maxi...

Page 115: ...tings This example sets the spanning tree path cost method and transmission limit MIB variables Associated With Advanced STA Settings Console config spanning tree pathcost method long Console config spanning tree transmission limit 4 Console config TABLE 3 20 MIB Variables Associated With Advanced STA Settings Field Name MIB Variable Access Value Range Default Value RSTP Path Cost Method sun staMg...

Page 116: ...port and uses Weighted Round Robin to prevent head of queue blockage The default priority applies for an untagged frame received on a port set to accept all frame types that is receives both untagged and tagged frames This priority does not apply to IEEE 802 1Q VLAN tagged frames If the incoming frame is an IEEE 802 1Q VLAN tagged frame the IEEE 802 1p User Priority bits will be used If the output...

Page 117: ...ole config interface ethernet NETP1 Console config if switchport priority default 5 Console show interfaces switchport ethernet NETP1 Information of NETP1 Broadcast threshold Enabled 256 packets second Lacp status Disabled VLAN membership mode Hybrid Ingress rule Disabled Acceptable frame type All frames Native VLAN 1 Priority for untagged traffic 5 Gvrp status Enabled Allowed Vlan 1 u Forbidden V...

Page 118: ...orities are defined in the IEEE 802 1p standard The default priority levels are assigned according to recommendations in the IEEE 802 1p standard as shown in the following table TABLE 3 21 MIB Variables Associated With Class of Service Field Name MIB Variable Access Value Range Default Value Port Default User Priority MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dPriority dot1dPortPriorityT...

Page 119: ...7 where 7 is the highest priority Traffic Classes Queue 13 The output queue buffer Specify 0 1 2 or 3 Web Interface Mapping COS Values to Traffic Classes 1 Open Switch Config Class of Service Basic Traffic Prioritisation 2 Scroll to Mapping CoS Values to Traffic Classes Egress Queues 3 Select a priority from the Class of Service Values list 4 Select an output queue from the Traffic Classes menu 5 ...

Page 120: ...OS values 0 1 and 2 to COS priority queue 0 value 3 to COS priority queue 1 values 4 and 5 to COS priority queue 2 and values 6 and 7 to COS priority queue 3 Console config interface ethernet NETP0 Console config queue cos map 0 0 1 2 Console config queue cos map 1 3 Console config queue cos map 2 4 5 Console config queue cos map 3 6 7 Console config exit Console show queue cos map ethernet NETP0 ...

Page 121: ...e MIB Variable Access Value Range Default Value Traffic Class Priority MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dPriority dot1dTrafficClassTable dot1dTrafficClassEntry dot1dTrafficClassPriority Not accessible Integer 0 7 Traffic Class MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dPriority dot1dTrafficClassTable dot1dTrafficClassEntry dot1dTrafficClass Read write Integer 0 7 page ...

Page 122: ...vice and subsequently affects the response time for software applications assigned a specific priority value When setting the weight for traffic classes through the web interface or CLI the following parameters can be configured Traffic Class Queue 14 A list of weights for each traffic class WRR Weights The weight between 1 and 255 for the selected traffic class Web Interace Setting the Service We...

Page 123: ...or Differentiated Services Code Point DSCP service When these services are enabled the priorities are mapped to a Class of Service value by the switch and the traffic then sent to the corresponding output queue Because different priority information may be contained in the traffic this switch maps priority values to the output queues in the following manner Console config queue bandwidth 1 4 16 64...

Page 124: ...ervices The current operating status for mapping for layer 3 4 priorities to COS values The default is disabled IP Precedence IP Precedence mapping Differentiated Services Code Point Mapping DSCP DSCP mapping Web Interface Enabling Priority Services 1 Open Switch Config Class of Service Layer 3 4 Traffic Prioritisation 2 Select Enable Priority Services 3 Select IP Precedence or DSCP 4 Click Save F...

Page 125: ...nd 7 are used for network control and the other bits for various application types ToS bits are defined in the following table When mapping IP Precedence values to COS values through the web interface or CLI the following parameters can be configured IP Precedence The current IP Precedence to COS map Console config no map ip precedence Console config no map ip dscp TABLE 3 26 MIB Variables Associa...

Page 126: ...ority and 7 represents high priority Web Interface Mapping IP Precedence 1 Open Switch Config Class of Service Layer 3 4 Traffic Prioritisation 2 Scroll to Mapping IP Precedence to Class of Service Values 3 Select an entry from the IP Precedence table 4 Select a value from the Class of Service Value menu 5 Click Save FIGURE 3 29 The Switch Config Class of Service Window for Mapping IP Precedence ...

Page 127: ...witch Console config interface ethernet SNP5 Console config if map ip precedence 1 cos 0 Console config if end Console show map ip precedence ethernet SNP5 Precedence mapping status disabled Port Precedence COS SNP5 0 0 SNP5 1 0 SNP5 2 2 SNP5 3 3 SNP5 4 4 SNP5 5 5 SNP5 6 6 SNP5 7 7 Console TABLE 3 28 MIB Variables Associated With Mapping IP Precedence Field Name MIB Variable Access Value Range Def...

Page 128: ... not specified in the following table are mapped to COS value 0 When mapping DSCP values to COS values through the web interface or CLI the following parameters can be configured DSCP The current DSCP Priority to COS map Class of Service Value The COS value that is mapped to the selected DSCP Priority value Note that 0 represents low priority and 7 represents high priority Web Interface Mapping DS...

Page 129: ...splays all the DSCP Priority settings for that port 16 Mapping specific values for IP DSCP is implemented as an interface configuration command but any changes will apply to the all interfaces on the switch Console config interface ethernet SNP5 Console config if map ip dscp 0 cos 1 Console config if end Console show map ip dscp ethernet SNP5 DSCP mapping status disabled Port DSCP COS SNP1 0 1 SNP...

Page 130: ...y to the associated port Otherwise the traffic is flooded to all ports The Address Table also includes static MAC addresses that are tied to a specific port See Configuring Static Addresses on page 3 121 When viewing the Address Table through the web interface or CLI the following parameters are displayed Port ID Interface17 The port or aggregated link Up link ports NETP0 to NETP7 or down link por...

Page 131: ...ecify an interface VLAN MAC address or address type any combination for the search criteria 3 Click Query FIGURE 3 31 The Switch Config Address Tables Window Command line Interface Viewing the Address Tables This example displays the address table entries for port NETP1 Console show mac address table interface ethernet NETP1 Interface Mac Address Vlan Type NETP0 00 20 9c 23 cd 61 1 Dynamic Console...

Page 132: ...g Address Tables 2 Type the new aging time in the text field 3 Click Save TABLE 3 30 MIB Variables Associated With the Address Tables Field Name MIB Variable Access Value Range Interface MIB II dot1dBridge dot1dTp dot1dTpFdbTable dot1dTpFdbEntry dot1dTpFdbPort Read only not learned 0 Port list 1 24 MAC Address MIB II dot1dBridge dot1dTp dot1dTpFdbTable dot1dTpFdbEntry dot1dTpFdbAddress Read only M...

Page 133: ... Time This example sets the aging time to 400 seconds MIB Variables Associated With Aging Time Console config mac address table aging time 400 Console config TABLE 3 31 MIB Variables Associated With Aging Time Field Name MIB Variable Access Value Range Default Value Aging Time MIB II dot1dBridge dot1dTp dot1dTpAgingTime Read write Integer 18 2184 seconds 300 seconds ...

Page 134: ...trol auto negotiation and broadcast storm control When viewing the status of port connections through the web interface or CLI the following parameters are displayed Port Type The port type 1000BASE SX 1000BASE T or 10 100BASE TX Port The port or aggregated link Up link ports NETP0 to NETP7 down link ports SNP0 to SNP15 or the management port NETMGT Description The interface label Admin Status The...

Page 135: ...full 100 Mbit sec full duplex operation 1000full 1000 Mbit sec full duplex operation Sym The transmitting and receiving of pause frames for flow control FC Flow control LACP Status21 The configured state of Link Aggregation Control Protocol LACP on the port Web Interface Displaying Connection Status for the Ports To display port status information and configure connections for one or more interfac...

Page 136: ...3 98 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 FIGURE 3 33 The Up Links Connections Status Window ...

Page 137: ...on of NETP7 Basic information Port type 1000T Mac address 00 00 E8 66 66 83 Configuration Name External RJ 45 connector NET7 Port admin Up Speed duplex Auto Capabilities 10half 10full 100half 100full 1000full Broadcast storm Enabled Broadcast storm limit 256 packets second Flow control Disabled Lacp Disabled Current status Link status Up Port operation status Up Operation speed duplex 1000full Flo...

Page 138: ...BaseT 6 thousandBaseMiniGBIC 7 thousandBaseSFP 8 MAC Address MIB II interfaces ifTable ifEntry ifPhysAddress Read only Physical address Port sun portMgt portTable portEntry Index Integer 1 25 Port Name sun portMgt portTable portEntry portName Read write Display string size 0 64 Administrative Status MIB II interfaces ifTable ifEntry ifAdminStatus Read write up 1 down 2 testing 3 up Link Status MIB...

Page 139: ...4 portCapFlowCtrl 15 Port Flow Control Status sun portMgt portTable portEntry portFlowCtrlStatus Read only error 1 backPressure 2 dot3xFlowControl 3 none 4 none LACP Port Status sun lacpMgt lacpPortTable lacpPortEntry lacpPortStatus Read write enabled 1 disabled 2 disabled Port Auto negotiation sun portMgt portTable portEntry portAutonegotiation Read write enabled 1 disabled 2 enabled Broadcast St...

Page 140: ...also disable an interface for security reasons Negotiate Link Capabilities22 Allows auto negotiation to be enabled disabled When auto negotiation is enabled you need to specify the capabilities to be advertised When auto negotiation is disabled you can force the settings for speed mode and flow control The following capabilities are supported 10half 10 Mbit sec half duplex operation 10full 10 Mbit...

Page 141: ... Gbit sec full duplex enable auto negotiation and set the port capabilities to 1000full only Flow Control23 When auto negotiation is disabled you need to enable or disable flow control Avoid using flow control on a port connected to a hub unless it is actually required to solve a problem Otherwise back pressure jamming signals may degrade overall performance for the segment connected to the hub Br...

Page 142: ...3 104 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 FIGURE 3 34 The Up Links Status Window showing attribues of NETP0 ...

Page 143: ...ies 1000full Console config if capabilities 1000full Console config if capabilities flowcontrol Console config if no negotiation Console config if speed duplex 100half Console config if flowcontrol Console config if TABLE 3 33 MIB Variables for Interface Connections Field Name MIB Variable Access Value Range Default Value Port Name sun portMgt portTable portEnt ry portName Read write Display Strin...

Page 144: ...apSym 14 portCapFlowCtrl 15 Port Speed Duplex Configuration sun portMgt portTable portEnt ry portSpeedDpxCfg Read write reserved 1 halfDuplex10 2 fullDuplex10 3 halfDuplex100 4 fullDuplex100 5 halfDuplex1000 6 fullDuplex1000 7 Port Flow Control Configuration sun portMgt portTable portEnt ry portFlowCtrlCfg Read write enabled 1 disabled 2 backPressure 3 dot3xFlowControl 4 TABLE 3 33 MIB Variables f...

Page 145: ... link fails However before making any physical connections between devices use the web interface or CLI to specify the aggregated link on the devices at both ends When using aggregated links take note of the following points Finish configuring aggregated links before you connect the corresponding network cables between switches to avoid creating a loop You can create up to six aggregated links on ...

Page 146: ... LACP 1 Click Up Links Down Links Link Aggregation 2 Locate the required port in the Link Aggregation table 3 Click Enable LACP or Disable LACP Note The action buttons take immediate effect To avoid creating a loop in the network be sure you enable LACP before connecting the ports and also disconnect the ports before disabling LACP FIGURE 3 35 The Uplink Link Aggregation Window ...

Page 147: ...nsole config if exit Console config interface ethernet NETP1 Console config if lacp Console config if end Console show interfaces status port channel 1 Information of Trunk 1 Basic information Port type 1000T Mac address 00 00 E8 66 66 83 Configuration Name Port admin Up Speed duplex Auto Capabilities 10half 10full 100half 100full 1000full Flow control status Disabled Current status Created by Lac...

Page 148: ...sun trunkMgt trunkMaxId Read only Integer 6 Trunk Valid Number sun trunkMgt trunkValidNumber Read only Integer 1 6 Trunk Index sun trunkMgt trunkTable trunkEntry trunkIndex Index Integer Trunk Ports sun trunkMgt trunkTable trunkEntry trunkPorts Read create Octet string port list Trunk Creation sun trunkMgt trunkTable trunkEntry trunkCreation Read only static 1 lacp 2 Trunk Status sun trunkMgt trun...

Page 149: ...from the Select Trunk menu 3 Select the required port 4 Click Add or Remove Note The action buttons take immediate effect To avoid creating a loop in the network be sure you add a static aggregated link using the configuration interface before connecting the ports and also disconnect the ports before removing a static aggregated link using the configuration interface FIGURE 3 36 The Up Links Link ...

Page 150: ...rnet NETP2 Console config if channel group 2 Console config if exit Console config interface ethernet NETP3 Console config if channel group 2 Console config if end Console show interfaces status port channel 2 Information of Trunk 2 Basic information Port type 1000t Mac address 00 00 E8 66 66 83 Configuration Port admin status Up Speed duplex Auto Capabilities 10half 10full 100half 100full 1000ful...

Page 151: ...ange Default Value Trunk Maximum ID sun trunkMgt trunkMaxId Read only Integer 6 Trunk Valid Number sun trunkMgt trunkValidNumber Read only Integer 1 6 Trunk Index sun trunkMgt trunkTable trunkEntry trunkIndex Index Integer Trunk Ports sun trunkMgt trunkTable trunkEntry trunkPorts Read create Octet string port list Trunk Creation sun trunkMgt trunkTable trunkEntry trunkCreation Read only static 1 l...

Page 152: ...unk up links NETP0 to NETP7 down links SNP0 to SNP15 or the management port NETMGT Default VLAN for Port PVID The VLAN ID assigned to untagged frames received on an interface The default for up down links is 1 and for NETMGT it is 2 Note If an interface is not a member of VLAN 1 and you assign its PVID to VLAN 1 the interface will automatically be added to VLAN 1 as an untagged member For all othe...

Page 153: ...time to more than twice the join time This ensures that after a Leave or LeaveAll message has been issued the applicants can rejoin before the port actually leaves the group The default is 60 centiseconds GARP LeaveAll Timer The interval between 500 and 18 000 centiseconds between sending out a LeaveAll query message for VLAN group participants and the port leaving the group This interval should b...

Page 154: ...3 116 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 2 Modify the required settings for each interface 3 Click Save FIGURE 3 37 The Up Links VLANs Window ...

Page 155: ...P sets the GARP timers and then sets the switchport mode to hybrid Console config interface ethernet NETP4 Console config if switchport acceptable frame types tagged Console config if no switchport ingress filtering Console config if switchport allowed vlan add 4 tagged Console config if switchport native vlan 4 Console config if switchport gvrp Console config if garp timer join 10 Console config ...

Page 156: ...nTable dot1qPortVlanEntry dot1qPvid Read write Integer 1 4094 1 Port Acceptable Frame Type MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qPortVlanTable dot1qPortVlanEntry dot1qPortAcceptabl e FrameTypes Read write admitAll 1 admitOnlyVlan Tagged 2 admitAll Port Mode sun vlanMgt vlanPortTable vlanPortEntry vlanPortMode Read write hybrid 1 dot1qTrunk 2 hybrid Port Ingress Filtering M...

Page 157: ...teger 20 1000 centiseconds 20 centiseconds GARP Leave Time MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dGarp dot1dPortGarpTable dot1dPortGarpEntry dot1dPortGarpLeave Time Read write Integer 60 3000 centiseconds 60 centiseconds GARP Leave All Time MIB II dot1dBridge pBridgeMIB pBridgeMIBObjects dot1dGarp dot1dPortGarpTable dot1dPortGarpEntry dot1dPortGarp LeaveAllTime Read write Integer 500...

Page 158: ...nt ry dot1qVlanStaticRow Status Read create enable 1 disable 2 Tagged Ports Untagged Ports Allowed VLAN MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qVlanTable dot1qVlanEntry dot1qVlanStatic UntaggedPorts Read create Octet string port list VLAN Forbidden Ports MIB II dot1dBridge qBridgeMIB qBridgeMIBObjects dot1qVlan dot1qPortVlanTable dot1qPortVlanEntry dot1qVlanForbidden EgressP...

Page 159: ...rce MAC address VLAN pair for frames received on an interface for an initial training period and then enable port security to stop address learning Enable the learning function long enough to ensure that all valid VLAN members are registered on the selected interface To add new VLAN members at a later time you can manually add static addresses or turn off port security to reenable the learning fun...

Page 160: ...ent and restored after the switch is reset Delete on Reset The assignment lasts until the switch is reset 3 4 5 1 Web Interface Configuring Static Addresses 1 Open Up Links Down Links Address Filtering 2 Select the interface 3 Select Secure Port to enable port security 4 Select VLAN MAC address and duration 5 Click Add FIGURE 3 39 The Up Links Static Addresses Window ...

Page 161: ... 00 00 02 interface ethernet NETP4 vlan 1 delete on reset Console config exit Console show mac address table ethernet NETP4 Interface Mac Address Vlan Type NETP4 00 80 C8 00 00 01 1 Permanent NETP4 00 80 C8 00 00 02 1 Delete on reset Console TABLE 3 37 MIB Variables Associated With Static Addresses Field Name MIB Variable Access Value Range Default Value Static Receive Port MIB II dot1dBridge dot1...

Page 162: ...tic Address MIB II dot1dBridge dot1dStatic dot1dStaticTable dot1dStaticEntry dot1dStaticAddres s Read write MAC address Static Status MIB II dot1dBridge dot1dStatic dot1dStaticTable dot1dStaticEntry dot1dStaticStatus Read write other 1 invalid 2 permanent 3 deleteOnReset 4 deleteOnTimeout 5 permanent TABLE 3 37 MIB Variables Associated With Static Addresses Continued Field Name MIB Variable Access...

Page 163: ...rt address table is cleared and the port begins learning addresses Forwarding The port forwards packets and continues learning addresses Priority The priority used for the port in the Spanning Tree Algorithm If the path cost for all ports on a switch is the same the port with the highest priority lowest value is configured as an active link in the Spanning Tree This makes a port with higher priori...

Page 164: ...e These additional parameters are only displayed for the CLI Admin status Shows if STA has been enabled on this interface Role Roles are assigned according to whether the port is part of the active topology connecting the bridge to the root bridge root port connecting a LAN through the bridge to the root bridge designated port or is an alternate or backup port that may provide connectivity if othe...

Page 165: ...for port NETP4 Console show spanning tree ethernet NETP4 SNP0 information Admin status enable Role designate State forwarding Path cost 10000 Priority 128 Designated cost 10000 Designated port 128 1 Designated root 32768 00209C23C267 Designated bridge 32768 0000E8666672 Forward transitions 0 Admin edge port disable Oper edge port disable Admin Link type point to point Oper Link type point to point...

Page 166: ...Path Cost sun xstMgt mstInstancePortTable mstInstancePortEntry mstInstancePortPathCost Read write Integer long 1 200 000 000 short 1 65 535 page 3 129 STA Port Designated Cost sun xstMgt mstInstancePortTable mstInstancePortEntry mstInstancePort DesignatedCost Read only Integer STA Port Designated Bridge sun xstMgt mstInstancePortTable mstInstancePortEntry mstInstancePort DesignatedBridge Read only...

Page 167: ...by the STA to determine the best path between devices Therefore assign lower values to ports connected to faster media and higher values to ports connected to slower media Path cost takes precedence over port priority The range of values for Ethernet connections is between 200 000 and 20 000 000 for Fast Ethernet 20 000 to 2 000 000 and Gigabit Ethernet 2000 to 200 000 STA Port Enable Admin status...

Page 168: ...f an interface is connected to a LAN segment that is at the end of a bridged LAN or to an end node Since end nodes cannot cause forwarding loops they can pass directly through to the spanning tree forwarding state Specifying Edge Ports provides quicker convergence for devices such as workstations or servers retains the current forwarding database to reduce the amount of frame flooding required to ...

Page 169: ...e Interface Configuring STA Settings for a Port This example sets STP attributes for port NETP5 Console config interface ethernet NETP5 Console config if spanning tree port priority 128 Console config if spanning tree cost 19 Console config if spanning tree link type auto Console config if no spanning tree edge port ...

Page 170: ...erfaces 1 Open Up Links Down Links Spanning Tree Spanning Tree Protocol 2 Select the required interfaces 3 Click Protocol Migration TABLE 3 39 MIB Variables for Configuring a Port s STA Settings Field Name MIB Variable Access Value Range Default Value STA Port Priority sun mstMgt mstInstancePortTable mstInstancePortEntry mstInstancePortPriority Read write Integer 0 240 128 STA Port Path Cost sun m...

Page 171: ...ee message type RSTP or STP compatible to send on this interface MIB Variables Associated With a Port s STA Status Console config interface ethernet NETP4 Console config if spanning tree protocol migration Console config if TABLE 3 40 MIB Variables Associated With a Port s STA Status Field Name MIB Variable Access Value Range Default Value STA Port Protocol Migration sun staMgt staPortTable staPor...

Page 172: ... the table pushing any existing patterns at or below that location down in the table A rule number cannot exceed the next available number in the table If the rule number is not specified a new pattern is appended to the end of the rule table Action The control that blocks or allows packets passing from the down link ports into the management port Select permit or deny Protocol The protocol either...

Page 173: ...n fragmented packets Log Logs any matching packets in the log buffer The maximum number of entries stored in the log buffer is 64 When the buffer fills it will wrap around and overwrite the oldest entries Note that the log is stored in RAM and is lost when the switch is reset 3 4 7 1 Web Interface Filtering Traffic to the Management Port 1 Open Management Port Packet Filtering 2 Specify the requir...

Page 174: ... The following example allows all packets to pass through the filter by permitting any protocol type and using a null address and network mask for both the source address and destination address For a full list of examples refer to Section 4 3 7 8 ip filter on page 4 77 Console config ip filter permit any 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Console config ...

Page 175: ...Entry pfuRuleAction Read create permit 1 deny 2 Protocol sun securityMgt packetFilterUnitMgt pfuRuleTable pfuRuleEntry pfuRuleProtocol Read create Integer 0 256 256 means any protocol Source IP Address Bitmask sun securityMgt packetFilterUnitMgt pfuRuleTable pfuRuleEntry pfuRuleSrcIpAddr pfuRuleSrcIpBitmask Read create IP address Source IP Port Range sun securityMgt packetFilterUnitMgt pfuRuleTabl...

Page 176: ...Integer 0 63 TCP Code Bitmask sun securityMgt packetFilterUnitMgt pfuRuleTable pfuRuleEntry pfuRuleTcpCodeBitmask Read create Integer 0 63 Fragments sun securityMgt packetFilterUnitMgt pfuRuleTable pfuRuleEntry pfuRuleFragments Read create enabled 1 disabled 2 disabled Log sun securityMgt packetFilterUnitMgt pfuRuleTable pfuRuleEntry pfuRuleLog Read create enabled 1 disabled 2 disabled TABLE 3 41 ...

Page 177: ...TP7 and SNP0 through SNP7 are on the other If you look at the rear panel of the SSC all the ports on the right are on one chip and all the ports on the left are on the other 3 5 1 Configuring Port Mirroring You can mirror traffic from any source port to a target port for real time analysis You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the sour...

Page 178: ...line Interface Configuring Port Mirroring Use the interface command to select the monitor port then use the port monitor command to specify the source port Note that default mirroring under the CLI is for both received and transmitted packets Console config interface ethernet NETP7 Console config if port monitor ethernet NETP6 Console config if ...

Page 179: ... of statistics including a total count of different frame types and sizes passing through each port All values displayed have been accumulated since the last system reboot and are shown as counts per second Statistics are refreshed every 20 seconds by default TABLE 3 42 MIB Variables Associated With Port Mirroring Field Name MIB Variable Access Value Range Default Value Mirror Source Port sun mirr...

Page 180: ...r layer protocol One possible reason for discarding such a packet could be to free up buffer space Received Unknown Packets The number of packets received through the interface which were discarded because of an unknown or unsupported protocol Received Errors The number of inbound packets that contained errors preventing them from being deliverable to a higher layer protocol Transmit Octets The to...

Page 181: ...ment when the interface is operating in full duplex mode Single Collision Frames The number of successfully transmitted frames for which transmission is inhibited by exactly one collision Internal MAC Transmit Errors A count of frames for which transmission on a particular interface fails due to an internal MAC sublayer transmit error Multiple Collision Frames A count of successfully transmitted f...

Page 182: ...ess CRC Alignment Errors The number of CRC alignment errors FCS or alignment errors Undersize Frames The total number of frames received that were less than 64 octets long excluding framing bits but including FCS octets and were otherwise well formed Oversize Frames The total number of frames received that were longer than 1518 octets excluding framing bits but including FCS octets and were otherw...

Page 183: ...5 2 1 Web Interface Viewing Port Statistics 1 Open Monitoring Statistics 2 Select the required interface 3 Click Select You can also use the Refresh button at the bottom of the page to update the screen FIGURE 3 45 The Monitoring Port Statistics window ...

Page 184: ...3 146 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 Scroll down the page to view RMON statistics FIGURE 3 46 The Monitoring Port Statistics Window Showing RMON Statistics ...

Page 185: ...cast output 7 Ether like stats Alignment errors 0 FCS errors 0 Single Collision frames 0 Multiple collision frames 0 SQE Test errors 0 Deferred transmissions 0 Late collisions 0 Excessive collisions 0 Internal mac transmit errors 0 Internal mac receive errors 0 Frame too longs 0 Carrier sense errors 0 RMON stats Drop events 0 Octets 4422579 Packets 31552 Broadcast pkts 238 Multi cast pkts 17033 Un...

Page 186: ...nteger In Broadcast Packets MIB II ifMIB ifMIBObjects ifXTable ifXEn try ifInBroadcastPkts Read only Integer In Discards MIB II interfaces ifTable ifEntry ifInDi scards Read only Integer In Unknown Protocols MIB II interfaces ifTable ifEntry ifInUn knownProtos Read only Integer In Errors MIB II interfaces ifTable ifEntry ifInEr rors Read only Integer Out Octets MIB II interfaces ifTable ifEntry if...

Page 187: ...y Integer Excessive Collisions MIB II transmission dot3StatsTable dot3S tatsEntry dot3Stats ExcessiveCollisions Read only Integer Single Collision Frames MIB II transmission dot3StatsTable dot3S tatsEntry dot3StatsSingleCollisionFrames Read only Integer Internal Mac Transmit Errors MIB II transmission dot3StatsTable dot3S tatsEntry dot3StatsInternalMacTransmitError s Read only Integer Multiple Col...

Page 188: ...tatistics Drop Events MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsDropEven ts Read only Integer Jabbers MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsJabbers Read only Integer Received Octets MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsOctets Read only Integer Collisions MIB II rmon statistics etherStatsTable e therStatsEntry etherSta...

Page 189: ...z ePkts Read only Integer Oversize Packets MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsOversize Pkts Read only Integer Fragments MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsFragment s Read only Integer 64 Bytes Frames MIB II rmon statistics etherStatsTable e therStatsEntry etherStatsPkts64Oc tets Read only Integer X Y Byte Frames MIB II rmon statistics e...

Page 190: ... community name supplied The total number of SNMP messages delivered to the SNMP protocol entity which represented an SNMP operation which was not allowed by the SNMP community named in the message Encoding errors The total number of ASN 1 or BER errors encountered by the SNMP protocol entity when decoding received SNMP messages Number of requested variables The total number of MIB objects which h...

Page 191: ...tus is tooBig No such name errors The total number of SNMP PDUs delivered to the SNMP protocol entity for which the error status is noSuchName Bad values errors The total number of SNMP PDUs delivered to the SNMP protocol entity for which the error status is badValue General errors The total number of SNMP PDUs delivered to the SNMP protocol entity for which the error status is genErr Response PDU...

Page 192: ...3 154 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 FIGURE 3 47 The Monitoring SNMP Statistics Window ...

Page 193: ...ge is read write 2 public and the privilege is read only 11 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 8 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 1 Number of altered variables 0 Get request PDUs 0 Get next PDUs 3 Set request PDUs 11 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 2 Gene...

Page 194: ...e Errors MIB II snmp snmpInASNParseErrs Read only Integer In Total Request Variables MIB II snmp snmpInTotalReqVars Read only Integer In Total Set Variables MIB II snmp snmpInTotalSetVars Read only Integer In Get Requests MIB II snmp snmpInGetRequests Read only Integer In Get Nexts MIB II snmp snmpInGetNexts Read only Integer In Set Requests MIB II snmp snmpInSetRequests Read only Integer Silent D...

Page 195: ...4 1 Web Interface Configuring Message Logs 1 Open Monitoring Logs 2 Select Enable logging 3 Click Flash or RAM 4 Select the message level to log includes selected level down to level 0 5 Click Save Changes 6 Click View Flash or View RAM to update the displayed messages TABLE 3 47 Error Levels Level Argument Level Description debugging 7 Debugging messages informational 6 Informational messages onl...

Page 196: ...e enables logging sets the recorded messages for Flash memory to level 3 that is errors and then shows the log messages stored in Flash Console config logging on Console config logging history flash 3 Console show logging flash Syslog logging Enable History logging in FLASH level errors 0 0 0 5 1 1 1 PRI_MGR_InitDefault function fails level 3 module 13 function 0 and event no 0 Console ...

Page 197: ...age Logs Field Name MIB Variable Access Value Range Default Value Log Status sun sysLogMgt sysLogStatus Read write enabled 1 disabled 2 History Flash Level sun sysLogMgt sysLogStatus sysLog HistoryFlashLevel Read write Integer 0 7 History RAM Level sun sysLogMgt sysLogStatus sysLog HistoryRAMLevel Read write Integer 0 7 Log Messages Not Defined ...

Page 198: ...3 160 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 ...

Page 199: ...hapter describes how to use the command line interface CLI and includes the following sections Section 4 1 Using the Command Line Interface on page 4 2 Section 4 2 Command Groups on page 4 11 Section 4 3 Detailed Command Description on page 4 13 ...

Page 200: ...t the console prompt type the user name and password The default user names are admin and guest with corresponding passwords of admin and guest When the administrator user name and password is entered the CLI displays the Console prompt and enters privileged access mode Privileged Exec But when the guest user name and password is entered the CLI displays the Console prompt and enters normal access...

Page 201: ...P subnet For example If your corporate network is connected to another network outside your office or to the Internet you need to apply for a registered IP address However if you are attached to an isolated network then you can use any IP address that comforms with your site s network policy After you configure the switch with an IP address you can open a Telnet session by performing these steps 1...

Page 202: ...ces and status are keywords ethernet is an argument that specifies the interface type and SNP5 specifies the port You can enter commands as follows To enter a simple command type the command keyword To enter multiple commands type each command in the required order For example to enable Privileged Exec command mode and display the startup configuration type To enter commands that require parameter...

Page 203: ...nput 4 1 2 3 Command Completion If you terminate input with a Tab key the CLI prints the remaining characters of a partial keyword up to the point of ambiguity In the logging history example typing log followed by a tab results in printing the command up to logging 4 1 2 4 Getting Help on Commands You can display a brief description of the help system by entering the help command You can also disp...

Page 204: ...ation of history interfaces Information of interfaces ip Ip line TTY line information logging Show the contents of logging buffers mac address table Set configuration of the address table map Map priority port Characteristics of the port queue Information of priority queue radius server Radius server information running config The system configuration of running snmp SNMP statistics spanning tree ...

Page 205: ...applicable commands 4 1 2 8 Using Command History The CLI maintains a history of commands that have been entered You can scroll back through the history of commands by pressing the up arrow key Any command displayed in the history list can be executed again or first modified and then executed Using the show history command displays a longer list of recently executed commands 4 1 2 9 Understanding ...

Page 206: ...ly from the Privileged Exec command mode or administrator mode To access Privilege Exec mode open a new console session with the user name and password admin The system now displays the Console command prompt You can also enter Privileged Exec mode from within Normal Exec mode by typing the enable command followed by the privileged level password super To enter Privileged Exec mode type the follow...

Page 207: ...erver community Interface Configuration These commands modify the port configuration such as speed duplex and negotiation Line Configuration These commands modify the console port and Telnet configuration and include command such as exec timeout and silent time VLAN Configuration Includes the command to create VLAN groups To enter the Global Configuration mode type the command configure in Privile...

Page 208: ... or enter a partial command followed by the character to display a list of possible matches You can also use the following editing keystrokes for command line processing TABLE 4 2 Configuration Modes Mode Command Prompt See Page Interface interface ethernet port port channel id vlan id Console config if 4 83 Line line console vty Console config line 4 62 VLAN vlan database Console config vlan 4 12...

Page 209: ... and Telnet including password checking line password and console time out 4 62 IP Configures the IP address and gateway for management access displays the default gateway or pings a specified device 4 69 Interface Configures the connection parameters for all Ethernet ports aggregated links and VLANs 4 83 Address Table Configures the address table for filtering specified addresses displaying curre...

Page 210: ...ority for untagged frames relative weight for each priority queue and the maximum number of queues enabled also sets priority for IP precedence and DSCP 4 150 Mirror Port Mirrors data to another port for analysis without affecting the data passing through or the performance of the monitored port 4 164 Link Aggregation and LACP Statically groups multiple ports into an aggregated link configures Lin...

Page 211: ...as two privilege levels 0 Normal Exec 15 Privileged Exec Type level 15 to access Privileged Exec mode TABLE 0 2 Command Function Mode Page enable Activates privileged mode NE 4 13 disable Returns to normal mode from privileged mode PE 4 14 configure Activates global configuration mode PE 4 15 reload Restarts the system PE 4 17 end Returns to Privileged Exec mode GC IC LC VC 4 18 exit Returns to th...

Page 212: ...pended to the end of the prompt to indicate that the system is in privileged access mode Example Related Commands disable 4 14 enable password 4 30 4 3 1 2 disable Use this command to return to Normal Exec mode from privileged mode In normal access mode you can only display basic information on the switch s configuration or Ethernet statistics To gain access to all commands you must use the privil...

Page 213: ...configure Use this command to activate Global Configuration mode You must enter this mode to modify any settings on the switch You must also enter Global Configuration mode prior to enabling some of the other configuration modes including Interface Configuration Line Configuration and VLAN Database Configuration See Understanding Command Modes on page 4 7 Default Setting None Command Mode Privileg...

Page 214: ...mands end 4 18 4 3 1 4 show history Use this command to show the contents of the command history buffer Default Setting None Command Mode Normal Exec Privileged Exec Command Usage The history buffer size is fixed at 10 Execution commands and 10 Configuration commands Console configure Console config ...

Page 215: ...n this example the 2 command repeats the second command in the Execution history buffer config 4 3 1 5 reload Use this command to restart the system Note When the system is restarted it always runs the Power On Self Test It also retains all configuration information stored in non volatile memory by the copy running config startup config command Default Setting None Console show history Execution c...

Page 216: ...witch 4 3 1 6 end Use this command to return to Privileged Exec mode Default Setting None Command Mode Global Configuration Interface Configuration Line Configuration VLAN Database Configuration Router Configuration Example This example shows how to return to the Privileged Exec mode from the Interface Configuration mode Console reload System will be restarted continue y n y Console config if end ...

Page 217: ...one Command Mode Any Example This example shows how to return to the Privileged Exec mode from the Global Configuration mode and then quit the CLI session 4 3 1 8 quit Use this command to exit the CLI session Default Setting None Command Mode Normal Exec Privileged Exec Console config exit Console exit Press ENTER to start session User Access Verification Username ...

Page 218: ...m code or configuration settings to a file on a TFTP server that file can later be downloaded to the switch to restore system operation The success of the file transfer depends on the accessibility of the TFTP server and the quality of the network connection Console quit Press ENTER to start session User Access Verification Username Command Function ModePage copy Copies a code image or a switch co...

Page 219: ...mmand Usage The system prompts for data required to complete the copy command The destination configuration file name should not contain slashes or the leading letter of the file name should not be a period and the maximum length for file names on the TFTP server is 127 characters or 32 characters for files on the switch Valid characters A Z a z 0 9 _ Due to the size limit of the flash memory the ...

Page 220: ...and to delete a file or image Console copy file tftp Choose file type 1 config 2 opcode 1 2 1 Source file name startup TFTP server ip address 10 1 0 99 Destination file name startup 01 TFTP completed Success Console Console copy running config file destination file name startup Write to FLASH Programming Write to FLASH finish Success Console Console copy tftp startup config TFTP server ip address ...

Page 221: ...e is boot ROM or is used for system startup then this file cannot be deleted The file Factory_Default_Config cfg cannot be deleted Example This example shows how to delete the test2 cfg configuration file from Flash memory Related Commands dir 4 23 4 3 2 3 dir Use this command to display a list of files in Flash memory Syntax dir boot rom config opcode filename Console delete test2 cfg Console ...

Page 222: ...rrors information on the file cannot be displayed Default Setting None Command Mode Privileged Exec Command Usage If you enter the command dir without any parameters the system displays all files File information is shown below TABLE 4 5 File Information Column Heading Description file name The name of the file file type File types Boot Rom Operation Code and Config file startup Shows if this file...

Page 223: ... up Default Setting None Command Mode Privileged Exec Command Usage See TABLE 4 5 on for a description of the file information displayed by this command Console dir file name file type startup size byte diag_0060 Boot Rom image Y 111360 run_01642 Operation Code N 1074304 run_0200 Operation Code Y 1083008 Factory_Default_Config cfg Config File N 2574 startup Config File Y 2710 Total free space 0 Co...

Page 224: ...ge to set as a default includes boot rom Boot ROM config Configuration file opcode Run time operation code The colon is required filename Name of the configuration file or image name Default Setting None Command Mode Global Configuration Command Usage A colon is required after the specified file type If the file contains an error it cannot be set as the default file Console whichboot file name fil...

Page 225: ...ame for the device GC 4 28 User Access Commands enable password Sets a password to control access to the Privileged Exec level GC 4 30 Web Server Commands ip http port Specifies the port to be used by the Web browser interface GC 4 31 ip http server Allows the switch to be monitored or configured from a browser GC 4 32 Jumbo Frame Command jumbo frame Enables support for jumbo frames GC 4 33 Event ...

Page 226: ...tion System Status Commands show startup config Displays the contents of the configuration file stored in Flash memory that is used to start up the system PE 4 38 show running config Displays the configuration data currently in use PE 4 40 show system Displays system information NE PE 4 42 show users Shows all active console and Telnet sessions including user name idle time and IP address of Telne...

Page 227: ...device has two predefined privilege levels 0 Normal Exec 15 Privileged Exec Levels 1 14 are not used nopassword No password is required for this user to log in 0 7 0 means input plain password 7 means input encrypted password password password The authentication password for the user Maximum length 8 characters plain text 32 encrypted case sensitive Default Setting The default access level is Norm...

Page 228: ...t the Privileged Exec password Remember to record it in a safe place Use this command to control access to the Privileged Exec level from the Normal Exec level Use the no form to reset the default password Syntax enable password level level 0 7 password no enable password level level level level Level 15 for Privileged Exec Levels 0 to 14 are not used 0 7 0 means input plain password 7 means input...

Page 229: ... used internally by the switch at system bootup time to enable the switch to read any encrypted passwords stored in the configuration file Example Related Commands enable 4 13 4 3 3 4 ip http port Use this command to specify the TCP port number used by the Web browser interface Use the no form to use the default port Syntax ip http port port number no ip http port port number The TCP port to be us...

Page 230: ...lated Commands ip http server 4 32 4 3 3 5 ip http server Use this command to allow the switch to be monitored or configured from a browser Use the no form to disable this function Syntax ip http server no ip http server Default Setting Enabled Command Mode Global Configuration Console config ip http port 769 Console config ...

Page 231: ...000 bytes Compared to standard Ethernet frames that run only up to 1 5 KB using jumbo frames significantly reduces the per packet overhead required to process protocol encapsulation fields To use jumbo frames both the source and destination end nodes such as a computer or server must support this feature Also when the connection is operating at full duplex all switches in the network between the t...

Page 232: ...trol logging of error messages This command sends debug or error messages to switch memory The no form disables the logging process Syntax logging on no logging on Default Setting None Command Mode Global Configuration Command Usage The logging process controls error messages saved to switch memory You can use the logging history command to control the type of error messages that are stored Exampl...

Page 233: ...ges saved include the selected level down to level 0 Default Setting Flash errors level 3 to 0 RAM warnings level 7 to 0 TABLE 4 8 Error Levels Level Argument Level Description debugging 7 Debugging messages informational 6 Informational messages only notifications 5 Normal but significant condition such as cold start warnings 4 Warning conditions for example return false unexpected return errors ...

Page 234: ...at specified for RAM Example 4 3 3 9 clear logging Use this command to clear messages from the log buffer Syntax clear logging flash ram flash The event history stored in Flash memory permanent memory ram The event history stored in temporary RAM memory flushed on power reset Default Setting Flash and RAM Command Mode Privileged Exec Example Console config logging history ram 0 Console config Cons...

Page 235: ...y stored in Flash memory permanent memory ram Event history stored in temporary RAM memory flushed on power reset Default Setting None Command Mode Privileged Exec Command Usage This command shows the following information Syslog logging Whether or not system logging has been enabled using the logging on command History logging in FLASH RAM The message level s that are reported based on the loggin...

Page 236: ...3 11 show startup config Use this command to display the configuration file stored in non volatile memory that is used to start up the system Default Setting None Command Mode Privileged Exec Console show logging flash Syslog logging Enable History logging in FLASH level errors 0 0 0 5 1 1 1 PRI_MGR_InitDefault function fails level 3 module 13 function 0 and event no 0 Console show logging ram Sys...

Page 237: ...state VLAN configuration settings for each interface IP address of the management VLAN User authentication sequence along with remote authentication server address and UDP port Any configured settings for the console port and Telnet Example Console show startup config building startup config please wait hostname R D 5 snmp server location WC 9 snmp server contact Charles snmp server community priv...

Page 238: ...e Default Setting None spanning tree mst configuration name XSTP REGION 0 interface ethernet SNP0 description Blade Slot 1 flowcontrol switchport allowed vlan add 1 untagged switchport native vlan 1 spanning tree edge port spanning tree link type auto interface vlan 2 ip address 0 0 0 0 255 0 0 0 no bridge ext gvrp authentication login local tacacs server host 0 0 0 0 tacacs server port 0 line con...

Page 239: ...s access levels and encrypted passwords VLAN database VLAN ID name and state VLAN configuration settings for each interface IP address of the management VLAN User authentication sequence along with remote authentication server address and UDP port Any configured settings for the console port and Telnet Example Console show running config building running config please wait hostname R D 5 snmp serv...

Page 240: ...state active vlan 2 name MgtVlan media ethernet state active spanning tree mst configuration interface ethernet SNP0 description Blade Slot 0 flowcontrol switchport allowed vlan add 1 untagged switchport native vlan 1 spanning tree edge port spanning tree link type auto interface vlan 2 ip address 0 0 0 0 255 0 0 0 no bridge ext gvrp authentication login local tacacs server host 0 0 0 0 tacacs ser...

Page 241: ...ystem System description Sun Fire B1600 System OID string 1 3 6 1 4 1 42 2 24 1 System information System Up time 0 days 0 hours 55 minutes and 54 91 seconds System Name NONE System Location NONE System Contact NONE MAC address 00 00 e8 00 00 01 Web server enable Web server port 80 Web secure server enable Web secure server port 443 POST result Performing Power On Self Tests POST UART Loopback Tes...

Page 242: ... Exec Privileged Exec Command Usage The session used to execute this command is indicated by a symbol next to the Line session index number Example 4 3 3 15 show version Use this command to display hardware and software version information for the system Console show users Username accounts Username Privilege admin 15 guest 0 Online users Line Username Idle time h m s Remote IP addr 0 console admi...

Page 243: ...board Number of Ports The number of ports on the switch Main Power Status The power status for the switch Redundant Power Status Not applicable for this switch Example 4 3 4 Authentication Commands You can configure the switch to authenticate users logging into the system for management access using local RADIUS or TACACS authentication methods Console show version Unit1 Serial number 1 Service ta...

Page 244: ...s Use RADIUS server password tacacs Use TACACS server password TABLE 4 9 Authentication Commands Command Function Mode Page Authentication Method authentication login Defines logon authentication method and precedence GC 4 46 RADIUS Client radius server host Specifies the RADIUS server GC 4 48 radius server port Sets the RADIUS server network port GC 4 48 radius server key Sets the RADIUS encrypti...

Page 245: ...ser or Telnet These access options must be configured on the authentication server RADIUS and TACACS logon authentication assigns a specific privilege level for each user name and password pair The user name password and privilege level must be configured on the authentication server You can specify two or three authentication methods in a single command to indicate the authentication sequence For...

Page 246: ...host host_ip_address The IP address of the server Default Setting 10 11 12 13 Command Mode Global Configuration Example 4 3 4 3 radius server port Use this command to set the RADIUS server network port Use the no form to restore the default Syntax radius server port port_number no radius server port port_number RADIUS server UDP port between 1 and 65 535 used for authentication messages Console co...

Page 247: ...estore the default Syntax radius server key key_string no radius server key key_string The encryption key used to authenticate logon access for the client Do not use blank spaces in the string The maximum length is 20 characters Default Setting None Command Mode Global Configuration Example Console config radius server port 181 Console config Console config radius server key green Console config ...

Page 248: ...h tries to authenticate logon access through the RADIUS server Default Setting 2 Command Mode Global Configuration Example 4 3 4 6 radius server timeout Use this command to set the interval between transmitting authentication requests to the RADIUS server Use the no form to restore the default Syntax radius server timeout number_of_seconds no radius server timeout number_of_seconds The number of s...

Page 249: ...e current settings for the RADIUS server Default Setting None Command Mode Privileged Exec Example Console config radius server timeout 10 Console config Console show radius server Remote radius server configuration Server IP address 10 11 12 13 Communication key with radius server green Server port number 1812 Retransmit times 2 Request timeout 5 Console ...

Page 250: ... server host host_ip_address IP address of server Default Setting None Command Mode Global Configuration Example 4 3 4 9 tacacs server port Use this command to set the TACACS server network port Use the no form to restore the default Syntax tacacs server port port_number no tacacs server port port_number TACACS server UDP port between 1 and 65 535 used for authentication messages Console config ta...

Page 251: ...restore the default Syntax tacacs server key key_string no tacacs server key key_string The encryption key used to authenticate logon access for the client Do not use blank spaces in the string The maximum length is 20 characters Default Setting None Command Mode Global Configuration Example Console config tacacs server port 181 Console config Console config tacacs server key green Console config ...

Page 252: ...agement stations as well as the error types sent to trap managers Console show tacacs server Remote TACACS server configuration Server IP address 10 11 12 13 Communication key with tacacs server green Server port number 1824 Console TABLE 4 10 SNMP Commands Command Function Mode Page snmp server community Sets the community access string to permit access to SNMP commands GC 4 55 snmp server contac...

Page 253: ...ximum number of strings 5 ro Specifies read only access Authorized management stations are only able to retrieve MIB objects rw Specifies read write access Authorized management stations are able to both retrieve and modify MIB objects Default Setting public with read only access private with read write access Command Mode Global Configuration snmp server host Specifies the recipient of an SNMP no...

Page 254: ...le 4 3 5 2 snmp server contact Use this command to set the system contact string Use the no form to remove the system contact information Syntax snmp server contact string no snmp server contact string The string that describes the system contact information Maximum length 255 characters Default Setting None Command Mode Global Configuration Example Console config snmp server community alpha rw Co...

Page 255: ...t no snmp server location text String that describes the system location Maximum length 255 characters Default Setting None Command Mode Global Configuration Example Related Commands snmp server contact 4 56 4 3 5 4 snmp server host Use this command to specify the recipient of a Simple Network Management Protocol notification operation Use the no form to remove the specified host Console config sn...

Page 256: ...fault Setting None Command Mode Global Configuration Command Usage If you do not enter an snmp server host command no notifications are sent In order to configure the switch to send SNMP notifications you must enter at least one snmp server host command In order to enable multiple hosts you must issue a separate snmp server host command for each host The snmp server host command is used in conjunc...

Page 257: ...n traps Command Mode Global Configuration Command Usage If you do not enter an snmp server enable traps command no notifications controlled by this command are sent In order to configure this device to send SNMP notifications you must enter at least one snmp server enable traps command If you enter the command with no keywords both authentication and link up down notifications are enabled If you e...

Page 258: ...SNMP communications Default Setting None Command Mode Normal Exec Privileged Exec Command Usage This command provides information on the community access strings counter information for SNMP input and output protocol data units and whether or not SNMP logging has been enabled with the snmp server enable traps command Console config snmp server enable traps link up down Console config ...

Page 259: ...nly 0 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get request PDUs 0 Get next PDUs 0 Set request PDUs 0 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 Trap PDUs SNMP logging dis...

Page 260: ...nal line vty A virtual terminal for remote console access Telnet TABLE 4 11 Line Commands Command Function Mode Page line Identifies a specific line for configuration and starts the line configuration mode GC 4 62 login Enables password checking at login LC 4 63 password Specifies a password on a line LC 4 64 exec timeout Sets the interval that the command interpreter waits until user input is det...

Page 261: ...e To enter console line mode enter the following command Related Commands show line 4 68 show users 4 44 4 3 6 2 login Use this command to enable password checking at login Use the no form to disable password checking and allow connections without a password Syntax login local no login local Selects local password checking Authentication is based on the user name specified with the username comman...

Page 262: ...nd the default setting When using this method the management interface starts in Normal Exec NE or Privileged Exec PE mode depending on the user s privilege level 0 or 15 respectively no login selects no authentication When using this method the management interface starts in Normal Exec NE mode This command controls login authentication through the switch itself To configure user names and passwo...

Page 263: ... system prompts for the password If you enter the correct password the system shows a prompt You can use the password thresh command to set the number of times a user can enter an incorrect password before the system terminates the line connection and returns the terminal to the idle state There is no need to specify encrypted passwords on the command line The option 7 is used internally by the sw...

Page 264: ...LI No timeout Telnet 10 minutes Command Mode Line Configuration Command Usage If user input is detected within the timeout interval the session is kept open otherwise the session is terminated This command applies to both the serial console and Telnet connections but you cannot disable the timeout for Telnet Example To set the timeout to two minutes enter this command 4 3 6 5 password thresh Use t...

Page 265: ...in attempt Use the silent time command to set this interval When this threshold is reached for Telnet the Telnet logon interface closes This command applies to both the local console and Telnet connections Example To set the password threshold to five attempts enter this command Related Commands silent time 4 67 4 3 6 6 silent time Use this command to set the amount of time the management console ...

Page 266: ...ing The default value is no silent time Command Mode Line Configuration Example To set the silent time to 60 seconds enter this command Related Commands password thresh 4 66 4 3 6 7 show line Use this command to display the terminal line s parameters Syntax show line console vty console The console terminal line vty A virtual terminal for remote console access Telnet Console config line silent tim...

Page 267: ...OTP or DHCP server Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Anything outside this format will not be accepted by the software Console show line Console configuration Password threshold 3 times Interactive timeout Disabled Silent time Disabled Baudrate 9600 Databits 8 Parity none Stopbits 1 Vty configuration Password threshold 3 times Interactive timeout 600 ...

Page 268: ...er for the switch Note that the System Controller assigns the client identifier for the switch each time either it or the switch boots Therefore we do not recommend you specify a client identifier VC 4 72 ip default gateway Defines the default gateway through which an in band management station can reach this device GC 4 74 show ip interface Displays the IP settings for this device PE 4 75 show ip...

Page 269: ...start broadcasting BOOTP or DHCP requests by entering an ip dhcp restart command or by rebooting the switch Note The IP address of the switch is in fact the IP address of the VLAN containing the management port NETMGT By default the management port is on VLAN 2 Therefore by assigning an IP address to VLAN 2 you set up network access to the switch Only the VLAN containing the management port should...

Page 270: ...ame address Related Commands ip address 4 70 4 3 7 3 ip dhcp client identifier You can use this command to specify the DCHP client identifier for the switch Use the no form to remove this identifier Note The client identifier is overwritten by the SC the next time the system or the switch itself is rebooted The client identifier command will be removed from the next firmware release Console config...

Page 271: ...for the switch and the other components of the system chassis refer to the Sun Fire 1600 Blade System Chassis Software Setup Guide Command Mode Interface Configuration VLAN Command Usage This command is used to include a client identifier in all communications with the DHCP server The data type used will depend on the requirements of your DHCP server The client identifier specified in this command...

Page 272: ...atic route Syntax ip default gateway gateway no ip default gateway gateway The IP address of the default gateway Default Setting No static route is established Command Mode Global Configuration Command Usage A gateway must be defined if the management station is located in a different IP segment Example The following example defines a default gateway for this device Related Commands show ip redire...

Page 273: ...nd Usage This switch can only be assigned one IP address This address is used for managing the switch Example Related Commands show ip redirects 4 75 4 3 7 6 show ip redirects Use this command to show the default gateway configured for the switch Default Setting None Console show ip interface IP address and netmask 10 1 0 54 255 255 255 0 on VLAN 2 and address mode User specified Console ...

Page 274: ...ping host count count size size host The IP address of the host count The number of packets to send Range 1 16 default 5 size The number of bytes in a packet Range 32 512 default 32 The actual packet size will be eight bytes larger than the size specified because the switch adds header information Default Setting This command has no default for the host Command Mode Normal Exec Privileged Exec Con...

Page 275: ...unreachable The gateway found no corresponding entry in the route table Press Esc to stop pinging Example 4 3 7 8 ip filter Use this command to block specified IP packets from reaching the internal management port from the down link ports Use the no form to remove a rule from the filter table Console ping 10 1 0 19 Type Ctrl C to abort PING to 10 1 0 19 by 5 32 byte payload ICMP packets timeout is...

Page 276: ... patterns at or below that location down in the table A rule number cannot exceed the next available number in the table If the rule number is not specified a new pattern is appended to the end of the rule table The maximum number of rules is 128 action deny permit Blocks or allows packets moving between the down link ports and the management port NETMGT protocol any tcp udp number Indicates any p...

Page 277: ...og is stored in RAM and is lost when the switch is reset Default Setting None Command Mode General Configuration Command Usage The system default is to stop all IP packets from passing from the down link ports to the management port NETMGT If you need the blades to access the management network through the management port NETMGT you must set a filter to permit specific frames to pass from the down...

Page 278: ...matched that is the rule 10 7 1 1 255 255 255 0 equals the masked address 10 7 1 2 255 255 255 0 the packet passes through Example Checking for fragments This example blocks all fragments and logs the matching packets in the log Example Checking for code values This blocks all TCP packets from class C addresses 192 168 1 0 with SYN set Console config ip filter permit any 0 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 279: ...ax show ip filter rule number log rule number Display a filter rule at the specified position in the table Range 1 128 log Display all packets stored in the log buffer Note that packets stored in this buffer must match the rules in the filter table The maximum number of entries stored in the log buffer is 64 If no options are selected all packets in the log buffer are displayed Default Setting Non...

Page 280: ...le In this example the only specified rule permits packets within the subnet 10 1 0 x to pass between the management port and the down link ports Console show ip filter Ip filter Rule 1 Action permit Protocol any Log disable Fragments disable Source 10 1 0 0 255 255 255 0 any Destination 10 1 0 0 255 255 255 0 any ...

Page 281: ...onfigures the speed and duplex operation of a given interface when auto negotiation is disabled IC 4 85 negotiation Enables auto negotiation of a given interface IC 4 86 capabilities Advertises the capabilities of a given interface for use in auto negotiation IC 4 87 flowcontrol Enables flow control on a given interface IC 4 89 shutdown Disables an interface IC 4 91 switchport broadcast packet rat...

Page 282: ...e first up link port enter the following command 4 3 8 2 description Use this command to add a description to an interface Use the no form to remove the description Syntax description string no description string A comment or a description to help you remember what is attached to the interface Range 1 to 64 characters Default Setting NETP0 7 External RJ 45 connector NET0 7 SNP0 15 Blade Slot 0 15 ...

Page 283: ...bit sec full duplex operation 100half Forces 100 Mbit sec half duplex operation 10full Forces 10 Mbit sec full duplex operation 10half Forces 10 Mbit sec half duplex operation Default Setting Auto negotiation is enabled by default When auto negotiation is disabled the default speed duplex setting is 100full for Fast Ethernet ports and 1000full for Gigabit Ethernet ports Note When auto negotiation ...

Page 284: ...on command to enable auto negotiation the optimal settings will be determined by the capabilities command To set the speed or duplex mode under auto negotiation the required mode must be specified in the capabilities list for an interface Example The following example configures port NETP5 to 100 Mbit sec half duplex operation Related Commands negotiation 4 86 capabilities 4 87 4 3 8 4 negotiation...

Page 285: ...the up link ports This means that you may have to use a cross over cable to connect two switches However an alternative is to leave auto negotiation enabled this is the default setting but reduce the subset of permitted modes to the single mode that you want to use Example The following example configures port SNP11 to use auto negotiation Related Commands capabilities 4 87 speed duplex 4 85 flowc...

Page 286: ...l auto negotiate to determine the sender and receiver for asymmetric pause frames The current switch ASIC only supports symmetric pause frames Default Setting NETMGT 10half 10full 100half 100full NETP0 7 10half 10full 100half 100full 1000full flowcontrol SNP0 15 1000full Command Mode Interface Configuration Ethernet Port Channel Command Usage SNP0 15 down link port capabilities are fixed at 1000fu...

Page 287: ...ports on the same switch chip The ports NETP0 NETP1 NETP4 NETP5 and SNP8 through SNP15 are on one switch chip The ports NETP2 NETP3 NETP6 NETP7 and SNP0 through SNP7 are on the other If you look at the rear panel of the SSC all the ports on the right are on one chip and all the ports on the left are on the other Syntax flowcontrol no flowcontrol Default Setting Flow control enabled Console config ...

Page 288: ...n the selected interface When using the negotiation command to enable auto negotiation the optimal settings will be determined by the capabilities command To enable flow control under auto negotiation flowcontrol must be included in the capabilities list for any port Avoid using flow control on a port connected to a hub unless it is actually required to solve a problem Otherwise back pressure jamm...

Page 289: ...ommand allows you to disable a port due to abnormal behavior for example excessive collisions and then reenable it after the problem has been resolved You may also want to disable a port for security reasons Example The following example disables Ethernet port SNP5 4 3 8 8 switchport broadcast packet rate Use this command to configure broadcast storm control Use the no form to disable broadcast st...

Page 290: ...reshold are dropped This command can enable or disable broadcast storm control for the selected interface However the specified threshold value applies to the entire switch Down link ports SNP0 15 are fixed with broadcast storm control enabled Example The following shows how to configure broadcast suppression at 64 packets per second Note The switchport broadcast command enables broadcast storm co...

Page 291: ...atistics are only initialized for a power reset This command sets the base value for displayed statistics to zero for the current management session However if you log out and back into the management interface the statistics displayed will show the absolute value accumulated since the last power reset Example The following example clears statistics on port SNP5 4 3 8 10 show interfaces status Use...

Page 292: ...NP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 vlan vlan id Range 1 4094 Default Setting Shows status for all interfaces Command Mode Normal Exec Privileged Exec Command Usage If no interface is specified information on all interfaces is displayed For a description of the items displayed by this command see Displaying Connection Status on page 3 96 ...

Page 293: ...ows counters for all interfaces Command Mode Normal Exec Privileged Exec Console show interfaces status ethernet SNP11 Information of SNP11 Basic information Port type 1000SX Mac address 00 00 e8 00 00 0a Configuration Name Blade Slot 11 Port admin status Up Speed duplex Auto Capabilities 1000full Broadcast storm status Enabled Broadcast storm limit 256 packets second Flow control status Enabled L...

Page 294: ... input 0 QLen output 0 Extended iftable stats Multi cast input 0 Multi cast output 10524 Broadcast input 136 Broadcast output 0 Ether like stats Alignment errors 0 FCS errors 0 Single Collision frames 0 Multiple collision frames 0 SQE Test errors 0 Deferred transmissions 0 Late collisions 0 Excessive collisions 0 Internal mac transmit errors 0 Internal mac receive errors 0 Frame too longs 0 Carrie...

Page 295: ...ggregation Control Protocol has been enabled or disabled page 4 168 VLAN membership mode Indicates membership mode as Trunk or Hybrid page 4 123 Ingress rule Shows if ingress filtering is enabled or disabled page 4 125 Acceptable frame type Shows if acceptable VLAN frames include all types or tagged frames only page 4 124 Native VLAN Indicates the default Port VLAN ID page 4 126 Priority for untag...

Page 296: ...nabled VLAN membership mode Hybrid Ingress rule Disabled Acceptable frame type All frames Native VLAN 1 Priority for untagged traffic 0 Gvrp status Enabled Allowed Vlan 1 u Forbidden Vlan 2 Console TABLE 4 14 Address Table Commands Command Function Mode Page mac address table static Maps a static address to a port in a VLAN GC 4 99 clear mac address table dynamic Removes any learned entries from t...

Page 297: ...t Assignment is permanent delete on reset Assignment lasts until switch is reset Default Setting No static addresses are defined The default mode is permanent Command Mode Global Configuration Command Usage The static address for a host device can be assigned to a specific port within a specific VLAN Use this command to add static addresses to the MAC Address Table Static addresses have the follow...

Page 298: ...mit and receive counts for any static or system configured entries Default Setting None Command Mode Privileged Exec Example 4 3 9 3 show mac address table Use this command to view classes of entries in the bridge forwarding database Syntax show mac address table address mac address mask interface interface vlan vlan id sort address vlan interface mac address MAC address Console config mac address...

Page 299: ...he MAC Address Table contains the MAC addresses associated with each interface Note that the Type field may include the following types Learned dynamic address entries Permanent static entry Delete on reset static entry to be deleted when system is reset Example 4 3 9 4 mac address table aging time Use this command to set the aging time for entries in the address table Use the no form to restore t...

Page 300: ...18 to 2184 Default Setting 300 seconds Command Mode Global Configuration Command Usage The aging time is used to age out dynamically learned forwarding information Example 4 3 9 5 show mac address table aging time Use this command to show the aging time for entries in the address table Default Setting None Command Mode Privileged Exec Console config mac address table aging time 300 Console config ...

Page 301: ...rames with a source MAC address that is unknown or has been previously learned from another port 4 3 10 1 port security Use this command to configure a secure port Use the no form to disable port security Syntax port security no port security Default Setting All port security is disabled Console show mac address table aging time Aging time 300 sec Console TABLE 4 15 Port Security Commands Command ...

Page 302: ... learning function long enough to ensure that all valid VLAN members have been registered on the selected port To add new VLAN members at a later time you can manually add secure addresses with the mac address table static command or turn off port security to reenable the learning function long enough for new VLAN members to be registered Learning may then be disabled again if desired for security...

Page 303: ... time Configures the spanning tree bridge hello time GC 4 108 spanning tree max age Configures the spanning tree bridge maximum age GC 4 109 spanning tree priority Configures the spanning tree bridge priority GC 4 110 spanning tree path cost method Configures the path cost method for RSTP GC 4 111 spanning tree transmission limit Configures the transmission limit for RSTP GC 4 112 spanning tree co...

Page 304: ...idging devices that is an STA compliant switch bridge or router in your network to ensure that only one route exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down Example The following example enables the spanning tree algorithm for this switch 4 3 11 2 spanning tree mode Use this command to select the spanning tree mod...

Page 305: ...sumes it is connected to an 802 1D bridge and starts using only 802 1D BPDUs RSTP Mode If RSTP is using 802 1D BPDUs on a port and receives an RSTP BPDU after the migration delay expires RSTP restarts the migration delay timer and begins using RSTP BPDUs on that port Example The following example configures the switch to use Rapid Spanning Tree 4 3 11 3 spanning tree forward time Use this command ...

Page 306: ...ion about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information that would make it return to a discarding state otherwise temporary data loops might result Example 4 3 11 4 spanning tree hello time Use this command to configure the spanning tree bridge hello time globally for this switch Use the no form to restore the default Syn...

Page 307: ...e max age Use this command to configure the spanning tree bridge maximum age globally for this switch Use the no form to restore the default Syntax spanning tree max age seconds no spanning tree max age seconds The time in seconds Range 6 40 seconds The minimum value is the higher of 6 or 2 x hello time 1 The maximum value is the lower of 40 or 2 x forward time 1 Default Setting 20 seconds Console...

Page 308: ...e designated port for the attached LAN If it was a root port a new root port is selected from among the device ports attached to the network Example 4 3 11 6 spanning tree priority Use this command to configure the spanning tree priority globally for this switch Use the no form to restore the default Syntax spanning tree priority priority no spanning tree priority priority Priority of the bridge 0...

Page 309: ...Tree Use the no form to restore the default Syntax spanning tree pathcost method long short no spanning tree pathcost method long Specifies 32 bit based values that range from 1 200 000 000 short Specifies 16 bit based values that range from 1 65535 Default Setting short method Command Mode Global Configuration Command Usage The path cost method is used to determine the best path between devices T...

Page 310: ...t count no spanning tree transmission limit count The transmission limit in seconds Range 1 10 Default Setting 3 Command Mode Global Configuration Command Usage This command limits the maximum transmission rate for BPDUs Example 4 3 11 9 spanning tree cost Use this command to configure the spanning tree path cost for the specified interface Use the no form to restore the default Console config spa...

Page 311: ...000 Gigabit Ethernet full duplex 10 000 trunk 5 000 Command Mode Interface Configuration Ethernet Port Channel Command Usage This command is used by the spanning tree algorithm to determine the best path between devices Therefore lower values should be assigned to interfaces attached to faster media and higher values assigned to interfaces with slower media Path cost takes precedence over interfac...

Page 312: ...steps of 16 Default Setting 128 Command Mode Interface Configuration Ethernet Port Channel Command Usage This command defines the priority for the use of an interface in the spanning tree algorithm If the path cost for all interfaces on a switch are the same the interface with the highest priority that is lowest value is configured as an active link in the spanning tree Where more than one interfa...

Page 313: ...ched to a LAN segment that is at the end of bridged LAN or to an end node Since end nodes cannot cause forwarding loops they can pass directly through to the spanning tree forwarding state Specifying Edge Ports provides quicker convergence for devices such as workstations or servers retains the current forwarding database to reduce the amount of frame flooding required to rebuild address tables du...

Page 314: ...ged Exec Command Usage If at any time the switch detects STP BPDUs including Configuration or Topology Change Notification BPDUs it will automatically set the selected interface to forced STP compatible mode However you can also use the spanning tree protocol migration command at any time to manually re check the appropriate BPDU format to send on the selected interfaces RSTP or STP compatible Exa...

Page 315: ...t Port Channel Command Usage Specify a point to point link if the interface can only be connected to exactly one other bridge or a shared link if it can be connected to two or more bridges When automatic detection is selected the switch derives the link type from the duplex mode A full duplex interface is considered a point to point link while a half duplex interface is assumed to be on a shared l...

Page 316: ...e Command Mode Privileged Exec Command Usage Use the show spanning tree command with no parameters to display the spanning tree configuration for the switch and for every interface in the tree Use the show spanning tree interface command to display the spanning tree configuration for an interface For a description of the items displayed under Spanning tree information see Configuring Basic STA Set...

Page 317: ...5 Designated Root 8 0000E8666672 Current root port 0 Current root cost 0 Number of topology changes 0 Last topology changes time sec 1363 Transmission limit 3 Path Cost Mothod 21 SNP0 information Admin status enable Role designate State forwarding Path cost 10000 Priority 128 Designated cost 0 Designated port 8 1 Designated root 8 0000E8666672 Designated bridge 8 0000E8666672 Forward transitions 0...

Page 318: ...s interface configuration mode for a specified VLAN GC 4 123 switchport mode Configures VLAN membership mode for an interface IC 4 123 switchport acceptable frame types Configures frame types to be accepted by an interface IC 4 124 swicthport ingress filtering Enables ingress filtering on an interface IC 4 125 switchport native vlan Configures the PVID native VLAN of an interface IC 4 126 switchpo...

Page 319: ...es you can display the VLAN settings by entering the show vlan command Use the interface vlan command mode to define the port membership mode and add or remove ports from a VLAN The results of these commands are written to the running configuration file and you can display this file by entering the show running config command Example Related Commands show vlan 4 130 4 3 12 2 vlan Use this command ...

Page 320: ...l suspend VLAN is suspended Suspended VLANs do not pass packets Default Setting By default only VLAN 1 exists and is active Command Mode VLAN Database Configuration Command Usage no vlan vlan id deletes the VLAN no vlan vlan id name removes the VLAN name no vlan vlan id state returns the VLAN to the default state active VLAN 1 cannot be suspended but any other VLAN can be suspended You can configu...

Page 321: ...94 no leading zeroes Default Setting None Command Mode Global Configuration Example The following example shows how to set the interface configuration mode to VLAN 1 and then assign an IP address to the VLAN Related Commands shutdown 4 91 4 3 12 4 switchport mode Use this command to configure the VLAN membership mode for a port Use the no form to restore the default Console config interface vlan 1...

Page 322: ...d frames Default Setting All ports are in hybrid mode with the PVID set to VLAN 1 Command Mode Interface Configuration Ethernet Port Channel Example The following shows how to set the configuration mode to port SNP1 and then set the switchport mode to hybrid 4 3 12 5 switchport acceptable frame types Use this command to configure the acceptable frame types for a port Use the no form to restore the...

Page 323: ...ple shows how to restrict the traffic received on SNP1 to tagged frames 4 3 12 6 switchport ingress filtering Use this command to enable ingress filtering for an interface Use the no form to restore the default Syntax switchport ingress filtering no switchport ingress filtering Default Setting Disabled Command Mode Interface Configuration Ethernet Port Channel Console config interface ethernet SNP...

Page 324: ... VLAN independent BPDU frames such as GVRP or STP However they do affect VLAN dependent BPDU frames such as GMRP Example The following example shows how to set the interface to port SNP1 and then enable ingress filtering 4 3 12 7 switchport native vlan Use this command to configure the PVID default VID for an interface Use the no form to restore the default Syntax switchport native vlan vlan id no...

Page 325: ...he ingress port Example The following example shows how to set the PVID for port SNP1 to VLAN 3 4 3 12 8 switchport allowed vlan Use this command to configure VLAN groups on the selected interface Use the no form to restore the default Syntax switchport allowed vlan add vlan tagged untagged remove vlan no switchport allowed vlan add vlan VLAN identifier to add remove vlan VLAN identifier to remove...

Page 326: ...an interface to VLAN groups as a tagged member Frames are always tagged within the switch The tagged or untagged parameter used when adding a VLAN to an interface tells the switch whether to keep or remove the tag from a frame on egress If none of the intermediate network devices nor the host at the other end of the connection supports VLANs the interface should be added to these VLANs as an untag...

Page 327: ... 4094 Default Setting No VLANs are included in the forbidden list Command Mode Interface Configuration Ethernet Port Channel Command Usage This command prevents a VLAN from being automatically added to the specified interface through GVRP If a VLAN has been added to the set of allowed VLANs for an interface then you cannot add it to the set of forbidden VLANs for that same interface Console config...

Page 328: ...ation Syntax show vlan id vlan id name vlan name id Keyword to be followed by the VLAN ID vlan id ID of the configured VLAN Range 1 4094 no leading zeroes name Keyword to be followed by the VLAN name vlan name ASCII string from 1 to 15 characters Default Setting Shows all VLANs Command Mode Normal Exec Privileged Exec Console config interface ethernet SNP1 Console config if switchport forbidden vl...

Page 329: ... DefaultVlan Active SNP0 SNP1 SNP2 SNP3 SNP4 SNP5 SNP6 SNP7 SNP8 SNP9 SNP10 SNP11 SNP12 SNP13 SNP14 SNP15 NETP0 NETP1 NETP2 NETP3 NETP4 NETP5 NETP6 NETP7 2 Static MgtVlan Active NETMGT Console TABLE 4 18 GVRP and Bridge Extension Commands Command Function Mode Page Interface Commands switchport gvrp Enables GVRP for an interface IC 4 132 switchport forbidden vlan Configures forbidden VLANs for an ...

Page 330: ...ult Setting Enabled Command Mode Interface Configuration Ethernet Port Channel Example 4 3 13 2 show gvrp configuration Use this command to show if GVRP is enabled or disabled Syntax show gvrp configuration interface interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Console config interface ethernet SNP1 Console config if switchpo...

Page 331: ...aveall timers Use the no form to restore the timers default values Syntax garp timer join leave leaveall timer_value no garp timer join leave leaveall join leave leaveall The timer to set timer_value Value of timer Range join 20 1000 centiseconds leave 60 3000 centiseconds leaveall 500 18000 centiseconds Console show gvrp configuration Whole system GVRP configuration Enabled SNP0 Gvrp configuratio...

Page 332: ...he GARP timers are independent of the media access method or data rate These values should not be changed unless you are experiencing difficulties with GMRP or GVRP registration deregistration Timer values are applied to GVRP for all the ports on all VLANs Timer values must meet the following restrictions leave 2 x join leaveall leave Note Set GVRP timers on all Layer 2 devices connected in the sa...

Page 333: ... up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Default Setting Shows all GARP timers Command Mode Normal Exec Privileged Exec Example Related Commands garp timer 4 133 4 3 13 5 bridge ext gvrp Use this command to enable GVRP globally for the switch Use the no form to disable it Console show garp timer ethernet SNP1 SNP1 GARP timer status Join timer 20 sec Leave timer 60 sec Leaveall...

Page 334: ...hes to exchange VLAN information in order to register VLAN members on ports across the network This function should be enabled to permit automatic VLAN registration and to support VLANs which extend beyond the local switch Example 4 3 13 6 show bridge ext Use this command to show the configuration for bridge extension commands Default Setting None Command Mode Privileged Exec Console config bridge...

Page 335: ...ows you to override the default Port VLAN ID PVID used in frame tags and egress status VLAN Tagged or Untagged on each port page 4 126 Local VLAN capable This item refers to the support provided by the switch for Multiple Spanning Tree At present Multiple Spanning Tree is not supported Traffic classes The switch provides mapping of user priorities to multiple traffic classes page 4 153 Global GVRP...

Page 336: ...ing services No Static entry individual port Yes VLAN learning IVL Configurable PVID tagging Yes Local VLAN capable Yes Traffic classes Enabled Global GVRP status Enabled GMRP Disabled Console TABLE 4 19 IGMP Snooping Commands Command Function Mode Page Basic IGMP Commands ip igmp snooping Enables IGMP snooping GC 4 139 ip igmp snooping vlan static Adds an interface as a member of a multicast grou...

Page 337: ...gures the query interval GC 4 145 ip igmp snooping query max response time Configures the report delay GC 4 146 ip igmp snooping router port expire time Configures the query timeout GC 4 147 show ip igmp snooping Shows the IGMP snooping configuration PE 4 142 Multicast Router Commands ip igmp snooping vlan mrouter Adds a multicast router port GC 4 148 show ip igmp snooping mrouter Shows multicast ...

Page 338: ...m to remove the port Syntax ip igmp snooping vlan vlan id static ip address interface no ip igmp snooping vlan vlan id static ip address interface vlan id VLAN ID Range 1 4094 ip address IP address for multicast group interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Default Setting None Command Mode Global Configuration Console c...

Page 339: ...g version 1 IGMP Version 1 2 IGMP Version 2 Default Setting IGMP Version 2 Command Mode Global Configuration Command Usage All systems on the subnet must support the same version If there are legacy devices in your network that only support Version 1 you will also have to configure this switch to use Version 1 Some commands are only enabled for IGMPv2 including ip igmp query max response time and ...

Page 340: ...d Mode Privileged Exec Command Usage See Configuring IGMP Snooping Parameters on page 3 55 for a description of the displayed items Example The following shows the current IGMP snooping configuration Console config ip igmp snooping version 1 Console config Console show ip igmp snooping Service status Enabled Querier status Enabled Query count 2 Query interval 125 sec Query max response time 10 sec...

Page 341: ...ast entries igmp snooping Display only entries learned through IGMP snooping Default Setting None Command Mode Privileged Exec Command Usage Member types displayed include IGMP or USER depending on selected options Example The following shows the multicast entries learned through IGMP snooping for bridge group 1 VLAN 1 Console show mac address table multicast vlan 1 igmp snooping VLAN M cast IP ad...

Page 342: ...efault Setting Disabled Command Mode Global Configuration Command Usage If enabled the switch will serve as querier if elected The querier is responsible for asking hosts if they want to receive multicast traffic Example 4 3 14 7 ip igmp snooping query count Use this command to configure the query count Use the no form to restore the default Syntax ip igmp snooping query count count no ip igmp sno...

Page 343: ...f queries defined by this command but a client has not responded a countdown timer is started using the time defined by ip igmp snooping query max response time If the countdown finishes and the client still has not responded then that client is considered to have left the multicast group Example The following shows how to configure the query count to 10 Related Commands ip igmp snooping query max...

Page 344: ...uration Example The following shows how to configure the query interval to 100 seconds 4 3 14 9 ip igmp snooping query max response time Use this command to configure the snooping report delay Use the no form of this command to restore the default Syntax ip igmp snooping query max response time seconds no ip igmp snooping query max response time seconds The report delay advertised in IGMP queries ...

Page 345: ...ave left the multicast group Example The following shows how to configure the maximum response time to 20 seconds Related Commands ip igmp snooping version 4 141 ip igmp snooping query max response time 4 146 4 3 14 10 ip igmp snooping router port expire time Use this command to configure the snooping query timeout Use the no form of this command to restore the default Syntax ip igmp snooping rout...

Page 346: ...p igmp snooping version 4 141 4 3 14 11 ip igmp snooping vlan mrouter Use this command to statically configure a multicast router port Use the no form to remove the configuration Syntax ip igmp snooping vlan vlan id mrouter interface no ip igmp snooping vlan vlan id mrouter interface vlan id VLAN ID Range 1 4094 interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT po...

Page 347: ...k on your switch you can manually configure that interface to join all the current multicast groups Example The following shows how to configure port 11 as a multicast router port within VLAN 1 4 3 14 12 show ip igmp snooping mrouter Use this command to display information on statically configured and dynamically learned multicast router ports Syntax show ip igmp snooping mrouter vlan vlan id vlan...

Page 348: ...re those in the lower priority queues You can set the default priority for each interface the relative weight of each queue and the mapping of frame priority tags to the switch s priority queues Console show ip igmp snooping mrouter VLAN M cast Router Ports Type 1 NETP5 Static 2 NETP6 Dynamic Console TABLE 4 20 Priority Commands Command Function Mode Page Layer 2 Priority Commands switchport prior...

Page 349: ...s not set and the default value for untagged frames received on the interface is zero Command Mode Interface Configuration Ethernet Port Channel show interfaces switchport Displays the administrative and operational status of an interface PE 4 96 Layer 3 and 4 Priority Commands map ip precedence Enables IP precedence class of service mapping GC 4 157 map ip precedence Maps IP precedence value to a...

Page 350: ... placed in the appropriate priority queue at the output port The default priority for all ingress ports is zero Therefore any inbound frames that do not have priority tags are placed in queue 0 of the output port Note that if the output port is an untagged member of the associated VLAN these frames are stripped of all VLAN tags prior to transmission Example The following example shows how to set a...

Page 351: ...ueue cos map Use this command to assign class of service COS values to the COS priority queues Use the no form to set the COS map to the default values Syntax queue cos map queue_id cos1 cosn no queue cos map queue_id The queue id of the CoS priority queue Ranges are 0 to 3 where 3 is the highest CoS priority queue cos1 cosn The CoS values that are mapped to the queue id It is a space separated li...

Page 352: ...e traffic classes are defined in IEEE 802 1p The default priority levels are assigned according to recommendations in the IEEE 802 1p standard as shown in the following table Command Mode Interface Configuration Ethernet Port Channel Command Usage COS assigned at the ingress port is used to select a COS priority at the egress port TABLE 4 21 IEEE 802 1p Default Priority Recommendations Queue Prior...

Page 353: ...d Commands show queue cos map 4 156 4 3 15 4 show queue bandwidth Use this command to display the weighted round robin WRR bandwidth allocation for the four class of service COS priority queues Default Setting None Command Mode Privileged Exec Console config interface ethernet SNP1 Console config if queue cos map 0 0 1 2 Console config if queue cos map 1 3 Console config if queue cos map 2 4 5 Con...

Page 354: ...ommand to show the class of service priority map Syntax show queue cos map interface interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Default Setting None Command Mode Privileged Exec Console show queue bandwidth Queue ID Weight 0 16 1 64 2 128 3 240 Console ...

Page 355: ...nce no map ip precedence Default Setting Enabled Command Mode Global Configuration Command Usage The precedence for priority mapping is IP Precedence or IP DSCP and default switchport priority IP Precedence and IP DSCP cannot both be enabled Enabling one of these priority types automatically disables the other type Console show queue cos map ethernet SNP11 Information of SNP11 Queue ID Traffic cla...

Page 356: ...e Class of Service value Range 0 7 Default Setting One to one mapping Precedence value 0 maps to COS value 0 and so forth Command Mode Interface Configuration Ethernet Port Channel Command Usage The precedence for priority mapping is IP Precedence or IP DSCP and default switchport priority IP Precedence values are mapped to default Class of Service values on a one to one basis according to recomme...

Page 357: ...p ip dscp Default Setting Enabled Command Mode Global Configuration Command Usage The precedence for priority mapping is IP Precedence or IP DSCP and default switchport priority IP Precedence and IP DSCP cannot both be enabled Enabling one of these priority types automatically disables the other type Example The following example shows how to enable IP DSCP mapping globally Console config interfac...

Page 358: ... DSCP value Range 0 255 cos value Class of Service value Range 0 7 Default Setting The DSCP default values are defined in the following table Note that all the DSCP values that are not specified are mapped to COS value 0 Command Mode Interface Configuration Ethernet Port Channel Command Usage The precedence for priority mapping is IP Precedence or IP DSCP and default switchport priority TABLE 4 22...

Page 359: ...pply to all interfaces on the switch Example The following example shows how to map IP DSCP value 1 to COS value 0 4 3 15 10 show map ip precedence Use this command to show the IP precedence priority map Syntax show map ip precedence interface interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Default Setting None Command Mode Priv...

Page 360: ...map ip dscp Use this command to show the IP DSCP priority map Syntax show map ip dscp interface interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT port channel channel id Range 1 6 Default Setting None Console show map ip precedence ethernet SNP5 Precedence mapping status disabled Port Precedence COS SNP5 0 0 SNP5 1 1 SNP5 2 2 SNP5 3 3 SNP5 4 4 SNP5 5 5 SNP5 6 6 SN...

Page 361: ...xec Example Related Commands map ip dscp Global Configuration 4 159 map ip dscp Interface Configuration 4 160 Console show map ip dscp ethernet SNP1 DSCP mapping status disabled Port DSCP COS SNP1 0 0 SNP1 1 0 SNP1 2 0 SNP1 3 0 SNP1 61 0 SNP1 62 0 SNP1 63 0 Console ...

Page 362: ...NETP4 NETP5 and SNP8 through SNP15 are on one switch chip The ports NETP2 NETP3 NETP6 NETP7 and SNP0 through SNP7 are on the other If you look at the rear panel of the SSC all the ports on the right are on one chip and all the ports on the left are on the other Syntax port monitor interface rx tx both no port monitor interface interface ethernet port name port name down link SNP0 15 up link NETP0 ...

Page 363: ...y unobtrusive manner The destination port is set by specifying an Ethernet interface Example The following example mirrors all packets from port SNP6 to port NETP2 Related Commands show port monitor 4 165 4 3 16 2 show port monitor Use this command to display mirror information Syntax show port monitor interface interface ethernet port name port name down link SNP0 15 up link NETP0 7 mgt NETMGT De...

Page 364: ...rease the bandwidth of a network connection or to ensure fault recovery Or you can use the Link Aggregation Control Protocol LACP to negotiate a dynamic aggregated link between this switch and another network device For static aggregated links the switches connected to must be of the same type But for dynamic aggregated links the switches simply have to comply with LACP This switch supports up to ...

Page 365: ...ttings All the ports in an aggregated link have to be treated as a whole when moved from or to or added or deleted from a VLAN through the specified port channel STP VLAN and IGMP settings can only be made for the entire aggregated link through the specified port channel 4 3 17 1 channel group Use this command to add a port to a static aggregated link Use the no form to remove a port from a static...

Page 366: ...ly link switches of the same type Use no channel group to remove a port group from an aggregated link Use no interfaces port channel to remove an aggregated link from the switch Example The following example creates aggregated link 1 and then adds port NETP2 4 3 17 2 lacp Use this command to enable 802 3ad Link Aggregation Control Protocol LACP for the current interface Use the no form to disable ...

Page 367: ...ode or auto negotiation An aggregated link formed with another switch using LACP will automatically be assigned the next available port channel ID If the target switch has also enabled LACP on the connected ports the aggregated link will be activated automatically If more than four ports attached to the same target switch have LACP enabled the additional ports are placed in standby mode and are on...

Page 368: ...t Console config interface ethernet NETP1 Console config if lacp Console config if exit Console config interface ethernet NETP2 Console config if lacp Console config if exit Console config exit Console show interfaces status port channel 1 Information of Trunk 1 Basic information Port type 1000t Mac address 00 00 e8 00 00 0b Configuration Name Port admin status Up Speed duplex Auto Capabilities 10...

Page 369: ...in the Management Information Base MIB The key MIB groups supported by the switch are listed in this appendix Also note that specific MIB variables used for each configuration task are listed in Chapter 3 General Management of the Switch This appendix contains the following sections Section A 1 Supported MIBs on page A 2 Section A 2 Supported Traps on page A 3 ...

Page 370: ...group snmp group 1493 Bridge MIB dot1dBase group dot1dStp group dot1dTp group dot1dStatic group 2863 Interfaces Evolution MIB ifXTable group ifStackTable group 2819 RMON MIB statistics group history group alarm group event group 2618 RADIUS MIB radiusAuthClientMIB 2665 Etherlike MIB dot3StatsTable group 2737 Entity MIB entityPhysical group 2674 P bridge dot1dExtBase group dot1dPriority group dot1d...

Page 371: ...se traps supported include the following item TABLE A 2 Sun Private Enterprise MIB Title Version CSSP MIB 01 00 00 TABLE A 3 SNMP Traps RFC No Title RFC 1215 SNMPv1 RFC 1907 SNMPv2c coldStart linkDown linkUp authenticationFailure RFC 1493 newRoot topologyChange RFC 2819 risingAlarm fallingAlarm TABLE A 4 Sun Private Enterprise Traps RFC No Title CSSP MIB swPowerStatusChangeTrap ...

Page 372: ...A 4 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 ...

Page 373: ...n the switch is functioning properly If you are having problems connecting to the management interface see the troubleshooting chart under Accessing the Management Interface on page B 2 This appendix contains the following sections Section B 1 Diagnosing Switch Indicators on page B 2 Section B 2 Diagnosing Port Connections on page B 2 Section B 3 Accessing the Management Interface on page B 2 Sect...

Page 374: ...ing properly B 2 Diagnosing Port Connections If a port does not work check the following The cable connections are secure and the cables are connected to the correct ports at both ends of the link The port status Admin is enabled and the auto negotiation feature is enabled or the ports at both ends of the link are configured to the same speed and duplex mode See Port Configuration on page 3 96 for...

Page 375: ...make sure that The switch s management VLAN is configured with a valid IP address subnet mask and default gateway The management station has valid IP address subnet mask and default gateway The management station is connected to a switch port that is a member of the management VLAN The ports connecting intermediate switches and the Layer 3 switch es in the network are tagged ports and are a member...

Page 376: ... other actions that lead up to the error 5 Make a list of the commands or circumstances that led to the fault Also make a list of any error messages displayed 6 Contact customer service Example B 4 1 Log Messages Log messages generated by this switch are listed in the following table Console config logging on Console config logging history flash 7 Console config snmp server host 10 1 0 23 TABLE B ...

Page 377: ...LAN link down 6 Authentication failure notification SNMP access authentication failure 6 STA root change notification STA root change 6 STA topology change notification STA topology change 6 RMON rising alarm notification RMON rising alarm 6 RMON falling alarm notification RMON falling alarm 6 1 Indicates unit 1 port YY YY 1 to 25 2 Indicates a VLAN ID value XX 1 to 4094 3 Syslog message level See...

Page 378: ...e too long 2 Allocate string2 memory fail 2 Indicates the value specified for a configuration setting Allocate memory failed for specified String 2 Free string memory fail Free memory failed for specified String 2 string switch to default Specified value is invalid or not supported the default value will be used Please refer to the on line help or this manual for information on acceptable values 3...

Page 379: ...ameter Ping parameter is wrong Invalid parameter value range Type to get more detail information Value or character string length is not allowed Invalid TFTP server IP address TFTP IP address error Not enough resources please try later Ping function has no resources No such file System does not have the file No such VLAN VLAN does not exist Port port name does not exist The port name does not exis...

Page 380: ...and is not supported for management port in current release The no switchport allow vlan command cannot be used for the management port Trunk ID trunk is out of range Trunk id is not allowed Trunk trunk does not exist This trunk does not exist Trunk trunk is a normal trunk This trunk is a normal trunk Trunk with no members cannot be displayed Trunk member cannot be configured or displayed Type sho...

Page 381: ...tion file Input a destination file name to download or upload Please input a source file Input a source file name to download or upload Please input or select a destination file Input or select a file name for downloading or uploading Please select a file Select a file to download or upload System will be restarted System will be restarted User privileges are not enough to perform this operation P...

Page 382: ...nge Password too long Maximum password length exceeded Please input username Input a user name to add a new user Please select an user Select a user to remove or change password RADUIS KEY is invalid RADIUS encryption key is invalid Server Port Number is out of range RADIUS port number is out of range Select a privilege level Select privilege level to add a user TACACS PORT is invalid TACACS port ...

Page 383: ...ut of range Report delay is out of range User privileges are not enough to perform this operation Privileges insufficient Multicast Router Ports Data is invalid General error Please select a port Select ports to add remove to from multicast router User privileges are not enough to perform this operation Privileges insufficient Multicast Services Data is invalid General error Igmp group member is n...

Page 384: ... is out of range Traffic Class is out of range User privileges are not enough to perform this operation Privileges insufficient Address Tables Aging time is out of range Maximum address aging time exceeded User privileges are not enough to perform this operation Privileges insufficient Up Links Down Links Status Cannot set port capabilities Incorrect speed duplex mode for specified port Data is in...

Page 385: ...ble is full or data is invalid User privileges are not enough to perform this operation Privileges insufficient Spanning Tree Data is invalid General error User privileges are not enough to perform this operation Privileges insufficient Config Path cost is out of range Path cost is out of range Priority is out of range Priority is out of range Port Path cost is out of range Path cost is out of ran...

Page 386: ...n Privileges insufficient Monitoring Port Mirroring Data is invalid General error User privileges are not enough to perform this operation Privileges insufficient Logs Data is invalid General error User privileges are not enough to perform this operation Privileges insufficient TABLE B 4 Web Interface Error Messages Continued Menu Message Description ...

Page 387: ...ains the following sections Section C 1 Switch Architecture on page C 2 Section C 2 Management Features on page C 3 Section C 3 Physical on page C 3 Section C 4 Power on page C 4 Section C 5 Environmental on page C 4 Section C 6 Standards on page C 4 ...

Page 388: ...TX 1 console port serial RJ 45 Network Interface 10 100 1000Base T Ports NETP0 7 RJ 45 connector auto negotiation auto MDI MDI X Cabling 10BASE T 100 ohm UTP cable Categories 3 4 5 100BASE TX 100 ohm UTP cable Category 5 1000BASE T 100 ohm UTP cable Category 5 or 5e Buffer Architecture Up link and down link ports 1 Mbyte shared Aggregate Bandwidth 48 Gbps Switching Database 32K MAC address entries...

Page 389: ...d MIB Support SNMP v1 v2 RFC 1215 1907 MIB II RFC 2863 Bridge MIB RFC 1493 Etherlike MIB RFC 1643 2665 RMON RFC 2819 groups 1 2 3 9 IEEE 802 1Q VLAN RFC 2674 IEEE 802 3ad LACP private MIB RMON Support Groups 1 2 3 9 Statistics History Alarm Event Additional Features Aggregated links Static and LACP Port Mirroring Port Security RADIUS Authentication Client TABLE C 3 Physical Specifications Item Spe...

Page 390: ...hr maximum TABLE C 5 Environmental Specifications Item Specifications Temperature Operating 5 to 45 C 41 to 113 F Storage 40 to 70 C 40 to 158 F Humidity Operating 10 to 90 non condensing TABLE C 6 Supported Standards Standard Description IEEE 802 3 Ethernet IEEE 802 3u Fast Ethernet IEEE 802 3ab Gigabit Ethernet IEEE 802 1D Spanning Tree Protocol and traffic priorities IEEE 802 1w Rapid Reconfigu...

Page 391: ...O IEC 8802 3 IEEE 802 3ad Link Aggregation Control Protocol RFC 1215 1907 SNMP RFC 2819 RMON groups 1 2 3 9 RFC 2863 MIB II RFC 1493 Bridge MIB RFC 1643 2665 Etherlike MIB RFC 826 ARP RFC 1112 IGMP RFC 792 ICMP TABLE C 6 Supported Standards Continued Standard Description ...

Page 392: ...C 6 Sun Fire B1600 Blade System Chassis Switch Administration Guide June 2003 ...

Page 393: ...e data transmission along the cable Bandwidth Utilization The historical percentage of packets received as compared to total bandwidth BOOTP Boot protocol used to load the operating system for devices connected to the network Auto negotiation Signalling method allowing each node to select its optimum operational mode for example 10 100 or 100 Mbit sec and half or full duplex based on the capabilit...

Page 394: ...es a way for switches to exchange VLAN information in order to register necessary VLAN members on ports along the Spanning Tree so that VLANs defined in each switch can work automatically over a Spanning Tree network Generic Attribute Registration Protocol GARP GARP is a protocol that can be used by end stations and switches to register and propagate multicast group membership information in a swi...

Page 395: ...y and IGMP Report packets transferred between IP Multicast Routers and IP Multicast host groups to identify IP Multicast group members Internet Control Message Protocol ICMP Commonly used to send echo messages Ping for monitoring purposes Internet Group Management Protocol IGMP A protocol through which hosts can register with their local router for multicast services If there is more than one mult...

Page 396: ...base objects that contains information about a specific device Multicast Switching A process whereby the switch filters incoming multicast frames for services for which no attached host has registered or forwards them to all ports contained within the designated multicast VLAN group Out of Band Management Management of the network from a station not attached to the network Port Mirroring A method ...

Page 397: ...h a database of multiple user name password pairs and associated privilege levels for each user or group that requires management access to this switch Telnet Defines a remote communication facility for interfacing to a terminal device over TCP IP Transmission Control Protocol Internet Protocol TCP IP Protocol suite that includes TCP as the primary transport protocol and IP as the network layer pr...

Page 398: ...Glossary 6 Sun Fire B1600 Blade System Chassis Switch Administration Guide April 2003 ...

Page 399: ...3 78 4 151 layer 3 4 priorities 3 85 4 151 queue mapping 3 78 4 153 service weight 3 84 4 152 D DHCP 3 16 4 71 client identifier 3 12 4 72 Differentiated Services Code Point See DSCP down link ports 1 4 downloading software 3 21 4 20 DSCP 3 90 4 159 E edge port STA 3 126 4 115 encrypted passwords 4 30 4 31 4 65 error messages B 5 command line errors B 6 logging 4 34 system errors B 6 Web interface...

Page 400: ...nt Information Base See MIB management port filtering traffic 3 134 4 77 management ports 1 4 MIB A 1 supported MIBs A 1 mirror port configuring 3 139 4 164 multicast configuring 3 54 4 138 router 3 59 4 148 P passwords 4 30 4 31 4 65 passwords setting 3 28 4 45 path cost 3 125 path cost method 3 76 4 111 path cost STA 3 129 4 111 4 112 port mirror 3 139 4 164 port priority default ingress 3 78 4 ...

Page 401: ...switch 3 141 4 95 status LEDs 1 5 STP 3 70 4 106 Switch and System Controller See SSC switch port mode 3 114 4 124 switch specifications C 1 system logs 3 156 4 34 B 4 system software 3 18 4 20 downloading from server 3 21 4 20 upload or download 3 21 4 20 T TACACS 3 28 4 46 Telnet 4 3 Terminal Access Controller Access Control System See TACACS trap receiver 2 4 3 36 4 57 troubleshooting B 1 manag...

Page 402: ...Index 4 Sun Fire B1600 Blade System Chassis Switch Administration Guide January 2003 ...