Instruction/ maintenance manual of the product ES4710BD Accton Technology
Go to page of 547
www .edge-core.com ES4710BD 10 Slot s L2/L3/L4 Chassis Switch User ’ s Guide.
1 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Preface ES4710BD is a hig h performance ro uting switch releas ed by Edge-Core that can be deployed as the core layer devi ce for cam pus and enterprise networks, or as an aggregation device f or IP metropolitan ar ea networks (MAN ).
2 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Content CHAPTER 1 PRODUCT OVER VIEW............................................................................................ 31 1.1 P RODUCT B RIEF .....................................................
3 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.2.4 EM4700BD- 2 XG-X ENP AK ........................................................................................... 44 1.4.2.4.1 Front P anel ......................................................
4 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.3.1.2 Rack-m ounting ES 4710BD ................................................................................................ ............ 61 2.3.1.3 W earing an ESD W rist Strap .....................
5 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4.2.1.1.3.2 VLA N Mode ......................................................................................................... .......... 88 4.2.1.1.3.3 DHCP A ddress Pool Mode .........................
6 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.2.2.3.2 telnet .............................................................................................................. ....................... 100 5.2.2.3.3 telnet -s erver enable ...............
7 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.4.4.2.6 snmp-s erver se curityip .............................................................................................. ............ 1 16 5.4.5 T ypical SNMP Conf iguration Ex amples ...........
8 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.2.3 Configure IP a ddress of SNMP manager .................................................................................. .... 141 5.6.2.4 SNMP statistics ..........................................
9 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 6.4.1 Reset specific m odule................................................................................................... ....... 155 6.4.2 Show slot ................................................
10 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.4.1 Introduction to Port Mirroring ........................................................................................ .............. 170 7.2.4.2 Port Mirroring Conf iguration T ask S equence ..
11 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.4.1.1 show mac-addr ess-tab le aging-time ..................................................................................... ........ 185 8.4.1.2 show mac-a ddress-tab le static ....................
12 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.2.2.5 Clear ing port M AC ................................................................................................... ................. 199 8.6.2.3 MAC binding attrib ution configur ation....
13 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.5.1.1 Create/rem ove Vlan ............................................................................................................. ..... 217 9.5.1.1.1 VI D allocat ion ............................
14 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2.2.9 spanning-tr ee l ink-type p2p .......................................................................................... .............. 232 10.2.2.10 spanni ng-tree m axage .....................
15 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.5.4 Show MSTP se tting ...................................................................................................... ..... 250 10.5.4.1 Instan ce information..................................
16 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 12.1.3 Access list Action an d Global Defau lt Action ................................................................... 266 12.2 ACL CONFIGURA TION .....................................................
17 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 13.4 P OR T C HANNEL T ROUBLESHOOT ING H ELP ................................................................................ 290 13.4.1 Monitor an d Debug Commands ......................................
18 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.5 DHCP T ROUBLESHOOTING H ELP ........................................................................................... 313 14.5.1 Monitor an d Debug Commands .......................................
19 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 15.3.1.1 show s ntp ...................................................................................................................... ............ 329 15.3.1.2 debug sn tp...........................
20 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.4.1.4 show mls qos ma ps .............................................................................................................. ..... 354 16.4.1.5 show clas s-map .............................
21 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 17.2.1 Introduction to IP Forwar ding ............................................................................................ 369 17.2.2 IP Route Aggreg ation Config uration ........................
22 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.2.3.2.1 ip route ....................................................................................................................... ......... 380 18.2.3.2.2 show ip route ........................
23 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.4 OSPF ........................................................................................................................... .............. 404 18.4.1 Introd uction to OSPF .....................
24 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.4.2.2.34 debug ip ospf spf ................................................................................................. .............. 429 18.4.3 T ypical OSPF Scenario ..........................
25 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch CHAPTER 19 MUL TICAST PROT OCOL CON FIGURA TION .................................................. 457 19.1 M UL TICAST P ROTOCOL O VER VIEW ..............................................................
26 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.4.4.1.2 show ip pi m interface .......................................................................................................... 475 19.4.4.1.3 show ip pi m mroute sm ........................
27 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.6.2.2.3 ip igmp quer y-interval ............................................................................................. ........... 496 19.6.2.2.4 ip igmp query -max-res ponse-tim e ............
28 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.7.6.5 Show ip pim mroute sm................................................................................................ .. 507 19.7.6.6 Show ip pim rp .............................................
29 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.4.1.3 show aaa authen ticating-us er ................................................................................................... . 524 20.4.1.4 show radius cou nt .............................
30 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 21.4.1 Create VRRP Num ber ..................................................................................................... .. 543 21.4.2 Configure VRRP Dummy IP ....................................
31 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 1 Pr oduct Overview RECOMMENDATION: Please read this manual fi rst before using the switch, following the instructions to avoid damaging the device. 1.1 Pr oduct Brief Fig 1-1 ES4710 BD Switch 1.
32 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.1.2 Featur es Advanced Architectur e The design for the ES4710BD co re routing switch is fully distributed architecture.
33 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Layer 3 Forw arding Layer 3 forwarding is the forwarding of La yer 3 packets (IP pack et) across VLANs, which ES4710BD uses switc h chip hardware to.
34 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch IGMP Snooping ES4710BD supports IGMP Snoop ing based on multi-casting applications enabling various multi-cast servic es (e.g. multim edia playback, remote educat ion and recreation) in an acc ess network with l owered netwo rk traf fic.
35 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Restart and reset to fac tory setting ca n be done bot h locally and remotely TFTP /FTP fir mware upgrade available Can be instal led into standa rd 19-inch chassis 1.2 T echn ical specifications Protocols and S tandar ds □ IEEE802.
36 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.3 Physical Specifications Management Port □ One RJ-45 serial port for each m anagement module AC Power Input □ 90 ~ 264V A C, 50 ~ 60H z .
37 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch a groundin g post has be en provided on each s ide of the rack for grounding conn ections. In addition, on both sides of the lower section of the chassis, a handler is provide d for easier transport. Fig 1-2 ES4710BD Front Pa nel view Management slot : 2 managem ent slots are provided.
38 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch the panel as RUN ) are provided for eac h board . On the Mai n Control cards ther e is Master -Slave indicator (printed on the panel as M/S ) Th ere is .
39 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z 12 fiber Gb ports line card (EM4700BD-12GX- SFP): supporting 12 SFP Gb fiber ports for layer 2 and layer 3 sw itching and ro uting. z Dual 10Gb fiber line card ( EM4700BD-2XG-XENP AK ): supporting 2 10GBase-X fibe r port (XENPAK) for layer 2 and l ayer 3 switching an d routing.
40 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Off Cards are powered off and can be removed On (Green) Master Master -Slave indicator M/S Off Slave On (Green) Power Supply Module operating normally O.
41 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Propert y Specification Connector RJ-45 (Receptacle) Connector type z 10/100Mbps auto sensing z Cat 5 UTP: 300 m 1.4.2.1.5 Front Panel – Reset Button EM4710BD-AGENT provides a RESET but ton for resetting the board.
42 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch On (Green, blinks at 8 Hz) System is loading (Bootin g after card hot swapping) On (Y ellow , blinks at 8 Hz) System is shutting dow n (Shutting Down af.
43 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 1-5 EM4700BD -12GX-SFP Front Panel view 1.4.2.3.2 Front Panel - Indicator The following tab le describes the EM 4700BD-12GX-SFP’ s front panel indic ators: Ta b l e 1 .
44 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Ta b l e 1 . 7 EM4700 BD-12GX-SFP port description Port T ype Specification SFP z SFP-SX transceiver: 62.
45 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.2.4.2 Front Panel - Indicator The following tabl e describes the front panel in dicators for the EM4700BD- 2 XG-XE NP AK: T able 1.8 Description of the EM4700 BD-2XG-XENP AK ind icators LED Indicator Panel Symbol St a t u s Description On (green) Card powered.
46 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.2.4.5 Front Panel – SW AP Button The EM4700BD-2X G-XENP AK provides a SW AP button for hot swapping the m odule during operation. Before rem oving the modules, users sh ould first press the SW AP button.
47 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.2.5.2 Front Panel - Indicator The following tab le describes the front panel indicators f or EM-7600-ES and EM-7600-ES-2GB: T able 1.
48 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch T able 1.10 EM-7600-ES-2G B port description Port T ype Specification SFP z SFP-SX transceiver: 62.5 /125 µm multi-mode fiber: 275m 50.
49 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.3.1 EM4710BD-AC (Alternating Current Pow er Module) When powere d by AC inp uts, the AC p ower modul e EM4710B D-AC and cor respondin g AC distribution box shoul d be use d in the ES4710B D.
50 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch V AC input socket for the positioning of pow er cords and easier w iring. In addition, on th e left side of the AC distribu tion panel is a power supply switch used to control the m odules’ power out put .
51 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.4.8 Rear Panel The rear panel of the ES4710BD covers the switch backp lane. T o ensure safe operation of the switch, please do no t open the rear panel. There are two reve rsible handles on the rear panel, they are used only for the i n stallation and removal of the rear panel.
52 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1.5 System Featur es Ta b l e 1 . 1 1 ES4710BD System Features SDRAM 128MB FLASH 32MB Status indicator: Port: T raffic, LINK General: Power status, sy s.
53 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 2 Hardwar e Installation 2.1 Safety Information During the install ation and use of t he ES4710BD Swit ch, please follow the safety gui delines list ed below: Basic Guidelines 1. Disconnect power supplies from the chassis before disassem bly or moving the switch.
54 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (including rings, necklaces, watches and bracelets). 2. Metal objects will cause short circuits and dam age the device when i n contact with both powered items and the ground. 3. An improper c onnection between the devi ce and power sockets m ay be hazardous.
55 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ! W atch out for potential dangers, e.g. wet floors, ungrounde d power li nes, and worn power lines. ! Have an e mer gency switch installed inside the workshop, so that power ca n be cut of f promptly should an accident occur .
56 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch T em perature: Relative humidity Long term condition Short term condi tion Long term condition Short term condition 15 ~ 30°C 0 ~ 40°C 40 ~ 65% 10 ~ 90% A sam ple of ambient temperature a nd humidity should be taken at 1.
57 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.1.4 Preventing Electrostatic Discharge Damage Stati c electric dischar ges can cause damage to internal circu its, even the entire switch. Follow these guidelines for preve nting ESD dam age: 1. Ensure proper earth groundi ng of the devi ce 2.
58 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.1.7 Power Supply Requirements The ES4710BD is designed t o use modular sw itching pow er supplies , supporting 2 +1 redundant backup of power m odules.
59 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch A basic config uration ES4710BD sh ould include the following: ITEM No. Part name Number Memo 1 ES4710BD Ethernet Switc h 1 2 AC cable 3 3 Serial port c.
60 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch & Cards and modules i n stallati on & Connecting to the Console Connecting to the Console p o rt & Connecting to the Managem ent Port .
61 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch & Copper Cable/Fiber cabl e connection Ethernet cable connection Fiber cable conne ction & Power supply connection 2.
62 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The figure below show s the steps for m ounting the hang ers: Fig 2-1 Installi ng ES4710BD Switch H angers Step 2: Put the han ger -mounted swi t ch sm oothly into a standard 19’ ’ rack. Because of the size and weight of a ES 4710 BD, 2 people are required to complete the installat ion.
63 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Proper grounding When using an AC pow er source, the devi ce must be grounde d with the green and yellow ground cables, otherwise, s hoc k hazards m ay occur when insulation resistance be tween the internal power supply and the chassis degr ades.
64 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.3.3.1 Removing and Installing the Cards The installation procedure is the same for all cards, as sh own below: Step 1: Power down the switch (Hot-s wapping is supported by optional cards for t h e switch.
65 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch front panel of the fan tray will loc k automatic ally . Upon rem oval, hold the handle in the front panel of fan tray with your m iddle and ring fing ers, press the locker slight ly down, and the fan tray can be drawn out sm oothly .
66 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Cleaning of power sup p ly dust gau ze: Dust gauzes are pro vided in the fr ont panels of the EM4710BD -AC and EM-7608-DC pow er supply modules, w hich can be installed a nd removed e asily .
67 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.3.5 Connecting to the Management Port The EM4710BD-AG ENT provides a RJ-45 (female) Ethernet port. Users can connect to this administration port through a backend host w ith Ethernet i n terface for pro g ram load ing, or use t his port to conne ct to remote devices (e.
68 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Step 4: Tigh ten (clockwise) the pane l fasteners in the front of XEN P AK transceiver until faste ned to the front pa nel of the 10G B line card.
69 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Step 1: Before connecting th e AC power cable, ensure that the ES4710BD is properly grounded and the output sw itch of the p ower supply m odule in the AC distributio n box is off.
70 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 3 Setup Configuration Setup configuratio n refers to the init ial operation of the switc h after the us er purchases the switch. For first-time users of t he ES4710BD, this chapter provides a v ery practical i nstruction.
71 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Selection number: The corresponding menu ite ms in Chinese are: 配置菜 [0]: 配置交机主机名 [1]: 配置 Vlan1 的接口 [2]: 配置交.
72 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The corresponding prom pt in Chinese is: 配置 Vlan1 接口 [0]: 配置 Vlan1 接口的 IP 地址 [1]: 配置 Vlan1 接口的状 [2]: 返回上一.
73 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch [0]: Add telnet user [1]: Config telnet server s tatus [2]: Exit Selection number: The corresponding prom pt in Chinese is: 配置 Te l n e t 服器 .
74 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch enable T elnet service. The T elnet server co nfiguration menu will then appear . Select “2” in the T elnet serve r configuration menu to return to th e Setup main menu.
75 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Note: valid pa ssword length is 1 to 8 characters. After configuring the username and password, t he menu will return to the W eb server configuration section .
76 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch [2]: 配置 Tra p s 主机 IP 地址和体字符串 [3]: 配置交机 SNMP 状 [4]: 配置交机 Tra p s 状 [5]: 添加 SNMP 管理站.
77 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Select “3” in the SNMP conf iguration menu an d press Enter , the following scree n will appear: Enable SNMP-server? (y/n) [y]: The corresponding prom pt in Chinese is: 是否使能交机 SNMP? (y/n) [y]: T ype “ n” and press Enter to disable SN MP service.
78 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 4 Switch Management 4.1 Management Options After purchasing the swit ch, the user needs to configure the switch fo r network management. ES4710BD provi des two managem ent options: in-band m anagement and out-of-band m anagement.
79 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Step 2 Entering the Hyper T erm inal. Open HyperT erminal in W indows aft er the connec tion has be en established.
80 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 4-4 Openi ng HyperT erminal (3) 4) COM1 properties ap pears, select “9600” for “ B aud rate”, “8” for “Data bits”, “none” for .
81 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 4-6 Openi ng HyperT erminal (5) Step 3 Entering switch CLI int erface: Power on the switch. The follow ing appears in the HyperT erm inal windows, this is the CLI configuration mode for ES4710BD. E S 4 7 1 0 B D M a n a g e m e n t S w i t c h Copyright (c) 2001-2004 by Edge-Core Networks Limited.
82 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch C u r r e n t t i m e i s W E D A P R 2 0 0 9 : 3 7 : 5 2 2 0 0 5 ES4710BD Series Switch Operat ing System, Software Packet V ersion ES4704BD_2.2. 10.0 Copyright (C) 2001-20 04 by Accton T echnology Cor p.
83 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 4-7 Man aging the swit ch by T elnet Step 1: Configure the IP addresses for th e switch and st art the T elnet functi on on the sw itch. First, the configura tion of the host’ s IP address should be within th e same networ k segment as the switch’ s VLAN1 interf ace IP address.
84 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Run the T elnet client program include d in W indows with the specifi ed T e lnet tar get. Fig 4-8 Run ning the T elnet clie nt program included in W indows Step 3: Log in to the switch Log in to the T elnet configuration i nterface.
85 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 4-9 T elnet Configuration Interfac e 4.1.2.2 Managing the Switch thr ough ECview T o m anage the switch with ECview , the following c onditions sho .
86 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4.2.1 CLI Interface CLI interface is familiar t o most users. As aforem entioned, out-of-band management and T el net login are all performed through CLI interface to m anage the switch. CLI Interface is supported by Shell pr ogram, which consists of a set of configuratio n commands.
87 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4.2.1.1.2 Admin Mode Admin Mode prompt “Switch#” can be entered under the U ser Mode by running the enable command and entering the c orresponding adm in user password, if set. Or , when the exit command is run under Global Mode, it will return t o the Admin Mode.
88 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch under Global Mod e. mode, speed, etc. 4.2.1.1.3.2 VLAN Mode Using the vla n <vlan-id> com mand under Global Mode , you can enter the corresponding VLAN Mode. Under V LAN Mode the user can confi gure all m ember ports of the corresponding VLAN.
89 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch extended command un der Global Mode. for Extended IP ACL Mode return to Global Mode. 4.2.1.2 Configuration Syntax ES4710BD provi des various confi guration comm an ds. Although all the comm ands are diff erent, they all a bide by the syn tax of ES4710 BD configuration comm an ds.
90 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Right “ → ” The cursor moves one character to the right. Ctrl+p The same as Up key “ ↑ ”. Ctrl+n The same as Down key “ ↓ ”. Ctrl+b The same as Left key “ ← ”. Ctrl+f The same as Right key “ → ”.
91 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Unrecognized comm and or illegal parameter! The entered comm and does not exist, or there is error in parameter scope, type or form at. Ambiguous command At least two i nterpretation are possible based on the current input.
92 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4.3.2 Module Fr ont Panel When entering username, password and pa ssing authentication, you will see the followin g web manage ment m ain page. On the left of the managem ent page is th e main m anagement m enu and on the right of t he page system information and command param eter are displayed.
93 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 5 Basic Switch Configuration 5.1 Basic Switch Configuration Commands This section cov ers the basic configuration for the switch, i ncluding all.
94 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch user password are all wr ong, it rem ains in th e User Mode. Set t he Admin user password under Global Mode with the “ enable password ” command. Example: Switch>enable password: ***** (adm in) Switch# Related command: enable password 5.
95 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: The defau lt value is 5 minutes. Usage Guide: T o ensure security for the switch an d prevent m alicious operation of unauthorized users, timeout count will st art after the last co nfiguration by the Admin user .
96 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <hostname> is the host na me, up to 15 characters are all owed; <ip_ad dr> is the corresponding IP address fo r the host name and takes a decimal form at.
97 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch#r eload 5.1.12 setup Command: setup Function: Enters the Setup Mod e of the sw itch. Command mode: Admin Mode Usage Guide: ES4710BD provides a Setup Mode, in wh ich the user can configure IP addresses, etc.
98 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: The switch sends an ICMP packet to remote devices to verify the connectivity between the switch and remote dev ices. Parameters: <ip-addr> is t h e tar get host IP address for ping, in decim al format.
99 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch T el net is a simple rem ote terminal prot ocol for remote lo gin. Using T elnet, the user can login t o a remote host with its IP address of hostn ame from his own w orkstation.
100 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch information. 2. T elnet to a remote host fr om the switch 5.2.2.3 T elnet Commands 5.2.2.3.1 monitor Command: monitor n o m o n i t o r Function: Enabl.
101 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Connecting H ost 20.1.1.123 Port 23... Service port is 23 Connected to 20.1.1.123login:123 password:*** router> 5.
102 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch command deletes the specified T elnet user . Parameters: <username> is the T elnet client’ s usernam e, up to 16 character s are allowed; <password> is the lo gin password, up to 8 characters are allowed; 0|7 indic ate non-masked password display and masked passw ord display .
103 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch#show clock Current time is TUE AUG 22 11 : 00 : 01 2002 Related comma nd: clock set 5.2.4.2 show debugging Command: show debugging Function: Displays the de bugging switch status.
104 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch enable config interface ethernet 1/ 3 enable show flash show ftp 5.2.4.5 show memory Command: show memory Function: Displays the cont ents in the m e mory . Command mode: Admin Mode Usage Guide: This com mand is used for switch debugging purposes.
105 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch#show runnin g-config 5.2.4.7 show startup-config Command: show startup - config Function: Displays the switch param eter configurations written in th e Flash mem ory at the current operation, tho se are usually also the configuration files used for t he next power -up.
106 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.2.4.9 show tcp Command: show tcp Function: Displays the current TCP connection status establ ished to the switch. Command mode: Admin Mode Example: Switch#show tcp LocalAddress LocalPort ForeignAddress ForeignPort State 0 .
107 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Switch#show telnet login Authenticate l ogin by local. Login user: aa Switch# 5.2.4.12 show telnet user Command: show telnet user Function: Displays authori zed T elnet client’ s information Usage Guide: This comm and can be used to check f or al l current authorized T elnet clients.
108 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.3 Configuring Switch IP Addr esses All Ethern et ports of ES4710BD perfor m layer 2 forwarding. The VLAN interface represents a Layer 3 interface function, which can be assigned an IP address, this is also the IP address of the switch.
109 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 3.DHCP Command Expl anation ip dhcp-client enable no ip dhcp-client enable Enables the switch t o be a DHCP client and obtain IP address and gateway address thro ugh DHCP negotiation; th e “ no ip dhcp-client enable ” command disa bles the DHCP client function.
11 0 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip bootp-client enable Switch (Config-If-Vlan1)#exit Switch (Config)# Related command: ip addre ss, ip dhcp-client en able 5.
111 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SNMP protocol provide a relatively di rect way of exchanging m anagement information between two points in th e network.
11 2 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 5-1 AS N.1 tree instance In this figure, the OI D of object A is 1.2.1.1. NMS can find t his object witho ut ambiguity through the object’ s unique OID to get the standard variabl e contained in t he object.
11 3 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Statis tics: Maintains basic utilizati on and error statistics for eac h subnet m onitored by the Agent. History: Records periodica l statistic sam ples available from S tatistics. Alarm: Allows users to set any c ount or int e ger for s ample inter vals and alert thresholds for RMON Agent records.
11 4 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch configured secure a ddress. 4. Configuring TRAP Command Expl anation snmp-server enable traps no snmp-server enable tr aps Sets the switch to enable to send T rap messages; the “ no snmp-server en able traps ” command disables T rap messages.
11 5 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <string> is the com munity string set; ro| r w is the specified access mode to MIB, ro for read-only and rw for read-write. Usage Guide: Up to 4 comm unity strings are supported by the switch.
11 6 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.4.4.2.5 snmp-server host Command: snmp-server host <host-addr> <community-string> no snmp-server host <h ost-addr> Function: Sets .
11 7 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1. 1. 1. 5 1. 1. 1. 9 Fig 5-2 SNMP Configurati on Example The IP address of NMS is 1. 1.1.5; the Switch (Age nt) IP address is 1.1.1.9 . Scenario 1: The NMS n etwork adm inistrative software uses SNMP proto col to obtai n data from th e switch.
11 8 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Displays all SNMP counter inform ation. Command mode: Admin Mode Example: Switch#show snmp 0 SNMP packets input 0 Bad SNMP version errors 0 .
11 9 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch MIB objects bad values errors Number of “Bad_values” error SNMP packets general errors Number of “General_errors” error SNMP packets response PDUs Number of response packets sent trap PDUs Number of T rap packets sent 5.
120 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.4.6.1.3 debug snmp packet Command: debug snmp packet no debug snmp packet Function: Enables the SNMP debug function: the “ no debug snmp packe t” command disables this debug function.
121 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.5.1 BootROM Upgrade There are two m ethods for BootROM upgrade: TFTP and FTP , which can be select ed at BootROM command settin gs.
122 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2 1 9 . 3 2 B o g o M I P S S S T 3 9 V F 0 4 0 C P U : P o w e r P C M P C 8 2 4 5 M H 2 6 6 , R e v i s i o n 1 4 V e r s i o n : 1 . 4 . 1 C r e a t i o n d a t e : A p r 1 4 2 0 0 5 , 0 9 : 3 3 : 1 8 A t t a c h e d T C P / I P i n t e r f a c e t o l n P c i 0 .
123 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch mirror file. [Boot]: wr ite nos.img Programming... Program OK. [Boot]: St e p 6 : After successful upgr ade, execute the “r un” comm and in BootR OM mode to return to CLI configuration interface. [Boot]:run ( or reboot ) Other commands in BootROM mode 1.
124 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch to establish management connection o n port 21 in the s erver, and neg otiate a data c onnection through the mana gement connection. There are two types of data connections: ac tive connecti on and passive connection.
125 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch backup and up date of the co nfigurations. S tart up configuration file: refers to the configuration sequence use d in switch start up. ES4 7 10BD start up configurat ion file stores in FLA SH only , corresponding to the so called config uration save.
126 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1. FTP/TFTP client configuration ( 1 ) FTP/TFTP client upload/down load file Command Expl anation Admin Mode copy < source-url> <destinati.
127 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 3. TFTP server configuration ( 1 ) Start TFTP server Command Expl anation Global Mode tftp-server en able no tftp-server enable Starts TFTP server , the “ no ftp-server enable ” command shuts down TFT P server and prevents TFTP users from logging in.
128 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Special Keywords in filename keyword Sour ce/T arget IP address running-config Active configuration file startup-config Start up confi guration file nos.img System file Boot.rom System boot fi le Command mode: Admin Mode Usage Guide: The comm and provides com mand line prompt messages.
129 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: view ing the file list of the FTP server 10.1.1.1 wi th the username “ Switch ” and password “ edgecore ”.
130 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.5.2.2.7 ip ftp Command:ip ftp < username> password [type{0|7}] < password> no ip ftp username < username> Function: Configures the FTP username and passwo rd; the “ no ip ftp username < username> ” command deletes the password as we ll as the usernam e configured.
131 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: The comm and provides com mand line prompt messages. If the user ent ers a command li ke copy <filename> tftp:// or copy tftp:// <.
132 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.5.2.2.10 tftp-server retransmission-number Command: tftp-server r etransmission-number < number> Function: Sets the retransmission time for TFTP server Parameters: < number> is the time to re-transfer , the valid range is 1 to 20.
133 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Scenario 1: The switch is used as FTP/T FTP client. T h e switch connects from one of its ports to a computer , which is a FTP/TFTP server with an IP address of 10.1.1. 1; the switch acts as a FTP/TFTP client, the IP address of the switch managem e nt VLAN is 10.
134 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1) #ip address 10.1.1. 2 255.255.255.0 Switch (Config-If-V lan1)#no shut Switch (Config-If-Vlan1)#ex.
135 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch “edgeco re”. Save “Profil e1”, “Profile2” and “Prof ile3” in the appropriate FTP server directory on the computer . The configuratio n procedures of the sw itch are listed bel o w: Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1) #ip address 10.
136 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch FTP Configuration PC side: Start the FTP server soft ware on the PC and set t he usernam e as “Switch”, and the password as “edgeco re”. ES4710BD : Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1) #ip address 10.
137 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Switch#show ftp T imeout :600 Displayed inform ation Description T imeout T imeout time. 5.5.2.4.3 show tftp Command: show tftp Function: displays the param eter setti ngs for the TFTP server Default: Ther e is no display by default.
138 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch send file 150 Opening ASCII mode data connectio n for nos.im g . 226 T ransfer complete. close ftp client. & The following is the m essage displays when file s are successfully received. Otherw ise, please verify link conne ctivity and retry “copy” com mand again.
139 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch & The following i s the message displayed wh en fi les are successfully received. Ot herwise, please verify link conne ctivity and retry the “copy ” command agai n. begin to receive file,wait.. .
140 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Basic host config uration – confi gures the m apping relationsh ip between t he switch and the IP address. Please refer to the CLI com mand 5.1.8. Example: conf igure the Hostnam e as “London” and IP address as 20 0.
141 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.2.2 T rap manager configuration Users should click “Switch basic configuration”, “SNMP configuration”, and “TRAP manager configuration” to configure the IP address of the m anagement station which will receiv e SNMP T rap messages and Trap c ommunity strings.
142 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.2.4 SNMP statistics When users click “S witch basic confi guration”, “SNMP configuration” and “SNMP statistics”, a variety of counter inform ation will appear . Please refer to the CLI com mand 5.
143 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.3 Switch upgrade Users should click “ Switch basic configurati on” a nd “Switch upda te” to co nfigure the upgrad e Node T ree Diagram.
144 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Server state - status of the server . (“Open” or “ Close”) Please refer to the CLI c o mm and 5.5.2.2.10 TFTP Tim eout - the timeout. Please refer to the CLI com mand 5.5.2.2.12. TFTP Retransmit times - ti mes of retransmission.
145 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch configuration .” W ords and phrases of “user configur ation” are explai ned in the fol lowing: z FTP Server state - status of the server . (“Open” or “Close”.) Please refer to t he CLI comm and 5.
146 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Show telnet user - to display al l T elnet client messages with au thenticated switch access through T elnet. Please refer to the CLI command 5. 2.4.12. z Show version - to display the num ber/version of the switch.
147 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.4.3 Others Other parts ar e easier to co nfigure. Users just cl ick a configuration node and the relati ng messages will appear .
148 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.6 Switch on-off information Users should clic k “Switch on-off information” to e nter into t he configur ation page a nd make configuration nodes. W ords and phrases are explained in the following : RIP Status - o n-off switc h of RIP .
149 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 5.6.7.2 Exit current web configuration Users should quit t h e web-l ogin by click ing “Switch maintenance” and “Exit current web configuration .
150 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z T elnet server S tate - to choose from the drop-down list. (“ Open” and “Close” ser vice) Please refer to the CLI com mand 5.
151 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 6 Device Management 6.1 Device Management Brief The device m anagement fu nction of ES471 0BD provides inf o rmation about line card status, line card operati on debugging, power supply an d fan status.
152 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Switch # show slot M1 ---------- --------Slot : M1--------- --------- I n s e r t e d : Y E S M o d u l e t y p e : E M 4 7 1 0 B D - A G E N T W o r k m o d e : A C T I V E M A S T E R W o r k s t a t e : R U N N I N G S o f t w a r e v e r s i o n : 1 .
153 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Switch # show power - - - - - - - - - - p o w e r i n f o r m a t i o n - - - - - - - - - - p o w e r 1 I n s e r t e d : N O p o w e r 2 I n s e r t e d : N O p o w e r 3 I n s e r t e d : Y E S 6.
154 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch If the cards need to be replaced during normal operati on, the following guidelines should be followed: Display a message of processing card hot removal.
155 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 6.4.1 Reset specific module Click “Device managem ent”, “Reset specific m odule”, select a module number and c lick “Apply”, then that m odule will be hot -swapped. This funct ion is equal to the C LI command showing in 6.
156 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 6.4.3 Show fan Click “Device managem ent”, “Show power”. The inf ormation co lumn display ed on the right will show the current pow er status and displa y even if the power is plug ged in or not.
157 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 7 Port Configuration 7.1 Intr oduction to Port ES4710BD comes with line cards and master control boards. Line cards provide various network ports . The master control boards provide n o network ports , only Console interface and network m anagement port.
158 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2 Port Configuration 7.2.1 Network Port Configuration 7.2.1.1 Network Port Configuration T ask Sequence 1.
159 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch speed-duplex {auto | force10-half | force10-full | for ce100 -half | for ce100-full | { {for ce1g-half | for ce1g-full} [nonegotiate [master | slave]] } } Sets port speed and duplex m ode of 100/1000Base-TX ports.
160 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch the port. For example, a band width limit of 101 M (or more) canno t be set for a 10/100M Ethernet port. But for a 10/100/10 00M port working under 100M, a bandwidth lim it of 101M (or more) is permitted.
161 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Note: & Combo port is a conception involving t he physical layer and the LLC sublayer of t he datali nk layer . The status of a com b o port will not af fe ct any operation in th e MAC sublayer of the datalink layer and upper layers.
162 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.1.2.4 interface ethernet Command: interface ethernet <interface-list> Function: Enters Ethernet Interfa ce Mode from Global Mode.
163 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Setting the ca ble type supp ort of Ethernet ports 3/5 – 8 to straight-t hrough cable only .
164 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.1.2.9 rate-suppression Command: rate-suppression {dlf | br oadcast | multicast} <packets> no rate-suppr ession {dlf | broadcast | multicast} .
165 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.1.2.1 1 speed-duplex Command: speed-duplex {auto | fo rce10-half | for ce10-full | fo rce100-half | for ce100-full | { {force1g-half | for ce1g-ful.
166 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2. Configure the IP addr ess fo r VLAN in terface and enables VLAN interface. Command Expl anation VLAN Mode ip address <i p-address> < mask&g.
167 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <ip-addr ess> is the IP address in decimal format; < mask> is the subnet m ask in decimal form at; [secondary] indicates the IP configured is a secondary IP address. Command mode: VLAN Interface Mode Default: No IP address is configured by defau lt.
168 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2. Configur e the propertie s for the network man agement port Command Expl anation Network Managem ent Port Configuration shutdown no shutdown Enables.
169 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.3.2.2 interface ethernet Command: interface ethernet <interface-name> Function: Enters network m anagement port co nfiguration m ode fro m Global M ode. Parameters: <interface-name> stands fo r port number , the defaul t value is 0.
170 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.2.3.2.5 shutdown Command: shutdown no shutdown Function: Shuts down the network management port; t he “ no shutdown ” command opens the port. Command mode: Network managem ent port configuration Mode Default: Network managem ent port is open by default.
171 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch mirror destination port. A protocol analyzer (such as S niffer) or RMON m onitoring instrument is often attached to the mirror destina tion port to m onitor and manage the netw ork and diagnostic. ES4710BD support one m irror destination port onl y .
172 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <session> stands for m i rror session value, on ly 1 may be used a t present; <interface-list> stands for mirror source port li.
173 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Displays inform ation about m i rror source/destina tion ports. Command mode: Admin Mode Usage Guide: This comm and displays the m irror so urce port(s) and destination port currently configured.
174 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch No VL AN has been co nfigured in the switches, default VLAN1 is used. Switch Port Pr operty SW1 2/7 Ingress bandwidth lim it: 150 M SW2 1/8 Mirror so u.
175 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: Port statistics are n ot cleared by default. Usage Guide: If no port is specified, then statistic s of all ports will be cleared. Example: Clearing the stat istics fo r Ethernet port 1/1. Switch#clear counters ethernet 1/1 7.
176 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.5.1 Ethernet port configuration Click “Port co nfiguration”, “ Ethernet port configur ati on” to open the Ethernet port config uration management t able to config ure Ethernet port d uplex, speed, ban dwidth contr ol and so on.
177 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Bandwidth control level: port bandwidt h control. Th e unit is Mbps and the value range is 1~1000 0Mbps z Control type: Ingress means to con trol port bandw idth when receiving data packet sent from outside the switch.
178 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 7.5.2.2 L3 port IP addr mode configuration Click “Port co nfiguration”, “vlan i nterface configur ation”, “L3 port IP addr mode configur ation” to set up L3 port IP address mode c onfiguration.
179 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Configure m irroring destination port. Equals to CLI c ommand 7.2.3.3.2. z Session: Mirroring di alog value z destination interface z tag: Setting the .
180 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 8 MAC T able Configuration 8.1 Intr oduction to MAC T able MAC table ident ifies the mapping relationshi p between destination MAC addresses and switch ports. MAC addresses can be categorized as st at ic MAC addresses and dynamic MAC addresses.
181 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch period. When the switch rec e ives a data fram e to be forwarded, it st ores the source MAC address of the data frame and crea tes a mapping to the destin a tion port.
182 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch added to the s witch MAC table. 2. At the sam e time, the switch learns t he message is d estined to 00-01-33-33-3 3-33, as the MAC table contains only.
183 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch are configured in the switch, the MAC table will be adapted acc ordingly to add VLAN information. In t his case, the switch wil l not fo rward the received broadcast frames to all ports, but forward the fram es to all ports in the same VLAN .
184 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch no mac-address-table [{stat ic | dyn amic} [address < mac-ad dr> ] [vlan < vlan-id> ] [interface < interface-name> ] ] Function: Adds or modifies static address entries, the “ no mac-address-table ” c ommand deletes static address entries a nd dynamic address entries.
185 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1/ 7 1/ 9 1/ 11 1/ 5 PC1 MAC 00-01 -11-11-11 -11 PC4 MAC 00-01-44-44 -44-44 PC3 MAC 00-01-33-33- 33-33 PC2 MAC 00-01-22-22-2 2-22 Fig 8-2 M.
186 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.4.1.2 show mac-address-table static Command: show mac-address -table [static] [addr ess < mac-addr> ] [vlan < vlan-id> ] [interface < interface-name> ] Function: Displays the content of the cu rrent MAC table in t he switch.
187 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch support for a soluti on. 8.5 MAC Address Function Extension 8.5.1 MAC Address Binding 8.5.1.1 Introduction to MAC Address Binding Most switches support.
188 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2. Lock the MAC addresses f or a port Command Expl anation Interface Mode switchport port-security lock no switchport port-security lock Locks the port.
189 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.5.1.2.2 MAC Address Binding Configuration Commands 8.5.1.2.2.1 switchport port-security Command: switchport port-security no switchport port-security.
190 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Locks the port. When a port is locked, the MAC ad dress learning function for the port will be disabled: the “ no switchport port-security lock” command restores the MAC address learning function for the port.
191 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch address can be ad ded. Example: Adding MAC 00-03-0F-FE-2E-D3 to port 1 . Switch(Config)#interface Ethern et 1/1 Switch(Config-Ethernet1/1) #switchport port -secur ity mac-address 00-03-0F-FE-2E-D3 8.5.1.
192 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.5.1.2.2.8 switchport port-security violation Command: switchport port-security violation {pr o tect | shutdown} no switchport port-security violation Function: Sets the viol ation mode for the port; the “ no switchport port-security violation ” command restores t he violation mode to p rotect .
193 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Displayed inform ation Explanation Security Port Name of port that is c onfigured as a s ecure port. MaxSecurityAddr The maxim um number of secure MAC addresses set for the secure port. CurrentAddr Current number of secure MAC addresses for the secure port.
194 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Port Security Is port en abled as a secure port? Port status Port secure status V iolatio n mode V iolatio n mode set for t he port. Maximum MAC Addresses The maxim um number of secure MA C addresses set for the port T otal MAC Addresses Current number of secure MA C addresses for the port.
195 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.5.1.3.2 MAC Address Binding T roubleshooting Help Enabling MAC a ddress binding for ports may fail on some occasi ons.
196 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.1.2 Delete unicast address Click “MAC address table configuration ”, “MAC addr ess table configuration”, to delete a u n icast address and MAC addr ess. Equals to CLI command 8.2. 2: z Delete by VID: Dele tes static MAC by the specifi ed VID.
197 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Select VID 1 and select query by VID. Click Search starting query . The new page will s how the query results 8.
198 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.2.1 Enable port MAC-Binding Click “MAC address table configuration”, “MAC ad dress binding configurat ion”, “Enable port Mac-binding”, to en able port MAC-binding list to se t up port security function.
199 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.2.2.3 Enable port security timeout Click “MAC address table config uration”, “MAC a ddress binding configuration”, “ Lock port”, “Enable port securi ty timeout” to lock port securi ty .
200 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.2.3 MAC binding attribution configuration Click “MAC address table configur ation”, “MA C address binding c onfiguration”, “MAC binding attribution config uration” to enable port security con figuration m anagement lists to se t up port security types.
201 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 8.6.2.4 MAC binding debug Click “MAC address table configur ation”, “MA C address binding c onfiguration”, “MAC binding debug” to open p o rt security debug window to check port secur ity debugging information.
202 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 9 VLAN Configuration 9.1 Intr oduction to VLAN VLAN (V irtual Local Area Network) is a technology that divides t h e logical ad dresses of devices withi n the network t o separate network se gments based on functions, ap plications or management requ irements.
203 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch conveniences: z Improved netw ork performance z Savings on network resources z Simplified Ne twork Managem ent z Lowered network cost z Enhanced netw ork security VLAN and GVRP (GARP VLAN Registration Prot ocol) are defined by IEEE 802.
204 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4. Set The Switch Port T ype 5. Set T runk port 6. Set Access port 7. Disable/Enable VLAN Ingress Rules 9.2.2 VLAN Configuration Commands 9.2.2.1 vlan Command: vlan < vlan-id> no vlan < vlan-id> Function: Creates a VLAN and enters VLAN confi guration mode.
205 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch configure a V LAN name and the switch ports assigned t o the VLAN. The “ no vlan < vlan-id> ” command deletes s pecified VLAN s. Parameters: < vlan-id> is the VLAN ID to be created/deleted, vali d range is 1 to 4094.
206 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-ethernet1/8) #switchport mode access Switch(Config-ethernet1/8) #switchport access vlan 100 Switch(Config-ethernet1/8) #exit 9.
207 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: switchport trunk allowed vlan {< vlan-list> | all} no switchport trunk allowed vlan Function: Sets trunk port to allow VLAN traffic; the “ no switchport trunk allowed vlan ” command restores t he default setting .
208 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Interface Mode Default: VLAN ingress rules are enab led by default . Usage Guide: When VLAN ingress r u les are enabled on th e port and the system receives data, it will check the source port first, t h en forwards the da ta to the destination port if it is a VLAN member port.
209 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch VLAN200 Site A and site B switch por t 8 – 10. T runk port Site A and site B switch port 11 . Connect the T runk ports of both switches for a T runk link to convey the cross-swit ch VLAN traf fic. Connect all ne twork devices to the other po rts of the corresponding VLANs.
210 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.3 GVRP Configuration GARP (Generic Attribute Registration Proto col) can be used t o dynam ically distribute, populate and r egister property information between switch members withi n a switch networ k, the property can be VLAN infor mation, Multi cast MAC address of the other information.
21 1 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.3.2 GVRP Commands 9.3.2.1 garp timer join Command: garp timer join < time r -value> no garp timer join Function: Sets the join timer for GARP; the “ no garp timer join ” command restores the default timer setting.
212 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/1 0)#garp timer leave 3000 9.3.2.3 garp timer hold Command: garp timer hold < time r -value> no garp timer hold Function: Sets the hold timer for GARP; the “ no garp timer hold ” command restores the default timer setting.
213 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Interface Mode an d Global Mode. Default: GVRP is disabled by defaul t. Usage Guide: Port GVRP can only be enabled after globa l GVRP is enabled. When global GVRP is disabled, port GVRP configurations are al so void.
214 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Configuration Item Configuration description VLAN100 Port 2 – 6 of Sw itch A and C T runk port Port 1 1 of Switch A and C, P o rt 10, 1 1 of Switch B.
215 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/1 1) #switchp ort mode trunk Switch(Config-Ethernet1/1 1)#gvrp Switch(Config-Ethernet1/1 1)#exit 9.
216 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch T otal E xisting Vlans is:2 Displayed inform ation Explanation VLAN VLAN number Name VLAN name T ype VLAN property , of statically configur ed or dynamically l earned. Media VLAN interface type: Ethernet Ports Access port within a VLAN Universal Vlan Universal VLAN.
217 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch debugging f unction . Command mode: Admin Mode Default: GVRP debugging information is disabled by default. Usage Guide: Use this c ommand to en able GVRP debugging, GVRP packet pro cessing inform ation can be displayed.
218 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch VLAN ID information window will di splay current VLANs of the switch: 9.5.1.1.2 VID attribution configuration Click “Vlan configuration ”, “Vlan .
219 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Information display shows the VLAN allocation result: 9.5.1.3 Port type configuration Click “Vlan c onfiguration”, “Vlan configuration”, ”P ort type configuration” to o pen port type configuration list.
220 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.5.1.4 T runk port configuration Click “Vlan configuration” , “Vlan configuration”, “ T runk port configurat ion” to open T runk port VLAN configuration list .
221 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.5.1.5 Set allow Vlan Click “Vlan c onfiguration”, “Vlan configuration”, “Access port conf iguration” to open Access port VLAN configuration list to allocate Access port VLAN.
222 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “Vlan confi guration”, “ Vlan configuration”, “Enable/Disable V lan filter rule” to open VLAN ingress configuration lis t to setup VLAN filter function .
223 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “Vlan confi guration”, “GVRP configuratio n”, “GVRP configuration” to configure GV RP parameters of the switch : z Port: specified port z Join timer (100~ 327650ms): co nfigures the va lue of GA RP join timer .
224 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 9.5.3.2 Show GARP Click “Vlan confi guration”, “Vlan debug” a nd “maintenance”, “show gar p” The information window in the right will display all relat ed GARP information. Equals to CLI command 9.
225 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch spanning tree insta nces (MSTI). It applies the fast co nver ging properties, e nabling multipl e VLAN of the same topology to map to one spanning tree ins tance, while that span ning tree topolo gy is independent of the other sp anning tree instances.
226 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch CIST Regional Root. The root port in the Field CIST Regional Root is Master Port to all the MSTI in the field. When MSTP initializes, it will se nd a BPDU announcing itself as the CIST Regional Root and setting the route c ode to the CIST Root and CIST Re gional Root t o 0.
227 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2 MSTP Configuration 10.2.1 MSTP configuration task sequence 1. Enable MSTP and set the runn ing mode 2. Configure instance parameters 3. Configure MSTP field param eter 4. Configure MSTP time pa rameter 5.
228 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4. Configur e MSTP time parameters 5. Configure the fast migrate feature for MSTP Command Expl anation Global Mode spanning-tree mst configuration no s.
229 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2.2 Introduction to MSTP configuration commands 10.2.2.1 abort Command: abort Function: Discards the conf iguration in MSTP field and exits from MST mode to Global Mode. Command mode: MSTP Field Mode.
230 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch to Instance 0. Usage Guide: This com mand is used to set VLAN -Instance mappin g. Switches are considere d to be in the sam e MSTP field only if they ha ve identical m apping and ot her MSTP fiel d parameters.
231 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2.2.6 spanning-tr ee Command: spanning-tree no spanning-tree Function: Enables MSTP in Global Mode and Port Mode; the " no spanning-tree " comm and disables MSTP . Command mode: Global Mode and Po rt Mode Default: MSTP is disabled by default.
232 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Global Mode Default: The defau lt Hello time is 2 se conds. Usage Guide: The inter val for switch to send a BPDU is referred to as Hell o time. The Hello time, forward delay time, and m ax age time are associated .
233 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Bridge_Max_Age >= 2 ×(Bridge_H ello_T ime + 1.0 seconds) Example: Setting the m aximum age time to 25 sec onds in Global Mode.
234 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2.2.13 spanning-tr ee mode Command: spanning-tree mode {mstp|stp} no spanning-tree mode Function: Sets the switch to run in S panning T ree mode; t he “ no spanning-tr ee mode ” command restores the default settin g.
235 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.2.2.15 spanning-tr ee mst cost Command: spanning-tree mst <inst ance-id> cost <cost> no spanning-tree mst <instance-id> cost Function: Sets the route cost for th e current Ethernet port; “ no spanning-tr ee mst <instance-id> cost ” command restores the default value.
236 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch priority . Example: Setting the pri o rity for port 1/ 2 of instance1 to 32. Switch(Config)#interface et hernet 1/2 Switch(Config-Ethernet1/2) #spanni ng-tree mst 1 port-priority 32 10.
237 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.3 MSTP Example The following is a typical MSTP applicati on scenario: SW1 SW2 SW3 SW4 1 1 2 2 3 54 2 3 1 6 7 5 4 6 7 x x x x x Figure 00-2 MSTP T ypical Application Example As illustrated in t he figure above by the lines between SW1-SW4, MSTP is running.
238 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Port 4 200000 2000 00 Port 5 200000 2000 00 Port 6 2000 00 200000 Port 7 2000 00 200000 By default, MSTP will establis h a topology (in bl ue lines) rooted wit h SW1, the ports marked with “x” are in the Disc arding status, the ot her ports are in the Forwarding status.
239 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SW2(Config)#spanning-tree Switch SW3: SW3(Config)#vlan 20 SW3(Config-Vlan20)#exit SW3(Config)#vlan 30 SW3(Config-Vlan30)#exit SW3(Config)#vlan 40 SW3(C.
240 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SW4(Config-Port-Range)#exit SW4(Config)#spanning-tree SW4(Config)#spanning-tree ms t 4 priority 0 After the above configuratio n, all instance CIST (In.
241 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SW2 SW3 SW4 2 3 54 2 3 6 7 5 4 6 7 x x x x Figure 00-4 Inst ance3 topol ogy in the MSTP field after MSTP cha nge SW2 SW3 SW4 2 3 54 2 3 6 7 5 4 6 7 x x x x Figure 00-5 Instance4 topology in the MSTP field after MSTP change 10.
242 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch MSTP information can be displayed wit h the “show spanning- tree” command. Example: Displayi ng MSTP information, the displayed cont ents are shown b elow . Switch#sh spanni ng-tree - - M S T P B r i d g e C o n f i g I n f o - - Standard : IEEE 802.
243 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ########## ######### ######## Inst ance 4 ############## ############# Self Bridge Id : 32768.00:03:0f:01:0e:30 Region Roo t Id : this switch Int.
244 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.4.1.2 show mst configuration Command: show spanning-tree mst config Function: Displays the ef fective MSTP field parameter configura tions in admin mode.
245 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Mstp-Region)# 10.4.1.4 debug spanning-tr ee Command: debug spanning-tree no debug spanning-tr ee Function: Enables MSTP debug info rmation: the “ no debug spanning-tree” command disables MSTP debug information .
246 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.5 WEB MANAGEMENT Click “MSTP control” to enter MSTP control config urat ion mode to manage MSTP features for the switch. 10.5.1 MSTP field operation Click “MSTP control” to enter MSTP field operation.
247 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.5.2 MSTP port operation 10.5.2.1 Edge port setting Click “MSTP control” to enter MSTP field operation, then "PortFast Con fig". Set the port to be an edge port Configure port 1/5 to be edge ports.
248 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 10.5.2.5 Link type configuration Click “MSTP control” to enter MSTP port operati on, then "Link_ T y pe Config". Set the link type of the current port. Set the link of port 1 /7 to be forced p oint-to-point type.
249 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “MSTP control” to enter MSTP Global control, then "Hello_tim e Config". Set the Hello time for the switc h.
250 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “MSTP control”, “MSTP Global control”, enter the "Priority Co nfig" to set bridge priority for the switch for the specifie d instance. Set bridge priority of the sp ecified instance for t he switch Configure switch instan ce2 priority to 4096.
251 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter1 1 IGMP Snooping Configuration 1 1.1 Intr oduction to IGMP Snooping IGMP (Internet Group Management Protoco l) is a protocol us ed in IP multicast.
252 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip igmp snooping vlan <v lan-id> no ip igmp snooping vlan <vlan-id> Enables IGMP Snooping for specified VLAN ip igmp snooping vlan <vlan.
253 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch command disables the IGMP Snooping function. Command mode: Global Mode Default: IGMP Snooping is disabled by default. Usage Guide: Enabling IGMP Snooping al lows the switch to monitor multicast traf fic in the network and deci de which ports will receive multicas t traffic.
254 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 1 .2.2.4 ip igmp snooping vlan static Command: ip igmp snooping vlan <vlan-id> static <multicast-ip-addr> interface <interface –name.
255 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <vlan-id> is the V ALN number specified. Command mode: Global Mode Default: IGMP Query is disabled by defa ult. Usage Guide: Before enabling the IGMP Query function for the specified VLAN, the switch must have a correspo nding VLAN conf igured and IGMP Snooping enabled.
256 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: < vlan-id> is the s p ecified VLAN num b er; <time-value > is maxim um query response time, valid ran ge is 10 to 25. Command mode: Global Mode Default: The m aximum response time is 10 seco nds.
257 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(C onfig)#ip igm p snooping Switch(C onfig)#ip igm p snooping vlan 100 Switch(C onfig)#ip igm p snooping vlan 100 mr outer interface ethernet 1/1.
258 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The configuration of Switch2 is the same as the switch in sce nario 1, Switch1 ta kes the place of Multicast Router in scenari o 1. Let’ s ass ume VLAN 60 is configured in Switch1, i ncluding ports 1, 2, 6, 10 and 12.
259 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch IGMP information for VLAN 1: igmp snooping vlan status :Disabled igmp snooping vlan query :Disabled igmp snooping vlan mrouter port :(null)----------- .
260 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Displayed inform ation Explanation igmp snooping sta tus Whether “igmp snoo ping” function is enabled. igmp snooping v lan status “igmp snooping” status of all VLA Ns in the swit ch (enabled or not) igmp snooping v lan query Query status of all VLANs in the switch (enable d or not) .
261 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ----------------- ---------------------- ----------------- ------------------ Ethernet1/4 MEMBERS_PRESENT Snoop _Group_Addr 239.255.48.1 89 0 ----------------- ---------------------- ----------------- ------------------ Ethernet1/5 MEMBERS_PRESENT Snoop _Group_Addr 239.
262 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch command disab les this debug function . Command mode: Admin Mode Default: IGMP Snooping debug is disabled by default. Usage Guide: Use this comm and to enable IGMP Sn ooping debug, IGMP pack et processing information can be displaye d.
263 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 1 .5.2 IGMP snooping configuration Click “IGMP Snooping configuration” node to enter the IGMP Snooping c onfiguration page. This page is divided i nto 3 sections: query configur ation, snoo ping configurati on and conf iguration display .
264 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 1 .5.3 IGMP snooping static multicast configuration Click “IGMP Snooping stati c multicast co nfiguration” to enter the configuration sc reen. The page is divided into confi guration section and display section.
265 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch.
266 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 12 ACL Configuration 12.1 Intr oduction to ACL ACL (Access Control List) i s an IP packet filtering mechanism employed in switches , providing network traffic control by granti ng or denying access through the sw itches, effectively safeguarding the security of networks.
267 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The following rules ap ply: z An access list can consist of several rules. Filtering of packets c ompares packet conditio ns to the rules, from the first rule to th e first matched rule; the rest of th e rules will not be processed .
268 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch access list <num> {deny | permit} {{ <sIpAddr> <sMask> } | any-sour ce | {host-source <sIpAddr> }} no access list <num> C.
269 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch a. Create a name-based standard IP access list Command Expl anation Global Mode ip access standard <name> no ip access standard <name> Crea.
270 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch [no] {deny | permit} tcp {{ <sIpAddr> <sMask> } | any-source | {host-sour ce <sIpAddr> }} [s-port <sPort> ] {{ <dIpAddr> .
271 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip access-gro up <name> {in|out } no ip access-group <name> {in|out} Applies an access l ist to the specified direction on the po rt; the “ no ip access-group <name> {in|out} ” command deletes the access l ist bound to the port.
272 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: No IP address is configured by defau lt. Usage Guide: When the user first speci fies a specific <num> , the ACL of this number will be created, and entries ca n be added to that ACL. Example: Creating an ext ensive IP access list numbered as 1 10.
273 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: firewall defa ult {permit | deny} Function: sets firewall default action. Parameters: “ permit ” allows packets to pass through; “ deny ” blocks packets. Command mode: Global Mode Default: The default actio n is “permit”.
274 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: ip access-group [< num >| <acl-name> { in|out } no ip access-group <name> { in|out } Function: Applies an acces s list to the incoming directi on on the port; the “ no ip access-group <name> {in|out} ” command deletes the access list bound to t he port.
275 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config)#ip access list extended udpFlow Switch(Config-Ext-Nacl-ud pFlow)#deny igm p any-source any-destination Switch(Config-Ext-Nacl-ud pFlow)#perm it udp any- sour ce host-destination 192.168. 0.
276 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/1 0)#ip access-group 1 10 in Switch(Config-Ethernet1/1 0)#exit Switch(Config)#exit Configuration result.: Switch#show firewall Firewall St atus: Enable. Firewall Default Rule: Perm it.
277 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Displayed inform ation Explanation access list 10(used 0 tim e(s)) Numbered ACL10, reference tim e: 1 access list 10 deny any-source Denies all IP packets passage access list 100(used 1 time(s)) Number ed ACL100, reference tim e: 1.
278 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: Example: Switch#show firewall F i r e w a l l S t a t u s : E n a b l e . Firewall Default Rule: Perm it. Displayed inform ation Explanation Firewall St atus: Enable.
279 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 12.5.1 Numeric standard ACL configuration Click “Numeric A CL Configuratio n”, and then “ Add Standard Num eric ACL” section to enter the configuration page. Equals to its CLI command of 1 2.2.2.
280 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch There are several sub-sect ions in this cate gory : z ACL number (100-199) z Rule - perm it or deny z Source address type - Specified IP address .
281 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 12.5.4 Configur e standard ACL name co nfiguration and delete the standard ACL name configuration Click “ACL n ame configuratio n” to open up the su b-sec tions, next click “A CL name configurati on” to enter the c onfiguration p age.
282 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 12.5.5 Configur e extended ACL name configuration Click “ACL nam e configuration”, the configuratio n sections will then be show n.
283 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 12.5.7 ACL port binding Click “Filter configuration” , and then select “ACL port binding” to enter the configurat ion page.
284 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 13 Port Channel Configuration 13.1 Intr oduction to Port Channel T o un derstand Port Chann el, Port Group sh ould be introduc ed first.
285 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ) All ports are in fu ll-duplex mode. ) Ports are of the same speed. ) All ports are Access ports and belong to the same V LAN or are all Trun k ports. ) If the ports are Trunk ports , then their “Allow ed VLAN” and “ Native VLAN” property should also be the sam e.
286 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 3. Enter port-channel configuration mod e. Command Expl anation Global Mode interface port-channel <port-channel-number> Enters port-channel configurati on mode. 13.2.2 Port Channel Configuration Commands 13.
287 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: port-group <port-gr oup-number> mode {active|passive|on} no port-grou p <port-group-number> Function: Adds a physical port to port channel, the “ no port-group <port-gr oup-number> ” removes speci fied port from the port c hannel.
288 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 13.3 Port Channel Example Scenario 1: Configuri ng Port Channel in LACP . Fig 14-2 C onfiguring Port C hannel in LAC P Example: The switches in the description below are all ES471 0BD switches an d as shown in th e figure, ports 1, 2, 3 of Sw itch 1 are access ports th at belong to vlan1.
289 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch2 (Config-If-Port-Channel2)# Configuration result: Shell prompts ports aggre gated successfully after a while, now port s 1, 2, 3 of Switch 1 for.
290 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch2 (Config)#interface eth 1/ 6 Switch2 (Config-Etherne t1/6)#port-group 2 mode on Switch2 (Config-Etherne t1/6)#exit Switch2 (Config)# in terface .
291 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Number of ports in group Port number in the port gro up Maxports Maximum number of ports allowed in a group Number of port-channels Whether aggrega ted to port channe l or not Max port-channe ls Maximum port channe l number can be f ormed by port group.
292 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch the machine state and port stat e of the port are as follows: mux_state: DETCH rcvm_state: P_DIS prm _ state: NO_PER actor_oper_port_state : L_A___F_ p.
293 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch port state L A C P a c t i v e t y . 1 L A C P t i m e o u t . . A g g r e g a t i o n 1 1 S y n c h r o n i z a t i o n . . C o l l e c t i n g . . D i s t r i b u t i n g . . D e f a u l t e d 1 1 E x p i r e d .
294 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Collecting Whether status of port bo und status machine is “collec ting” or not. Distributing Whether status of port bound status machin e is “distribut ing” or not. Defaulted Whether the local port is using default par tner end parameter .
295 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch# debug la cp 13.4.2 Port Channel T r oubleshooting Help If problems occur whe n configuring p ort aggregation, pl ease first check the following for causes . & Ensure all ports in a port group h ave the sam e pr operties, i.
296 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Apply to add the group. After finishing the group configura tion, the configured port information will be shown under the configuration table. 13.5.2 LACP port configuration Click LACP port configurati on to enter configuration page Equivalent to CLI comm and 13.
297 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 14 DHCP Configuration 14.1 Introduction to DHCP DHCP [RFC2131] is the acronym for Dynamic Host Configuratio n Protocol.
298 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch obtained dyna mically can b e diff erent every tim e; manually bound IP address will be the sam e all the time.
299 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch dns-server [address1[add re ss2[…addr ess8]]] no dns-server Configures DNS server for DHCP clie nts domain-name <domain> no domain-name Configures Domain nam e for DHCP clients; the “ no domain-name ” command del etes the domain nam e.
300 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch client-identifier <unique-identifier> no client-identifier Specifies the unique ID of the user when binding an address m anually client-name <name> no client-name Configures a clie nt name w hen binding an address manually 3.
301 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch IP address defined in “hos t” command to the client . Example: Specifying the I P addr ess 10.1.128.1 60 to be bound to user with the unique id of 00-10-5a-60-af-12 in m anual address binding. Switch(dhcp-1-config)#client- identifier 00-10-5a-60-af-12 Switch(dhcp-1-config)#hos t 10.
302 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command Mode: DHCP Address Pool Mode Usage Guide: Up to 8 DNS server addresses can be co nfigured. The DNS server a ddress assigned first has the highest prior ity , Therefore a ddress 1 has the highes t priority , and address 2 has the second, and so on.
303 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Specifies the IP address to be assigned to the user when bindin g addresses manually ; the “ no host ” command delet es the IP address.
304 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Specifies addresses excluding from dynam ic assignment; the “ no ip dhcp excluded-address <low-address> [ <high-addr ess> ] ” command ca ncels the setting. Parameters: <low-addr ess> is the starting IP address, [ <high-addr ess> ] is the ending IP address.
305 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: lease { [ <days> ] [ <hours> ][ <minutes> ] | infinite } no lease Function: Sets the lease time for addresses in t he address pool; the “ no lease ” c o mm and restores the default setting.
306 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch h-node that broadcasts after point-to-point com munication. Example: Setting the no de type for clie nt of pool 1 to broadcasting node.
307 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Sets the network p arameter specified by the opti on code; t he “ no option <code> ” command cancels the setting for option.
308 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 14-2 DHCP relay As shown in the above figu re, the DHCP client an d the DHCP server are in dif ferent networks, the DHCP client performs the f our DHCP steps as usual yet DHCP relay is added to t he process.
309 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 4. Disable DHCP relay from forwardin g DHCP broadcast packet. Command Expl anation Global Mode ip dhcp relay information policy drop no ip dhcp r elay .
310 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.3.2.3 ip dhcp relay information policy dr op Command: ip dhcp relay information policy dr op no ip dhcp relay information policy d rop Function: Whe.
31 1 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(dhcp-A-config) #default-route 10.16.1.200 10. 16.1.201 Switch(dhcp-A-config) #dns-server 10.16.1.202 Switch(dhcp-A-config) #netbios-name-server 10.16. 1.209 Switch(dhcp-A-config) #netbios-node-type H-node Switch(dhcp-A-config) #exit Switch(Config)#ip dhc p excluded-addres s 10.
312 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Scenario 2: Fig 14-3 DHC P Relay Configuratio n As shown in the a bove figure, ES4710 BD is conf igured as a DHCP relay .
313 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch client will be reques t ing the IP address in th e sam e segment of the VLAN interface aft er VLAN interface forwarding, and the VLAN i nterface IP addr ess is 10.16.1.2/24, therefore the IP address assigned to the cl ient will belong to 10.
314 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch conflicting for use. The “Clear ip dhcp conflict” command can be used to delete the conflict record for an ad dress. If "all” is specif ied, th en all conflict records in the log will be re moved.
315 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch T y pe T ype of assignment: manual bi nding or dynamic assignment. 14.5.1.5 show ip dhcp conflict Command: show ip dhcp conflict Function: Displays log inform ation for addre sses that have a conflict record.
316 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch BOOTREPL Y 191 1 DHCPOFFER 6 DHCP ACK 6 DHCPNAK 0 DHCPRELA Y 1907 DHCPFOR W ARD 0 Switch# Displayed inform ation Explanation Address pools Number of DHCP address pools confi gured. Database agents Number of database ag ents.
317 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.5.2 DHCP T roubleshooting Help If the DHCP clients cannot ob tain IP addresses and other netw ork parameters, the fo llowing procedures can be fol lowed after DHCP client hardware and cables have been verifi ed to be ok.
318 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.2.1 Address pool configuration Click “DHCP configurat ion”, “DHCP serv er conf iguration”, “Address pool configur ation” to configure the DHCP address pool f unction: z DHCP pool name (1-32 c haracters) – defines a D HCP address pool in global mode.
319 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.2.2 Client’s default gat eway configuration Click “DHCP conf iguration”, “D HCP server configuratio n”, “Client' s default gateway configuration” to configure t he default gat eway for DHCP client.
320 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.2.4 Client wins server configuration Click DHCP config uration, DHCP server config uration, Cl ient WINS server config uration.
321 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch configuration” to configure the DHCP client boot file name and client s erver address which is for save the boot file: z DHCP pool name - Choose one DHCP address pool z DHCP client bootfile nam e (1-128 characters) - boot file name.
322 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.2.7 Manual address pool configuration Click “DHCP configurat ion”, “DHCP server config uration”, “Manual address pool configur ation” .
323 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.2.9 DHCP packet statistics Click “DHCP config uration”, “DH CP server configuration”, “ DHCP packet statistics” to dis play DHCP server statistics inform ation of all kinds of DHCP data packets.
324 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “DHCP config uration”, “DHCP relay configuration”, “DHCP relay co nfiguration” to configure the sw itch’s DHCP relay functi on: DHCP forward UDP configurati on configures DHCP relay to forward broadcast m essages to a UDP port.
325 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 14.6.4.2 Delete conflict log Click “DHCP confi guration”, “ DHCP debugging” to delete c onflicting l ogs. Example: Ch oose Delete all conflict address as Yes. Click Apply button and all conflic ting addresses in address conf lict log will be removed.
326 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 15 SNTP Configuration The Network T ime Protocol (NTP) is widely used for c lock synchronization for global com puters connected to the Int e rnet.
327 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 15.1 SNTP Configuration Commands 15.1.1 sntp server Command: sntp server <server_addr ess> [version <version_no> ] no sntp server <serve.
328 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: The defau lt time diff erence setting is “ add 8”. Command mode: Global Mode Example: Setting the time zone to Beijing.
329 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 15.3 SNTP T r oubleshooting Help 15.3.1 Monitor and Debug Commands 15.3.1.1 show sntp Command: show sntp Function: Displays current SNTP client configuration and server statu s. Parameters: N/A. Command mode: Admin Mode Example: Displaying current SNTP configuration.
330 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 15.4.2 Request interval configuration Click “SNTP configur ation”, “Request interval configurati on” to confi gure the sending request tim e interval from SNTP client to NTP/SNTP server . Same as CLI command 15.
331 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 16 QoS Configuration 16.1 Intr oduction to QoS QoS (Quality of Service) is a set of capabilities that allow you t o create dif ferentiated services for network traf fic, thereby providing better service fo r sele cted network traf fic.
332 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Robin). In Profile: Tr affic within the QoS p olicy range (bandwi d th or burst value) is called “ In Profile". Out of Profile: T raf fic out the QoS policy range (ba ndwidth or burst value) is ca lled “Out of Profile".
333 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 16-3 Basic QoS Model Classification: Classifies tr affic ac cording to packe t classification inform ation and generates internal DSCP value bas ed on the classifi cation information. For dif ferent packet types and switc h configurations , classification is performed dif ferently .
334 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 1 6 -4 Classificati on process Policing and r emark: Each packet in classified ingress traf fic is assigned an internal DSCP value and can be pol iced and remarked. Policing can be performed based on DSCP value to config ure dif ferent policies that alloca te bandwidth to classified traf fic.
335 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 1 6 -5 Policing and Remarking process Queuing and scheduling: Packets at t he egress will re-m ap the internal DSCP value to CoS value, the queuing.
336 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 16-6 Queui ng and Sched uling process 16.2 QoS Configuration 16.2.1 QoS Configuration T ask Sequence 1 . Enable Q oS QoS can be enable d or disabled in Global Mode. QoS must be enabled first in Global Mo de to configure other Q oS commands.
337 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Set up a cl assification rule a ccording to ACL, VLAN ID, IP Precedence or DSCP to classify the data stream . Different classes of data str eams will be processed with differe nt policies. 3 . Confi gure a policy map.
338 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch policy-map < policy-map-name> no policy-map < policy-map-name> Creates a policy map and enters polic y map mode; the “ no policy-map < policy-map-name> ” com mand deletes the specified policy m ap.
339 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch priority < cos >] no mls qos trust disables the c u rrent trust s tatus of the port. mls qos cos { <default-cos> } no mls qos cos Configures the default CoS value of the port; the “ no mls qos cos ” command restores the default setting .
340 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch <dscp-mutation-name> <i n-dscp> to < out-dscp> |ip-prec-dscp < dscp1...dscp8 > | policed-dscp < dscp-list> to < mark-d.
341 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Configures the m atching criterion in t he class map; the “ no match {access-group | ip dscp | ip precedence | vlan} ” comm and deletes the specified matching criterion.
342 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: < class-map-name> is the class map name used by the class. Default: No policy class is c onfigured by defau lt. Command mode: Policy map conf iguration Mode Usage Guide: Before settin g up a policy class, a policy map should be created and the policy map mode entered.
343 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch according to policed-dscp mapp ing when specified speed is exceede d. Default: There is no policy by default.
344 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.2.2.9 police aggr egate Command: police aggr egate < aggregate -policer -name> no police aggr egate < aggr egate-policer -name> Function.
345 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Configuring Ethe rnet port 1/1 to trust CoS value, i.e ., classifying the p ackets according t o CoS value, DSCP value sh ould not be changed. Switch(Config)#interface et hernet 1/1 Switch(Config-Ethernet1/1) # mls qos trust cos pass-through-dscp 16.
346 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.2.2.13 mls qos dscp-mutation Command: mls qos dscp-mutation < dscp-mutation-name> no mls qos dscp-mutation < dscp-mutation-name> Functio.
347 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Configures the queue out m ode. The “ no priority-queue out ” command restores the default value and defaul t queue out weights.
348 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch < dscp1...dscp 8> are the 8 DSCP value corre sponding to the 0 to 7 Co S value, each DSCP value is delim ited with space, rang ing from 0 to 63; .
349 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch the port in trust CoS mode without c hanging DSCP value, and set the defau lt CoS value of the port to 5.
350 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch An ACL name 1 is set to matching seg ment 192.168 .1.0. QoS was ena bled globally , a c lass map named c1 was created, m atching ACL1 in class map; another policy map named p1 was created and refers to c1 in p1 , appropria te policies were set to limit bandwidth and burst value.
351 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-ClassMap)# exit Switch(Config)#policy -map p1 Switch(Config-PolicyMap)#class c1 Switch(Config--Policy-Clas s)#set ip precedence 5 Switch(.
352 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: Example: Switch #show mls qos a ggregate-policer p olicer1 aggregate-policer policer1 800 00 80 excee d-action dr.
353 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 0x200 0x200 0x200 0x20 0 0x200 0x200 0x200 0x20 0 Displayed inform ation Explanation packet number of 8 queue: 0x 200 0x200 0x200 0 x200 0x200 0x200 0x200 0x200 A vailable packet number for all 8 queues out on the port, this is a fixed setting that cannot be cha nged.
354 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch out-profile T otal out-profile data packet s match this class m ap. 16.4.1.4 show mls qos maps Command: show mls qos maps [cos-d scp | dscp-cos | dscp-mutation < dscp-mutation-name> | ip-prec-dscp | policed-dscp] Function: Displays m apping configuratio n information for QoS.
355 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Policed-dscp map: d1 : d2 0 1 2 3 4 5 6 7 8 9 0: 0 1 2 3 4 5 6 7 8 9 1: 10 11 12 13 14 15 16 17 18 19 2: 20 21 22 23 24 25 26 27 28 29 3: 30 31 32 33 34 35 36 37 38 39 4: 40 41 42 43 44 45 46 47 48 49 5: 50 51 52 53 54 55 56 57 58 59 6: 60 61 62 63 16.
356 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Policy Map p1 Class Map name: c1 police 16000000 2000 exceed-a ction drop Displayed inform ation Explanation Policy Map p1 Na me of policy map Class map nam e:c1 Name of the c lass map referred to police 16000 000 8000 ex ceed-action drop Policy implem ented 16.
357 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z QoS status - Close or Open. T o ena ble QoS, select Open, then click Apply . 16.5.2 Class-map configuration Click “Class-m ap configuration” to display the extension, i ncluding the following tw o sections: 1.
358 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Match value 1, select set to Operation type, and then click Apply . 16.5.3 Policy-map priority configuration Click “Policy -map configura tion” to .
359 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.3.2 Policy-map priority configuration Click “Policy -map priority configura tion” to en try configure page. Equi valent to CLI comm and 16.2.2.6. T erm s are described as following: z Policy-map nam e z Class-map nam e z Priority type.
360 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.3.4 Add/Remove aggregate policy Click Add/Re move aggregate p olicer to entry configure page. It is equivalent to CLI comma nd 16.2.2.8. T erm s are described as following: z Aggregate policer name z Rate - average ba ud rate for classif ied bandwidth, K bit/s per u nit.
361 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Apply the aggregat e policer agg1 by c1 class-m ap, input the graphic presentation val u e, and then click Add.
362 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.4.2 Port default CoS configuration Click “Port defaul t CoS configuratio n” to entry con figure page. Equi valent to CLI com mand 16.2.2.1 1. T erm s are described as following: z Port z Default CoS value - Startup CoS value z Reset - W ill set colum n as startup defaults.
363 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Port name z DSCP mutation name z Operation - Set or Rem ove Example: Set the DSCP mutation i n Ethernet p ort 1/1. Cho ose Port name as Et hernet1/1, input mu1 for DCSP mutation name, to sele ct Set for Operation, an d then click Apply .
364 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.5.2 Egr ess-queue W ork mode configuration Click “Egress-que ue work mode configuration” to enter the c onfiguration pag e. Equivalen t to CLI command 16. 2.2.15. T erm s are described as following: z Port name z Reset - W ill set colum n as startup defaults.
365 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.6 QoS mapping configuration Click “QoS mapp ing configurati on” to dis play extension s, including t he following: 1. CoS-to-DSCP mapping 2. DSCP-to-CoS m apping 3. DSCP mutatio n mapping 4. IP-Precedence-to-DSCP mapping 5.
366 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.6.2 DSCP-to-CoS mapping Click “DSCP-to-CoS m apping” to entry configure page. T erm s are described as following: z DSCP 1-8 - DSCP value z .
367 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 16.5.6.4 IP-pr ecedence-to-DSCP mapping Click “IP-Precedenc e-to-DSCP mapping” to e nter the configur ation page.
368 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 17 L3 Forward Con figuration ES4710BD supports Lay er 3 forwarding which forwards Lay e r 3 protocol p ackets (IP packets) across VLANs.
369 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch <vlan-id> ” comm and deletes the VLA N interface (Layer 3 interfa ce) created in the switch. 17.
370 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch no ip fib optimize aggregation algorithm ; the “ no ip fib optimize ” disables the optim ized IP route aggregation algorit hm.
371 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 0 f rag mented, 0 couldn't fragment, 0 fragm en t sent Sent: 0 generated, 0 fo rwarded 0 dropped, 0 no route ICMP statistics: Rcvd: 0 total 0 erro.
372 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch and packets without route. ICMP statistics : ICMP packet statistics. Rcvd : 0 total 0 errors 0 time exceeded 0 redirects, 0 unreachable, 0 echo, 0 .
373 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ES4710BD supports the c onfiguration of proxy ARP for some applications. F or instance, when an ARP request is received on the port, requesting an IP a.
374 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 17.3.2.2.2 ip proxy-arp Command: ip proxy-arp no ip proxy-arp Function: Enables proxy ARP for VLAN in terface; the “no ip proxy-arp” command disab les proxy ARP . Default: Proxy ARP is disabled by defa ult.
375 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 50.1.1.9 00-00-00-00-00-09 V lan50 Etherne t1/1 S tatic 150.1.1.2 00-00-58-fc-48-9f Vlan150 Ethernet3/4 Dynamic Displayed inform ation Explanation T otal arp items T otal number of Arp entries.
376 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 17.3.3.2 ARP T roubleshooting Help If ping from the swi tch to directly connected netw ork devices fails, the following can be used to check the possibl e cause and create a solution. z Check whethe r the corresponding ARP has been learned by the switch.
377 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch configuration . 17.4.3.1 Configur e static ARP Click “ARP configuratio n” to conf igure static ARP .
378 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 18 Routing Protocol Configuration T o com municate with a rem ote host over the Internet, a host must choose a proper route via a set of routers/L3 switches. Both routers and layer 3 s witches calculate the ro ute using CPU.
379 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The route table m ainly consists of the following: z Destination address: used to ide ntify the destin ati on address or the destination netw ork of a packet. z Network mask: used together with destinati on address to identify the destination host or the segment that the l ayer 3 switch resid es.
380 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch priority accor ding to the pr iority of routing protocols. A t same time, static rout es can be introduce d (redistribute) in dynam ic route, and change the priority of the static rout e introduced. 18.
381 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch [ <p re fe ren ce > ]” command deletes a static route entry . Parameters: <ip-addr ess> and <mask> are the IP a ddress and subnet m.
382 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch D e s t i n a t i o n M a s k N e x t h o p I n t e r f a c e P r e f C 2.2.2.0 255.255.255.0 0.0.0.0 vlan2 0 C 4.4.4.0 255.255.255.0 0.0.0.0 vlan4 0 S 6.6.6.0 255.255.255.0 9.9.9. 9 vlan9 1 R 7.7.7.0 255.
383 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SWI T C H - 2 PC 1 £º 10.1.1.2 PC2 £º 10.1.4.2 PC 3 £º 10.1.5.2 vla n 3 £º 10.1.5.1 vla n1 £º 10.1.1.1 vl an2 £º 10.1.2.1 vl an2 £º 10.1.4.1 vla n2 £º 10.1.2.2 vl an1 £º 10.1.3.2 S W IT CH-1 S W IT CH-3 vla n1 £º 10.
384 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Uses the “show ip ro ute” comm and to display the in formation about static route in the route t able: destination IP address, network m ask, next hop IP address, forwarding interface, etc.
385 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch switch will be selected with the m etrics increasing progressively . This greatly affects th e route selection and r oute aggregation tim e. T o avoid “infi nite count”, RIP provides a mechanis m such as “split hor izon” and “triggere d update” to solve route loop.
386 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.3.2 RIP Configuration 18.3.2.1 RIP Configuration T ask Sequence 1. Enable RIP (required) (1) Enable/disabl e RIP module. (2) Enable interface to send/recei ve RIP packets 2. Configure RIP parameters (opti onal) (1) Configure RIP sending m echanism a.
387 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (1) Configure RIP sending mechanism a. Configure regular RIP packets tra n smission b. Configure RIP advertisem ent Command Expl anation RIP configurat.
388 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip rip authentication mode {text| md5 type {cisco|usual}} no ip rip authentication mode Sets the au thenticatio n method; the “ no ip rip authentication mode ” command restores the default plain text auth entication method.
389 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip rip rece ive version {v1 | v2 | v12} no ip rip re ceive version Sets the version of RIP packets to receive o n all ports; the “ no ip rip recei ve version ” comm and restores the default, i.
390 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z show ip rip z debug ip rip packet z debug ip rip recv z debug ip rip send 18.3.2.2.1 auto-summary Command: auto-summary no auto-summary Function: Configures route aggregation; the “ no auto-summary” command disables route aggregation.
391 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: ip rip authentication key-chain <name-of-chain> n o ip rip authentication key-chain Function: Specifies the key to use for RIP authentication; the “ no ip rip authentication key-chain ” command cance ls the RIP authenticati on.
392 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.3.2.2.6 ip rip metricout Command: ip rip metricout < value > no ip rip metricout Function: Sets the additional route weig ht sending RIP packets on the int erface; the “ no ip rip metricout ” comm and restores the defau lt setting.
393 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: ip rip re ceive version { v1 | v2 | v12} no ip rip re ceive version Function: Configure the RIP version to receive on the interface. T he default setting is to recei ve both RIP v1 and v2 pa ckets; the “ no ip r ip recei ve version ” comm and restores the default setting.
394 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: Sets split h orizon to prevent rout ing loops, i.e., prevent lay er 3 switches from broadcasting the rout e leaned from the sa me interface. Example: Disabling split horizon for inter face vlan1.
395 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: Zero fields are check in RIP-I packets by default. Command mode: RIP configuration m ode Usage Guide: RIP-I packet m ust have zero field, this comm and can be used to enable/disable check for RIP-I packet zero field.
396 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Adjusts the tim e of RIP timers for update, expire, and hold down; the “ no timer basic ” command restores t he default setting .
397 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: Th e user can dec ide whether the routin g protocols configured are correct and perform routing troubl eshooting acc ording to the output of this command.
398 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch default metric 16 neighbou r is preference is 100 Displayed inform ation Explanation rip is turning on RIP routing is enabled default metric 16 The default metric for introd u ced route is 16 neighbour is The specified desti nation address preference is 100 RIP ro uting priority is 100 18.
399 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch received a rip packet from 159.226.42.1 rip packet cmd : 2 ve rsion : 1 18.3.2.2.23 debug ip rip recv Command: debug ip rip re cv no debug ip rip recv Function: Enables the RIP packet debug function for receiving: the “ no debug ip rip recv ” command disables the debug function.
400 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 00 : 02 : 50 : start at 170*********** ********** send packets to 1 1.1 1.11 .2 packet header : c m d : response, version : 1 n o . d e s t d e s t _ m a s k g a t e d w a y m e t r i c 1 : 159.
401 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (10.1.1.2) only , update inform ation is not exchanged between sw itchA and sw itchC vlan2 ( 20.1.1.2).
402 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SwitchC#conf ig SwitchC(Config)# interface vla n 2 SwitchC(Config-If-vlan2)# ip addr ess 20.1.1.2 25 5.
403 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Automatic network sum marization is no t in effect Disable R IP auto a ggregation default metric for redistr ibute is :16 The defa ult metric for introd uced route is 16. neigbour is The specified destination address.
404 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch default metric for redistr ibute is : RIP protocol default metric value. neigbour is: The neighbor lay er 3 switch connecti n g to this RIP switch.
405 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch • State of the connec ting link Link-state inform ation is flooded througho ut the network so tha t all layer 3 switches can get firsthand inform ation.
406 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch exchange link-state information wi th the other OSPF layer 3 switches to form al a link-state database describing the whole a u tonom ous system.
407 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 ) Each OSPF-enabled layer 3 switch maintains a database (LS data base) describing the link-state of the to pology struct ure of the whole autonom ous system.
408 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (3) Configure other OSPF protocol param eters a. Configure OSPF routin g protocol priority b. Configure cost for OSPF STUB area and default route c. Configure OSPF virtual link d. Configure the priori ty of the interface wh en electing designated layer 3 switc h (DR).
409 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch d. Configure OSPF packet send ing timer param eter (ti mer of broadcast interface sending HELLO packet to poll, timer of neighboring layer 3 switch invalid tim eout, ti mer of LSA transmission delay a nd timer of LSA retransm ission.
410 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (3) Configure other OSPF pr otocol parameters a. Configure OSPF routin g protocol priority b. Configure cost for OSPF STUB area and default route c.
41 1 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z ip opsf dead-interval z ip ospf enable area z ip ospf hello-interval z ip ospf passive-interface z ip ospf priority z ip ospf retransmit-interval z .
412 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.4.2.2.2 default redistribute interval Command: default redistribute interval < time > no default re distribute interval Function: Sets the interva l for introduc ing external routes; the “ no default redistribute interval ” command restores t he default setting .
413 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Router -Ospf)#default redistribute tag 2 0000 18.4.2.2.5 default redistribute type Command: default redistribute type { 1 | 2 } no defaul.
414 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Setting the OSPF route cost of interface vlan1 to 3. Switch(Config-If-Vlan1) #ip ospf cost 3 18.
415 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: The default HELLO -packet-sending interval is 10 seco nds. Command mode: Interface Mode Usage Guide: The HELLO packet is a most com mon pack et sent to neighboring layer 3 switches regularly for discover ing and maintaining the neighborhoo d and the el ection of D R and BDR.
416 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-If-Vlan1)#i p ospf priority 0 18.4.2.2.13 ip ospf retransmit-interval Command: ip ospf retransmit-interval <time> no ip ospf retran.
417 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <network> and <mask> are the network IP address and mask in decimal format; <are a_id> is the area number from 0 to 4294967295 ; advertise | notadvertise spe cifies whether o r not broadcast the s ummary route inform ation within th e network.
418 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch respectively; tag speci fies the tag of the route s, <t ag> is the tag value fo r the routes, ranging from 0 to 4,294,967,2 95; metric specifies the weight of the route; <cost_value> for weig ht value, ranging from 1 to 16,777, 215.
419 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.4.2.2.20 stub cost Command: stub cost <cost> ar ea <a r ea_i d > no stub area <ar ea_id > Function: Sets an area to STUB area; the “ no stub ar ea <area_id >” comm and cancels the setti ng.
420 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: show ip ospf Function: Displays major OSPF information. Default: Nothing display ed by default Command mode: Admin Mode Example: Switch#show ip ospf my router ID is 1 1.
421 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Destination AdvRouter NextHo p Age SeqNu mber T ype Cost 10.1.1.125 1 1 .1 1.1.2 1 1.1.1.2 3 300 2 20 Displayed inform ation Explanation Destination T .
422 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch DB entry count 6 LS_R TR 3 LS_NET 3 LS_SUM_NET 1 LS_SUM_ASB 0 LS_ASE 3 AS internal route 4 AS external route 0 Displayed inform ation Explanation IO cumulative Statistics f o r OSPF packets in/out.
423 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (Net's IP) 1 1 . 1 1 . 1 . 0 1 1 . 1 1 . 4 . 1 0 2 1 4 7 4 8 3 6 5 6 1 6 7 7 7 2 1 5 1 1.1 1.2.255 1 1.
424 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch OSPF router ID The ID of the layer 3 switch. Area 1>>>>>>>> Area ID : 0 Represen t the LSA databa se information fro m area 1 to area 0.
425 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Authentication key OSPF p acket authentication key Ti m e r Hell, Poll, Dea, Retrans OSPF protocol timer: including tim e set for HELLO packet, Poll interval packet, r oute invalid, route retransmission, etc.
426 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch router ip addr IP address of the interface in the neig hboring layer 3 switch state Link-state status priority Priority DR ID of the designate d layer 3 switch BDR ID of the backup design ated layer 3 switch last hello The last HELLO packet last exch The last packet exchanged 18.
427 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Displays OSPF virtual li nk information. Default: Nothing display ed by default Command mode: Admin Mode Example: Switch#show ip ospf virtual -links no virtual-link 18.
428 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch protocol 18.4.2.2.31 debug ip ospf event Command: debug ip ospf event no debug ip ospf event Function: Enables the OS PF debugging function for all ev ents: the “ no debug ip ospf event ” command disables the debug function.
429 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 02 : 40 : 58 : receive a HELLO packet from 1 1.1 1.4.2 via Broadc ast interface 1 1.11. 4.1 02 : 40 : 58 : 18.
430 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ! Configuration of the IP address for interface vlan2 Switch1(Config)# interface vlan 2 Switch1(Config-if-vl an2)# ip address 100.1.1.1 25 5.255.255.0 Switch1 (Config-if-vlan2) #exit ! Enable OSPF protocol, confi gure the area num b er for interface vlan1 and vlan2.
431 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch3#config Switch3(Config)# interface vlan 3 Switch3(Config-if-vl an1)# ip address 20.1.1.2 255 .255.255.0 Switch3(Config-if-vlan 3)#no shut-down Switch3(Config-if-vlan3)#e xit ! Enable OSPF protocol, configure the O SPF area interfaces vlan3 resides in.
432 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch5(Config-if-vlan3)#e xit ! Enable OSPF protocol, configure the number of the area in which interface vlan2 and vlan3 reside in.
433 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch11 are edge layer 3 switches of the area, Sw itch5 and Switch7 are edge layer 3 switches of the autonomous system .
434 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch1(Config-If-Vlan2)#exit ! Enable OSPF protocol, confi gure the area num ber for interface vlan2. Switch1(Config)#rout er ospf Switch1(Config-router -ospf)#exit Switch1(Config)#interface vla n 2 Switch1(Config-If-Vlan2)#ip ospf enable area 1 !Configure sim ple key authent ication.
435 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch3(Config-If-Vlan2)#exit ! Enable OSPF protocol, confi gure the area num ber for interface vlan2. Switch3(Config)#rout er ospf Switch3(Config-router -ospf)#exit Switch3(Config)#interface vla n 2 Switch3(Config-If-Vlan2)#ip ospf enable area 1 !Configure sim ple key authent ication.
436 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch4(Config-If-Vlan1)# ip addr ess 10.1.6.1 255.255.255.0 Switch4(Config-If-Vlan1)#ip ospf enable area 0 !Configure MD5 key authentica tion. Switch4(Config-If-Vlan1) #ip ospf authen tication md5 DCS Switch4(Config-If-Vlan1)exit Switch4(Config)#exi t Switch4# 18.
437 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ( 1 ) show ip ospf Example: Switch#show ip ospf my router ID is 1 1.1 1.4.1 preference=10 ase perference =150 export metric=1 export tag=-21474 836.
438 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch A 5 . 1 . 2 . 0 2 5 5 . 2 5 5 . 2 5 5 . 0 1 2 . 1 . 1 . 2 V l a n 1 2 1 5 0 A 5 . 1 . 3 . 0 2 5 5 . 2 5 5 . 2 5 5 . 0 1 2 . 1 . 1 . 2 V l a n 1 2 1 5 0 A 5 . 1 . 4 . 0 2 5 5 . 2 5 5 . 2 5 5 . 0 1 2 . 1 .
439 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch t y p e i n o u t HELLO 1048 253 D D 3 3 8 3 3 7 L S R e q 6 2 2 1 9 LS Update 753 295 L S A c k 4 9 5 3 0 8 ASE count 0 checksum 0 original LSA 34 0 L.
440 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 1.11.4.2 11.1 1.4. 2 18 214748386 3 1 6777215 Router LSA 1 1.11.4.1 11.1 1.4.1 0 2147483808 0 42 401 1 1.11.4.2 11.1 1.4.2 18 2147483863 1 67 77215 N e t w o r k L S A s L S I D A D V r t r A g e S e q u e n c e C o s t C h e c k s u m (DR's IP) 1 1.
441 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1 1.1 1.1.3 14.14.14.1 15 2147483705 1 53384 S u m m a r y N e t w o r k L S A s L S I D A D V r t r A g e S e q u e n c e C o s t C h e c k s u m (Net's IP) 1 1.
442 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch cost Cost value State S tatus T ype Layer 3 switch type , such as design ated Priority Configure the priority in electi ng designated lay er 3 switch.
443 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch area id The id of the a rea for the interface router id The ID of the neighbor layer 3 switch router ip addr IP address of the neighboring lay er 3 swi.
444 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch my router ID is 100.1 .1.1 preference=10 ase perference =150 export metric=1 export tag=-21474 83648 area ID 1 interface count:2 7times spf has been ru.
445 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5 WEB MANAGEMENT Click “ R o ute config uration ” to o pen “ routing protoc ol configuration ” to configure the item s as follows: z Stati c route configuration z RIP configuration z OSPF configuration z Show ip route 18.
446 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click RIP configuration to open RIP configuration including: z Enable RIP: enable RIP including 9 Enable RIP: enable 9 Enable port to receive/transmit .
447 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Redistribute im ported route cost z Operation type: Add o r Remove Example: For prot ocol select OSPF , cost as 5, then select Add. Cl ick Apply butto n to redistribu te imported route cost 5 with OSPF routing protocol to RIP .
448 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.3.2.2.3 z RIP authentication typ e: sets up RIP authentication ty pe. T ext means text authentic ation; md5 means normal MD 5 authenticat ion; Cisco MD 5 means Cisco MD5 authentica tion; cancel means back to defa ult.
449 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5.2.2.5 Set RIP timer Click “RIP timer confi guration” to enter the c onfiguration page. Equivalen t to CLI com mand 18.
450 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “OSPF enable” to enter th e configuration page . Equivalent to CL I command 18.4.2.2.19. z OSPF enable: select from O SPF enable or OSPF disable z Reset: clears selection Example: Select OSPF enable and click Ap ply button to enable OSPF protocol 18.
451 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5.3.1.4 Configur e OSPF ar ea for port Click “OSPF area configura tion” to enter the conf iguration page for port .
452 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5.3.2.2 Passive interface configuration Click “Passive interfa ce configuration” to enter the configuration page. Equivalen t to CLI command 18.4.2.2. 1 1. z Port: port list z Passive interface configurat ion: sets up to recei ve OSPF packets only z Cancel: cance ls the setting.
453 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5.3.3 OSPF imported r oute parameter configuration Click “OSPF Imported route parameter configuration” to open the co nfiguration table, include.
454 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Reset: resets each co lumn value to default in t his page and t his action will not change settin gs z Apply: valid each colum n value. This actio n will change settings. z Default: resets to defaul t settings.
455 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 18.5.3.4.3 OSPF virtual link configuration Click “OSPF virtual l ink configurati on” to enter the c onfiguration pa ge.
456 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z show ip ospf cumulative: displays OSPF statis tic inf ormation. Equiva lent to CLI command 18.4.2.2.2 4 z show ip ospf database: displays OSPF link st atus data information. Equivalent to CLI command 18.
457 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter 19 Multicast protoc ol Configuration 19.1 Multicast Protocol Overview 19.1.1 Intr oduction to Multicast When sending inform ation (including data, v oice and video) to a small number of users in the network, th ere are several w ays of transmission.
458 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch group at any ti me. A multicast group can be either a perpet ual one or temporary one. Part of multicast addresses are assigned officially and r eferred to as the perpet ual multicast group. The IP address of a perpetual multicast group rem ains the same, but the m embership can be cha nged.
459 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch multicast group address in t he destination address field of the IP packet. The multicast model differs from the unicast m odel in that a m ulticast packet m ust be forwarded to several exte rnal interfaces to send the pack et to all rec eiving stations, i.
460 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Function: Displays the IP multicast packet forwardin g entries. Parameters: [ gr oup_addr ess ] specifies the group address for the forwarding en try to be display ed; [ source_addr ess ] specifies the source address for the forwarding entry to be dis played Default: No display by defa ult.
461 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.3 PIM-DM 19.3.1 Intr oduction to PIM-DM PIM-DM (Protocol Independent M ulticast , Dens e Mode) is a dense mode multic ast protocol . It is good for use in sm all networks as the multicast gr ou p members are relatively concentrated in such network environm ents.
462 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch If a pruned downstream node needs to restore to the forwarding state, the node will se nd a graft packet to ask the upstream to restore m ulticast data forwarding. 19.3.2 PIM-DM Configuration 19.3.2.1 PIM-DM Configuration T ask Sequence 1.
463 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command : ip pim dense-mode no ip pim dense-mode Function: Enables PIM-DM protocol on the interface; the “ no ip pim dense-mode ” command disables PIM-DM protoc ol on the i nterface. Parameters: N/A.
464 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch SWITCHA SWITCHB E t her net 1/ 1 vl a n 2 E t her net 1/ 1 vl a n 1 E t her net 1/ 2 vl a n 2 E t her net 1/ 2 vl a n 1 Fig 19-1 T ypic al PIM-DM e nvironment The followings are t h e configurat ions of SwitchA and SwitchB.
465 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch debug ip pim Enables the debu gging function for displaying detailed PIM information; the “ no ” form at of this command disab les this debug function. 19.3.4.2 show ip pim mroute dm Command: show ip pim mroute dm Function: Displays the PIM-DM packet forwarding entry Parameters: N/A.
466 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Outgoing interface list Outgoing interface list. Prune interface list Downstream prune interfac e list. 19.3.4.3 show ip pim neighbor Command: show ip pim neighbor [< ifn ame> ] Function: Displays informatio n for neighbors of the PIM interface.
467 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2.1.1.1 Vlan1 00:26:23 00:0 1:39 Switch# Displayed inform ation Explanation Interface (the former) Interf ace name and interface IP Owner Multicast rou.
468 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch information to Edge-Core technical service center . 19.4 PIM-SM 19.4.1 Intr oduction to PIM-SM PIM-SM (Protocol In dependent Multicast , Sparse Mo de) is a sparse m ode multicast protocol, the mode is protoco l independent.
469 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch On receiving BSR advertised C-RP m essa ges, multi cas t routers will calculate the RP corresponding to a certain m ulticast grou p with the sam e algorithm . It should be noted t hat one RP can servi ce multi ple m ulticast groups or all multic ast groups.
470 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 1) Configure a sw itch as the cand idate BSR. Command Expl anation Interface Mode ip pim bsr -candidate < ifname> [ hashlength ] [ Priority ] no ip pim bsr -candidate This command is a g lobal candid ate BSR configuration com mand.
471 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command: ip pim sparse-mode no ip pim sparse-mode Function: Enables PIM-SM protocol on the in terface; the “ no ip pim sparse-mode ” command disables PIM-SM protocol on the interface. Parameters: N/A.
472 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch specified peri od, that neig hbor is consi dered to be lost . This time setting m ust be no greater than the ne ighbor timeout t ime. Example: Configuring PIM-SM HELLO in terval on inte rface vlan1. Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip pim query-interval 20 19.
473 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch this command is c onfigured. Example: Setting the interf ace vlan1 as the candi date RP announcing message sending int erface. Switch (Config)# ip pim rp-candidate vlan1 group- list 5 Switch (Config)# access-l ist 5 perm it 239.
474 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch (Config)#interface vlan 2 Switch(Config-If-Vlan2)# ip pim sparse-mode Switch(Config-If-Vlan2)# exit Switch (Config)# ip pim rp-candidate vlan2 group- list 5 Switch (Config)# access-l ist 5 perm it 239.
475 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch PIMv2 Bootstrap inform ation BSR address: 192.4.1.3 Priority: 192, Hash m ask length: 30 Expires : 00:02:13.
476 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Expires The remaining tim e before considering the neighb or to be invalid. 19.4.4.1.3 show ip pim mr oute sm Command: show ip pim mroute sm Function: Displays the PIM-SM packet forwarding entry Parameters: N/A.
477 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 192.2.1. 1 Vlan2 31 00:11:39 00 :01:16 / 192.4.1. 4 Vlan4 33 00:11:39 00 :01:44 DR 192.4.1. 3 Vlan4 33 00:11:39 00 :01:17 / Switch # Displayed inform a.
478 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 00:17:52: PI M: Received v2 J oin/Prune on Vlan 2 from 192.3.1. 3 to 192.3.1 .2 00:17:52: PIM: R eceive Join-list: (192.1.1.1 /32, 225.0. 0.1/32), S-bit set 00:17:54: PI M: Received v2 H ello on Vlan4 from 192.
479 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch correctness must be ensured. PIM-SM protocol requires th e support of RP and BSR. So “ show ip pim bsr-router ” command sho uld be run fir st for BRS information, if no BSR exists, then the unic ast route to BSR should be checked.
480 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch information, t hey know the route metric for each other to get to the s ource network, and the switch has the smalle st metric to the source netw ork become s the designated forwarder of that subnet; if the metrics are same, the on e with lower IP address rules.
481 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command Expl anation Interface Mode [no] ip dvmrp enable Enable DVMRP; the “ no ip dvmrp enable ” command disables DV MRP (required) 2. Configure connectivity wi th CISCO r o uters/switches CISCO does not really implemented DVMRP , but provides connect ivity with DVMRP .
482 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip dvmrp report-interval < time_val > no ip dvmrp report-interval Sets the interval f or sending DVMRP report messages; the “ no ip dvmrp report interval ” command restores t he default setting .
483 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.5.2.2.1 ip dvmrp cisco-comp atible Command: ip dvmrp cisco-compatible <A.B.C.D> no ip dvmrp cisco-compatible <A.B.C .D> Function: Enables connectivity wit h CISCO neighbor A, B, C, D; the “ no ip dvmrp cisco-compatible ” command disables connectivity with CISCO ne ighbors.
484 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: If a new receiver joins that interface when an interf ace is in the pruned state, the interface will send a graft message to the upstream;.
485 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.5.2.2.6 ip dvmrp pr obe-interval Command: ip dvmrp probe-interval < time_v al > no ip dvmrp probe-interval Function: Sets the interval for sending DVMRP probe m essages; the “ no ip dvmrp probe interval ” command restores the defaul t setting.
486 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: < time_val > is the tim e to timeout a route, the v alid range is 20 to 1400 secon ds.
487 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Fig 19 -3 DVMRP network t opology The followings are t h e configurat ions of SwitchA and SwitchB. (1) Configuration of SWITC HA: Switch (Config)#inter.
488 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Outgoing interface list: (V lan2), protos: 0x2 Upstream prune interface list: Downstream prune interface list: Displayed inform ation Explanation (192.
489 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: This comm and is used to display DVMRP route table entries; DVMRP maintains separated unicast route ta bles for RPF check. Example: Displayi ng DVMRP routing information.
490 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.5.4.1.5 debug ip dvmrp detail Command: debug ip dvmrp detail Function: Enables the de bug function for disp laying detailed D VMRP information; the “ no ” format of this comm and disables this deb ug function.
491 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch DVMRP pruning debug is on 02:22:20:26 : DVMRP: Received prune o n vlan2 from 105.1.1.2, len 20 02:22:20:26 : DVMRP: Prune V ers: majorv 3, m inorv 255 02:22:20:26 : DVMRP: Prune source 192.168.1.1 05, group 224.
492 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch network segments conne cting to its interfaces. As to the hosts, they only need to keep the information about the multi cast groups joined. IGMP is asymmetric for hosts and sw itches: The hos ts respond IGMP query pa ckets sent by the multicast switches, i.
493 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch b. Configure m aximum response time for IGMP queries c. Configure tim e out setting for IG MP queries (3) Configure IGMP version 3 、 Disable IGMP 1.
494 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch ip igmp static-gr o up < A.B.C.D > no ip igmp static -group < A.B.C .D > Joins the inter face to a stat ic IGMP gr oup; the “ no ip igmp static -gr o up ” comm and cancels the join. (2) Configure IGMP query parameters.
495 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z ip igmp version z show ip igmp gr oups z show ip igmp interface z debug ip igmp event z debug ip igmp packet 19.
496 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.6.2.2.3 ip igmp query-interval Command: ip igmp query-interval < time_v al > no ip igmp query-interval Function: Sets the interval for send ing IGMP query messages; the “ no ip IGMP query interval ” command restores t he default setting .
497 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch as the querier for that shared network, the other switches act as tim ers monitoring the status of the querier; if no query packet from the querier is rec eived after the qu ery timeout tim e, a new switch will be e l ected to be the new querier .
498 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch appropriate vlan, and PIM-DM protocol is enabled on each vlan interface. SWITCHA SWITCHB E t her net 1/ 1 v l an1 E t her net 1/ 1 v l an1 E t her net 1/ 2 v l an2 Fig 19 -4 IGM P netw ork topology The followings are t h e configurat ions of SwitchA and SwitchB.
499 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch#show ip igm p groups IGMP Connect Group Membership (1 gro up(s) joined) Group Address Interface Uptime Expires Last Reporter 239.
500 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch command disab les this debug function. Parameters: N/A. Default: Disabled Command mode: Admin Mode Usage Guide: If detailed information about IGMP events is required, this debugging command can be used.
501 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.7 WEB MANAGEMENT Click “root page” left co ntent colum n “Multicast protocol co nfiguration” to enter in to multicas t protocol confi guration root node and m ake configuration for m ulticast protocol.
502 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Query-Interval - Configures local interface PIM-DM hel l o message interval time z Vlan Port - assigns layer 3 interface ( select from scroll b.
503 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 19.7.3.4 Set router as BSR candidate Click Set router as BSR candidate for c o nfigure PIM-SM candid ate BSR inform ation , for compete with other candidate BSR for BSR router . This is the sa me as CLI command 19.
504 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Vlan Port - assigns layer 3 interface ( select from scroll bar m enu ) z Apply - runs according to co nfigured param e ter z Default - disables DVMR P protocol 19.
505 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch same as CLI comm and 19.5.2.2.3 z Interval of sending pro be packet - Configures the interval of sending pr obe packet. This is the same as CLI comm and 19.5.2.2.6 z Interval of sending report packet - Configures the i n terval of sending report packet.
506 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z IGMP qu ery timeout - Configures IGMP query timeout. This is the s ame as CLI command 19. 6.2.2.5 z Vlan Port - assigns layer 3 interface ( sel.
507 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Click “Show i p pim neighbor” to display PIM interfac e neighbor inform ation. This is the same as CLI command 19.3. 4.3 19.7.6.4 Show ip pim bsr -r outer Click “Show i p pim bsr-router” t o display the ru nning PIM-SM protocol BSR inform ation.
508 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter20 802.1x Configuration 20.1 Intr oduction to 802.1x IEEE 802.1x is a port-based ne twork access management m ethod, which authenticates and manages the accessing devices on the physical access level of the LAN devic e.
509 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch In the IEEE 802.1x applica tion environm e nt, ES47 10BD is used as the access management unit, and the user connection device is the devic e with 8 02. 1x client soft ware. An authenticating server usually reside in the Carrier ’ s AAA center and usually is a Radi us server .
510 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2. Access management unit pr operty configuration 1) Configure port authenticati on status 2) Configure port access managem ent method Command Expl ana.
51 1 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 3) Configure expa nded 802.1x fu nction: for the sw itch. 3. Supplicant related pr operty configuration Command Expl anation Global Mode dot1x max-r e.
512 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Global Mode radius-server key <string> no radius-server key Specifies the key for RADIUS server; the “no radius-server key” command dele tes the key for RADIUS server .
513 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: The AAA authentication for the switc h must be enabl ed first to enable IEEE 802.1x authentication for the switch. Example: Enabling AAA function for the sw itch. Switch(Config)#aaa enable 20.
514 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.2.2.4 dot1x eapor enable Command: dot1x eapor enable no dot1x eapor enable Function: Enables the EAP relay authenticat ion function in the switch; th e “ no dot1 x eapor enable ” command sets EA P local end authentication.
515 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch authentication packets s upport must be enable d in the switch, otherwise m any application woul d not be availa ble. For detailed info rmation, please refer to th e introduction of Edge-Core Overall Solution, S tandard 802.
516 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default: The defau lt maximum user allowed is 1. Usage Guide: This com mand is available for ports using MAC-based access management, if MA C address authenticated exceeds the number of allowed user , addit ional users will not be able to access the net work.
517 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch specified port. Parameters: <interface-nam> stands for port num ber , omitting the p arameter for all ports.
518 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: <seconds> is the interval for re-authenticatio n, in seconds, the valid ran ge is 1 to 65535.
519 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch servers, and all the accounting ser vers can be backup servers for each other. If primary is specified, then the specified RADIUS server will be the primary server. Example: Sets the RADIUS accountin g server of IP address to 100.
520 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.2.2.20 radius-server key Command: radius-server key <str ing> no radius-server key Function: Specifies the key for the RADIUS server (authenticati on and accounting); the “no radius-server key” com man d dele tes the key for RADIUS server .
521 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch time, the switch res e nds the request packe t or sets t he server as invali d according to the current conditions. Example: Setting the RADIUS auth entication t imeout tim er value to 30 seconds. Switch(Config)# radius-server t imeout 30 20.
522 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/2) #exit 20.4 802.1x T roubleshooting 2o.4.1 802.1x Debug and Monitor Commands 20.4.1.1 show aaa config Command: show aaa config Function: Displays the configure d commands fo r the switch as a RADIUS client.
523 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch . U d p P o r t = 1 8 1 3 . I s P r i m a r y = 0 . I s S e r v e r D e a d = 0 . S o c k e t N o = 0 T i m e O u t = 3 Retransm it = 3 D e a d T i m e = 5 Account Time Interval = 0 Displayed inform ation Descriptio n Is AAA En abled Indicates whether AAA authentication is enabled or not .
524 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Usage Guide: Usually the administrator is concerned only with the online user information, the other information displayed is use d for troubleshootin g by technica l support.
525 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch The total us er num is: 1 2. Display the statistics for R ADIUS authenticated users and ot hers. Switch #sho radi us authencati ng-user count ---------.
526 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch S u p p l i c a n t 0 0 - 0 3 - 0 F - F E - 2 E - D 3 Authenticator S tate Machine S t a t e A u t h e n t i c a t e d Backend St ate Machine S t a t e I d l e Reauthentication S tate Machine S t a t e S t o p Displayed inform ation Explanation Global 802.
527 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch process and is helpfu l in troublesh o oting. Example : Enabling AAA debugging info rmation. Switch#debug aaa 20.4.1.7 debug dot1x Command: debug dot1x no debug dot1x Function: Enables dot1x debugging i nformation; the “ no debug dot1x” com mand disables the dot1x debugg ing inform ation .
528 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.5 WEB MANAGEMENT Click “Authe ntication configuration ”, to open authentication config uration m anagement list.
529 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.5.1.2 RADIUS authentication configuration Click “Authe ntication co nfiguration”, “RADIUS client configurat ion”, “RAD IUS authentica tion configuration” to configure the RADIUS authe n tication server IP address and m onitor port ID.
530 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 20.5.1.3 RADIUS accounting configuration Click “Authenticat ion configuration”, “ RADIUS client confi gurati on”, “RADIUS accounti ng configuration” to configure th e RADIUS accounting server ’ s IP address and monitor port ID.
531 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch suppliant. Equ ivalent to CLI com mand 20.2.2.12. z Holddown time for aut hentication fai lure(1-65535 se cond) - Configures supplia nt quiet-period status time after authe ntication failure. Sa me as CLI command 20.
532 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch z Authentication m ode – Configures the access co ntrol method for a specific port. Mac-based is access control method whi ch is based on MAC addres s; port-based access control m ethod which is based on port.
533 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch port 802.1x confi guration inform ation, and m ake re-authentication for the specif ic port. Same as CLI command 1.
534 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Chapter21 VRRP Configuration 21.1 Intr oduction to VRRP VRRP (V irtual Router Redu ndancy Protocol) is a fault tolerant pr otocol designed to en hance connection reliab ility between r o utes (or L3 Ethernet switches) and external devices.
535 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 2) Configure VRRP pri ority 3) Configure VRRP Tim er intervals 4) Configure VRRP interfa ce monitor 1. Create/Remove the V irtual Router Command Expl anation Global Mode [no] router vrrp < vrid > Creates/Removes the V irtual Router 2.
536 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch (1) Configure the preemptiv e mode for VRRP Command Expl anation VRRP protocol config uration mode preempt-mod e {true| false} Configures th e preempti.
537 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Commands: virtual-ip < A.B.C.D > {master| backup} no virtual-ip Function : Configures the VRRP dummy IP address Parameters: < A.B.C.D > is the IP address in decimal format. Default : Not configured by default.
538 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch must be configured first before starting V irtual Router . Example : Activa ting the V irtual Router of num ber 10 Switch(config)# router vrrp 10 Switch(Config-Router -V rrp)# enable 21.1.2.5 disable Commands: disable Function : Deactivates VRRP Parameters: N/A.
539 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Parameters: < string > stands for the VRRP authentication string. Default : There is no authenticat ion string by default.
540 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Switch(Config-Router -V rrp)# priority 150 21.1.2.10 advertisement-interval Commands: advertisement-interval < adver_interva l > no advertisement-interval Function : Sets the vrrp time r values; th e “no advertisement-interval” command restores the default setting .
541 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Backup cannot changes its status due to lower priority than the Master when the Master fails. Example : Configuring vrrp monitor interface to vlan 2 and decreasing amount of priority to 10. Switch(Config-Router -V rrp)# ci rcuit-failover vlan 2 10 21.
542 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 21.3.1 Monitor and Debug Commands 21.3.1.1 show vrrp Commands: show vrrp [ < vrid > ] Function : Displays sta tus and configuration inform ation for the VRRP standby c luster . Command mode : All Modes Example: Switch# show vrrp VrId <1> State is Initialize Virtual IP is 10.
543 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Default : Debugging information is disabl ed by default. Command mode : Admin Mode Example: Switch# debug vr rp VRRP SEND[Hello]: Advertisement sent for vr id=[10], virtual-ip=[10.1.10. 1] VRRP SEND[Hello]: Advertisement sent for vr id=[10], virtual-ip=[10.
544 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch 21.4.2 Configur e VRRP Dummy IP Click “VRRP control” to configure VRRP and enter "VRRP Dummy IP Config". Example: Enter the created V irtual Router number 1, VRRP Dummy IP address 192.168.
545 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch to configure the preemptive mode for virtual rou ter number 1 to "T rue". 21.4.6 Configur e VRRP priority Click “VRRP control” to config ure VRRP and enter "V RRP Priority". Example: Enter t he created V irtual Router number "1 " and pri ority .
546 E ES4710BD 10 Slot s L2/L3/L4 Chassis Switch Example: Choose crea ted "Vlan1" for Port and "y es" for AuthenMode. Click Apply to fin ish Port Vlan1 authentication mode configuration.
An important point after buying a device Accton Technology ES4710BD (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Accton Technology ES4710BD yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Accton Technology ES4710BD - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Accton Technology ES4710BD you will learn all the available features of the product, as well as information on its operation. The information that you get Accton Technology ES4710BD will certainly help you make a decision on the purchase.
If you already are a holder of Accton Technology ES4710BD, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Accton Technology ES4710BD.
However, one of the most important roles played by the user manual is to help in solving problems with Accton Technology ES4710BD. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Accton Technology ES4710BD along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center