Alcatel Carrier Internetworking Solutions 8008 Network Card User's Guide
Add to my manuals130 Pages
advertisement
Part No. 060117-10, Rev. B
January 2002
OmniStack
®
8008
Users Guide
An Alcatel service agreement brings your company the assurance of 7x24 no-excuses technical support. You’ll also receive regular software updates to maintain and maximize your Alcatel product’s features and functionality and on-site hardware replacement through our global network of highly qualified service delivery partners.
Additionally, with 24-hour-a-day access to Alcatel’s Service and Support web page, you’ll be able to view and update any case (open or closed) that you have reported to
Alcatel’s technical support, open a new case or access helpful release notes, technical bulletins, and manuals. For more information on Alcatel’s Service Programs, see our web page at www.ind.alcatel.com, call us at 1-800-995-2696, or email us at [email protected].
This Manual documents OmniStack
®
8008 hardware and software.
The functionality described in this Manual is subject to change without notice.
Copyright
©
2002 by Alcatel Internetworking, Inc. All rights reserved. This document may not be reproduced in whole or in part without the express written permission of Alcatel Internetworking, Inc.
Alcatel
® and the Alcatel logo are registered trademarks of Compagnie Financiére Alcatel, Paris,
France. OmniSwitch
®
and OmniStack
®
are registered trademarks of Alcatel Internetworking, Inc.
Omni Switch/Router™, SwitchExpert
SM
, the Xylan logo are trademarks of Alcatel Internetworking,
Inc. All other brand and product names are trademarks of their respective companies.
26801 West Agoura Road
Calabasas, CA 91301
(818) 880-3500 FAX (818) 880-3505 [email protected]
US Customer Support-(800) 995-2696
International Customer Support-(818) 878-4507
Internet-http://www.ind.alcatel.com
Warning
This equipment has been tested and found to comply with the limits for Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions in this guide, may cause interference to radio communications. Operation of this equipment in a residential area is likely to cause interference, in which case the user will be required to correct the interference at his own expense.
The user is cautioned that changes and modifications made to the equipment without approval of the manufacturer could void the user’s authority to operate this equipment.
It is suggested that the user use only shielded and grounded cables to ensure compliance with FCC Rules.
This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus set out in the radio interference regulations of the Canadian department of communications.
Le present appareil numerique níemet pas de bruits radioelectriques depassant les limites applicables aux appareils numeriques de la Class B prescrites dans le reglement sur le brouillage radioelectrique edicte par le ministere des communications du Canada.
Contents
Chapter 1: Switch Management
Console Port (Out-of-Band) Connections
Chapter 2: Console Interface
Changing the Network Configuration
Using TFTP Protocol to Download Over the Network
Saving the System Configuration
Configuring the Banner Message
Viewing the Current Port Configuration
Using the Spanning Tree Algorithm
Viewing the Current Spanning Tree Information
Displaying the Spanning Tree Bridge State
Displaying the Spanning Tree Port State
Using a Mirror Port for Analysis
2-25
2-1
1-1
i
ii
Contents
Configuring Broadcast Storm Control
Configuring Bridge MIB Extensions
802.1P Port Traffic Class Information
802.1Q VLAN Current Table Information
802.1Q VLAN Static Table Configuration
802.1Q VLAN Port Configuration
Displaying the Unicast Address Table
Displaying the IP Multicast Registration Table
Configuring Static Unicast Addresses
Chapter 3: Web Interface
Web-Based Configuration and Monitoring
Navigating the Web Browser Interface
Configuration Save and Restore
Configuration Upload Management
Configuration Download Management
3-1
Contents
Spanning Tree Configuration 3-18
When the Switch Becomes Root 3-19
Configuring Bridge MIB Extensions
Port Priority Configuration 3-23
Port Traffic Class Information
VLAN Static Membership by Port
IP Multicast Registration Table
Port Broadcast Storm Protect Configuration
Using a Port Mirror for Analysis
Chapter 4: Advanced Topics
Automatic VLAN Registration (GVRP)
Forwarding Traffic with Unknown VLAN Tags
Forwarding Tagged/Untagged Frames
4-1
iii
Contents
Class-of-Service (CoS) Support
Appendix A: Troubleshooting
Upgrading Firmware via the Serial Port
Appendix B: Pin Assignments
Console Port to 9-Pin COM Port on PC
Console Port to 25-Pin DTE Port on PC
Glossary
Index
A-1
B-1
iv
Chapter 1: Switch Management
Configuration Options
For advanced management capability, the onboard management agent provides a menu-driven system configuration program. This program can be accessed by a direct connection to the serial port on the rear panel (out-of-band), or by a Telnet connection over the network (in-band).
The management agent is based on SNMP (Simple Network Management
Protocol). This SNMP agent permits the switch to be managed from any PC in the network using in-band management software.
The management agent also includes an embedded HTTP Web agent. This Web agent can be accessed using a standard Web browser from any computer attached to the network.
The system configuration program and the SNMP agent support management functions such as:
• Enable/disable any port
• Set the communication mode for any port
• Configure SNMP parameters
• Add ports to network VLANs
• Display system information or statistics
• Configure the switch to join a Spanning Tree
• Download system firmware
Required Connections
Console Port (Out-of-Band) Connections
Attach a VT100 compatible terminal or a PC running a terminal emulation program to the serial port on the switch’s rear panel. Use the null-modem cable provided with this package, or use a null-modem connection that complies with the wiring assignments shown in Appendix B of this guide.
When attaching to a PC, set terminal emulation type to VT100, specify the port used by your PC (i.e., COM 1~4), and then set communications to 8 data bits, 1 stop bit, no parity, and 9600 bps (for initial configuration). Also be sure to set flow control to
“none.” (Refer to “Configuring the Serial Port” on page 2-13 for a complete
description of configuration options.)
Note:
If the default settings for the management agent’s serial port have been modified and you are having difficulty making a console connection, you can display or modify the current settings using a Web browser as described under
“Configuring the Serial Port” on page 3-5.
1-1
Switch Management
In-Band Connections
Prior to accessing the switch’s onboard agent via a network connection, you must first configure it with a valid IP address, subnet mask, and default gateway using an out-of-band connection or the BOOTP protocol.
Note:
By default BOOTP is disabled and the IP address is set to 192.168.10.1. See
“IP Configuration” on page 2-10.
After configuring the switch’s IP parameters, you can access the onboard configuration program from anywhere within the attached network. The onboard configuration program can be accessed using Telnet from any computer attached to the network. The switch can also be managed by any computer using a Web browser (Internet Explorer 4.0 or above, or Netscape Navigator 4.0 or above), or from a network computer using network management software.
Notes: 1. This switch supports four concurrent Telnet sessions.
2. The onboard program only provides access to basic configuration functions.
To access the full range of SNMP management functions, you must use
SNMP-based network management software.
1-2
Chapter 2: Console Interface
Log-in Screen
Once a direct connection to the serial port or a Telnet connection is established, the log-in screen for the onboard configuration program appears as shown below.
Alcatel OmniStack 8008
Alcatel Internetworking
26801 West Agoura Road
Calabasas, CA, 91301
(818) 880-3500
Alcatel OmniStack
Copyright (c), 2000 Alcatel and its licensors.
All rights reserved.
OmniStack is a trademark of Alcatel registered in the United States Patent and Trademark Office.
Username :
Password :
Note: A banner message may be configured to appear before the Login screen. The
banner message is a login security alert. (See “Configuring the Banner Message” on page 2-21.)
If this is your first time to log into the configuration program, then the default user names are “admin” and “guest,” with the password “switch.” The Administrator has
Read/Write access to all configuration parameters and statistics, while the Guest has Read Only access to the management program.
You should define a new administrator password, record it and put it in a safe place.
Select Console Login Configuration from the Management Setup Menu and enter a new password for the administrator. Note that passwords can consist of up to 11 alphanumeric characters and are not case sensitive.
Note: You are allowed three attempts to enter the correct password; on the third failed attempt the current connection is terminated.
2-1
Console Interface
Main Menu
The Main Menu is the first screen seen after successfully logging into the system.
Alcatel OmniStack 8008
< Main Menu >
About this product
Management Setup Menu
Switch Configuration Menu
Network Monitor Menu
Reset System Menu
Quit Current Session
Display or change Management information.
Use <TAB> or arrow keys to move. <Enter> to select.
Selection
About this product
System Information
Switch Information
Management Setup Menu
Network Configuration
Serial Port Configuration
SNMP Configuration
Console Login
Configuration
TFTP Download New
Software
Configuration Save and
Restore
Management
Configuration
2-2
Description
Provides basic system description, including contact information.
Shows hardware/firmware version numbers and power status of the switch.
Includes IP setup, Ping facility, HTTP (Web server) setup, Telnet configuration, and MAC address.
Sets communication parameters for the serial port, including management mode, baud rate, console time-out, and screen data refresh interval.
Activates traps; and configures communities and trap managers.
Sets user names and passwords for system access, as well as the invalid password threshold and lockout time.
Downloads new version of firmware to update your system (in-band).
Saves the switch configuratin to a file on the TFTP server. This file can be later downloaded to restore the configuration.
Allows management access of the switch from all VLANs or only from a specified VLAN.
Main Menu
Selection
Banner Message
Configuration
Switch Configuration Menu
Port Configuration
Description
Configures a login security alert message.
Port State
Enables any port, enables/disables flow control, and sets communication mode to auto-negotiation, full duplex or half duplex.
Displays operational status, including link state, flow control method, and duplex mode.
Spanning Tree
Configuration
Enables Spanning Tree Algorithm; also sets parameters for hello time, maximum message age, switch priority, and forward delay; as well as port priority and path cost.
Spanning Tree Information Displays full listing of parameters for the Spanning Tree Algorithm.
Mirror Port Configuration Sets the source and target ports for mirroring.
Specifies ports to group into aggregate trunks.
Port Trunking
Configuration
IGMP Configuration Configures IGMP multicast filtering.
BStorm Control
Configuration
Allows you to enable/disable broadcast storm control on a per-port basis and set the packet-per-second threshold.
Port Security Configuration Allows you to enable and configure port security for the switch.
Extended Bridge
Configuration
Displays/configures extended bridge capabilities provided by this switch, including support for traffic classes, GMRP* multicast filtering, and VLAN extensions.
802.1P Configuration
802.1Q VLAN
Base Information
802.1Q VLAN Current
Table Information
802.1Q VLAN Static Table
Configuration
Configures default port priorities and queue assignments.
Displays basic VLAN information, such as VLAN version number and maximum VLANs supported.
Displays VLAN groups and port members.
Configures VLAN groups via static assignments, including setting port members, or restricting ports from being dynamically added to a port by the GVRP protocol.
Displays/configures port-specific VLAN settings, including PVID, ingress filtering, and GVRP*.
802.1Q VLAN
Port Configuration
Network Monitor Menu
Port Statistics
RMON Statistics
Unicast Address Table
Displays statistics on network traffic passing through the selected port.
Displays detailed statistical information for the selected port such as packet type and frame size counters.
Provides full address listing, as well as search and clear functions.
2-3
Console Interface
Selection
IP Multicast Registration
Table
Description
Displays all the multicast groups active on this switch, including multicast IP addresses and corresponding VLAN IDs.
Used to manually configure host MAC addresses in the unicast table.
Static Unicast Address
Table Configuration
Reset system menu Restarts system with options to use POST, or to retain factory defaults,
IP settings, or user authentication settings.
Quit current session Exits the configuration program.
* Not implemented in the current firmware release.
2-4
System and Switch Information
System and Switch Information
Use the “About this product” menu to display a basic description of the switch, including contact information, and hardware/firmware versions.
Alcatel OmniStack 8008
< About this product >
System Information
Switch Information
Selection
System Information
Switch Information
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Description
Provides basic system description, including contact information.
Shows hardware/firmware version numbers and power status of the switch.
2-5
Console Interface
Displaying System Information
Use the System Information screen to display descriptive information about the switch, or for quick system identification as shown in the following figure and table.
Alcatel OmniStack 8008
< System Information >
System Description : Alcatel OmniStack 8008
System Object ID : 1.3.6.1.4.1.800.3.1.1.13
System Up Time : 8302069 (0 day 23 hr 3 min 40 sec)
Network Host Name : OmniStack 8008
System Contact
System Location
:
:
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
System Description
System Object ID
System Up Time
Network Host Name *
Description
System hardware description.
MIB II object identifier for switch’s network management subsystem.
Length of time the current management agent has been running. (Note that the first value is 1/100 seconds.)
Name assigned to the switch system.
Contact person for the system.
System Contact *
System Location * Specifies the area or location where the system resides.
* Maximum string length is 255, but the screen only displays 45 characters. You can use the arrow keys to browse the whole string.
2-6
System and Switch Information
Displaying Switch Version
Use the Switch Information screen to display hardware/firmware version numbers for the switch, as well as the power status of the system.
Label
P/N :
Alcatel OmniStack 8008
< Switch Information >
Main Board
S/N : Revision :
Hardware Version
Firmware Version
POST ROM Version
Serial Number
Port Number
Internal Power Status
Redundant Power Status
:
:
:
:
:
:
:
V3.0 (860 CPU)
V2.5
V1.02
00-00-11-11-43-21
8
Active
Inactive
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Parameter
Main Board
P/N
S/N
Revision
Hardware Version
Firmware Version
POST ROM Version
Serial Number
Port Number
Internal Power Status
Redundant Power Status
Description
Part number of the main board.
Serial number of the main board.
Revision number of the main board.
Hardware version of the main board.
System firmware version in Flash ROM.
Power-On Self-Test version number.
MAC address associated with the main board.
Number of ports on the switch.
Power status for the switch.
Redundant power status for the switch.
2-7
Console Interface
Management Setup Menu
After initially logging onto the system, adjust the communication parameters for your console to ensure a reliable connection (Serial Port Configuration). Specify the IP addresses for the switch (Network Configuration / IP Configuration), and then set the
Administrator and User passwords (Console Login Configuration). Remember to record them in a safe place. Also set the community string which controls SNMP access to the switch via in-band management software (SNMP Configuration). The items provided by the Management Setup Menu are described in the following sections.
Alcatel OmniStack 8008
< Management Setup Menu >
Network Configuration
Serial Port Configuration
SNMP Configuration
Console Login Configuration
TFTP Download New Software
Configuration Save & Restore
Management Configuration
Banner Message Configuration
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Selection
Network Configuration
Description
Includes IP setup, Ping facility, HTTP (Web server) setup, Telnet configuration, and MAC address.
Serial Port Configuration Sets communication parameters for the serial port, including management mode, baud rate, console time-out, and screen data refresh interval.
SNMP Configuration Activates traps; and configures communities and trap managers.
Sets user names and passwords for system access, as well as the invalid password threshold and lockout time.
Downloads new version of firmware to update your system (in-band).
Console Login
Configuration
TFTP Download New
Software
Configuration Save &
Restore
Management
Configuration
Banner Message
Configuration
Saves the switch configuration to a file on a TFTP server. This file can be later downloaded to restore the configuration.
Allows management access of the switch from all VLANs or only from a specified VLAN.
Configures a banner message. The banner message is a login security alert message.
2-8
Management Setup Menu
Changing the Network Configuration
Use the Network Configuration menu to set the bootup option, configure the switch’s
Internet Protocol (IP) parameters, enable the on-board Web server, or to set the number of concurrent Telnet sessions allowed. The screen shown below is described in the following table.
Alcatel OmniStack 8008
< Network Configuration >
IP Configuration
IP Connectivity Test(Ping)
HTTP Configuration
MAX Number of allowed Telnet sessions (1-4) : 4
Physical Address : 00-00-11-11-43-21
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move. <Enter> to select.
Parameter
IP Configuration
IP Connectivity Test
HTTP Configuration
MAX Number of Allowed
Telnet Sessions
Physical Address
Description
Screen used to set the bootup option, or configure the switch’s IP parameters.
Screen used to test IP connectivity to a (Ping) specified device.
Screen used to enable the Web server.
The maximum number of Telnet sessions allowed to simultaneously access the switch.
MAC address of the switch.
2-9
Console Interface
IP Configuration
Use the IP Configuration screen to set the bootup option, or configure the switch’s IP parameters. The screen shown below is described in the following table.
Alcatel OmniStack 8008
< IP Configuration >
Interface Type : Ethernet
IP Address : 192.168.10.1
Netmask : 255.255.255.0
Default Gateway :
IP State : USER-CONFIG
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter Default Description
Interface Type Ethernet Indicates IP over Ethernet.
IP Address 192.168.10.1
IP address of the switch you are managing when accessing it over the network. The switch supports SNMP over UDP/IP transport protocol. In this environment, all systems on the Internet, such as network interconnection devices and any PC accessing the switch must have an IP address.
Valid IP addresses consist of four decimal numbers, of 0 to 255, separated by periods. Anything outside of this format will not be accepted by the configuration program.
Subnet Mask
Default
Gateway
IP State
255.255.255.0
Subnet mask of the switch. This mask identifies the host address bits used for routing to specific subnets.
The gateway that the switch’s agent uses to pass data to the management station. Note that the gateway must be defined if the management station is located in a different IP segment.
USER-CONFIG Specifies whether IP functionality is enabled via manual configuration, or set by Boot Protocol (BootP). Options include:
USER-CONFIG -IP functionality is enabled based on the default or user specified IP configuration.
BOOTP-GET-IP - IP is enabled but will not function until a BootP reply has been received. BootP requests will be broadcast 10 times, once every second, in an effort to learn its IP address. If no response is received, the switch will use the default IP setting in
NVRAM. (BootP values can include the IP address, default gateway, and subnet mask.)
2-10
Management Setup Menu
IP Connectivity Test (Ping)
Use the IP Connectivity Test to see if another site on the Internet can be reached.
The screen shown below is described in the following table.
Alcatel OmniStack 8008
< IP Connectivity Test(Ping) >
IP Address :
Test Times : 1
: 0 Success
[Start]
Interval : 3
Failure : 0
Parameter
IP Address
Test Times
Interval
Success/Failure
<OK>
Use <TAB> or arrow keys to move, other keys to make changes.
Description
IP address of the site you want to ping.
The number of ICMP echo requests to send to the specified site.
Range: 1~9999
The interval (in seconds) between pinging the specified site.
Range: 1~10 seconds
The number of times the specified site has responded or not to pinging.
2-11
Console Interface
HTTP Configuration
Use the HTTP Configuration screen to enable/disable the on-board Web server, and to specify the TCP port that will provide HTTP service. The screen shown below is described in the following table.
Alcatel OmniStack 8008
< HTTP Configuration >
HTTP Server : ENABLED
HTTP Port Number : 80
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
HTTP Server
HTTP Port Number
Description
Enables/disables access to the on-board Web server.
Specifies the TCP port that will provide HTTP service.
Range : 0~65535
Default : Port 80
(Telnet Port 23 is prohibited.)
2-12
Management Setup Menu
Configuring the Serial Port
You can access the on-board configuration program by attaching a VT100 compatible device to the switch’s serial port. (For more information on connecting to
this port, see “Required Connections” on page 1-1.) The communication parameters
for this port can be accessed from the Serial Port Configuration screen shown below and described in the following table.
Alcatel OmniStack 8008
< Serial Port Configuration >
Management Mode
Baud rate
Data bits
Stop bits
Parity
Time-Out (in minutes)
: CONSOLE MODE
: 9600
: 8
: 1
: NONE
: 10
Parameter
Management Mode
Baud Rate
Data bits
Stop bits
Parity
Time-Out
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Default Description
Console Mode Indicates that the console port settings are for direct console connection.
9600 The rate at which data is sent between devices.
Options : 2400, 4800, 9600, 19200 bps, and Auto detection
8 bits
1 bit none
10 minutes
Sets the data bits of the RS-232 port.
Options : 7, 8
Sets the stop bits of the RS-232 port.
Options : 1, 2
Sets the parity of the RS-232 port.
Options : none/odd/even
If no input is received from the attached device after this interval, the current session is automatically closed.
Range : 0 - 100 minutes; 0: disabled
2-13
Console Interface
Assigning SNMP Parameters
Use the SNMP Configuration screen to display and modify parameters for the
Simple Network Management Protocol (SNMP). The switch includes an SNMP agent which monitors the status of its hardware, as well as the traffic passing through its ports. A computer attached to the network, called a Network
Management Station (NMS), can be used to access this information. Access rights to the switch are controlled by community strings. To communicate with the switch, the NMS must first submit a valid community string for authentication. The options for configuring community strings and related trap functions are described in the following sections.
Alcatel OmniStack 8008
< SNMP Configuration >
Send Authentication Fail Traps : ENABLED
SNMP Security
IP Trap Managers
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
Send Authentication Fail
Traps
SNMP Security
IP Trap Managers
Description
Issue a trap message to specified IP trap managers whenever authentication of an SNMP request fails. (The default is enabled.)
Assigns SNMP access based on specified strings.
Specifies management stations that will receive authentication failure messages or other trap messages from the switch.
2-14
Management Setup Menu
Configuring Community Names
The following figure and table describe how to configure the community strings authorized for management access. Up to 5 community names may be entered.
Alcatel OmniStack 8008
< SNMP Security >
Community Name
1.
public
2.
private
3.
4.
5.
Access
READ ONLY
READ/WRITE
Status
ENABLED
ENABLED
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Community Name
Access
Status
Description
A community entry authorized for management access.
Maximum string length : 19 characters
Management access is restricted to Read Only or Read/Write.
Sets administrative status of entry to enabled or disabled.
Note: The default community strings are “public” with Read Only access, and “private” with Read/Write access.
2-15
Console Interface
Configuring IP Trap Managers
The following figure and table describe how to specify management stations that will receive authentication failure messages or other trap messages from the switch. Up to 5 trap managers may be entered.
Alcatel OmniStack 8008
IP Address
1.
10.1.0.23
2.
3.
4.
5.
< IP Trap Managers >
Community Name public
Status
DISABLED
Parameter
IP Address
Community Name
Status
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Description
IP address of the trap manager.
A community specified for trap management access.
Sets administrative status of selected entry to enabled or disabled.
2-16
Management Setup Menu
Console Login Configuration
Use the Management Setup: Console Login Configuration to restrict management access based on specified user names and passwords, or to set the invalid password threshold and timeout. There are only two user types defined, ADMIN
(Administrator) and GUEST, but you can set up to five different user names and passwords. Only Administrators have write access for parameters governing the switch. You should therefore assign a user name and password to the default
Administrator as soon as possible, and store it in a safe place. (If for some reason your password is lost, or you cannot gain access to the system configuration program, contact Alcatel Technical Support for assistance.) The parameters shown on this screen are indicated in the following figure and table.
Alcatel OmniStack 8008
< Console Login Configuration >
Password Threshold : 3
Lock-out Time (in minutes) : 0
User Type User Name Password Confirm password
----------------------------------------------------------
1.
ADMIN
2.
GUEST admin guest
****** ******
3.
4.
5
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Password
Threshold
Default Description
3 Sets the password intrusion threshold which limits the number of failed logon attempts. Range : 0~65535
Lock-out
Time
Admin*
Guest*
0 name: admin password: switch name: user password: switch
Time (in minutes) the management console will be disabled,
Range : 0~65535
Administrator has access privilege of Read/Write for all screens.
Guest has access privilege of Read Only for all screens.
* Passwords can consist of up to 11 alphanumeric characters and are not case sensitive.
2-17
Console Interface
Downloading System Software
Using TFTP Protocol to Download Over the Network
Use the TFTP Download menu to load software updates into the switch. The download file should be an OmniStack 8008 file from Alcatel; otherwise the switch will not accept it. The success of the download operation depends on the accessibility of the TFTP server and the quality of the network connection. After downloading the new software, the switch will automatically restart itself.
Parameters shown on this screen are indicated in the following figure and table.
Alcatel OmniStack 8008
< TFTP Download New Software >
Download Server IP :
Agent Software Upgrade
Download Filename
Download Mode
: ENABLED
:
: PERMANENT
Parameter
Download Server IP
Agent Software
Upgrade
Download Filename
Download Mode
[Process TFTP
Download]
Download Status
[Process TFTP Download]
Download status : Complete
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Description
IP address of a TFTP server.
Indicates that the switch is enabled for software upgrades.
The binary file to download to the switch.
Downloads to permanent flash ROM.
Issues a request to the TFTP server to download the specified file.
Indicates if a download is “Complete” or “In Progress.”
2-18
Management Setup Menu
Saving the System Configuration
Use the Configuration Save & Restore menu to save the switch configuration settings to a file on a TFTP server. The file can be later downloaded to the switch to restore the switch’s settings. The success of the operation depends on the accessibility of the TFTP server and the quality of the network connection.
Parameters shown on this screen are indicated in the following figure and table.
Alcatel OmniStack 8008
< Configuration Upload >
Upload Server IP
Upload Filename
:
:
[Process TFTP Upload]
Upload status : Complete
< Configuration Download >
Download Server IP
Download Filename
:
:
[Process TFTP Download]
Download status : Complete
<Apply> <OK> <Cancel>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Configuration Upload
Upload Server IP
Upload Filename
[Process TFTP Upload]
Description
IP address of a TFTP server.
The name of the file to contain the switch configuration settings.
Issues a request to upload the configuration settings to the specified file on the TFTP server.
Indicates if an upload is “Complete” or “In Progress.” Upload Status
Configuration Download
Download Server IP
Download Filename
IP address of a TFTP server.
The name of the file that contains the switch configuration settings you wish to restore.
[Process TFTP Download] Issues a request to the TFTP server to download the specified file.
Download Status Indicates if a download is “Complete” or “In Progress.”
2-19
Console Interface
Managing the Switch
Use the Management Configuration screen to configure the management access of the switch.
Alcatel OmniStack 8008
< Management Configuration >
Management VLAN
VLAN
: ONE
: 1
VLAN
<Apply> <Ok> <Cancel>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
Management VLAN
Description
Allows management access of the switch from all VLANs or only from a specified VLAN. If this field is set to “ONE” then the single VLAN with management acces must be set in the “VLAN” field.
The ID of the only VLAN with management access to the switch when the “Management VLAN” field is set to “ONE.”
2-20
Management Setup Menu
Configuring the Banner Message
The Banner Message is a login security alert message. It will be presented to a user attempting to log into the switch via console or Telnet, before prompting for a user name and password. Use the Banner Message Configuration screen to write and set the Banner Message.
You can type, or paste, the banner message into the screen one row at a time, using the arrow keys to move from one row to the next. For example, to paste text using
Windows HyperTerminal, select “Paste to Host” from the Edit menu in the menu bar.
Note that the maximum line length in the screen is 80 characters. The first page of a sample Banner Message is shown below.
Alcatel OmniStack 8008
< Banner Message Configuration >
SECURITY ALERT
This is an Organization Z computer system. This computer system, including all related equipment, networks, and network devices
(specifically including Internet access and access to restricted sites) is provided only for authorized use. Organization Z computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability, and operational security. Monitoring includes active attacks by authorized Organization Z entities to test or verify the security of this system. During monitoring, information may be examined, recorded, copied and used for authorized purposes. All information, including personal information, placed or sent over this system may be monitored.
Use of this Organization Z computer system, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution.
<Apply> <Ok> <Cancel>
Page : 1
<Prev Page>
Total 4 Pages
<Next Page>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Note: After entering text, use <Apply> to confirm the text that you have entered or <OK> to confirm the text and return to the Management Setup menu. Use <Cancel> to cancel the text that you have just entered and return to the Management Setup menu. Use <Prev Page> and <Next Page> to scroll through the banner message.
2-21
Console Interface
Configuring the Switch
The Switch Configuration Menu is used to control a broad range of functions, including port configuration, Spanning Tree support for redundant switches, port mirroring, multicast filtering, and Virtual LANs. Each of the setup screens provided by these configuration menus is described in the following sections.
Alcatel OmniStack 8008
< Switch Configuration Menu >
Port Configuration
Port State
Spanning Tree Configuration
Spanning Tree Information
Mirror Port Configuration
Port Trunking Configuration
IGMP Configuration
BStorm Control Configuration
Port Security Configuration
Extended Bridge Configuration
802.1P Configuration
802.1Q VLAN Base Information
802.1Q VLAN Current Table Information
802.1Q VLAN Static Table Configuration
802.1Q VLAN Port Configuration
Port GARP Configuration
Port GMRP Configuration
Selection
Port Configuration
Port State
Spanning Tree
Configuration
Spanning Tree
Information
Mirror Port
Configuration
Port Trunking
Configuration
IGMP Configuration
BStorm Control
Configuration
Port Security
Configuration
2-22
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Description
Sets communication parameters for ports.
Displays current port settings and port status.
Configures the switch and its ports to participate in a local Spanning Tree.
Displays the current Spanning Tree configuration for the switch and its ports.
Sets the source and target ports for mirroring.
Specifies ports to group into aggregate trunks.
Configures IGMP multicast filtering.
Allows you to enable/disable broadcast storm control on a per-port basis and set the packet-per-second threshold.
Allows you to enable and configure port security for the switch.
Configuring the Switch
Selection
Extended Bridge
Configuration
802.1P Configuration
802.1Q VLAN
Base Information
802.1Q VLAN Current
Table Information
Description
Displays/configures extended bridge capabilities provided by this switch, including support for traffic classes, and VLAN extensions.
Configures default port priorities and queue assignments.
Displays basic VLAN information, such as VLAN version number and maximum VLANs supported.
Displays VLAN groups and port members.
802.1Q VLAN Static
Table Configuration
Configures VLAN groups via static assignments, including setting port members, or restricting ports from being dynamically added to a port by the
GVRP protocol.
802.1Q VLAN Port
Configuration
Port GARP
Configuration*
Displays/configures port-specific VLAN settings, including PVID, ingress filtering, and GVRP.
Configures generic attribute settings used in the Spanning Tree Algorithm,
VLAN registration, and multicast filtering.
Configures GMRP multicast filtering. Port GMRP
Configuration*
* Not implemented in the current firmware release.
2-23
Console Interface
Configuring Port Parameters
Use the Port Configuration menus to set or display communication parameters for any port on the switch.
Alcatel OmniStack 8008
< Port Configuration >
Flow Control mode of all ports : [Enable] [Disable]
Port Type Admin Flow Control Speed and Duplex
-------------------------------------------------------------------
1
2
1000SX
1000SX
ENABLED
ENABLED
DISABLED
DISABLED
AUTO
1000_FULL
5
6
3
4
7
8
1000SX
1000SX
1000SX
1000SX
1000SX
1000SX
ENABLED
ENABLED
ENABLED
ENABLED
ENABLED
ENABLED
DISABLED
DISABLED
DISABLED
DISABLED
DISABLED
DISABLED
AUTO
AUTO
AUTO
AUTO
AUTO
AUTO
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move. <Enter> to select
Parameter
Flow Control mode of all ports
Type
Admin
Flow Control
Speed and Duplex
Default Description
DISABLED Allows you to enable or disable flow control for all ports on the switch.
ENABLED
Shows port type as 1000SX (1000BASE-SX)
Allows you to disable a port due to abnormal behavior
(e.g., excessive collisions), and then re-enable it after the problem has been resolved. You may also disable a port for security reasons.
DISABLED
AUTO
Used to enable or disable flow control. Flow control can eliminate frame loss by “blocking” traffic from end stations or segments connected directly to the switch when its buffers fill. Back pressure is used for half duplex and IEEE 802.3x for full duplex.
Used to set the current port speed, duplex mode, and auto-negotiation.
Note: If you experience problems establishing a port link using auto-negotiation, try forcing the setting of the port to 1000_FULL or 1000_HALF.
2-24
Configuring the Switch
Viewing the Current Port Configuration
The Port State screen displays the port type, status, link state, and flow control in use, as well as the communication speed and duplex mode. To change any of the port settings, use the Port Configuration menu.
Alcatel OmniStack 8008
< Port State >
Speed and Duplex
InUse
Port Type Operational Link FlowControl Speed and
InUse Duplex InUse
-------------------------------------------------------------
1.
1000SX YES UP NONE 1000-FULL
2.
1000SX
3.
1000SX
4.
1000SX
5.
1000SX
YES
YES
YES
YES
UP
UP
UP
UP
NONE
NONE
NONE
NONE
1000-FULL
1000-FULL
1000-FULL
1000-FULL
6.
1000SX
7.
1000SX
8.
1000SX
YES
YES
YES
UP
UP
UP
NONE
NONE
NONE
1000-FULL
1000-FULL
1000-FULL
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Parameter
Type
Operational
Link
FlowControl InUse
Description
Shows port type as 1000SX (1000BASE-SX).
Shows if the port is functioning or not.
Indicates if the port has a valid connection to an external device.
Shows the flow control type in use. Flow control can eliminate frame loss by
“blocking” traffic from end stations connected directly to the switch. Back pressure is used for half duplex and IEEE 802.3x for full duplex.
Displays the current port speed and duplex mode used.
2-25
Console Interface
Using the Spanning Tree Algorithm
The Spanning Tree Algorithm can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STA-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network. For a more detailed description of how to use this algorithm, refer to
“Spanning Tree Algorithm” on page 4-1.
Alcatel OmniStack 8008
< Spanning Tree Configuration Menu >
Spanning Tree Bridge Configuration
Spanning Tree Port Configuration
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
2-26
Configuring Bridge STA
The following figure and table describe Bridge STA configuration.
Alcatel OmniStack 8008
Configuring the Switch
< Spanning Tree Bridge Configuration >
Spanning Tree Protocol
Bridge Priority
Hello Time (in seconds)
Max Age (in seconds)
: On
: 32768
: 2
: 20
Forward Delay (in seconds) : 15
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
Spanning Tree Protocol
Priority
Hello Time
Default Description
On Enable this parameter to participate in an STA-compliant network.
32,768 Device priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STA root device. However, if all devices have the same priority, the device with the lowest MAC address will then become the root device.
Enter a value from 0 - 65535.
Remember that the lower the numeric value, the higher the priority.
2 Time interval (in seconds) at which the root device transmits a configuration message.
The minimum value is1.
The maximum value is the lower of 10 or [(Max. Message Age / 2) -1].
2-27
Console Interface
Parameter
Max (Message) Age
Forward Delay
Default Description
20 The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages at regular intervals. Any port that ages out
STA information (provided in the last configuration message) becomes the designated port for the attached
LAN. If it is a root port, a new root port is selected from among the device ports attached to the network.
The minimum value is the higher of 6 or [2 x (Hello Time + 1)].
The maximum value is the lower of 40 or [2 x (Forward Delay - 1)].
15 The maximum time (in seconds) the root device will wait before changing states (i.e., listening to learning to forwarding). This delay is required because every device must receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen for conflicting information that would make it return to a blocking state; otherwise, temporary data loops might result.
The maximum value is 30.
The minimum value is the higher of 4 or [(Max. Message Age / 2) + 1].
Configuring STA for Ports
The following figure and table describe STA configuration for ports.
Alcatel OmniStack 8008
< Spanning Tree Port Configuration >
Fast forwarding mode of all ports : [Enable]
Port Type Priority Cost
[Disable]
FastForwarding
-------------------------------------------------------
1 1000SX 128 4 ENABLED
4
5
2
3
1000SX
1000SX
1000SX
1000SX
128
128
128
128
4
4
4
4
ENABLED
ENABLED
ENABLED
ENABLED
6
7
8
1000SX
1000SX
1000SX
128
128
128
4
4
4
ENABLED
ENABLED
ENABLED
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move. <Enter> to select
2-28
Configuring the Switch
Parameter
Fast forwarding mode of all ports
Type
Priority
(Path) Cost
FastForwarding
Default Description
ENABLED Allows you to enable or disable fast forwarding for all ports on the switch.
128
Shows the port type as 1000SX (1000Base-SX).
Defines the priority for the use of a port in the STA algorithm. If the path cost for all ports on a switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the spanning tree. When more than one port is assigned the highest priority, the port with lowest numeric identifier will be enabled.
The range is 0 - 255.
100/19/4
ENABLED
This parameter is used by the STA algorithm to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media.
(Path cost takes precedence over port priority.)
The default and recommended range is:
Ethernet: 100 (50~600)
Fast Ethernet: 19 (10~60)
Gigabit Ethernet: 4 (3~10)
The full range is 0 - 65535.
This parameter is used to enable/disable the Fast
Spanning Tree mode for the port. In this mode, ports skip the Blocked, Listening and Learning states and proceed straight to Forwarding.
FastForwarding enables end-node workstations and servers to overcome time-out problems when the
Spanning Tree Algorithm is implemented in a network.
Therefore, FastForwarding should only be enabled for ports that are connected to an end-node device.
2-29
Console Interface
Viewing the Current Spanning Tree Information
The Spanning Tree Information screen displays a summary of the STA information for the overall bridge or for a specific port. To make any changes to the parameters for the Spanning Tree, use the Spanning Tree Configuration menu.
Alcatel OmniStack 8008
< Spanning Tree Information Menu >
Spanning Tree Bridge State
Spanning Tree Port State
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
2-30
Configuring the Switch
Displaying the Spanning Tree Bridge State
The parameters shown in the following figure and table describe the current Bridge
STA Information.
Alcatel OmniStack 8008
< Spanning Tree Bridge State >
Bridge Priority
Hello Time (in seconds)
: 32768
: 2
Max Age (in seconds) : 20
Forward Delay (in seconds) : 5
Hold Time (in seconds)
Designated Root
Root Cost
Root Port
Configuration Changes
Topology Up Time
: 1
: 128.0000E800E800
: 4
: 8
: 152
: 112844 (0 day 0 hr 18 min 48 sec)
<OK>
<Enter> to select.
Parameter
Priority
Hello Time
Max Age
Forward Delay
Hold Time
Designated Root
Root Cost
Root Port
Configuration Changes
Topology Up Time
Description
Device priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STA root device.
However, if all devices have the same priority, the device with the lowest MAC address will then become the root device.
The time interval (in seconds) at which the root device transmits a configuration message.
The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure.
The maximum time (in seconds) the root device will wait before changing states (i.e., listening to learning to forwarding).
The minimum interval between the transmission of consecutive Configuration
BPDUs.
The priority and MAC address of the device in the spanning tree that this switch has accepted as the root device.
The path cost from the root port on this switch to the root device.
The number of the port on this switch that is closest to the root. This switch communicates with the root device through this port. If there is no root port, then this switch has been accepted as the root device of the spanning tree network.
The number of times the spanning tree has been reconfigured.
The time since the spanning tree was last reconfigured.
2-31
Console Interface
Displaying the Spanning Tree Port State
The parameters shown in the following figure and table are for port STA Information.
Alcatel OmniStack 8008
< Spanning Tree Port State >
Port Type Status Designated
Cost
Designated
Bridge
Designated
Port
----------------------------------------------------------------------
1 1000SX NO LINK 4 32768.0010B54C1EB6
128.1
4
5
2
3
1000SX
1000SX
1000SX
1000SX
NO LINK
NO LINK
NO LINK
NO LINK
4
4
4
4
32768.0010B54C1EB6
32768.0010B54C1EB6
32768.0010B54C1EB6
32768.0010B54C1EB6
128.2
128.3
128.4
128.5
6
7
8
1000SX
1000SX
1000SX
NO LINK
NO LINK
NO LINK
4
4
4
32768.0010B54C1EB6
32768.0010B54C1EB6
32768.0010B54C1EB6
128.6
128.7
128.8
<Ok>
Use <TAB> or arrow keys to move. <Enter> to select.
Parameter
Type
Status
Designated Cost
Designated
Bridge (ID)
Designated Port
(ID)
Description
Shows port type as 1000SX (1000BASE-SX).
Displays the current state of this port within the spanning tree:
Disabled Port has been disabled by the user or has failed diagnostics.
No Link There is no valid link on the port.
Blocking Port receives STA configuration messages, but does not forward packets.
Listening Port will leave blocking state due to topology change, starts transmitting configuration messages, but does not yet forward packets.
Learning Has transmitted configuration messages for an interval set by the
Forward Delay parameter without receiving contradictory information.
Port address table is cleared, and the port begins learning addresses.
Forwarding The port forwards packets, and continues learning addresses.
The rules defining port status are:
• A port on a network segment with no other STA-compliant bridging device is always forwarding.
• If two ports of a switch are connected to the same segment and there is no other
STA device attached to this segment, the port with the smaller ID forwards packets and the other is blocked.
• All ports are blocked when the switch is booted, then some of them change state to listening, to learning, and then to forwarding.
The cost for a packet to travel from this port to the root in the current spanning tree configuration. The slower the media, the higher the cost.
The priority and MAC address of the device through which this port must communicate to reach the root of the spanning tree.
The priority and number of the port on the designated bridging device through which this switch must communicate with the root of the spanning tree.
2-32
Configuring the Switch
Using a Mirror Port for Analysis
You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a network sniffer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. When mirroring port traffic, note that the target port must be configured in the same VLAN as the
source port (see “Configuring Virtual LANs” on page 2-44).
You can use the Mirror Port Configuration screen to designate a single port pair for mirroring as shown below:
Alcatel OmniStack 8008
< Mirror Port Configuration >
Mirror Source Port : Port 1
Mirror Target Port : Port 2
Status : DISABLED
Parameter
Mirror Source Port
Mirror Target Port
Status
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Description
The port whose traffic will be monitored.
The port that will duplicate or “mirror” all the traffic happening on the monitored port.
Enables or disables the mirror function.
2-33
Console Interface
Configuring Port Trunks
Port trunks can be used to increase the bandwidth of a network connection or to ensure fault recovery. You can configure up to four trunk connections (combining
2~4 ports into a fat pipe) between any two OmniStack 8008 switches. However, before making any physical connections between devices, use the Trunk
Configuration menu to specify the trunk on the devices at both ends. When using a port trunk, note that:
• Ports can only be assigned to one trunk.
• The ports at both ends of a connection must be configured as trunk ports.
• The ports at both ends of a trunk must be configured in an identical manner, including duplex mode, and VLAN assignments.
• None of the ports in a trunk can be configured as a mirror source port or mirror target port.
• All the ports in a trunk have to be treated as a whole when moved from/to, added or deleted from a VLAN.
• The Spanning Tree Algorithm will treat all the ports in a trunk as a whole.
• Enable the trunk prior to connecting any cable between the switches to avoid creating a loop.
• Disconnect all trunk port cables or disable the trunk ports before removing a port trunk to avoid creating a loop.
2-34
Configuring the Switch
You can use the Port Trunking Configuration screen to set up port trunks as shown below. Remember that you must “Enable” a new configuration before it will take effect.
Alcatel OmniStack 8008
< Port Trunking Configuration >
Trunk ID Status
1
Member List
2 3 4
--------------------------------------------------------
--------Port : -Port : -Port : -Port : --
--
--
-------Port : -Port : -Port : -Port : --
-------Port : -Port : -Port : -Port : --
Trunk ID : 1
[Show]
[Enable]
[More]
[Disable]
Trunk ID : 1 Member Port : 1
[Add] [Delete]
<OK>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Trunk ID
Port
[Show]
[More]
[Enable] [Disable]
Description
Configure up to four trunks per switch (ID of 1~4).
Select from 2~4 ports per trunk.
Displays trunk settings, where the first trunk listed is specified by “Sorted by
Trunk ID.”
Scrolls through the list of configured trunks.
Enables/disables the selected trunk.
2-35
Console Interface
IGMP Multicast Filtering
Multicasting is used to support real-time applications such as video conferencing or streaming audio. A multicast server does not have to establish a separate connection with each client. It merely broadcasts its service to the network, and any hosts which want to receive the multicast register with their local multicast switch/ router. Although this approach reduces the network overhead required by a multicast server, the broadcast traffic must be carefully pruned at every multicast switch/router it passes through to ensure that traffic is only passed on the hosts which subscribed to this service.
This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts who want to receive a specific multicast service. The switch looks up the IP Multicast Group used for this service and adds any port which received a similar request to that group. It then propagates the service request on to any neighboring multicast switch/router to ensure that it will continue to receive the
multicast service. (For more information, see “IGMP Snooping” on page 4-5.)
2-36
Configuring the Switch
Configuring IGMP
This protocol allows a host to inform its local switch/router that it wants to receive transmissions addressed to a specific multicast group. You can use the IGMP
Configuration screen to configure multicast filtering shown below:
Alcatel OmniStack 8008
< IGMP Configuration >
IGMP Status
IGMP Query Count
: DISABLED
: 2
IGMP Report Delay (Seconds) : 10
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
IGMP Status
IGMP Query Count
IGMP Report Delay
Description
If enabled, the switch will monitor network traffic to determine which hosts want to receive multicast traffic.
The maximum number of queries issued for which there has been no response before the switch takes action to solicit reports.
The time (in seconds) between receiving an IGMP Report for an IP multicast address on a port before the switch sends an IGMP Query out of that port and removes the entry from its list.
Note: The default values are indicated in the sample screen.
2-37
Console Interface
Configuring Broadcast Storm Control
Use the Broadcast Storm Control Configuration screen to enable broadcast storm control for any port on the switch, as shown below.
Alcatel OmniStack 8008
< Broadcast Storm Control Configuration >
Broadcast control on all ports :
Port Threshold
[Enable] [Disable]
Broadcast Control
-------------------------------------------------------
1 500 ENABLED
4
5
2
3
500
500
500
500
ENABLED
ENABLED
ENABLED
ENABLED
6
7
8
500
500
500
ENABLED
ENABLED
ENABLED
<Apply> <OK>
Use <TAB> or arrow keys to move. <Enter> to select
<Cancel>
Parameter Description
Broadcast control on all ports Allows you to enable/disable broadcast storm control for all ports on the switch.
Threshold
Broadcast Control
The packet-per-second threshold for broadcast packets on the port.
(Default is 500 pps.)
Enables/disables broadcast control for the port. When enabled, the switch will employ a broadcast-control mechanism if the packet-per-second threshold is exceeded. This mechanism limits the amount of broadcasts passed by the port to half of the received packet-per-second count. The control mechanism remains in effect until the number of received broadcasts falls back below the packet-per-second threshold. (Default is Enabled.)
2-38
Configuring the Switch
Port Security Configuration
Use the Port Security Configuration screen to enable and configure port security for the switch. Port Security allows you to configure each port with a list of MAC addresses of devices that are authorized to access the network through that port.
Alcatel OmniStack 8008
< Port Security Configuration >
MAC Address MAC Address
--------------------------------------------------
Parameter
MAC Address
Secure address count
Port
[Show]
[More]
Mode
[Apply]
MAC
[Add]
[Delete]
[Clear]
Secure address count : 0
Port : 1
[Show]
Mode:DISABLE
[More]
[Apply]
MAC
[Add]
: 00-00-00-00-00-00
[Clear]
[Delete]
<OK>
Use <TAB> or arrow keys to move. <Enter> to select
Description
A list of the authorized MAC addresses that can access the network through the specified port.
The number of authorized MAC addresses for the specified port.
Numeric identifier for switch port.
Displays authorized MAC addresses for the specified port.
Displays more MAC addresses for the port.
Port security can be set to three states; Static, Disable, or Learning. When set to Static, the switch will drop packets from the port if the source MAC address does not match one of the addresses in the MAC Address list. If set to Learning, the switch will add the source MAC address of all packets received on the port to the authorized MAC Address list.
Applies a change of Mode to the port.
A specific MAC address to be added or deleted from the list.
Adds a new MAC address to the current list.
Removes a MAC address from the current list.
Clears all the MAC addresses for the current port.
2-39
Console Interface
Configuring Bridge MIB Extensions
The Bridge MIB includes extensions for managed devices that support Traffic
Classes, Multicast Filtering and Virtual LANs. To configure these extensions, use the
Extended Bridge Configuration screen as shown below:
Alcatel OmniStack 8008
< Extended Bridge Configuration >
Bridge Capability : (Read Only)
Extended Multicast Filtering Services : NO
Traffic Classes
Static Entry Individual Port
: YES
: YES
VLAN Learning
Configurable PVID Tagging
Local VLAN Capable
: IVL
: YES
: NO
Bridge Settings :
Traffic Classes
GMRP
GVRP
: TRUE
: DISABLED
: DISABLED
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
Bridge Capability
Extended Multicast
Filtering Services
Traffic Classes
Static Entry Individual
Port
VLAN Learning
Configurable
PVID Tagging
Local VLAN Capable
Description
Indicates that the switch does not support the filtering of individual multicast addresses based on GMRP (GARP Multicast Registration Protocol). Note that this function is not implemented for the current firmware release.
Indicates that the switch provides mapping of user priorities to multiple traffic classes. (Refer to 802.1P Configuration.)
Indicates that the switch allows static filtering for unicast and multicast addresses. (Refer to Network Monitor Menu / Static Unicast Address Table
Configuration and Static Multicast Address Table Configuration.)
This switch uses Independent VLAN Learning (IVL), whereby each port maintains its own VLAN filtering database.
Indicates that the switch allows you to override the default PVID setting (Port
VLAN ID used in frame tags) and its egress status (VLAN-Tagged or
Untagged) on each port. (Refer to 802.1Q VLAN Port Configuration.)
This switch does not support multiple local bridges (that is, multiple Spanning
Trees).
2-40
Configuring the Switch
Parameter
Bridge Settings
Traffic Class*
Description
GMRP*
Multiple traffic classes are supported by this switch as indicated under Bridge
Capabilities. However, you can disable this function by setting this parameter to False.
GARP Multicast Registration Protocol (GMRP) allows network devices to register endstations with multicast groups.
The Internet Group Management Protocol (IGMP) is currently used by this switch to provide automatic multicast filtering.
GVRP* GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register necessary VLAN members on ports across the network. This function should be enabled to permit VLANs groups which extend beyond the local switch.
* Not implemented in the current firmware release.
Configuring Traffic Classes
IEEE 802.1p defines up to 8 separate traffic classes. This switch supports Quality of
Service (QoS) by using two priority queues, with Weighted Fair Queuing for each port. You can use the 802.1P Configuration menu to configure the default priority for each port, or to display the mapping for the traffic classes as described in the following sections.
Alcatel OmniStack 8008
< 802.1P Configuration >
802.1P Port Priority Configuration
802.1P Port Traffic Class Information
<Ok>
Use <TAB> or arrow keys to move. <Enter> to select.
2-41
Console Interface
Port Priority Configuration
The default priority for all ingress ports is zero. Therefore, any inbound frames that do not have priority tags will be placed in the low priority output queue. Default priority is only used to determine the output queue for the current port; no priority tag is actually added to the frame. You can use the 802.1P Port Priority Configuration menu to adjust default priority for any port as shown below:
Alcatel OmniStack 8008
< 802.1P Port Priority Configuration >
Port Default Ingress
User Priority
Number of Egress
Traffic Class
-----------------------------------------------
1 0 2
4
5
2
3
0
0
0
0
2
2
2
2
6
7
8
0
0
0
2
2
2
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Port
Default Ingress User
Priority
Number of Egress
Traffic Classes
Description
Numeric identifier for switch port.
Default priority can be set to any value from 0~7, where 0~3 specifies the low priority queue and 4~7 specifies the high priority queue.
Indicates that this switch supports two priority output queues.
2-42
Configuring the Switch
802.1P Port Traffic Class Information
This switch provides two priority levels with weighted fair queuing for port egress.
This means that any frames with a default or user priority from 0~3 are sent to the low priority queue “0” while those from 4~7 are sent to the high priority queue “1” as shown in the following screen:
Alcatel OmniStack 8008
< 802.1P Port Traffic Class Information >
Port User Priority
0 1 2 3 4 5 6 7
-----------------------------------------------------
1
2
0
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
5
6
3
4
7
8
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Parameter
Port
User Priority
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Description
Numeric identifier for switch port.
Shows that user priorities 0~3 specify the low priority queue and 4~7 specify the high priority queue.
2-43
Console Interface
Configuring Virtual LANs
You can use the VLAN configuration menu to assign any port on the switch to any of up to 256 LAN groups. In conventional networks with routers, broadcast traffic is split up into separate domains. Switches do not inherently support broadcast domains. This can lead to broadcast storms in large networks that handle a lot of
IPX and NetBEUI traffic. By using IEEE 802.1Q compliant VLANs and GARP VLAN
Registration Protocol, you can organize any group of network nodes into separate broadcast domains, confining broadcast traffic to the originating group. This also provides a more secure and cleaner network environment. For more information on
how to use VLANs, see “Virtual LANs” on page 4-2. The VLAN configuration
screens are described in the following sections.
802.1Q VLAN Base Information
The 802.1Q VLAN Base Information screen displays basic information on the VLAN type supported by this switch.
Alcatel OmniStack 8008
< 802.1Q VLAN Base Information >
VLAN Version Number
MAX VLAN ID
: 1
: 2048
MAX Supported VLANs : 256
Current Number of 802.1Q VLANs Configured : 1
<OK>
<Enter> to select.
Parameter
VLAN Version Number
MAX VLAN ID
MAX Supported VLANs
Current Number of
VLANs Configured
Description
The VLAN version used by this switch as specified in the IEEE 802.1Q standard.
Maximum VLAN ID recognized by this switch.
Maximum number of VLANs that can be configured on this switch.
The number of VLANs currently configured on this switch.
Note: All ports are assigned only to VLAN 1 by default.
2-44
Configuring the Switch
802.1Q VLAN Current Table Information
This screen shows the current port members of each VLAN and whether or not the port supports VLAN tagging. Ports assigned to a large VLAN group that crosses several switches should use VLAN tagging. However, if you just want to create a small port-based VLAN for one or two switches, you can assign ports to the same
untagged VLAN (page 2-48). The current configuration is shown in the following
figure.
Alcatel OmniStack 8008
< 802.1Q VLAN Current Table Information >
Deleted VLAN Entry Counts : 0
VID Creation Time Status
----------------------------------------------------------------
1 0 (0 day 0 hr 0 min 0 sec) Permanent
Current Egress Ports
11111111
Current Untagged Ports
11111111
Port 1 Port 8
Sorted by VID : 1
[Show] [More]
<OK>
Use <TAB> or arrow keys to move. <Enter> to select
Parameter
Deleted VLAN Entry Counts
VID
Creation Time
Status
Current Egress Ports
Current Untagged Ports
[Show]
[More]
Description
The number of times a VLAN entry has been deleted from this table.
The ID for the VLAN currently displayed.
The value of sysUpTime (System Up Time) when this VLAN was created.
Shows how this VLAN was added to the switch:
Dynamic GVRP: Automatically learned via GVRP.
Permanent: Added as a static entry.
Shows the ports which have been added to the displayed VLAN group, where “1” indicates that a port is a member and “0” that it is not.
If a port has been added to the displayed VLAN (see Current Egress
Ports), its entry in this field will be “1” if the port is untagged or “0” if tagged.
Displays the members for the VLAN indicated by the “Sorted by VID” field.
Displays any subsequent VLANs if configured.
2-45
Console Interface
802.1Q VLAN Static Table Configuration
Use this screen to create a new VLAN or modify the settings for an existing VLAN.
You can add/delete port members for a VLAN, or prevent a port from being automatically added to a VLAN via the GVRP protocol. (Also, note that all ports can only belong to one untagged VLAN. This is set to VLAN 1 by default, but can be
changed via the 802.1Q VLAN Port Configuration screen on page 2-48.)
Alcatel OmniStack 8008
< 802.1Q VLAN Static Table Configuration >
Egress Ports
11111111
VID VLAN Name Status
------------------------------
1 Active
Forbidden Egress Ports
00000000
Untagged Ports
11111111 VID : 1
[Show]
[More]
[New]
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
VID
VLAN Name
Status
Egress Ports
Forbidden Egress Ports
Untagged Ports
[Show]
[More]
[New]
Description
The ID for the VLAN currently displayed.
Range: 1-2048
A user-specified symbolic name for this VLAN.
String length: Up to 8 alphanumeric characters
Sets the current editing status for this VLAN as:
Not in Service, Destroy, or Active.
Set the entry for any port in this field to “1” to add it to the displayed VLAN, or
“0” to remove it from the VLAN.
Prevents a port from being automatically added to this VLAN via GVRP.
Set the entry for any port in this field to “1” to add it to the displayed VLAN as an untagged port.
Displays settings for the specified VLAN.
Displays consecutively numbered VLANs.
Sets up the screen for configuring a new VLAN.
Note: No VLANs are statically configured by default.
2-46
Configuring the Switch
For example, the following screen displays settings for VLAN 2, which includes tagged ports 1-4, and forbidden port 8.
Alcatel OmniStack 8008
< 802.1Q VLAN Static Table Configuration >
Egress Ports
11110000
VID VLAN Name Status
------------------------------
2 Active
Forbidden Egress Ports
00000001
Untagged Ports
00000000 VID : 2
[Show]
[More]
[New]
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
2-47
Console Interface
802.1Q VLAN Port Configuration
Use this screen to configure port-specific settings for IEEE 802.1Q VLAN features.
Alcatel OmniStack 8008
< 802.1Q VLAN Port Configuration >
Port PVID Acceptable Ingress GVRP GVRP Failed GVRP Last
Frame Type Filtering Status Registrations PDU Origin
--------------------------------------------------------------------------
1
2
1
1
All
All
FALSE
FALSE
DISABLED
DISABLED
0
0
00-00-00-00-00-00
00-00-00-00-00-00
3
4
5
6
7
8
1
1
1
1
1
1
All
All
All
All
All
All
FALSE
FALSE
FALSE
FALSE
FALSE
FALSE
DISABLED
DISABLED
DISABLED
DISABLED
DISABLED
DISABLED
0
0
0
0
0
0
00-00-00-00-00-00
00-00-00-00-00-00
00-00-00-00-00-00
00-00-00-00-00-00
00-00-00-00-00-00
00-00-00-00-00-00
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
PVID
Acceptable Frame
Type 1
Ingress Filtering 1
Description
The VLAN ID assigned to untagged frames received on this port. Use the
PVID to assign ports to the same untagged VLAN.
This switch accepts “All” frame types, including VLAN tagged or VLAN untagged frames. Note that all VLAN untagged frames received on this port are assigned to the PVID for this port.
If set to “True,” incoming frames for VLANs which do not include this port in their member set will be discarded at the inbound port.
GVRP Status 2
Enables or disables GVRP for this port. When disabled, any GVRP packets received on this port will be discarded and no GVRP registrations will be propagated from other ports.
Note that GVRP must be enabled for the switch before this setting can take effect. (See Switch Configuration Menu / Extended Bridge Configuration.)
GVRP Failed
Registrations 2
The total number of failed GVRP registrations, for any reason, on this port.
GVRP Last PDU Origin 2 The Source MAC Address of the last GVRP message received on this port.
1. This control does not affect VLAN independent BPDU frames, such as GVRP or STP. However, it does affect VLAN dependent BPDU frames, such as GMRP.
2. GVRP is not available for the current firmware release.
2-48
Monitoring the Switch
Monitoring the Switch
The Network Monitor Menu provides access to port statistics, RMON statistics, IP multicast addresses, and the static (unicast) address table. Each of the screens provided by these menus is described in the following sections.
Alcatel OmniStack 8008
< Network Monitor Menu >
Port Statistics
RMON Statistics
Unicast Address Table
Multicast Address Registration Table
IP Multicast Registration Table
Static Unicast Address Table Configuration
Static Multicast Address Table Configuration
<OK>
Use <TAB> or arrow keys to move. <Enter> to select.
Parameter
Port Statistics
RMON Statistics
Unicast
Address Table
Multicast Address
Registration Table*
IP Multicast Registration
Table
Static Unicast Address
Table Configuration
Description
Displays statistics on network traffic passing through the selected port.
Displays detailed statistical information for the selected port such as packet type and frame size counters.
Provides full listing of all unicast addresses stored in the switch, as well as sort, search and clear functions.
Displays the ports that belong to each GMRP Muticast group.
Displays the ports that belong to each IP Muticast group.
Allows you to display or configure static unicast addresses.
Static Multicast Address
Table Configuration*
Allows you to display or configure static GMRP multicast addresses.
* Not implemented in the current firmware release.
2-49
Console Interface
Displaying Port Statistics
Port Statistics display key statistics from the Ethernet-like MIB for each port. Error statistics on the traffic passing through each port are displayed. This information can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). The values displayed have been accumulated since the last system reboot.
Select the required port. The statistics displayed are indicated in the following figure and table.
Alcatel OmniStack 8008
< Port Statistics > Port 1
Ether Like Counter :
Alignment Errors
FCS Errors
: 0
: 0
Single Collision Frames : 0
Multiple Collision Frames: 0
SQE Test Errors : 0
Deferred Transmissions : 0
[Refresh Statistics]
Late Collisions
Excessive Collisions
: 0
: 0
Internal Mac Transmit Errors: 0
Carrier Sense Errors : 0
Frame Too Longs : 0
Internal Mac Receive Errors : 0
[Reset Counters]
<OK> <PREV PORT> <NEXT PORT>
Use <TAB> or arrow keys to move. <Enter> to select
Parameter
Alignment Errors
Description
The number of frames received that are not an integral number of octets in length and do not pass the FCS check.
FCS Errors The number of frames received that are an integral number of octets in length but do not pass the FCS check.
Single Collision Frames* The number of successfully transmitted frames for which transmission is inhibited by exactly one collision.
Multiple Collision
Frames*
SQE Test Errors*
Deferred
Transmissions*
Late Collisions
A count of successfully transmitted frames for which transmission is inhibited by more that one collision.
A count of times that the SQE TEST ERROR message is generated by the
PLS sublayer.
A count of frames for which the first transmission attempt on a particular interface is delayed because the medium was busy.
The number of times that a collision is detected later than 512 bit-times into the transmission of a packet.
2-50
Monitoring the Switch
Parameter
Excessive Collisions*
Internal Mac
Transmit Errors*
Carrier Sense Errors*
Description
The number of frames for which transmission failed due to excessive collisions.
The number of frames for which transmission failed due to an internal MAC sublayer transmit error.
The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame.
Frame Too Longs
Internal Mac
Receive Errors
The number of frames received that exceed the maximum permitted frame size.
The number of frames for which reception failed due to an internal MAC sublayer receive error.
* The reported values will always be zero because these statistics are not supported by the internal chip set.
Displaying RMON Statistics
Use the RMON Statistics screen to display key statistics for each port from RMON group 1. (RMON groups 2, 3 and 9 can only be accessed using SNMP management software.) The following screen displays the overall statistics on traffic passing through each port. RMON statistics provide access to a broad range of statistics, including a total count of different frame types and sizes passing through each port.
Values displayed have been accumulated since the last system reboot.
Alcatel OmniStack 8008
< RMON Statistics > Port 1
Drop Events
Received Bytes
Received Frames
Broadcast Frames
: 4
: 438387005
: 2470786
: 2180266
Multicast Frames : 237352
CRC/Alignment Errors : 0
Undersize Frames
Oversize Frames
Fragments
: 172
: 0
: 0
[Refresh Statistics]
Jabbers
Collisions
64 Byte Frames
65-127 Byte Frames
: 0
: 0
: 715132
: 868284
128-255 Byte Frames
256-511 Byte Frames
: 502964
: 379998
512-1023 Byte Frames : 671
1024-1518 Byte Frames : 3565
[Reset Counters]
<OK> <PREV PORT> <NEXT PORT>
Use <TAB> or arrow keys to move. <Enter> to select
2-51
Console Interface
Parameter
Drop Events
Received Bytes
Received Frames
Broadcast Frames
Multicast Frames
CRC/Alignment Errors
Undersize Frames
Description
The total number of events in which packets were dropped due to lack of resources.
Total number of bytes of data received on the network. This statistic can be used as a reasonable indication of Ethernet utilization.
The total number of frames (bad, broadcast and multicast) received.
The total number of good frames received that were directed to the broadcast address. Note that this does not include multicast packets.
The total number of good frames received that were directed to this multicast address.
The number of frames received with CRC/alignment errors (FCS or alignment errors).
The total number of frames received that were less than 64 octets long
(excluding framing bits, but including FCS octets) and were otherwise well formed.
Oversize Frames
Fragments
Jabbers
Collisions
64 Byte Frames
The total number of frames received that were longer than 1518 octets
(excluding framing bits, but including FCS octets) and were otherwise well formed.
The total number of frames received that were less than 64 octets in length
(excluding framing bits, but including FCS octets) and had either an FCS or alignment error.
The total number of frames received that were longer than 1518 octets
(excluding framing bits, but including FCS octets), and had either an FCS or alignment error.
The best estimate of the total number of collisions on this Ethernet segment.
The total number of frames (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
65-127 Byte Frames
128-255 Byte Frames
The total number of frames (including bad packets) received and transmitted that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
The total number of packets (including bad packets) received and transmitted that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
1024-1518 Byte Frames The total number of packets (including bad packets) received and transmitted that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets).
2-52
Monitoring the Switch
Displaying the Unicast Address Table
The Address Table contains the MAC addresses and VLAN identifier associated with each port (that is, the source port associated with the address and VLAN), sorted by MAC address or VLAN ID. You can search for a specific address, clear the entire address table, or information associated with a specific address, or set the aging time for deleting inactive entries. The information displayed in the Address
Table is indicated in the following figure and table.
Alcatel OmniStack 8008
< Unicast Address Table >
Aging Time : 300
MAC VID
Dynamic Counts : 146
Port Status MAC
Static Counts : 0
VID Port Status
---------------------------------------------------------------------
00-00-24-B3-28-83 1 8 D 00-00-E8-00-00-02 1 8 D
00-00-E2-12-F9-F8 1
00-00-E2-16-C5-82 1
00-00-E2-20-C3-D5 1
00-00-E2-21-74-D0 1
8
8
8
8
D
D
D
D
00-00-E8-00-00-05
00-00-E8-00-00-96
00-00-E8-00-01-01
00-00-E8-07-12-5E
1
1
1
1
8
8
8
8
D
D
D
D
00-00-E2-2A-59-9A 1
00-00-E2-2E-FD-F6 1
00-00-E8-00-00-00 1
8
8
8
D 00-00-E8-11-03-51 1
D 00-00-E8-11-11-33 1
D 00-00-E8-12-12-12 1
8
8
8
D
D
D
Sorted by : MAC + VID
VLAN ID : 1
MAC
[Show]
: 00-00-00-00-00-00
[More]
Cleared by : MAC + VID
VLAN ID
MAC
[Clear]
: 1
: 00-00-00-00-00-00
[Clear Dynamic]
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, other keys to make changes.
Parameter
Aging Time
Dynamic Counts
Static Counts
MAC
VID
Port
Status
[Show]
[More]
Description
Time-out period in seconds for aging out dynamically learned forwarding information.
Range: 10 - 65534 seconds; Default: 300 seconds
The number of dynamically learned addresses in the table.
The number of static addresses in the table.
The MAC address of a node.
The VLAN(s) associated with this address or port.
The port whose address table includes this MAC address.
Indicates address status as:
D: Dynamically learned, or
P: Fixed permanently by SNMP network management software.
Displays the address table based on specified VLAN ID, and sorted by primary key MAC or VID.
Scrolls through the entries in the address table.
2-53
Console Interface
Parameter
[Clear]
[Clear Dynamic]
Description
Clears the specified MAC address.
Clears all dynamically learned MAC addresses in the table.
Displaying the IP Multicast Registration Table
Use the IP Multicast Registration Table to display all the multicast groups active on this switch, including multicast IP addresses and the corresponding VLAN ID.
Alcatel OmniStack 8008
< IP Multicast Registration Table >
VID Multicast IP Dynamic Port Lists Learned by
---------------------------------------------------------------------
1
1
224.0.0.2
224.0.0.9
00000001
00000001
IGMP
IGMP
1
1
1
224.0.1.22
224.0.1.24
224.1.2.9
00000001
00000001
00000010
IGMP
IGMP
IGMP
Sorted by
VID
: VID + Multicast IP
: 1
Multicast IP : 224.0.0.2
[Show] [More]
<OK>
Use <TAB> or arrow keys to move. <Enter> to select
Parameter
VID
Multicast IP
Dynamic Port Lists
Learned by
[Show]
[More]
Description
VLAN ID assigned to this multicast group.
IP address for specific multicast services.
The switch ports registered for the indicated multicast service.
Indicates if the ports were learned dynamically or via IGMP.
Displays the address table sorted on VID and then Multicast IP.
Scrolls through the entries in the address table.
2-54
Monitoring the Switch
Configuring Static Unicast Addresses
Use the Static Unicast Address Table Configuration screen to manually configure host MAC addresses in the unicast table. You can use this screen to associate a
MAC address with a specific VLAN ID and switch port as shown below.
Alcatel OmniStack 8008
< Static Unicast Address Table Configuration >
VID MAC Address Port Status
------------------------------------------------------------
1 00-00-00-E8-43-12 1 Permanent
Parameter
VID
MAC Address
Port
Status
[Show]
[More]
[Set]
Sorted by : VID + MAC
VID : 1
MAC : 00-00-00-00-00-00
VID : 1
Port
MAC
: 1
: 00-00-00-00-00-00
Status : Permanent
[Show] [More] [Set]
<OK>
Use <TAB> or arrow keys to move. <Enter> to select
Description
The VLAN group this port is assigned to.
The MAC address of a host device attached to this switch.
The port the host device is attached to.
The status for an entry can be set to:
Permanent: This entry is currently in use and will remain so after the next reset of the switch.
DeleteOnReset: This entry is currently in use and will remain so until the next reset.
Invalid: Removes the corresponding entry.
DeleteOnTimeOut: This entry is currently in use and will remain so until it is aged
out. (Refer to Address Table Aging Time on page 2-53.)
Other: This entry is currently in use but the conditions under which it will remain so differ from the preceding values.
Displays the static address table sorted on VID as the primary key and MAC address as secondary key.
Scrolls through entries in the static address table.
Adds the specified entry to the static address table, such as shown in the following example:
VID : 1 MAC : 00-00-00-e8-34-22
Port : : 1
Permanent
2-55
Console Interface
Resetting the System
Select the Reset System Menu under the Main Menu to reset the switch. The reset screen includes options as shown in the following figure and table.
Alcatel OmniStack 8008
< Reset System Menu >
Restart Option :
POST
Reload Factory Defaults
: YES
: NO
Keep IP Setting : NO
Keep User Authentication : NO
[Restart]
<APPLY> <OK> <CANCEL>
Use <TAB> or arrow keys to move, <Space> to scroll options.
Parameter
POST
Description
Runs the Power-On Self-Test
Reload Factory Defaults Reloads the factory defaults
Keep IP Setting Retains the settings defined in the IP Configuration menu.
Keep User
Authentication
Retains the user names and passwords defined in the Console Login
Configuration menu.
Logging Off the System
Use the Quit Current Session command under the Main Menu to exit the configuration program and terminate communications with the switch for the current session.
2-56
Chapter 3: Web Interface
Web-Based Configuration and Monitoring
In addition to the menu-driven system configuration program, this switch also provides an embedded HTTP Web agent. Using a Web browser you can configure the switch and view statistics to monitor network activity. The Web agent can be accessed by any computer on the network using a standard Web browser (Internet
Explorer 4.0 or above, or Netscape Navigator 4.0 or above).
Prior to accessing the switch from a Web browser, be sure you have first performed the following tasks:
1. Configure it with a valid IP address, subnet mask, and default gateway using an out-of-band serial connection or BOOTP protocol.
2. Set a user name and password using an out-of-band serial connection. Access to the Web agent is controlled by the same user name and password as the onboard configuration program.
3-1
Web Interface
Navigating the Web Browser Interface
To access the Web-browser interface you must first enter a user name and password. The administrator has Read/Write access to all configuration parameters and statistics. The default user name for the administrator is “admin,” with the password “switch.”
Home Page
When your Web browser connects with the switch’s Web agent, the home page is displayed as shown below. The home page displays the Main Menu on the left side of the screen and System Information on the right side. The Main Menu links are used to navigate to other menus and display configuration parameters and statistical data.
If this is your first time to access the management agent, you should define a new
Administrator password, record it and put it in a safe place. From the Main Menu, select Security and enter a new password for the Administrator. Note that passwords can consist of up to 11 alphanumeric characters and are not case sensitive.
Note: Based on the default configuration, a user is allowed three attempts to enter the correct password; on the third failed attempt the current connection is terminated.
See “Console Login Configuration” on page 2-17.
3-2
Navigating the Web Browser Interface
Configuration Options
Configurable parameters have a dialog box or a drop-down list. Once a configuration change has been made on a page, be sure to click on the “Apply” button at the bottom of the page to confirm the new setting. The following table summarizes the
Web page configuration buttons.
Button
Apply
Revert
Refresh
Web Page Configuration Buttons
Action
Sets specified values in the SNMP agent.
Cancels specified values prior to pressing the “Apply” button.
Immediately updates values from the SNMP agent.
Notes: 1. To ensure proper screen refresh, be sure that Internet Explorer 5.0 is configured as follows: Under the menu “Tools / Internet Options / General /
Temporary Internet Files / Settings,” the setting for item “Check for newer versions of stored pages” should be “Every visit to the page.”
2. When using Internet Explorer 5.0, you may have to manually refresh the screen after making configuration changes by pressing the browser’s refresh button.
3-3
Web Interface
Panel Display
The Web agent displays an image of the switch’s ports, showing port links and activity. Clicking on the image of a port displays statistics and configuration information for the port. Clicking on the image of the serial port (labeled “Mgmt”) displays the Console Configuration screen. Clicking on any other part of the front
panel displays Switch Information as described on page 3-7.
Port State Display
Click on any port to display a summary or port status as shown below, as well as
Etherlike statistics (page 3-39) and RMON statistics (page 3-40).
Parameter
Type
Admin Status
Link Status
Speed Status
Duplex Status
Flow Control Status
VLAN
Description
Shows port type as 1000BASE-SX
Shows if the port is enabled, or has been disabled due to abnormal behavior
or for security reasons. See “Port Configuration” on page 3-34.
Indicates if the port has a valid connection to an external device.
Indicates the current port speed.
Indicates the port’s current duplex mode.
Shows the flow control type in use. Flow control can eliminate frame loss by
“blocking” traffic from end stations connected directly to the switch.
The VLAN ID assigned to untagged frames received on this port. Use the
PVID (page 3-30) to assign ports to the same untagged VLAN.
3-4
Panel Display
Configuring the Serial Port
If you are having difficulties making an out-of-band console connection to the serial port on the switch, you can display or modify the current settings for the serial port through the Web agent. Click on the serial port icon in the switch image to display or configure these settings, as shown below.
Parameter
Baud Rate
Time-Out
Data Bits
Stop Bits
8 bits
1 bit
Parity None
Auto Refresh
Time
5 second
Default
9600
10 minutes
Description
The rate at which data is sent between devices.
Options : 2400, 4800, 9600, 19200 bps, and Auto detection.
If no input is received from the attached device after this interval, the current session is automatically closed.
Range : 0 - 100 minutes; where 0 indicates disabled
Sets the data bits of the RS-232 port.
Options : 7, 8
Sets the stop bits of the RS-232 port.
Options : 1, 2
Sets the parity of the RS-232 port.
Options : none/odd/even
Sets the interval before a console session will auto refresh the console information, such as Spanning Tree Information, Port
Configuration, Port Statistics, and RMON Statistics.
Range : 0, or 5-255 seconds; where 0 indicates disabled
3-5
Web Interface
Main Menu
Using the onboard Web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network conditions. The interface screen includes the main menu on the left side, the menu bar beneath the image of the switch, and a list of commands beneath the menu bar. The following table briefly describes the selections available from this program.
Function
System
Switch
IP
SNMP
Security
Upgrade
Configure
Description
Provides basic system description, including contact information.
Shows hardware/firmware version numbers and power status of the switch.
Includes boot state, IP address, and Telnet session count.
Configures communities and trap managers; and activates traps.
Sets password for system access.
Downloads new version of firmware to update your system.
Saves the switch configuration to a file on a TFTP server. This file can be later downloaded to restore the configuration
Provides full listing or unicast addresses, sorted by address or VLAN.
Address Table
STA
Bridge Extension
Enables Spanning Tree Algorithm; also sets parameters for switch priority, hello time, maximum message age, and forward delay; as well as port priority and path cost.
Displays/configures extended bridge capabilities provided by this switch, including support for traffic classes, GMRP* multicast filtering, and VLAN extensions.
Priority
VLAN
Configures default port priorities and queue assignments.
Configures VLAN group members, automatic registration with GVRP*, and other port-specific VLAN settings.
Configures IGMP multicast filtering.
IGMP
Port
Mirror
Trunk
Enables any port, sets communication mode to auto-negotiation, full duplex or half duplex, and enables/disables flow control.
Sets the source and target ports for mirroring.
Specifies ports to group into aggregate trunks.
Statistics Displays statistics on network traffic passing through the selected port.
* Not implemented in the current firmware release.
3-6
System Information
System Information
Use the System Information screen to display descriptive information about the switch, or for quick system identification as shown in the following figure and table.
Parameter
System Name 1
IP Address
Object ID
Location 1
2
Description
Name assigned to the switch system.
IP address of the switch you are managing. The switch’s management supports SNMP over UDP/IP transport protocol. In this environment, all systems on the Internet, such as network interconnection devices and any PC accessing the switch must have an IP address. Valid IP addresses consist of four decimal numbers, of 0 to 255, separated by periods. Anything outside of this format will not be accepted by the configuration program.
MIB II object identifier for switch’s network management subsystem.
Specifies the area or location where the system resides.
Contact 1
System Up Time
Contact person for the system.
Length of time the current management software has been running.
1 Maximum string length is 255, but the screen only displays 45 characters. You can use the arrow keys to browse the whole string.
2
The default value is 192.168.10.1
3-7
Web Interface
Switch Information
Use the Switch Information screen to display hardware/firmware version numbers for the switch, as well as the power status of the system.
Main Board
Parameter
Serial Number
Number of Ports
Hardware Version
Firmware Version
POST ROM Version
Internal Power Status
Redundant Power
Status
Description
Serial number of the main board.
Number of ports on the switch.
Hardware version of the main board.
System firmware version in ROM.
Management’s Power-On Self-Test version.
Power status for the switch.
Redundant power status for the switch.
3-8
IP Configuration
IP Configuration
Use the IP Configuration screen to set the bootup option, configure the Ethernet IP address for the switch, or set the number or concurrent Telnet sessions allowed. The screen shown below is described in the following table.
Parameter
IP State
IP Address
Subnet Mask
Gateway IP Address
MAC Address
Maximum Number of
Telnet sessions
Default Description
USER-CONFIG
192.168.10.1
255.255.255.0
0.0.0.0
Specifies whether IP functionality is enabled via manual configuration, or set by Boot Protocol (BootP). Options include:
BOOTP Get IP - IP is enabled but will not function until a BootP reply has been received. BootP requests will be periodically broadcast by the switch in an effort to learn its IP address. (BootP values include the IP address, default gateway, and subnet mask.)
USER-CONFIG - IP functionality is enabled based on the default or user specified IP Configuration. (This is the default setting.)
IP address of the switch you are managing. The switch supports SNMP over UDP/IP transport protocol. In this environment, all systems on the Internet, such as network interconnection devices and any PC accessing the switch are assigned an IP address. Valid IP addresses consist of four decimal numbers, of 0 to 255, separated by periods. Anything outside of this format will not be accepted by the configuration program.
Subnet mask of the switch. This mask identifies the host address bits used for routing to specific subnets.
The gateway that the switch’s agent uses to pass data to the management station. Note that the gateway must be defined if the management station is located in a different IP segment.
4
Physical address of the switch.
Sets the number of concurrent Telnet sessions allowed to access the switch.
3-9
Web Interface
SNMP Configuration
Use the SNMP Configuration screen to display and modify parameters for the
Simple Network Management Protocol (SNMP). The switch includes an SNMP agent which monitors the status of its hardware, as well as the traffic passing through its ports. A computer attached to the network, called a Network
Management Station (NMS), can be used to access this information. Access rights to the switch are controlled by community strings. To communicate with the switch, the NMS must first submit a valid community string for authentication. The options for configuring community strings and related trap functions are described in the following figures and table.
SNMP Community
The following figure and table describe how to configure the community strings authorized for management access. Up to 5 community names may be entered.
Parameter
SNMP Community
Capability
Add/Remove
Community String
Access Mode
Description
Up to 5 community strings may be used.
Add/remove strings from the active list.
A community entry authorized for management access.
(The maximum string length is 19 characters).
Management access is restricted to Read Only or Read/Write.
3-10
Security Configuration
Trap Managers
The following figure and table describe how to specify management stations that will receive authentication failure messages or other trap messages from the switch. Up to 5 trap managers may be entered.
Parameter
Trap Manager Capability
Trap Manager IP Address
Trap Manager Community
String
Add/Remove
Enable Authentication Traps
Description
Up to 5 trap managers may be used.
IP address of the trap manager.
A community authorized to receive trap messages.
Add/remove strings from the active list.
Issues a trap message to specified IP trap managers whenever authentication of an SNMP request fails.
Default: enabled
Security Configuration
Use the Security Configuration screen to restrict management access based on a specified password. The Administrator has write access for parameters governing the switch. You should therefore assign a password to the Administrator as soon as possible, and store it in a safe place. (If for some reason your password is lost, or you cannot gain access to the system’s configuration program, contact Alcatel
Technical Support for assistance.)
Change Password
This password is for the system Administrator, with access privilege of Read/Write for all screens. Passwords can consist of up to 11 alphanumeric characters and are not case sensitive.
(User name: admin; default password: switch)
3-11
Web Interface
Firmware Upgrade Options
You can upgrade system firmware by performing a Web upload or a TFTP download. Note that you can also upgrade by a direct connection to the console port
(see “Upgrading Firmware via the Serial Port” on page A-2).
Web Upload Management
Use the Web Upload Management menu to load software updates into the switch.
The upload file should be an Omnistack ® 8008 binary file from Alcatel; otherwise the switch will not accept it. The success of the upload operation depends on the quality of the network connection. After uploading the new software, the switch will automatically restart itself. Parameters shown on this screen are indicated in the following figure and table.
Parameter
Upload Mode
File Name
Start Web Upload
Description
Uploads to permanent flash ROM.
The Omnistack ® 8008 binary file to download. Use the browse button to locate the file on your local network.
Starts uploading the file over the network.
3-12
Firmware Upgrade Options
TFTP Download Management
Use the TFTP Download Management menu to load software updates into the switch. The download file should be an Omnistack ® 8008 binary file from Alcatel; otherwise the switch will not accept it. The success of the download operation depends on the accessibility of the TFTP server and the quality of the network connection. After downloading the new software, the switch will automatically restart itself. Parameters shown on this screen are indicated in the following figure and table.
Parameter
Server IP Address
Download Mode
File Name
Start TFTP Download
Description
IP address of a TFTP server.
Downloads to permanent flash ROM.
The Omnistack ® 8008 binary file to download.
Issues request to TFTP server to download the specified file.
3-13
Web Interface
Configuration Save and Restore
Use the Configure screen to save the switch configuration settings to a file on a
TFTP server. The file can be later downloaded to the switch to restore the switch’s settings. The success of the operation depends on the accessibility of the TFTP server and the quality of the network connection.
Configuration Upload Management
Use the Configuration Upload Management to save the switch configuration to a file on a TFTP sever. Parameters shown on this screen are indicated in the figure and table.
Parameter
Server IP Address
File Name
Start Configuration
TFTP Upload
Description
IP address of a TFTP server.
The name of the file to contain the switch configuration settings.
Issues a request to upload the configuration settings to the specified file on the TFTP server.
Configuration Download Management
Use the Configuration Download Management to restore switch configuration settings from a file on a TFTP sever. Parameters shown on this screen are indicated in the following figure and table
Parameter
Server IP Address
File Name
Start Configuration
TFTP Download
Description
IP address of a TFTP server.
The name of the file that contains the switch configuration settings you wish to restore.
Issues a request to the TFTP server to download the specified file.
3-14
Address Table Configuration
Address Table Configuration
The Address Table contains the unicast MAC addresses and VLAN identifier associated with each port (that is, the source port associated with the address and
VLAN), sorted by MAC address or VLAN. You can also clear the entire address table, or information associated with a specific address; or set the aging time for deleting inactive entries. The information displayed in the Address Table is indicated in the following figure and table.
Parameter
Aging Time
Description
Time-out period in seconds for aging out dynamically learned forwarding information.
Range: 10 - 415 secs; default: 300 secs.
The number of dynamically learned addresses currently in the table.
Dynamic Address
Counts
Static Address Counts
Address Table
The number of static addresses currently in the table.
All entries, sorted by address or VLAN ID.
Address Table Sort Key The system displays the MAC address of each node and port whose address table includes this MAC address, the associated VLAN(s), and the address status (i.e., dynamic or static).
New Static Address Use these fields to add or remove a static entry to the address table. Indicate the address, port and VLAN group when adding a new entry.
Add/Remove
Clear Table
Adds/removes selected address.
Removes all addresses from the address table.
3-15
Web Interface
STA (Spanning Tree Algorithm)
The Spanning Tree Algorithm can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, STA-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network. For a more detailed description of how to use this algorithm, refer to
“Spanning Tree Algorithm” on page 4-1.
Spanning Tree Information
The Spanning Tree Information screen displays a summary of the STA information for the overall bridge or for a specific port. To make any changes to the parameters for the Spanning Tree, use the STA Configuration and STA Port Configuration screens.
Spanning Tree
The parameters shown in the following figure and table describe the current bridge
STA Information.
Parameter
Spanning Tree State
Bridge ID
Max Age
Hello Time
Forward Delay
Root Port
Designated Root
Root Path Cost
Configuration Changes
Last Topology Change
Description
Shows if the switch is enabled to participate in an STA-compliant network.
A unique identifier for this bridge, consisting of bridge priority plus MAC address (where the address is normally taken from Port 1).
The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure.
The time interval (in seconds) at which the root device transmits a configuration message.
The maximum time (in seconds) the root device will wait before changing states (i.e., listening to learning to forwarding).
The number of the port on this switch that is closest to the root. This switch communicates with the root device through this port. If there is no root port, then this switch has been accepted as the root device of the spanning tree network.
The priority and MAC address of the device in the spanning tree that this switch has accepted as the root device.
The path cost from the root port on this switch to the root device.
The number of times the spanning tree has been reconfigured.
The time since the spanning tree was last reconfigured.
3-16
STA (Spanning Tree Algorithm)
Ports
The parameters shown in the following figure and table are for port STA Information
(Port 1~8).
Parameter
Port Status
Forward Transitions
Designated Cost
Designated Bridge
Designated Port
Description
Displays the current state of this port within the spanning tree:
No Link There is no valid link on the port.
Disabled Port has been disabled by the user or has failed diagnostics.
Blocked Port receives STA configuration messages, but does not forward packets.
Listening Port will leave blocking state due to topology change, starts transmitting configuration messages, but does not yet forward packets.
Learning Has transmitted configuration messages for an interval set by the Forward Delay parameter without receiving contradictory information. Port address table is cleared, and the port begins learning addresses.
Forwarding The port forwards packets, and continues learning addresses.
The rules defining port status are:
• A port on a network segment with no other STA-compliant bridging device is always forwarding.
• If two ports of a switch are connected to the same segment and there is no other STA device attached to this segment, the port with the smaller ID forwards packets and the other is blocked.
• All ports are blocked when the switch is booted, then some of them change state to listening, to learning, and then to forwarding.
The number of times the port has changed status to forwarding state.
The cost for a packet to travel from this port to the root in the current spanning tree configuration. The slower the media, the higher the cost.
The priority and MAC address of the device through which this port must communicate to reach the root of the spanning tree.
The priority and number of the port on the designated bridging device through which this switch must communicate with the root of the spanning tree.
3-17
Web Interface
Spanning Tree Configuration
The following figures and tables describe Bridge STA configuration.
Switch
Parameter
Usage
Priority
Default Description
Enabled Enable this parameter to participate in an
STA-compliant network.
32,768 Device priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STA root device. (Remember that the lower the numeric value, the higher the priority.)
However, if all devices have the same priority, the device with the lowest MAC address will then become the root device.
Range: 0 - 65535
3-18
STA (Spanning Tree Algorithm)
When the Switch Becomes Root
Parameter
Hello Time
Max (Message) Age
Forward Delay
Default Description
2
20
15
The time interval (in seconds) at which the root device transmits a configuration message.
The minimum value is 1.
The maximum value is the lower of
10 or [(Max. Message Age / 2) -1].
The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages at regular intervals. Any port that ages out
STA information (provided in the last configuration message) becomes the designated port for the attached
LAN. If it is a root port, a new root port is selected from among the device ports attached to the network.
The minimum value is the higher of
6 or [2 x (Hello Time + 1)].
The maximum value is the lower of
40 or [2 x (Forward Delay - 1)].
The maximum time (in seconds) the root device will wait before changing states (i.e., listening to learning to forwarding). This delay is required because every device must receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen for conflicting information that would make it return to a blocking state; otherwise, temporary data loops might result.
Maximum value is 30.
Minimum value is the higher of 4 or
[(Max. Message Age / 2) + 1].
3-19
Web Interface
STA Port Configuration
The following figure and table describe STA configuration for ports.
Parameter
Fast forwarding mode
Priority
(Path) Cost
FastForwarding
Default Description
ENABLED Allows you to enable or disable fast forwarding for all ports on the switch.
128
100/19/4
ENABLED
Defines the priority for the use of a port in the STA algorithm. If the path cost for all ports on a switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the spanning tree. Where more than one port is assigned the highest priority, the port with lowest numeric identifier will be enabled.
The range is 0 - 255.
This parameter is used by the STA algorithm to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media.
The default and recommended range is:
Standard Ethernet: 100 (50~600)
Fast Ethernet: 19 (10~60)
Gigabit Ethernet: 4 (3~10)
The full range is 0 - 65535.
Note: Path cost takes precedence over port priority.
This parameter is used to enable/disabled the Fast
Spanning Tree mode for the port. In this mode, ports skip the Blocked, Listening and Learning states and proceed straight to Forwarding.
FastForwarding enables end-node workstations and servers to overcome time-out problems when the
Spanning Tree Algorithm is implemented in a network.
Therefore, FastForwarding should only be enabled for ports that are connected to an end-node device.
3-20
Configuring Bridge MIB Extensions
Configuring Bridge MIB Extensions
The Bridge MIB includes extensions for managed devices that support Traffic
Classes, Multicast Filtering and Virtual LANs. To configure these extensions, use the
Extended Bridge Configuration screen as shown below:
Bridge Capability
Parameter
Extended Multicast
Filtering Services
Traffic Classes
Static Entry Individual
Port
VLAN Learning
Configurable
PVID Tagging
Local VLAN Capable
Description
Indicates that the switch does not support the filtering of individual multicast addresses based on GMRP (GARP Multicast Registration Protocol). Note that this function is not implemented in the current firmware release.
Indicates that the switch provides mapping of user priorities to multiple traffic
classes. (Refer to the Priority menu on page 3-23.)
Indicates that the switch allows the static filtering of unicast and multicast
addresses. (Refer to the Address Table Configuration on page 3-14.)
This switch uses Independent VLAN Learning (IVL), whereby each port maintains its own VLAN filtering database.
Indicates that the switch allows you to override the default PVID setting (Port
VLAN ID used in frame tags) and its egress status (VLAN-Tagged or
Untagged) on each port. (Refer to VLAN Port Configuration on page 3-30.)
This switch does not support multiple local bridges (that is, multiple Spanning
Trees).
3-21
Web Interface
Bridge Settings
Parameter
Traffic Class*
GMRP*
Description
Multiple traffic classes are supported by this switch as indicated under Bridge
Capabilities. However, you can disable this function by clearing this checkbox.
GARP Multicast Registration Protocol (GMRP) allows network devices to register endstations with multicast groups. Note that this function is not implemented in the current firmware release.
The Internet Group Management Protocol (IGMP) is currently used by this switch to provide automatic multicast filtering.
GVRP* GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register necessary VLAN members on ports across the network. This function should be enabled to permit VLAN groups which extend beyond the local switch.
* Not implemented in the current firmware release.
3-22
Priority
Priority
IEEE 802.1p defines up to 8 separate traffic classes. This switch supports Quality of
Service (QoS) by using two priority queues, with weighted fair queuing for each port.
You can use the Priority menu to configure the default priority for each port, or to display the mapping for the traffic classes as described in the following sections.
Port Priority Configuration
The default priority for all ingress ports is zero. Therefore, any inbound frames that do not have priority tags will be placed in the low priority output queue. Default priority is only used to determine the output queue for the current port; no priority tag is actually added to the frame. You can use the Port Priority Configuration screen to adjust default priority for any port as shown below:
Parameter
Port
Default Ingress
User Priority
Number of Egress
Traffic Classes
Description
Numeric identifier for switch port.
Default priority can be set to any value from 0~7, where 0~3 specifies the low priority queue and 4~7 specifies the high priority queue.
Indicates that this switch supports two priority output queues.
3-23
Web Interface
Port Traffic Class Information
This switch provides two priority levels with weighted fair queuing for port egress.
This means that any frames with a default or user priority from 0~3 are sent to the low priority queue “0” while those from 4~7 are sent to the high priority queue “1” as shown in the following screen:
Parameter
Port
User Priority
Description
Numeric identifier for switch port.
Shows that user priorities 0~3 specify the low priority queue and 4~7 specify the high priority queue.
3-24
Configuring Virtual LANs
Configuring Virtual LANs
You can use the VLAN configuration menu to assign any port on the switch to any of up to 256 VLAN groups. In conventional networks with routers, broadcast traffic is split up into separate domains. Switches do not inherently support broadcast domains. This can lead to broadcast storms in large networks that handle a lot of
IPX and NetBEUI traffic. By using IEEE 802.1Q compliant VLANs and GARP VLAN
Registration Protocol, you can organize any group of network nodes into separate broadcast domains, confining broadcast traffic to the originating group. This also provides a more secure and cleaner network environment. For more information on
how to use VLANs, see “Virtual LANs” on page 4-2. The VLAN configuration
screens are described in the following sections.
VLAN Basic Information
The VLAN Basic Information screen displays basic information on the VLAN type supported by this switch.
Parameter
VLAN Version Number
Maximum VLAN ID
Maximum Number of
Supported VLANs
Current Number of
802.1Q VLANs
Configured
Description
The VLAN version used by this switch as specified in the IEEE 802.1Q standard.
Maximum VLAN ID recognized by this switch.
Maximum number of VLANs that can be configured on this switch.
The number of VLANs currently configured on this switch.
Note: All ports are assigned only to VLAN 1 by default.
3-25
Web Interface
VLAN Current Table
This screen shows the current port members of each VLAN and whether or not the port supports VLAN tagging. Ports assigned to a large VLAN group that crosses several switches should use VLAN tagging. However, if you just want to create a small port-based VLAN for one or two switches, you can assign ports to the same
untagged VLAN see “VLAN Port Configuration” on page 3-30. The current
configuration is shown in the following screen.
Parameter
VLAN Entry Delete
Count
VLAN ID
Up Time at Creation
Status
Egress Ports
Untagged Ports
Description
The number of times a VLAN entry has been deleted from this table.
The ID for the VLAN currently displayed.
The value of sysUpTime (System Up Time) when this VLAN was created.
Shows how this VLAN was added to the switch:
Dynamic GVRP: Automatically learned via GVRP.
Permanent: Added as a static entry.
Shows the ports which have been added to the displayed VLAN group.
Shows the untagged VLAN port members.
3-26
VLAN Static List
Use this screen to create or remove VLAN groups.
Configuring Virtual LANs
Parameter
Current
New
Status
Add
Remove
Description
Lists all the current VLAN groups created for this system. Up to 256 VLAN groups can be defined. To allow this switch to participate in external VLAN groups, you must use the VLAN ID for the concerned external groups.
Allows you to specify the name and numeric identifier for a new VLAN group.
(The VLAN name is only used for management on this system; it is not added to the VLAN tag.)
Enables/disables the specified VLAN.
Adds a new VLAN group to the current list.
Removes a VLAN group from the current list. If any port is assigned to this group as untagged, it will be reassigned to VLAN group 1 as untagged.
Note: No VLANs are statically configured by default.
VLAN Static Table
Use this screen to modify the settings for an existing VLAN. You can add/delete port members for a VLAN, disable or enable VLAN tagging for any port, or prevent a port from being automatically added to a VLAN via the GVRP protocol. (Note that
VLAN 1 is fixed as an untagged VLAN containing all ports on the switch, and cannot be modified via this screen.)
Parameter
VLAN
Name
Status
Description
The ID for the VLAN currently displayed.
Range: 1-2048
A user-specified symbolic name for this VLAN.
String length: 8 alphanumeric characters
Enables/disables the specified VLAN.
3-27
Web Interface
Use the screens shown below to assign ports to the specified VLAN group as an
IEEE 802.1Q tagged port. Assign ports as tagged if they are connected to 802.1Q
VLAN compliant devices. If the port is connected to VLAN-unaware devices, frames will be passed to the untagged VLAN group to which this port has been assigned
under the VLAN Port Configuration screen (page 3-30).
Parameter
Egress Ports
Forbidden Egress Ports
Untagged Ports
Description
Adds ports to the specified VLAN.
Prevents a port from being automatically added to this VLAN via GVRP.
Adds untagged ports to the specified VLAN.
3-28
Configuring Virtual LANs
VLAN Static Membership by Port
Use the screen shown below to assign VLAN groups to the selected port. To perform
detailed port configuration for a specific VLAN, use the VLAN Static Table (page
Parameter
Port Number
Add/Remove
Description
Port number on the switch selected from the upper display panel.
Add or remove selected VLAN groups for the port indicated in the Port
Number field.
3-29
Web Interface
VLAN Port Configuration
Use this screen to configure port-specific settings for IEEE 802.1Q VLAN features.
Parameter
PVID
Acceptable Frame
Type
1
Ingress Filtering
1
Description
The VLAN ID assigned to untagged frames received on this port. Use the
PVID to assign ports to the same untagged VLAN.
This switch accepts “All” frame types, including VLAN tagged or VLAN untagged frames. Note that all VLAN untagged frames received on this port are assigned to the PVID for this port.
If set to “True,” incoming frames for VLANs which do not include this port in their member set will be discarded at the inbound port.
GVRP Status
2
Enables or disables GVRP for this port. When disabled, any GVRP packets received on this port will be discarded and no GVRP registrations will be propagated from other ports.
Note that, before this port setting takes effect, GVRP must be enabled for the
switch (see Configuring Bridge MIB Extensions on page 3-21).
The total number of failed GVRP registrations, for any reason, on this port. GVRP Failed
Registrations 2
GVRP PDU Origin 2
The Source MAC Address of the last GVRP message received on this port.
1. This control does not affect VLAN independent BPDU frames, such as GVRP or STP. However, it does affect VLAN dependent BPDU frames, such as GMRP.
2. GVRP is not available for the current firmware release.
3-30
IGMP Multicast Filtering
IGMP Multicast Filtering
Multicasting is used to support real-time applications such as video conferencing or streaming audio. A multicast server does not have to establish a separate connection with each client. It merely broadcasts its service to the network, and any hosts that want to receive the multicast register with their local multicast switch/ router. Although this approach reduces the network overhead required by a multicast server, the broadcast traffic must be carefully pruned at every multicast switch/router it passes through to ensure that traffic is only passed on to the hosts that subscribed to this service.
This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts who want to receive a specific multicast service. The switch looks up the IP Multicast Group used for this service and adds any port which received a similar request to that group. It then propagates the service request on to any neighboring multicast switch/router to ensure that it will continue to receive the multicast service. (For more information, see “IP Multicast Filtering” in the Users
Guide.)
Configuring IGMP
This protocol allows a host to inform its local switch/router that it wants to receive transmissions addressed to a specific multicast address group. Use the IGMP
Configuration screen to set key parameters for multicast filtering as shown below.
Parameter
IGMP Status
IGMP Query Count
IGMP Report Delay
Description
If enabled, the switch will monitor network traffic to determine which hosts want to receive multicast traffic.
The maximum number of queries issued for which there has been no response before the switch takes action to solicit reports.
The time (in seconds) between receiving an IGMP Report for an IP multicast address on a port before the switch sends an IGMP Query out that port and removes the entry from its list.
Note: The default values are indicated in the sample screen.
3-31
Web Interface
IP Multicast Registration Table
Use the IP Multicast Registration Table to display all the multicast groups active on this switch, including multicast IP addresses and the corresponding VLAN ID.
Parameter Description
VLAN ID
Multicast IP Address
VLAN ID assigned to this multicast group.
IP address for specific multicast services.
Learned by Indicates the manner in which this address was learned: dynamic or IGMP.
Multicast Group Port List The switch ports registered for the indicated multicast service.
3-32
Port Menus
Port Menus
Port Information
The Port Information screen displays the port status, link state, the communication speed and duplex mode, as well as the flow control in use. To change any of the port settings, use the Port Configuration menu. The parameters shown in the following figure and table are for the RJ-45 ports.
Parameter
Admin Status
Link Status
Speed Status
Duplex Status
Flow Control Status
Description
Shows if the port is enabled or not.
Indicates if the port has a valid connection to an external device.
Shows the port speed (1000M).
Displays the current duplex mode.
Shows the flow control type in use. Flow control can eliminate frame loss by
“blocking” traffic from end stations connected directly to the switch. Back pressure is used for half duplex and IEEE 802.3x for full duplex.
Note: The port information displayed is not valid if the link status is down.
3-33
Web Interface
Port Configuration
Use the Port Configuration menus to configure any port on the switch.
Parameter
Flow Control Mode
Admin Status
Duplex Status
Flow Control status
Default Description
DISABLED Allows you to enable or disable flow control for all ports on the switch.
Enable Allows you to disable a port due to abnormal behavior
(e.g., excessive collisions), and then re-enable it after the problem has been resolved. You may also disable a port for security reasons.
Auto-Negotiation Used to set the current port duplex mode or auto-negotiation. The default is auto-negotiation.
Disabled Used to enable or disable flow control. Flow control can eliminate frame loss by “blocking” traffic from end stations or segments connected directly to the switch when its buffers fill. Back pressure is used for half duplex and IEEE 802.3x for full duplex. Note that flow control should not be used if a port is connected to a hub.
3-34
Port Menus
Port Broadcast Storm Protect Configuration
Use the Port Broadcast Storm Protect Configuration screen to configure broadcast storm control for any port on the switch
Parameter
Broadcast Storm
Protect Mode
Protect Status
Default
Enabled
Enabled
Threshold 500
Description
Allows you to enable/disable broadcast storm control for all ports on the switch.
Enables/disables broadcast control for the port. When enabled, the switch will employ a broadcast-control mechanism if the packet-per-second threshold is exceeded.
This mechanism limits the amount of broadcasts passed by the port to half of the received packet-per-second count. The control mechanism remains in effect until the number of received broadcasts falls back below the packet-per-second threshold.
The packet-per-second threshold for broadcast packets on the port.
3-35
Web Interface
Port Security Configuration
Use the Port Security Configuration screen to enable and configure port security for the switch. Port Security allows you to configure each port with a list of MAC addresses of devices that are authorized to access the network through that port.
Parameter
Port Number
Status
MAC Address List
New Address
Add
Remove
Clear All
Description
The port number on the unit.
Port security can be set to three states; Static, Disable, or Learning. When set to Static, the switch will drop packets from the port if the source MAC address does not match one of the addresses in the MAC Address list. If set to Learning, the switch will add the source MAC address of all packets received on the port to the authorized MAC Address list.
A list of the authorized MAC addresses that can access the network through the specified port.
A specific MAC address to be added to the list.
Adds a new specified MAC address to the current list.
Removes a MAC address from the current list.
Clears all the MAC addresses for the current port.
3-36
Using a Port Mirror for Analysis
Using a Port Mirror for Analysis
You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a network sniffer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. When mirroring port traffic, note that the target port must be configured in the same VLAN and be
operating at the same duplex mode as the source port (see VLAN Static List on page
You can use the port mirror configuration screen to designate a single port pair for mirroring as shown below:
Parameter
Status
Mirror Source Port
Mirror Target Port
Description
Enables/disables port mirroring.
The port whose traffic will be monitored.
The port that will duplicate or “mirror” all the traffic happening on the monitored port.
Port Trunk Configuration
Port trunks can be used to increase the bandwidth of a network connection or to ensure fault recovery. You can configure up four trunk connections (combining 2~4 ports into a fat pipe) between any two Omnistack ® 8008 switches. However, before making any physical connections between devices, use the Trunk Configuration menu to specify the trunk on the devices at both ends. When using a port trunk, note that:
• Ports can only be assigned to one trunk.
• The ports at both ends of a connection must be configured as trunk ports.
• The ports at both ends of a trunk must be configured in an identical manner, including duplex mode and VLAN assignments.
• None of the ports in a trunk can be configured as a mirror source port or mirror target port.
• All the ports in a trunk have to be treated as a whole when moved from/to, added or deleted from a VLAN.
• The Spanning Tree Algorithm will treat all the ports in a trunk as a whole.
• Enable the trunk prior to connecting any cable between the switches to avoid creating a loop.
• Disconnect all trunk port cables or disable the trunk ports before removing a port trunk to avoid creating a loop.
3-37
Web Interface
Use the Port Trunking Configuration screen to set up port trunks as shown below.
Remember that you must “Enable” a new configuration before it will take effect.
Parameter
Trunk Number
Port
Description
A unique identifier for this trunk. You can configure up to four trunks per switch.
The port members of this trunk. Select from 2~4 ports per trunk.
3-38
Port Statistics
Port Statistics
Use the Port Statistics menu to display Etherlike or RMON statistics for any port on the switch. Select the required port. The statistics displayed are indicated in the following figure and table.
Etherlike Statistics
Etherlike Statistics display key statistics from the Ethernet-like MIB for each port.
Error statistics on the traffic passing through each port are displayed. This information can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). Values displayed have been accumulated since the last system reboot.
Parameter
Alignment Errors
Description
The number of frames received that are not an integral number of octets in length and do not pass the FCS check.
FCS Errors The number of frames received that are an integral number of octets in length but do not pass the FCS check.
Single Collision Frames* The number of successfully transmitted frames for which transmission is inhibited by exactly one collision.
Multiple Collision Frames* A count of successfully transmitted frames for which transmission is inhibited by more that one collision.
SQE Test Errors* A count of times that the SQE TEST ERROR message is generated by the PLS sublayer.
Deferred Transmissions* A count of frames for which the first transmission attempt on a particular interface is delayed because the medium was busy.
Late Collisions
Excessive Collisions*
Internal Mac Transmit
Errors*
Carrier Sense Errors*
The number of times that a collision is detected later than 512 bit-times into the transmission of a packet.
The number of frames for which transmission failed due to excessive collisions.
The number of frames for which transmission failed due to an internal MAC sublayer transmit error.
The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame.
Frames Too Long
Internal Mac Receive
Errors
The number of frames received that exceed the maximum permitted frame size.
The number of frames for which reception failed due to an internal MAC sublayer receive error.
* The reported values will always be zero because these statistics are not supported by the internal chip set.
3-39
Web Interface
RMON Statistics
RMON Statistics display key statistics for each port from RMON group 1. (RMON groups 2, 3 and 9 can only be accessed using SNMP management software.) The following screen displays overall statistics on traffic passing through each port.
RMON statistics provide access to a broad range of statistics, including a total count of different frame types passing through each port. Values displayed have been accumulated since the last system reboot.
Parameter
Drop Events
Received Bytes
Received Frames
Broadcast Frames
Multicast Frames
CRC/Alignment Errors
Undersize Frames
Oversize Frames
Fragments
Jabbers
Collisions
Description
The total number of events in which packets were dropped due to lack of resources.
Total number of bytes of data received on the network. This statistic can be used as a reasonable indication of Ethernet utilization.
The total number of frames (bad, broadcast and multicast) received.
The total number of good frames received that were directed to the broadcast address. Note that this does not include multicast packets.
The total number of good frames received that were directed to this multicast address.
The number of frames received with CRC/alignment errors (FCS or alignment errors).
The total number of frames received that were less than 64 octets long
(excluding framing bits, but including FCS octets) and were otherwise well formed.
The total number of frames received that were longer than 1518 octets
(excluding framing bits, but including FCS octets) and were otherwise well formed.
The total number of frames received that were less than 64 octets in length
(excluding framing bits, but including FCS octets) and had either an FCS or alignment error.
The total number of frames received that were longer than 1518 octets
(excluding framing bits, but including FCS octets), and had either an FCS or alignment error.
The best estimate of the total number of collisions on this Ethernet segment.
3-40
Port Statistics
Parameter
64 Byte Frames
65-127 Byte Frames
128-255 Byte Frames
Description
The total number of frames (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
The total number of frames (including bad packets) received and transmitted that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
The total number of packets (including bad packets) received and transmitted that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
256-511 Byte Frames
512-1023 Byte Frames
The total number of packets (including bad packets) received and transmitted that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
The total number of packets (including bad packets) received and transmitted that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).
1024-1518 Byte Frames The total number of packets (including bad packets) received and transmitted that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets).
3-41
Web Interface
3-42
Chapter 4: Advanced Topics
The Alcatel OmniStack ® 8008 supports Layer 2 switching and other advanced features, which are described in this chapter.
Layer 2 Switching
When a frame enters a port, its destination MAC address is checked in the address database to see which port leads to this destination. If the destination address belongs to the incoming port, the frame is dropped or “filtered” because it is addressed to the local segment. If the destination address is found on another port, the frame is forwarded to that port and queued for output. But, if the destination address is not found in the address database, the frame is sent to one or more output ports based on the rules for handling tagged or untagged VLAN frames.
If the source MAC address of the frame was not found in the address database, it is recorded along with the incoming port number where it entered the switch. This information is then used to make later decisions for frame forwarding.
Switching involves the following steps:
• VLAN Classification
• Learning
• Filtering
• Forwarding
• Aging
Spanning Tree Algorithm
The Spanning Tree Algorithm (that is, the STA configuration algorithm as outlined in
IEEE 802.1D) can be used to detect and disable network loops, and to provide link backup. This allows the switch to interact with other bridging devices (including
STA-compliant switches, bridges or routers) in your network to ensure that only one route exists between any two stations on the network. If redundant paths or loops are detected, one or more ports are put into a blocking state (stopped from forwarding packets) to eliminate the extra paths. Moreover, if one or more of the paths in a stable spanning tree topology fail, this algorithm will automatically change ports from blocking state to forwarding state to reestablish contact with all network stations.
The STA uses a distributed algorithm to select a bridging device (STA-compliant switch, bridge or router) that serves as the root of the spanning tree network. It selects a root port on each bridging device (except for the root device) which incurs the lowest path cost when forwarding a packet from that device to the root device.
Then it selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device. All ports connected to designated bridging devices are assigned as designated ports. After determining the lowest cost spanning tree, it enables all root ports and designated ports, and disables all other ports. Network packets are therefore only forwarded between root ports and designated ports, eliminating any possible network loops.
4-1
Advanced Topics
Once a stable network topology has been established, all bridges listen for Hello
BPDUs (Bridge Protocol Data Units) transmitted from the Root Bridge. If a bridge does not get a Hello BPDU after a predefined interval (Maximum Age), the bridge assumes that the link to the Root Bridge is down. This bridge will then initiate negotiations with other bridges to reconfigure the network to reestablish a valid network topology.
The following figure gives an illustration of how the Spanning Tree Algorithm assigns bridging device ports.
Virtual LANs
Switches do not inherently support broadcast domains, which can lead to broadcast storms in large networks that handle a lot of IPX or NetBEUI traffic. In conventional networks with routers, broadcast traffic is split up into physically separate domains to confine broadcast traffic to the originating group and provide a much cleaner network environment. This switch creates segregated broadcast domains based on easily configurable VLANs, these VLANs are then linked, as required, using a router or
Layer 3 switch.
An IEEE 802.1Q VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same physical segment.
VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs can be easily organized to reflect departmental groups (such as Marketing or R&D), usage groups
(such as e-mail), or multicast groups (used for multimedia applications such as video conferencing).
VLANs provide greater network efficiency by reducing broadcast traffic, but also allow you to make network changes without having to update IP addresses or IP subnets. VLANs inherently provide a high level of network security, since traffic must pass through a Layer 3 switch or a router to reach a different VLAN.
4-2
Virtual LANs
This switch supports the following VLAN features:
• Up to 256 VLANs can be configured based on the IEEE 802.1Q standard
• Distributed VLAN learning across multiple switches using explicit or implicit tagging and GVRP protocol
• Port overlapping, allowing a port to participate in multiple VLANs
• End stations can belong to multiple VLANs
• Passing traffic between VLAN-aware and VLAN-unaware devices
• Priority tagging
• Port trunking with VLANs
Assigning Ports to VLANs
Before enabling VLANs for the switch, you must first assign each port to the VLAN group(s) it will participate in. (By default all ports are assigned to VLAN 1 as untagged ports.) Add a port as a tagged port (that is, a port attached to a
VLAN-aware device) if you want it to carry traffic for one or more VLANs and the device at the other end of the link also supports VLANs. Then assign the port at the other end of the link to the same VLAN(s). However, if you want a port on this switch to participate in one or more VLANs, but the device at the other end of the link does not support VLANs, then you must add this port as an untagged port (that is, a port attached to a VLAN-unaware device).
Port-based VLANs are tied to specific ports. The switch’s forwarding decision is based on the destination MAC address and its associated port. Therefore, to make valid forwarding and flooding decisions, the switch learns the relationship of the
MAC address to its related port—and thus to the VLAN—at run-time. When the switch receives a frame, it assigns the frame to the port’s default VLAN if the frame is untagged (determined by the PVID of the receiving port), or maps it for output to the broadcast domain associated with the frame’s VLAN tag.
Port Overlapping
Port overlapping can be used to allow access to commonly shared network resources among different VLAN groups, such as file servers or printers. Note that if you implement VLANs which do not overlap, but still need to communicate, you can connect them using a router or Layer 3 switch.
Automatic VLAN Registration (GVRP)
GVRP defines a system whereby the switch can automatically learn the VLANs each endstation should be assigned to. If an endstation (or its network adapter) supports the IEEE 802.1Q VLAN protocol, it can be configured to broadcast a message to your network indicating the VLAN groups it wants to join. When this switch receives these messages, it will automatically place the receiving port in the specified VLANs, and then forward the message to all other ports. When the message arrives at another switch that supports GVRP, it will also place the receiving port in the specified VLANs, and pass the message on to all other ports.
VLAN requirements are propagated in this way throughout the network.
4-3
Advanced Topics
This allows GVRP-compliant devices to be automatically configured for VLAN groups based solely on endstation requests.
Forwarding Traffic with Unknown VLAN Tags
This switch only supports 256 VLANs with VLAN IDs ranging from 1 to 2048, but the
IEEE 802.1Q VLAN standard allows for VLAN IDs from 1 to 4094. Therefore, if this switch is attached to endstations that issue VLAN registration requests, it will have to forward unknown VLAN tags. This traffic can only be propagated to the rest of the network if automatic VLAN registration is enabled on your switch.
Forwarding Tagged/Untagged Frames
Ports can be assigned to multiple tagged or untagged VLANs. Each port on the switch is therefore capable of passing tagged or untagged frames. To forward a frame from a VLAN-aware device to a VLAN-unaware device, the switch first decides where to forward the frame, and then strips off the VLAN tag. However, to forward a frame from a VLAN-unaware device to a VLAN-aware device, the switch first decides where to forward the frame, and then inserts a VLAN tag reflecting this port’s default VID. The default PVID is VLAN 1 for all ports, but this can be changed
Connecting VLAN Groups
The switch supports intra-VLAN communication using wire-speed switching.
However, if you have devices in separate VLANs that must communicate, and it is not practical to include these devices in a common VLAN, then the VLANs can be connected via a Layer 3 switch or router.
4-4
Multicast Filtering
Multicast Filtering
Multicasting sends data to a group of nodes instead of a single destination. The simplest way to implement multicasting is to broadcast data to all nodes on the network. However, such an approach wastes a lot of bandwidth if the target group is small compared to overall the broadcast domain.
Since applications such as video conferencing and data sharing are more widely used today, efficient multicasting has become vital. A common approach is to use a group registration protocol that lets nodes join or leave multicast groups. A switch or router can then easily determine which ports contain group members and send data out to those ports only. This procedure is called multicast filtering.
The purpose of multicast filtering is to optimize a switched network’s performance, so multicast packets will only be forwarded to those ports containing multicast group hosts or multicast routers/switches instead of flooding to all ports in the subnet
(VLAN). The OmniStack ® 8008 supports multicast filtering by passively monitoring
IGMP Query and Report messages.
IGMP Snooping
A Layer 2 switch can passively snoop on IGMP Query and Report packets transferred between IP Multicast Routers/Switches and IP Multicast host groups to learn the IP Multicast group members. It simply monitors the IGMP packets passing through it, picks out the group registration information, and configures multicast filters accordingly. IGMP Snooping generates no additional network traffic, allowing you to significantly reduce the multicast traffic passing through your switch.
IGMP Protocol
The Internet Group Management Protocol (IGMP) runs between hosts and their immediately neighboring multicast router/switch. IGMP is a multicast host registration protocol that allows any host to inform its local router that it wants to receive transmissions addressed to a specific multicast group.
A router, or multicast-enabled switch, can periodically ask its hosts if they want to receive multicast traffic. If there is more than one router/switch on the LAN performing IP multicasting, one of these devices is elected “querier” and assumes the responsibility of querying the LAN for group members.
Based on the group membership information learned from IGMP, a router/switch can determine which (if any) multicast traffic needs to be forwarded to each of its ports.
At Layer 3, multicast routers use this information, along with a multicast routing protocol such as DVMRP, to support IP multicasting across the Internet.
Note that IGMP neither alters nor routes any IP multicast packets. A multicast router/ switch must be used to deliver IP multicast packets across different subnetworks.
4-5
Advanced Topics
Class-of-Service (CoS) Support
The OmniStack ® 8008 provides two transmit queues on each port, with a Weighted
Fair Queuing scheme. This function can be used to provide independent priorities for various types of data such as real-time video or voice, and best-effort data.
Priority assignment to a packet in the OmniStack ® 8008 can be accomplished in any of the following ways:
• Priority can be explicitly assigned by end stations which have applications that require a higher priority than best-effort. This switch utilizes the IEEE 802.1p and
802.1Q tag structure to decide priority assignments for the received packets.
• A port may be manually configured as high priority. In this case, when any other port receives traffic from a high-priority port, that traffic is automatically placed in the high-priority output queue.
Port Trunks
Ports can be combined into an aggregate link to increase the bandwidth of a network connection or ensure fault recovery. You can group ports into trunks that consist of two, three or four ports, creating an aggregate bandwidth of up to 8 Gbps. Besides balancing the load across each port in the trunk, the additional ports provide redundancy by taking over the load if another port in the trunk should fail.
When using port trunks, remember that:
• Before removing a port trunk via the configuration menu, you must disable all the ports in the trunk or remove all the network cables. Otherwise, a loop may be created.
• To disable a single link within a port trunk, you should first remove the network cable, and then disable both ends of the link via the configuration menu. This allows the traffic passing across that link to be automatically distributed to the other links in the trunk, without losing any significant amount of traffic.
SNMP Management Software
SNMP (Simple Network Management Protocol) is a communication protocol designed specifically for managing devices or other elements on a network. Network equipment commonly managed with SNMP includes hubs, switches, bridges, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as monitor them to evaluate performance and detect potential problems.
4-6
Remote Monitoring
Remote Monitoring
Remote Monitoring (RMON) provides a cost-effective way to monitor large networks by placing embedded or external probes on distributed network equipment (hubs, switches or routers). Network management software can access the probes embedded in recent Alcatel network products to perform traffic analysis, troubleshoot network problems, evaluate historical trends, or implement proactive management policies. RMON has already become a valuable tool for network managers faced with a quickly changing network landscape that contains dozens or hundreds of separate segments. RMON is the only way to retain control of the network and analyze applications running at multi-megabit speeds. It provides the tools you need to implement either reactive or proactive policies that can keep your network running based on real-time access to key statistical information.
This switch provides support for basic RMON which contains the four key groups required for basic remote monitoring. These groups include:
Statistics: Includes all the tools needed to monitor your network for common errors and overall traffic rates. Information is provided on bandwidth utilization, peak utilization, packet types, errors and collisions, as well as the distribution of packet sizes.
History: Can be used to create a record of network utilization, packet types, errors and collisions. You need a historical record of activity to be able to track down intermittent problems. Historical data can also be used to establish normal baseline activity, which may reveal problems associated with high traffic levels, broadcast storms, or other unusual events. Historical information can also be used to predict network growth and plan for expansion before your network becomes too overloaded.
Alarms: Can be set to test data over any specified time interval, and can monitor absolute or changing values (such as a statistical counter reaching a specific value, or a statistic changing by a certain amount over the set interval). Alarms can be set to respond to either rising or falling thresholds.
Events: Defines the action to take when an alarm is triggered. The response to an alarm can include recording the alarm in the Log Table or sending a message to a trap manager. Note that the Alarm and Event Groups are used together to record important events or immediately respond to critical network problems.
4-7
Advanced Topics
4-8
Appendix A: Troubleshooting
Troubleshooting Chart
Symptom
Cannot connect using
Telnet, Web browser, or
SNMP software
Cannot access the on-board configuration program via a serial port connection
Forgot or lost the password
Troubleshooting Chart
Action
• Be sure you have configured the agent with a valid IP address, subnet mask and default gateway.
• Check that you have a valid network connection to the switch and that the port you are using has not been disabled.
• Check network cabling between the management station and the switch.
• If you cannot connect using Telnet, there may already be another active session. Try connecting again at a later time.
• Be sure you have set the terminal emulator program to VT100 compatible, 8 data bits, 1 stop bit, no parity, and 9600 bps.
• Check that the null-modem serial cable conforms to the pin-out connections provided in Appendix B.
• Contact Alcatel’s technical support for help.
A-1
Troubleshooting
Upgrading Firmware via the Serial Port
You can upgrade system firmware by connecting your computer to the serial port on the switch, and using a console interface package that supports the XModem
protocol. (See “Required Connections” on page 1-1.)
1. Restart the system by using the Restart System command; or by pulling out the power cord to reset the power, waiting five seconds, and plugging it back in.
2. When the system initialization screen appears as shown below, press “D” to download system firmware, and then indicate the code type (<1> Runtime image or <2> POST image).
Alcatel OmniStack 8008
Alcatel OmniStack - Copyright (c), 2000 Alcatel and its licensors.
All rights reserved. OmniStack is a trademark of Alcatel registered in the United States Patent and Trademark Office.
LOADER Version V1.02
POST Version V1.04
------ Performing the Power-On Self Test (POST) ------
EPROM Checksum Test ....................... PASS
Testing the System SDRAM .................. PASS
CPU Self Test ............................. PASS
EEPROM Checksum Test ...................... PASS
MAC Address .............. 00-00-11-11-43-21
------------ Power-On Self Test Completed ------------
(D)ownload System Image or (S)tart Application: [S]
Select the Firmware Type to Download (1)Runtime (2)POST [1]: 1
Your Selection: Runtime Code
Change Baud Rate to 115200 and Press <ENTER> to Download.
3. Change your baud rate to 115200 bps, and press Enter to enable download.
From the terminal emulation program, select the file you want to download, set the protocol to XModem, and then initialize downloading.
Notes: 1. If you use Windows HyperTerminal, disconnect , set the baud rate, and reconnect .
2. The download file must be the correct binary file for the switch; otherwise the agent will not accept it.
4. After the file has been downloaded, the console screen will display information similar to that shown below. Press Enter to download to permanent memory, change the baudrate back to 9600, press Enter to start decompressing the new firmware, and then press Enter to open the Logon screen.
XModem Download to DRAM buffer area 0x00200000: ............ SUCCESS !
Verifying image in DRAM download buffer 0x00200000... SUCCESS !
Update FlashROM Image at 0x02880000 ... SUCCESS !
(D)ownload another Image or (S)tart Application: [S]
Change Baud Rate to 9600 and Press <ENTER>.
A-2
Upgrading Firmware via the Serial Port
For details on managing the switch, refer to Chapter 2 for information on the out-of-band console interface, or Chapter 3 for information on the Web interface.
A-3
Troubleshooting
A-4
Appendix B: Pin Assignments
AB
CC
CA
CB
CE
CF
BB
BA
CD
Console Port Pin Assignments
The DB-9 serial port on the switch’s rear panel is used to connect to the switch for out-of-band console configuration. The on-board menu-driven configuration program can be accessed from a terminal or from a PC running a terminal emulation program. The pin assignments used to connect to the serial port are provided in the following tables.
DB-9 Port Pin Assignments
EIA
Circuit
CCITT
Signal
Description
102
107
105
106
125
109
104
DCD (Data Carrier Detected)
RxD (Received Data)
103 TxD (Transmitted Data)
108.2
DTR (Data Terminal Ready)
SG (Signal Ground)
DSR (Data Set Ready)
RTS (Request-to-Send)
CTS (Clear-to-Send)
RI (Ring Indicator)
7
8
9
5
6
3
4
1
2
Switch’s
DB9 DTE
Pin #
7
8
9
5
6
3
4
1
2
PC DB9
DTE
Pin #
Signal
Direction
DTE-DCE
<------
<------
------>
------>
-------
<------
------>
<------
<------
Console Port to 9-Pin COM Port on PC
Switch’s 9-Pin Serial
Port
1 DCD
2 RXD
3 TXD
4 DTR
5 SGND
6 DSR
7 RTS
8 CTS
9 RI
CCITT Signal
-----------DCD ------------
<---------TXD ------------
-----------RXD ---------->
-----------DSR ---------->
-----------SGND ----------
-----------DTR ------------
-----------CTS ----------->
<---------RTS -------------
-----------RI ---------------
4
8
6
5
7
9
1
3
2
PC’s 9-Pin COM
Port
B-1
Pin Assignments
Console Port to 25-Pin DTE Port on PC
Switch’s 9-Pin Serial
Port
1 DCD
2 RXD
3 TXD
4 DTR
5 SGND
6 DSR
7 RTS
8 CTS
9 RI
7
9
5
6
20
3
4
1
2
Null Modem
20
7
4
5
6
2
8
1
3
PC’s 25-Pin DTE
Port
8 DCD
3 TXD
2 RXD
20 DTR
7 SGND
6 DSR
4 RTS
5 CTS
22 RI
B-2
Glossary
Bandwidth Utilization
The percentage of packets received over time as compared to overall bandwidth.
BOOTP
Boot protocol used to load the operating system for devices connected to the network.
GARP VLAN Registration Protocol (GVRP)
Defines a way for switches to exchange VLAN information in order to register necessary VLAN members on ports along the Spanning Tree so that VLANs defined in each switch can work automatically over a Spanning Tree network.
Generic Attribute Registration Protocol (GARP)
GARP is a protocol that can be used by endstations and switches to register and propagate multicast group membership information in a switched environment such that multicast data frames are propagated only to those parts of a switched LAN containing registered endstations. (Formerly called Group Address Registration
Protocol.)
Group Address Registration Protocol
See Generic Attribute Registration Protocol.
Internet Control Message Protocol (ICMP)
An integral part of the Internet Protocol (IP) that handles error and control messages. ICMP also includes an echo request /reply used to test whether a destination is reachable and responding.
IEEE 802.1D
Specifies a general method for the operation of MAC bridges, including the
Spanning Tree Protocol.
IEEE 802.1Q
VLAN Tagging defines Ethernet frame tags which carry VLAN information. It allows switches to assign end-stations to different virtual LANs, and defines a standard way for VLANs to communicate across switched networks.
IEEE 802.3ac
Defines frame extensions for VLAN tagging.
In-Band Management
Management of the network from a station that is attached to the network.
Glossary-1
Glossary
Link Aggregation
See Port Trunk.
MIB
An acronym for Management Information Base. It is a set of database objects that contains information about the device. It defines variables needed by the SNMP protocol to monitor and control components in a network.
Out-of-Band Management
Management of the network from a station that is not attached to the network.
Port Mirroring
A method whereby data on a target port is mirrored to an analysis port for troubleshooting with a network sniffer or RMON probe. This allows data on the target port to be studied unobtrusively.
Port Trunk
Defines network link aggregation and trunking standards which specify how to create a single high-speed logical link that combines several lower-speed physical links.
Remote Monitoring (RMON)
RMON provides comprehensive network monitoring capabilities. It eliminates the polling required in standard SNMP, and can set alarms on a variety of traffic conditions, including specific errors types.
Simple Network Management Protocol (SNMP)
An application protocol offering network management services in the Internet suite of protocols.
Serial Line Internet Protocol (SLIP)
A standard protocol for point-to-point connections using serial lines.
Spanning Tree Algorithm (STA)
A technology that checks your network for any loops. A loop can often occur in complicated network systems or systems with redundant links. Spanning-tree detects and directs data along the shortest path, maximizing the performance and efficiency of the network.
Spanning Tree Protocol (STP)
See Spanning Tree Algorithm.
Glossary-2
Glossary
Telnet
Defines a remote communication facility for interfacing to a terminal device over
TCP/IP.
Trivial File Transfer Protocol (TFTP)
The TCP/IP standard protocol for file transfer with minimal capability and minimal overhead. TFTP depends on the connectionless datagram delivery service, UDP.
Virtual LAN (VLAN)
A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. A VLAN serves as a logical workgroup with no physical barriers, allowing users to share information and resources as though located on the same LAN.
XModem
A protocol used to transfer files between devices. Data is grouped in 128-byte blocks and error-corrected.
Glossary-3
Glossary
Glossary-4
Index
Numerics
A
address table, static unicast 3-15
Administrator password, setting 3-11
aging time of address table 3-15
automatic VLAN registration 4-3
B
banner message configuration 2-21
BOOTP, for IP configuration 1-2, 3-9
bridge
Bridge Protocol Data Units
Broadcast Storm Control 2-38, 2-39
C
community strings, configuring 3-10
connections
console login configuration 2-17
console port
D
F
firmware
firmware upgrade
G
H
HTTP
configuration 2-12 server 2-12
I
protocol 4-5 query 4-5 report 4-5 snooping 4-5
Internet Group Management Protocol,
see IGMP
IP
L
log-in
M
main menu 2-2, 3-6 description 3-6
management
MIB extensions, configuring 3-21
mirror port configuration 3-37
N
network management station
Index-1
Index
O
P
pin assignments, console port B-1
port
priority
Q
R
restoring switch configuration 3-14
RMON probes and mirror ports 3-37
S
serial number of main board 3-8
serial port
Simple Network Management Protocol
community 2-15, 3-10 configuration 3-10
Spanning Tree Algorithm, see STA
Index-2 statistics
T
tagged
Telnet sessions, maximum number
TFTP
configuration for downloads 2-18 protocol 2-18
traffic classes configuration 2-41
traffic classes, configuring 4-6
trap managers, configuring 3-11
trunks, configuring 2-34, 3-37
U
untagged
V
Virtual LAN
assigning ports 4-3 automatic registration 4-3
static membership by port 3-29
static table configuration 2-46
tagged 3-26, 4-4 unknown tags 4-4 untagged 4-4
W
Web
Web interface
X
Index
Index-3
www.alcatel.co www.alcatel.com/enterprise
Alcatel
26801 West Agoura Road
Calabasas, CA 91301 USA
Contact Center
(800) 995-2612 US/Canada
(818) 880-3500 Outside US www.alcatel.com/enterprise
Product specifications contained in this document are subject to change without notice. Contact your local Alcatel representative for the most current information. Copyright © 2003 Alcatel
Internetworking, Inc. All rights reserved. This document may not be reproduced in whole or in part without the expressed written permission of Alcatel Internetworking, Inc. Alcatel ® and the
Alcatel logo are registered trademarks of Alcatel. All other trademarks are the property of their respective owners.
P/N 060117-10, Rev. B 01/02
F2.5 E012002-R03
150515-102
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project