advertisement
Installation and Configuration for the Avaya C360 Converged
Stackable Switches
Software Version 4.5
10-601564
Issue 1
July 2006
© 2006 Avaya Inc.
All Rights Reserved.
Notice
While reasonable efforts were made to ensure that the information in this document was complete and accurate at the time of printing, Avaya Inc. can assume no liability for any errors. Changes and corrections to the information in this document may be incorporated in future releases.
For full legal page information, please see the complete document,
Avaya Legal Page for Hardware Documentation, Document number
03-600759.
To locate this document on our web site, simply go to http:// www.avaya.com/support and search for the document number in the search box.
Documentation disclaimer
Avaya Inc. is not responsible for any modifications, additions, or deletions to the original published version of this documentation unless such modifications, additions, or deletions were performed by Avaya.
Customer and/or End User agree to indemnify and hold harmless Avaya,
Avaya's agents, servants and employees against all claims, lawsuits, demands and judgments arising out of, or in connection with, subsequent modifications, additions or deletions to this documentation to the extent made by the Customer or End User.
Link disclaimer
Avaya Inc. is not responsible for the contents or reliability of any linked
Web sites referenced elsewhere within this documentation, and Avaya does not necessarily endorse the products, services, or information described or offered within them. We cannot guarantee that these links will work all of the time and we have no control over the availability of the linked pages.
Warranty
Avaya Inc. provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty. In addition, Avaya’s standard warranty language, as well as information regarding support for this product, while under warranty, is available through the following Web site: http://www.avaya.com/support
Copyright
Except where expressly stated otherwise, the Product is protected by copyright and other laws respecting proprietary rights. Unauthorized reproduction, transfer, and or use can be a criminal, as well as a civil, offense under the applicable law.
Avaya support
Avaya provides a telephone number for you to use to report problems or to ask questions about your product. The support telephone number is 1-800-242-2121 in the United States. For additional support telephone numbers, see the Avaya Web site: http://www.avaya.com/support
Contents
Before you Install the Avaya C360 . . . . . . . . . . . . . . . . . . . . . 13
Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Conventions Used in the Documentation . . . . . . . . . . . . . . . . . . . . . . 14
CLI Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Notes, Cautions, and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Section 1: Avaya C360 Overview . . . . . . . . . . . . . . . . . . .
Chapter 1: Avaya C360 Overview. . . . . . . . . . . . . . . . . . . . . . 19
C360 Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Network Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Manageability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
VLAN Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Power over Ethernet (PoE) Support on C360-PWR switches . . . . . . . . . . 24
Layer 3 Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Management Interface Options . . . . . . . . . . . . . . . . . . . . . . . . 25
C360 Switch Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Section 2: Installing the C360 . . . . . . . . . . . . . . . . . . . . .
Chapter 2: Avaya C360 Front and Rear Panels . . . . . . . . . . . . . . 29
C360 Front Panels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
C360 Rear Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Chapter 3: Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Preparing Needed Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Site Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Rack Mounting (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Before you Install the C360 in a Rack . . . . . . . . . . . . . . . . . . . . 38
Wall Mounting (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Stacking (optional). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Installing the X360STK Stacking Module. . . . . . . . . . . . . . . . . . . . . 41
Issue 1 July 2006 3
Contents
Inter-Connecting Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
To connect stacked switches: . . . . . . . . . . . . . . . . . . . . . . . . 42
Making Connections to Network Equipment. . . . . . . . . . . . . . . . . . . . . 44
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Connecting Cables to Network Equipment . . . . . . . . . . . . . . . . . . . 44
Installing SFP GBIC Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Usage Restriction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Installing and Removing a SFP GBIC Transceiver . . . . . . . . . . . . . . . 46
Copper GBIC Transceiver Installation Notes . . . . . . . . . . . . . . . . 47
Chapter 4: Powering Up the Avaya C360 . . . . . . . . . . . . . . . . . 49
Connecting to an AC Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . 50
AC Power Cable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Connecting to a DC Power Source (C364T NEBS Only) . . . . . . . . . . . . . . 51
Connecting a BUPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Supplemental Earthing of the C360 (Optional) . . . . . . . . . . . . . . . . . 54
Sample Backup Power Supply Scheme . . . . . . . . . . . . . . . . . . . . . 55
Budgeting Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Post-Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Chapter 5: Establishing Switch Access . . . . . . . . . . . . . . . . . . 59
CLI Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Security Levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Entering the Supervisor Level . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Defining new local users . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Exiting the Supervisor Level . . . . . . . . . . . . . . . . . . . . . . . . . 61
Entering the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Establishing a Console Connection . . . . . . . . . . . . . . . . . . . . . . . . . 62
Assigning C360 IP Stack Address . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Establishing a Telnet Connection. . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Establishing an SSH Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Introduction to SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
SSH client connection: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Procedure for Establishing an SSH Connection. . . . . . . . . . . . . . . . . 68
SSH Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Establishing Access to Other Entities in the Stack (C360 Sessions) . . . . . . . 70
Establishing a Modem (PPP) Connection . . . . . . . . . . . . . . . . . . . . . . 71
4 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Contents
Connecting a Modem to the Console Port . . . . . . . . . . . . . . . . . . . . 71
SNMP Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Introduction to SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
SNMP Versions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Managers and Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Manager/Agent Communication . . . . . . . . . . . . . . . . . . . . . . . 73
SNMPv1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
SNMPv2c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
SNMPv3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Introduction to RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
RADIUS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Recovery Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Introduction to Recovery Password . . . . . . . . . . . . . . . . . . . . . . . 83
Recovery Password CLI Commands . . . . . . . . . . . . . . . . . . . . . . . 83
Allowed Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Allowed Managers Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 84
Allowed Managers CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . 84
Allowed Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Allowed Protocols Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . 86
Allowed Protocols CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . 86
Section 3: Avaya C360 Configuration. . . . . . . . . . . . . . . . .
Chapter 6: Avaya C360 Default Settings . . . . . . . . . . . . . . . . . . 91
Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
C360 Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Chapter 7: Switch Configuration . . . . . . . . . . . . . . . . . . . . . . 95
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Basic Switch Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
System Parameter Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 96
Identifying the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Operating parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Network Time Acquiring Protocols Parameter Configuration . . . . . . . . . 97
Issue 1 July 2006 5
Contents
Uploading and Downloading Device Configurations and Images . . . . . . . . . 99
Layer 2 Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Layer 3 Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
SCP Protocol Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
System Logging Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
System Logging Messages . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Sinks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Message Facilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Syslog Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Telnet Client Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Introduction to Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Telnet Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Monitoring CPU Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Chapter 8: Avaya C360 Layer 2 Features . . . . . . . . . . . . . . . . . 111
Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Fast Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Gigabit Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Configuring Ethernet Parameters . . . . . . . . . . . . . . . . . . . . . . . . 113
Auto-Negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Full-Duplex/Half-Duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
MDI/MDI-X Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
MAC Address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
CAM Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
MAC Aging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Ethernet Configuration CLI Commands . . . . . . . . . . . . . . . . . . . . . 115
VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
VLAN Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
VLAN Tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Multi VLAN Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Ingress VLAN Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
VLAN CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
IEEE 802.1x (Port Based Network Access Control) . . . . . . . . . . . . . . . . . 123
How 802.1x Authentication Works . . . . . . . . . . . . . . . . . . . . . . . . 123
IEEE 802.1x Implementation in the C360 . . . . . . . . . . . . . . . . . . . . . 124
Configuring the C360 for 802.1x . . . . . . . . . . . . . . . . . . . . . . . . . 124
6 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Contents
802.1x CLI Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Spanning Tree per Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Rapid Spanning Tree Protocol (RSTP) . . . . . . . . . . . . . . . . . . . . . . 128
About the 802.1w Standard . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Port Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Spanning Tree Implementation in the C360 . . . . . . . . . . . . . . . . . . . 130
Spanning Tree Protocol CLI Commands . . . . . . . . . . . . . . . . . . . . . 131
MAC Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
MAC Security Implementation in the C360 . . . . . . . . . . . . . . . . . . . . 132
MAC Security CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 133
LAG (Link Aggregate Group) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
LAG Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
LAG CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
LAG Implementation in the C360 . . . . . . . . . . . . . . . . . . . . . . . . . 135
Port Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Port Redundancy Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Intermodule Port Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Port Redundancy CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . 138
Port Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Port Classification CLI Commands . . . . . . . . . . . . . . . . . . . . . . 139
IP Multicast Filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
IP Multicast CLI Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
RMON Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
RMON CLI Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
SMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
SMON Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
SMON CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Port Mirroring Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Port Mirroring CLI commands . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Port Mirroring Implementation in the C360 . . . . . . . . . . . . . . . . . . . 145
Weighted Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Implementation of Weighted Queuing in the C360 . . . . . . . . . . . . . . . 145
Issue 1 July 2006 7
Contents
Weighted Queuing CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . 146
LLDP Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
LLDP Agent Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Supported TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Configuring the LLDP Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
LLDP Agent CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Chapter 9: Avaya C360 Layer 3 Features . . . . . . . . . . . . . . . . . 151
Obtaining and Activating a License Key . . . . . . . . . . . . . . . . . . . . . . . 151
Obtaining a Routing License Key. . . . . . . . . . . . . . . . . . . . . . . . . 152
Activating a Routing License Key . . . . . . . . . . . . . . . . . . . . . . . . 158
License Key CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . 158
What is Routing? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Routing Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Multinetting (Multiple Subnets per VLAN) . . . . . . . . . . . . . . . . . . . . 161
IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
IP Configuration CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . 162
Assigning Initial Router Parameters . . . . . . . . . . . . . . . . . . . . . . . 163
RIP (Routing Interchange Protocol) Configuration . . . . . . . . . . . . . . . . . 164
RIP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
RIP2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
RIP CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
OSPF (Open Shortest Path First) Configuration. . . . . . . . . . . . . . . . . . . 167
OSPF Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
OSPF CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Static Routing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Static Routing Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Static Routing Configuration CLI Commands . . . . . . . . . . . . . . . . . . 170
Route Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Route Redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Route Redistribution Commands . . . . . . . . . . . . . . . . . . . . . . . . . 172
ARP (Address Resolution Protocol) Table Configuration. . . . . . . . . . . . . . 172
ARP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
The ARP Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
ARP CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay Configuration . . . 175
BOOTP/DHCP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
BOOTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
8 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Contents
DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
DHCP/BOOTP Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
BOOTP/DHCP CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 176
NetBIOS Re-broadcast Configuration . . . . . . . . . . . . . . . . . . . . . . . . 176
NetBIOS Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
NetBIOS Re-broadcast Configuration CLI Commands . . . . . . . . . . . . . 177
VRRP (Virtual Router Redundancy Protocol) Configuration . . . . . . . . . . . . 177
VRRP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
VRRP Configuration Example 1. . . . . . . . . . . . . . . . . . . . . . . . . . 178
Case#1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Case #2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
VRRP CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Policy Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Policy Configuration Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Policy Configuration CLI Commands . . . . . . . . . . . . . . . . . . . . . . 181
Policy Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Policy Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . 184
IP Fragmentation and Reassembly . . . . . . . . . . . . . . . . . . . . . . . . . . 184
IP Fragmentation and Reassembly Overview . . . . . . . . . . . . . . . . . . 184
IP Fragmentation/Reassembly CLI Commands . . . . . . . . . . . . . . . . . 185
Chapter 10: Avaya C360 Power over Ethernet Features . . . . . . . . . 187
Power Over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Load Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
How the C360-PWR Switches Detect a Powered Device . . . . . . . . . . 188
Specific Resistance Signature (IEEE 802.3af) . . . . . . . . . . . . . . . . 188
PD Connected . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
“Plug and Play" Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Powering Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Power over Ethernet in Converged Networks . . . . . . . . . . . . . . . . . . 190
Power over Ethernet CLI Commands. . . . . . . . . . . . . . . . . . . . . . . 191
Chapter 11: C360 Device Manager . . . . . . . . . . . . . . . . . . . . . 193
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Configuring the Device Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Device Manager Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Running the Device Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
Issue 1 July 2006 9
Contents
Installing the Java Plug-in. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
Installing from the C360 Documentation and Utilities CD . . . . . . . . . . . 197
Install from the Avaya Web Site . . . . . . . . . . . . . . . . . . . . . . . . . 197
Install from your Local Web Site . . . . . . . . . . . . . . . . . . . . . . . . . 197
Installing the On-Line Help and Java Plug-In on your Web Site . . . . . . . . . . 198
Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Section 4: Troubleshooting and Maintaining the Avaya C360 . . . 199
Chapter 12: Troubleshooting the Installation . . . . . . . . . . . . . . . 201
Troubleshooting the Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Stack Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Implementation of Stack Health in the C360 . . . . . . . . . . . . . . . . . . . 204
Stack Health CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Chapter 13: Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Replacing the Stacking Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Hardware NVRAM Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Chapter 14: Updating the Firmware . . . . . . . . . . . . . . . . . . . . 211
Firmware Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Obtain Software Online . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Downloading Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Download New Version without Overwriting Existing Version . . . . . . . . . . . 212
Firmware Banks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Appendix A: Mixed Stacks . . . . . . . . . . . . . . . . . . . . . . . . . 213
Hardware Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
BUPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
Feature Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
QoS Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Appendix B: Configuring C360 QoS for Avaya IP Telephones . . . . . . 219
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
10 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Contents
Appendix C: Standards and Compatibility . . . . . . . . . . . . . . . . . 221
Avaya C360 Standards Supported . . . . . . . . . . . . . . . . . . . . . . . . . . 221
IEEE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
IETF - Layer 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
IETF - Layer 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
IETF - Network Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Appendix D: Specifications . . . . . . . . . . . . . . . . . . . . . . . . . 225
Physical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Power Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Environmental. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Safety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
MTBF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
GBIC Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
LX Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
SX Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
ELX Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Copper Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Console Pin Assignments. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Issue 1 July 2006 11
Contents
12 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Before you Install the Avaya C360
Safety Information
WARNING:
ADVERTENCIA:
WARNING:
ADVERTENCIA:
CAUTION:
PRECAUCION:
CAUTION:
PRECAUCION:
!
WARNING:
ONLY TRAINED AND QUALIFIED PERSONNEL SHOULD BE ALLOWED TO
INSTALL OR REPLACE THIS EQUIPMENT.
!
ADVERTENCIA:
SOLAMENTE PERSONAL CALIFICADO Y ENTRENADO DEBE INSTALAR O
REEMPLAZAR ESTE EQUIPO.
!
WARNING:
EQUIPMENT MUST BE CONNECTED TO AN EARTHED MAINS
SOCKET-OUTLET.
!
ADVERTENCIA:
El equipo se debe conectar a una toma de tierra principal.
!
CAUTION:
C360 switches and stacking modules contain components sensitive to electrostatic discharge. Touching the circuit boards unless instructed to do so may damage them.
!
PRECAUCIÓN:
El switch C360 y sus módulos de ampliación contienen componentes sensibles a descargas electrostáticas. Tocar las tarjetas sin autorización del personal técnico puede dañarlas.
!
CAUTION:
Do not leave the stacking slots open. Cover empty slots using the blanking plates supplied.
!
PRECAUCIÓN:
No deje las aberturas de ampliación abiertas. Cubrir las aberturas vacias con las placas bloqueadoras proporcionadas con el equipo.
!
WARNING:
The fans are on whenever the switch is powered.
WARNING:
Issue 1 July 2006 13
Before you Install the Avaya C360
ADVERTENCIA:
!
ADVERTENCIA:
Los ventiladores están encendidos siempre que el equipo esté conectado al suministro eléctrico.
Conventions Used in the Documentation
Documentation for this product uses the following conventions to convey instructions and information:
CLI Conventions
● Mandatory keywords are in the computer bold font.
● Information displayed on screen is displayed in computer font.
● Variables that you supply are in pointed brackets < >.
● Optional keywords are in square brackets [ ].
● Alternative but mandatory keywords are grouped in braces {} and separated by a vertical bar |.
● Lists of parameters from which you should choose are enclosed in square brackets [ ] and separated by a vertical bar |.
● If you enter an alphanumeric string of two words or more, enclose the string in “quotation marks”.
14 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Conventions Used in the Documentation
Notes, Cautions, and Warnings
CAUTION:
PRECAUCION:
WARNING:
ADVERTENCIA:
!
CAUTION:
You should take care. You could do something that may damage equipment or result in loss of data.
!
PRECAUCIÓN:
Debe tener cuidado. Usted podría hacer algo que puede dañar el equipo o resultar en pérdida de datos.
!
WARNING:
This means danger. Failure to follow the instructions or warnings may result in bodily injury. You should ensure that you are qualified for this task and have read and understood all the instructions.
!
ADVERTENCIA:
Indica peligro. El no seguir las instrucciones o advertencias puede resultar en lesión corporal. Asegúrese de estar preparado para esta tarea y de haber leído y entendido todas las instrucciones.
Issue 1 July 2006 15
Before you Install the Avaya C360
16 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Section 1: Avaya C360 Overview
Issue 1 July 2006 17
18 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 1: Avaya C360 Overview
Tip:
The C360 is a line of converged stackable switches that provide high availability, quality of service (QoS), and IEEE 802.3af Power over Ethernet (PoE) to enhance converged network infrastructure operations. With a range of PoE and non-PoE configurations, the C360 series is a powerful, yet cost-effective option for enterprise applications.
With C360 switches, you can deploy PoE and multilayer switching using one switch, while maintaining the simplicity and the cost effectiveness of Avaya stackable switches.
Tip:
For clarity, the nomenclature described in
will be used in the C360 documentation:
Table 1: Nomenclature
This term...
Means...
C360
C360-PWR
● C363T
● C363T-PWR
● C364T
● C364T NEBS
● C364T-PWR
● C363T-PWR
● C364T-PWR
C360 Features and Benefits
Stacking
● You may create logical stacks of up to ten switches that you manage and configure as a single switch.
● Stacking is based on the Octaplane™ stacking system that provides eight Gbps stacking bandwidth to all switches in the stack.
● Each member of the stack is connected to the other members using a dedicated stacking module and cables.
Issue 1 July 2006 19
Avaya C360 Overview
● When the switches are stacked, the switches elect one switch as the master, while the other switches act as slaves. The master switch acts as the stack management agent reporting to the management system.
● Management redundancy - if the master unit fails, the remaining switches elect a new switch as the master, and the original stack configuration and IP address are maintained.
● You can add, remove and replace switches in the stack without disrupting operation.
● Auto-reconfiguration for replaced switch - the configuration of the units is distributed over the stack. When you replace a unit, you do not need to reconfigure stack-level parameters such as Spanning Tree, IP address and port redundancy.
Network Optimization
● Autosensing of port speed and autonegotiation of duplex mode on all switch ports for optimizing bandwidth.
● IEEE 802.3x flow control on all Ethernet ports.
● Auto MDI/MDI-X (cross-over cable) detection allows use of both straight and crossover cables without the need to configure ports individually.
● LAGs (Link Aggregate Group) provide enhanced fault tolerance and aggregated bandwidth of up to 800 Mbps (on 10/100BASE-T ports) or 2 Gbps (on 1000BASE-X ports).
- Ideal for high-bandwidth connections to servers, routers and switches.
- Refer to
LAG (Link Aggregate Group) on page 134 for further information.
● IGMP (Internet Group Management Protocol) Snooping for limiting flooding of multicast traffic.
Manageability
● SNTP (Simple Network Time Protocol) or TIME protocol for providing a consistent timestamp to all switches from an external source. Refer to
Protocols Parameter Configuration on page 97.
● In-band management access:
- C360 Device Manager with intuitive Web-based access. Refer to
Manager on page 193 for further information.
- Up to five simultaneous Telnet connections for multiple CLI (Command Line
Interface)-based sessions over the network. Refer to Establishing a Telnet
Connection on page 65 for further information.
20 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
C360 Features and Benefits
- Up to two simultaneous encrypted SSH (Secure Shell) connections for multiple
- SNMP (Simple Network Management Protocol) "get" and "set" requests (support for
SNMPv1, SNMPv2 and SNMPv3). Refer to SNMP Support on page 73 for further
information.
● Out-of-band management access through the switch console port to a directly attached
terminal or remote terminal via a serial connection or modem. Refer to Establishing a
on page 62 and Establishing a Modem (PPP) Connection on page 71
for further information.
●
Allowed managers to restrict access to a pre-defined list of IP addresses. Refer to Allowed
Managers on page 84 for further information.
● Software upgrades by TFTP. Refer to
Firmware Download on page 211 for further
information.
●
Configuration upload/download by TFTP and SCP. Refer to Uploading and Downloading
Device Configurations and Images on page 99 for further information.
● "Allowed protocols" allows you to selectively enable and disable the IP protocols. Refer to
Allowed Protocols on page 86 for further information.
Redundancy
● IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) for rapid convergence of the spanning tree by immediately transitioning root and designated ports to the forwarding state.
- RSTP automatically detects switches that are configured as 802.1w Rapid Spanning
Tree or 802.1D Spanning Tree and operates accordingly. Refer to
Protocol on page 127 for further information.
- Edge port for eliminating the forwarding delay by enabling a port to immediately transition from the blocking state to the forwarding state.
● Port redundancy provides a backup for important links. If one link fails, the backup link takes over, preventing disruption to network traffic. Refer to
for further information.
● Inter-module redundancy is hardware-based and intended for important links that need to be maintained even if there are changes in the stack. Refer to
Redundancy on page 137 for further information.
● Port redundancy combined with 802.1w provides configuration flexibility in complex network configurations.
● LAG redundancy adds the reliability of port redundancy to LAGs, thus providing inter-port as well as intra-port redundancy.
Issue 1 July 2006 21
Avaya C360 Overview
● Stack redundancy - in the unlikely event that a C360 switch or Octaplane link should fail, stack integrity is maintained if the redundant cable is connected to the stack. The broken link is bypassed and data transmission continues uninterrupted.
● BUPS (Backup Power Supply) - you can connect an additional DC power supply to the
BUPS connectors to ensure no disruption if the internal PSU fails. Refer to
BUPS on page 53 for further information.
VLAN Support
● Support for up to 3,071 VLANs (in the range of 1-3071) according to the IEEE 802.1Q standard for assigning VLANs associated with appropriate network resources, traffic patterns, and bandwidth. Refer to
VLANs on page 117 for further information.
● IEEE 802.1Q lets a VLAN span multiple switches. This provides management and control of broadcast and multicast traffic and network security as well as all the other benefits of
VLANs over the entire network.
● PVID - VLAN-per-port for maximum flexibility and security.
● Multi VLAN binding (Multiple VLANs per port) allows access to shared resources by stations that belong to different VLANs through the same port. Refer to
Binding on page 119 for further information.
● Ingress VLAN security accepts or rejects packets depending on their tagging and the
VLAN binding mode on the port. Refer to Ingress VLAN Security on page 121 for further
information.
Security
● Password-protected access - three levels (read-only, read-write, and supervisor access) to management interfaces for protection against unauthorized configuration changes. Refer
to Security Levels on page 60 for further information.
● Access Control allows you to define which packets have access - based on the source or destination address information in the packet or on other information in Layer 3 and Layer
4 (on routed packets only). Refer to Policy Configuration on page 180 for further
information.
● IEEE 802.1x port-based authentication to prevent unauthorized devices (clients) from
gaining access to the network. Refer to IEEE 802.1x (Port Based Network Access
Control) on page 123 for further information.
● 802.1x with attribute assignments allows you to set VLAN ID, priority or multi-vlan binding per user. Refer to
IEEE 802.1x (Port Based Network Access Control) on page 123 for
further information.
22 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
C360 Features and Benefits
● Remote Authentication Dial-In User Service (RADIUS) provides flexible administrative
control over authentication and authorization processes. Refer to RADIUS on page 80 for
further information.
● SNMP v3 adds security features to the SNMP v1 and SNMP v2c feature set. Refer to
SNMPv3 on page 75 for further information.
● SSH enables establishing a remote session over a secured tunnel, also called a remote
shell. Refer to Establishing an SSH Connection on page 66 for further information.
● MAC Security is intended to filter incoming frames (from the line) with an unauthorized source MAC address (SA). Refer to
MAC Security on page 132 for further information.
Quality of Service (QoS)
● Per-port 802.1p marking for untagged traffic ensures that time-sensitive packets receive the appropriate priority. Refer to
Priority on page 114 for further information.
● Four egress queues on all switch ports.
- You can configure these queues with either the WRR (Weighted Round Robin) scheduling algorithm or the strict priority scheduling algorithm.
● 802.1p and DSCP mapping. Refer to
Policy Configuration Overview on page 180 for
further information.
● Classification of traffic per L3/L4 attributes on routed traffic only (classification based on information in the IP and TCP/UDP headers)
● 802.1p QoS marking based on packet classification for high-performance quality of service at the network edge, allowing for differentiated service levels for different types of network traffic and for prioritizing mission-critical traffic in the network. This applies to routed traffic only.
Monitoring
● Front panel LEDs that provide at-a-glance port and switch status. Refer to
Front and Rear Panels on page 29 for further information.
● Port mirroring lets you transparently mirror traffic from one source port to a destination port
to monitor traffic. Refer to Port Mirroring on page 144 for further information.
● Four groups (history, statistics, alarms, and events) of embedded remote monitoring
(RMON) agents for network monitoring and traffic analysis. Refer to
for further information.
● Syslog facility for logging system messages about events, errors and other important information. Refer to
System Logging on page 104 for further information.
Issue 1 July 2006 23
Avaya C360 Overview
● Port classification to regular/valuable so in case of link failure notification is generated for
valuable ports only. Refer to Port Classification on page 139 for further information.
● The C360 supports SMON switch monitoring which provides unprecedented top-down monitoring of switched network traffic at the following levels:
- Enterprise Monitoring
- Device Monitoring
- VLAN Monitoring
- Port-level Monitoring
This top-down approach gives you rapid troubleshooting and performance trending to keep
the network running optimally. Refer to SMON on page 143 for further information.
Power over Ethernet (PoE) Support on C360-PWR switches
● 802.3af support for PoE standard based to provide power to IP phones, wireless access
point and other standard based end points. Refer to VLANs on page 117 for further
information.
● Autodetection and control of inline phone power on a per-port basis on all 10/100 ports for plug-and-play configuration. Refer to
How the C360-PWR Switches Detect a Powered
Device on page 188 for further information.
● Priority-based power management ensures that key devices, such as IP telephones, receive power.
● Up to 15.4W per powered device
● The C360-PWR switches can provide PoE on all 10/100BASE-T ports.
Layer 3 Support
● Hardware-based Layer 3 switching for high performance.
● VRRP (Virtual Router Redundancy Protocol) for Layer 3 router redundancy. The Virtual
Router Redundancy Protocol (VRRP) eliminates the single point of failure inherent in the
static default routed environment. Refer to VRRP (Virtual Router Redundancy Protocol)
Configuration on page 177 for further information.
● IP routing protocols for load balancing and for constructing scalable, routed backbones:
- Routing Information Protocol (RIP) versions 1 and 2. Refer to RIP (Routing Interchange
Protocol) Configuration on page 164 for further information.
- Open Shortest Path First (OSPF). Refer to
OSPF (Open Shortest Path First)
Configuration on page 167 for further information.
24 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
C360 Features and Benefits
● IP routing between VLANs (inter-VLAN routing) for full Layer 3 switching between two or more VLANs, allowing each VLAN to maintain its own autonomous data-link domain
● Address Resolution Protocol (ARP) for identifying a switch through its IP address and its corresponding Media Access Control (MAC) address. Refer to
Protocol) Table Configuration on page 172 for further information.
● NetBIOS Re-broadcast for applications such as WINS that use broadcast but may need to
communicate with stations on other subnets or VLANs. Refer to NetBIOS Re-broadcast
Configuration on page 176 for further information.
● Static IP routing for manually building a routing table of network path information. Refer to
Static Routing Configuration on page 169 for further information.
● ECMP (equal-cost routing) provides load balancing and redundancy by splitting traffic among several equivalent paths.
● Internet Control Message Protocol (ICMP) and ICMP Router Discovery Protocol (IRDP) are used by routers to notify the hosts on the data link that a better route is available for a particular destination.
● DHCP/ BootP relay for forwarding UDP broadcasts, including IP address requests, from
DHCP/BootP clients. Refer to BOOTP/DHCP (Dynamic Host Configuration Protocol)
Relay Configuration on page 175 for further information.
Management
The C360 switch is designed for plug-and-play operation: you need to configure only basic IP information for the switch and connect it to the other devices in your network. If you have specific network needs, you can configure and monitor the switch - individually or as part of a stack - through its various management interfaces.
Management Interface Options
You can configure and monitor individual switches and the entire stack by using these interfaces:
● The built-in C360 Device Manager allows you to configure and manage a C360 stack using a Web browser without purchasing additional software.
This application works with the Microsoft Internet Explorer and Netscape Navigator web browsers and Sun Microsystems Java Plug-in.
● CLI - You can configure and monitor the switch or the stack from the CLI. You can access the CLI either by connecting your management station directly to the switch console port or by using Telnet, PPP or SSH from a remote management station.
● SNMP - provides a means to monitor and control the switch or the stack. You can manage switch configuration settings, performance, security, and collect statistics by using SNMP management applications such Avaya Integrated Management and HP OpenView.
Issue 1 July 2006 25
Avaya C360 Overview
● You can manage the switch from an SNMP-compatible management station that is running platform such as HP OpenView. The switch supports a comprehensive set of MIB extensions and four RMON groups.
● Avaya IM (Integrated Management) network management provides further control and allows you to manage other Avaya equipment in your network. It provides the ease-of-use and features necessary for optimal network utilization.
- Integrated Management is available for Microsoft Windows 2000, XP, and 2003 and
Solaris 2.8.
- Integrated Management can operate in standalone mode with Microsoft Windows 2000,
XP, and 2003 and Solaris 2.8.
- Integrated Management operates under HP OpenView for Microsoft Windows 2000, XP, and 2003.
C360 Switch Configurations
summarizes the C360 switch configurations
Table 2: C360 Switch Configurations
Model
C363T
C363T-PWR
C364T
C346T-NEBS
C364T-PWR
10/100BASE-T
Ports
24
24
48
48
2
2
2
GBIC SFP
Ports
PoE
(on 10/100BASE-T ports)
Yes
2 Yes
26 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Section 2: Installing the C360
Issue 1 July 2006 27
28 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 2: Avaya C360 Front and Rear Panels
This chapter describes the front and rear panels of the C360 switches, including the LEDs, buttons and power inlets:
●
●
C360 Front Panels
Tip:
The front panel contains LEDs, controls, and connectors. The status LEDs and control buttons provide at-a-glance information.
The front panel LEDs consist of Port LEDs and Function LEDs. The Port LEDs display information for each port according to the illuminated function LED. The function is selected by pressing the left or right button until the desired parameter LED is illuminated.
For example, if the COL LED is illuminated, then all Port LEDs show the collision status of their respective port. If you wish to select the LAG function, then press the left button until the LAG
Function LED is lit; if you then wish to select Rx then press the right button three times until the
Rx function LED lights.
The front panels shown below includes LEDs, buttons, SFP GBIC transceiver housings,
10/100BASE-T ports and the RJ-45 console connector. The LEDs are described in Table 3
.
Tip:
The 10/100BASE-T ports of the C363T-PWR are numbered from 1 to 24; on the
C364T-PWR 1 to 48. The two SFP Gigabit Ethernet ports are numbered 51 and
52.
Figure 1: C363T Front Panel
Issue 1 July 2006 29
Avaya C360 Front and Rear Panels
Figure 2: C363T-PWR Front Panel
Figure 3: C364T and C364T NEBS Front Panel
Figure 4: C364T-PWR Front Panel
Figure 5: C360 Function LEDs
2
Figure notes:
1. PoE LED on C360-PWR only
2. Left front panel button
3. Right front panel button
3
1
30 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
C360 Front Panels
Figure 6: Order of Function 'Parameters Selected with the Left/Right Front Panel Buttons
1
Starting Point
(after Power-up or Reset)
Left
Button
Right
Button
LNK
PoE COL
LAG Tx
Hspd Rx
FDX
Figure notes:
1. PoE LED on C360-PWR only
Table 3: C360 Function LED Descriptions 1 of 3
Description LED Status LED
Name
PWR
SYS
ROUT
Power Status OFF - Power is off
ON - Power is on
Blinking - Main power is down and BUPS is active
System Status OFF - Module is a slave in a stack
ON - Module is the stack master, and the optional
Octaplane and Redundant cable(s) are either not connected or not active.
This LED will also light in Standalone mode.
Blinking - Switch is the stack master and the
Octaplane is in redundant cable is active.
Routing Mode OFF - Layer 2 mode
ON - Router mode
1 of 3
Issue 1 July 2006 31
Avaya C360 Front and Rear Panels
Table 3: C360 Function LED Descriptions 2 of 3
LED
Name
Description LED Status
The following Function LEDs apply to all ports
LNK Port Status OFF - Port is disabled
COL Collision
ON - Link is OK
Blinking - Port is enabled, but Link is down
OFF - No collision or full-duplex port for ports 1 to
24/48; always OFF for ports 51 to 52.
Tx
Rx
FDX
Hspd
LAG
ON - Collision occurred on line.
Transmit to line OFF - No transmit activity
Receive from line
ON - Data transmitted on line from the module
OFF - No receive activity
Full Duplex mode
ON - Data received from the line into the module
OFF - Half duplex mode (ports 1 to 24/48)
High Speed
ON - Full duplex mode (ports 1 to 24/48)
Always ON for ports 51,52 (full-duplex mode only)
Ports 1-24/48 Ports 51,52
OFF: 10 Mbps N/A
ON: 100 Mbps 1000 Mbps
Link
Aggregation
Group
(Trunking)
OFF - No LAG defined for this port
ON - Port belongs to a LAG
2 of 3
32 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
C360 Rear Panel
Table 3: C360 Function LED Descriptions 3 of 3
Description LED Status LED
Name
PoE* Power over
Ethernet.
OFF - PoE disabled for this port
ON - PoE is enabled and power is being supplied to an end-station
Blinking:
● PoE enabled, but no powered device is detected, or
● Power supply error, or
● Not enough power
3 of 3
Tip:
*C360-PWR only
Tip:
All LEDs light during a reset.
Table 4: C360 Right and Left Select buttons
On order to...
Select the function
LED (see
)
Reset the switch
Press...
Left or Right button
Reset the stack
Both Right and Left buttons together for approximately one second. All LEDs on the switch remain lit until the procedure is complete.
Both Right and Left buttons together for five seconds. All
LEDs on the stack remain lit until the procedure is complete.
C360 Rear Panel
The C360 rear panel contains a stacking module slot, AC power input and BUPS DC input.
Note:
Note:
The C/S: and SW versions on your C360 switches may differ from those shown in
Issue 1 July 2006 33
Avaya C360 Front and Rear Panels
Figure 7: C360 Rear Panel
1
2
Figure notes:
1. AC Input
2. BUPS DC Input
3. X360STK slot (shown covered)
3
34 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 3: Installation
The C360 switch is ready to work after you complete the installation instructions described in this chapter. After you have completed the procedures in this chapter, proceed to
Chapter 4: Powering Up the Avaya C360
The following steps are described in this chapter:
●
●
●
●
●
●
Making Connections to Network Equipment
●
Installing SFP GBIC Transceivers
Preparing Needed Tools
Prepare the tools you need to mount the Replace variable w/ short product name, according to
Table 5: Mounting Tools
If you need to mount on...
Prepare these tools
Rack or wall
Flat wall
Uneven wall
Phillips head screwdriver screws to fasten Replace variable w/ short product name to the wall
●
●
16.3" x 18.3" (415 x 465 mm) plywood board 0.8" (20 mm) thick wood screws screws to fasten the Replace variable w/ short product name to the wall
Issue 1 July 2006 35
Installation
Site Preparation
You can mount the C360 alone or in a stack in a standard 19-inch equipment rack located in a wiring closet or equipment room. You can build a logical stack of up to ten C360 switches.
Ensure that the location where you install your Replace variable w/ short product name fulfills the following requirements:
● Cables are away from sources of electrical noise such as:
● radio transmitters
● broadcast amplifiers
● power lines
● fluorescent light fixtures
● Water or moisture cannot enter the chassis.
● Air can flow freely around all sides of the chassis.
● The vents on the sides of the chassis are not blocked.
●
The environmental conditions match the requirements listed in Table 6
.
Table 6: Environmental Requirements
Condition
Ambient temperature
Relative humidity
Weight support
Acceptable values
32 o
to 104 o
F (0 o
to 40 o
C)
5-95% non-condensing
10.8-15 lbs (4.9-6.8 kg)
36 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
● The power source matches the specifications shown in
Table 7: Power Requirements
100 to 240 VAC, 50 to 60 Hz AC Input voltage
Power consumption
●
●
C363T
C363T-PWR
●
●
C364T
C364T (NEBS)
● C364T-PWR
AC Input current
●
●
C363T
C363T-PWR
●
●
C364T
C364T (NEBS)
● C364T-PWR
DC Input voltage
(C364T NEBS only)
DC Input current
(C364T NEBS only)
●
●
●
●
●
1.3 A
4.2 A
1.3 A
1.3 A
7.6 A
-36 to -60 VDC
2 A
●
●
●
●
●
60 W
420 W
90 W
90 W
760 W
Rack Mounting (Optional)
Rack Mounting (Optional)
The C360 chassis fits in most standard 19-inch racks. It is 1U (44.45 mm, 1.75”) high.
You can mount the Avaya C360 in a standard 19" rack either in “front-mount” or “mid-mount” positions using the brackets supplied with the chassis.
The brackets are symmetric: you can fix either bracket on either side.
shows the two available rack mounting positions:
Issue 1 July 2006 37
Installation
Figure 8: Front and Mid-Mount Positions
7.9"
(200 mm)
1
2
3
Front
Figure notes:
1. Equipment rack 2. Mid-mount position 3. Front mount position
Before you Install the C360 in a Rack
● When installing C360 in a rack, ensure that the equipment is positioned such that it will not cause the rack to become unstable or tip over.
● Ensure that the combination of equipment in the rack will not cause an overload or overcurrent condition on the power strip being used and/or the customer's branch circuit.
● The C360 units weigh a maximum of 15 pounds (6.8 kg). Be careful when installing or removing the C360 product from the rack.
● If a power strip is being used in the rack, ensure that it has a reliable earth connection. If the C360 equipment will be plugged directly into a wall outlet, ensure that there is a reliable ground connection at the outlet.
● Ensure that the internal rack ambient temperature is within the operating specification limits of the C360.
● Ventilation for the C360 is from side to side. Ensure that there is adequate space on each side of the C360 equipment when installed in the rack to allow sufficient airflow.
Place the C360 in the rack as follows:
1. Position the brackets on the C360 as shown in Figure 9 , Figure 10 or Figure 11 , according
to the model.
38 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Figure 9: C360 Rack Mounting (except C364T NEBS)
Rack Mounting (Optional)
1
Figure notes:
1. Front mount position 2. Mid-mount position
Figure 10: C360 Rack Mounting - Front Mount (C364T NEBS only)
2
Figure 11: C360 Rack Mounting - Mid Mount (C364T NEBS only)
2. Firmly attach the brackets to the chassis with the screws provided.
Issue 1 July 2006 39
Installation
- Use four screws to attach each bracket to the switch for non-NEBS switches.
- Use eight screws to attach each bracket to the switch for the C364T NEBS switch.
3. Position the switch in the rack.
4. Fasten the switch in the rack with the screws provided.
Wall Mounting (Optional)
Note:
Note:
Do not mount the C364T NEBS on a wall.
You can fix the C360 to the wall as follows:
CAUTION:
!
CAUTION:
Ensure that the wall and screws can support the weight of the C360 and any installed modules. The maximum weight of a C360 switch is 15 lb. (6.8 kg)
CAUTION:
!
CAUTION:
You must mount the C360 with the ventilation holes facing left and right and the front panel facing up.
1. Attach the brackets to the C360 as shown in Figure 12 .You can attach the brackets to face
either the top or the bottom of the unit, depending whether you want the top panel or bottom panel of the unit to face the wall.
Figure 12: C360 Wall Mounting
2. Place the unit on the wall.
3. Secure the unit to the wall using two screws on each side. Do not overtighten the screws.
40 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Stacking (optional)
CAUTION:
!
CAUTION:
Ensure that ventilation holes are not obstructed.
Stacking (optional)
There are two main steps for creating stacks:
1.
Installing the X360STK Stacking Module
2.
Installing the X360STK Stacking Module
CAUTION:
PRECAUCION:
CAUTION:
!
CAUTION:
C360 switches and stacking modules contain components sensitive to electrostatic discharge. Touching the circuit boards unless instructed to do so may damage them.
!
PRECAUCIÓN:
El switch C360 y sus módulos de ampliación contienen componentes sensibles a descargas electrostáticas. Tocar las tarjetas sin autorización del personal técnico puede dañarlas.
!
CAUTION:
Do not leave the stacking slots open. Cover empty slots using the blanking plates supplied.
PRECAUCION:
!
PRECAUCIÓN:
No deje las aberturas de ampliación abiertas. Cubrir las aberturas vacias con las placas bloqueadoras proporcionadas con el equipo.
To install the stacking module in the C360:
1. Remove the existing stacking module or blanking plate from the back of the C360 switch.
2. Insert the stacking module gently into the slot, ensuring that the PCB (printed circuit board) is aligned with the guide rails.
3. Press the module in firmly until it is completely inserted into the Avaya C360.
Note:
Note:
Ensure that the screws on the module are properly aligned with the holes in the chassis before tightening them.
Issue 1 July 2006 41
Installation
4. Tighten the two screws on the side panel of the stacking module by turning the knurled knobs clockwise.
Inter-Connecting Switches
Tip:
Tip:
Tip:
You may stack the C360 with the G700, P333T-PWR, P332G-ML or P332GT-ML.
Please refer to Appendix A: Mixed Stacks
for further information on mixed stacks.
Note:
Note:
The two ends of the Octaplane cable terminate with different connectors. Each connector can only be connected to its matching port.
The following cables are used to connect stacked switches:
● Short Octaplane cable (X330SC) - ivory-colored, used to connect adjacent switches
(Catalog No. CB0223) or switches separated by a BUPS unit. This cable is 30 cm. long.
● Long/Extra Long Octaplane cable (X330LC/X330L-LC) - ivory-colored, used to connect switches from two different physical stacks, or switches separated by a BUPS unit
(Catalog No. CB0225/CB0270). The long cable is 2 m long; the extra-long cable is 8 m long.
● Redundant/Long Redundant Octaplane cable (X330RC/X330L-RC) - black, used to connect the top and bottom switches of a stack (Catalog No. CB0222/CB0269). This cable is 2 m long.
Tip:
You may use the same cables with P330 and P330-ML switches.
To connect stacked switches:
Tip:
Tip:
When adding a switch to an existing stack, first connect the stacking cables and then power up the module.
To connect stacked switches:
1. Plug the light grey connector of the Short Octaplane cable into the port marked “to upper unit" of the bottom C360 switch.
2. Plug dark grey connector of same Short Octaplane cable to the port marked “to lower unit"
in the unit above. The connections are illustrated in Figure 13 .
3. Repeat Step 1and Step 2 until you reach the top switch in the stack.
42 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Stacking (optional)
Tip:
CAUTION:
4. If you wish to implement stack redundancy, use the Redundant Cable to connect the port marked “to lower unit" on the bottom switch to the port marked “to upper unit"" on the top switch of the stack.
5. Power up the added modules.
!
CAUTION:
Do not cross connect two switches with two Octaplane (light-colored) cables. If you wish to cross-connect for redundancy, use one light-colored Octaplane cable and one black redundancy cable. The black cable will then serve as a redundant connection.
CAUTION:
!
CAUTION:
To prevent EMI, cover any unused ports on the stacking modules using the grey plugs provided. Insert the plug labelled "left" into the lower port; insert the plug labelled "right" into the upper port. See
Tip:
You can build a logical stack of up to ten C360 switches. If you do not wish to stack all the switches in a single rack, use long Octaplane cables to connect the two physical stacks.
Figure 13: C360 Stacking Connections
Issue 1 July 2006 43
Installation
Figure 14: Plug for Unused Stacking Ports
Making Connections to Network Equipment
This section describes the physical connections that you can make between the C360 switch and other network equipment.
Prerequisites
Make sure you have the following before attempting to connect network equipment to the C360:
● A list of network equipment to be connected to the C360, detailing the connector types on the various units
● All required cables, as specified in
Connecting Cables to Network Equipment
. Appropriate cables are available from your local supplier.
Connecting Cables to Network Equipment
C360 switches include the following types of ports (according to the speed and standard they support): 10/100BASE-T (PoE on the C360-PWR) and SFP GBIC
Tip:
Tip:
See http://support.avaya.com
for a list of compatible NICs.
To connect the cables:
1. If you are using an SFP GBIC (Small Form Factor Plugable Gigabit Interface Converter) transceiver, see
Installing SFP GBIC Transceivers
.
44 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Installing SFP GBIC Transceivers
2. For all other ports, connect an Ethernet copper cable (not supplied) directly to the ports. The copper ports can operate with 2 pair (4 wire) or 4 pair (8 wire) CAT 5 Ethernet cables
(crossed or straight). The maximum cable length is 100 m (328 ft.).
3. Connect the other end of the cable to the Ethernet port of the PC, server, router, workstation, switch, hub, or other end device.
4. Check that the appropriate link (LNK) LED lights up.
Installing SFP GBIC Transceivers
The SFP GBIC (Gigabit Interface Converter) have been tested for use with the C360 Gigabit
Ethernet ports. For a list of approved SFP GBIC transceivers, see: http://support.avaya.com
SFP GBIC transceivers are hot-swappable.
Safety Information
CAUTION:
WARNING:
ADVERTENCIA:
!
CAUTION:
You must operate the SFP GBIC transceivers under recommended operating conditions, as specified for each transceiver.
!
WARNING:
The use of optical instruments with this product will increase eye hazard.
!
ADVERTENCIA:
El uso de instrumentos ópticos en este producto aumentará el riesgo de peligro para la vista.
Usage Restriction
When a SFP GBIC transceiver is inserted in the module but is not in use, protect the Tx and Rx ports with an optical connector or a dust plug.
CAUTION:
!
CAUTION:
Use only approved SFP GBIC transceivers. All approved SFP GBIC transceivers:
1) are 3.3V. Do not insert a 5VSFP GBIC.
2) use Serial Identification. Do not use a GBIC that utilizes Parallel
Identification.
Issue 1 July 2006 45
Installation
Installing and Removing a SFP GBIC Transceiver
The SFP GBIC transceiver is fastened using a snap-in clip.
To install the SFP GBIC transceiver:
● Insert the transceiver (take care to insert it the right way up) until it clicks in place.
● Refer to
Copper GBIC Transceiver Installation Notes on page 47 if you are installing a
copper GBIC transceiver.
To remove the SFP GBIC transceiver:
1. Press the clip on the base of the transceiver see Figure 15 for the location.
Figure 15: Clip Location on Base of Transceiver
.
1
Figure notes:
1. Transceiver clip location
2. Pull the transceiver out.
Table 8: Gigabit Fiber Optic Cabling 1 of 2
Gigabit
Interface
Fiber
Type
Diameter
(µm)
Modal
Bandwidth
(MhzKm)
1000BASE-SX MM
1000BASE-SX MM
1000BASE-SX MM
1000BASE-SX MM
1000BASE-LX MM
1000BASE-LX MM
62.5
62.5
50
50
62.5
50
160
200
400
500
500
400
Maximum
Distance
(m)
Minimum
Distance
(m)
220
275
500
550
550
550
2
2
2
2
2
2
Wavelength
(nm)
850
850
850
850
1,310
1,310
1 of 2
46 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Installing SFP GBIC Transceivers
Table 8: Gigabit Fiber Optic Cabling 2 of 2
Gigabit
Interface
1000BASE-LX
1000BASE-ELX
Fiber
Type
SM
SM
Diameter
(µm)
9
9
Modal
Bandwidth
(MhzKm)
N/A
N/A
Maximum
Distance
(m)
10,000
70,000
Minimum
Distance
(m)
2
10,000
Wavelength
(nm)
1,310
1,550
2 of 2
Copper GBIC Transceiver Installation Notes
Before installing a copper SFP transceiver, ensure that auto-negotiation is enabled for the transceiver ports. You should also ensure that the auto-negotiation is enabled for the port at the other end of the link:
1. Use the show port command to check the auto-negotiation status of the transceiver ports.
2. Use the set port negotiation <module>/<port> enable command to enable auto-negotiation if necessary.
Issue 1 July 2006 47
Installation
48 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 4: Powering Up the Avaya C360
This chapter describes the procedures for powering up C360 switches.
Connecting the C360 to the main electrical supply provides power to the switch and for Power over Ethernet (PoE).
WARNING:
!
WARNING:
To isolate the switch completely, you must disconnect all power connections (AC plug, DC power and DC BUPS power).
ADVERTENCIA:
!
ADVERTENCIA:
Para aislar el equipo totalmente desconecte todas las conexiones de energía
(Enchufe de CA, fuente de CC y fuente de CC del BUPS)
Figure 16: C360 Back Panel
1
2
Figure notes:
1. AC Input
2. BUPS DC Input
Issue 1 July 2006 49
Powering Up the Avaya C360
Connecting to an AC Power Supply
AC Power Cable
The C360 switch is supplied with a North American power cordset. Below are guidelines that should be used when obtaining and/or defining a different cordset to be used with the C360.
The cordsets should be further verified for safety requirements of the particular application by a safety and regulatory professional:
For 200 to 240V applications, the cord must be VDE Certified or Harmonized (HAR), rated
250V, 3-conductor (3rd wire ground), 1.0 mm
2
minimum conductor size. The cord is to be terminated at one end to a VDE Certified/CE Marked IEC 60320, sheet C13 type connector rated 10A, 250V and the other end to a 3-conductor grounding type attachment plug rated at a minimum of 10A, 250V and a configuration specific for the region/country in which it will be used. The attachment plug must bear the safety agency certifications mark(s) for the region/ country of installation.
● For North American installations, a UL Listed and CSA Certified 15A branch circuit protective device must be provided in the building AC mains wiring installation for branch circuit protection.
● For other installations, a suitable and certified 10A branch protective device must be provided in the building AC mains wiring installation.
Tip:
Tip:
You may order certain cordsets from Avaya.
The C360 is rated 100-240 V~, 50-60 Hz. The maximum input current depends on the specific
C360 model
1. Insert the AC power cord into the power inlet in the back of the unit.
2. Insert the AC plug into the AC power supply.
● The unit powers up.
● The C360 performs a self test procedure.
3. Connect the BUPS DC power supply (if applicable).
50 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Connecting to a DC Power Source (C364T NEBS Only)
Connecting to a DC Power Source (C364T NEBS Only)
The C364T NEBS is rated -36 to -60 VDC, 2A.
CAUTION:
!
CAUTION:
A UL-Listed and CSA-Certified branch circuit protective device of up to 20A must be provided in the building DC mains wiring installation for branch circuit protection.
!
CAUTION:
Always connect the ground wire first and disconnect it last.
CAUTION:
Figure 17: Avaya C360 DC Input Terminal Block
1
2
3
Figure notes:
1. Protective plastic cover 2. BUPS DC input terminals 3. Grounding post
● The terminals are marked with , “+” and “-“.
● The size of the two screws in the terminal block is M4.
● The pitch between each screw is 9.5mm.
4. Remove the protective plastic cover over the DC inputs by unscrewing the two Phillips screws.
WARNING:
!
WARNING:
The conductors to be used for connecting the DC power supply to the C360 must be UL Recognized and CSA Certified and be a minimum of 16 AWG or have a cross-sectional area of 1.0mm
2
.
ADVERTENCIA:
!
ADVERTENCIA:
Los conductores que se utilizarán para conectar la fuente de alimentación externa con el C360 deben ser Reconocidos por UL, Certificados por CSA y ser como mínimo de 16 AWG o tener un área de sección transversal de 1.0 mm
2
.
5. Connect the power cable to the terminals on the C360 and to the external DC power supply in the following sequence:
1. Ground wire to grounding post
Issue 1 July 2006 51
Powering Up the Avaya C360
WARNING:
2. Positive to positive
3. Negative to negative
!
WARNING:
Make sure that you connect the cables between the C360 and the external power supply correctly:
1. Positive to positive
2. Negative to negative
ADVERTENCIA:
!
ADVERTENCIA:
Asegúrese que las polaridades de los cables entre el C360 y la fuente de alimentación externa estén conectados correctamente:
● Positivo ("+") a Positivo ("+")
● Negativo ("-") a Negativo ("-")
6. Replace the plastic cover by aligning the holes with the screw receptacles and replacing the two Phillips screws.
52 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Connecting a BUPS
Connecting a BUPS
Note:
Note:
You cannot connect the C360 to a DC power supply and BUPS simultaneously.
If you deploy a BUPS with the C360, the Powerstax (formerly known as APC (Advanced Power
Conversion PLC)) Front End AC-DC Power Shelf (model R2400A111) with Powerstax 800W
PSUs (models A0800-085-545-CA1) are to be used.The applied voltage at the C360 BUPS DC terminal block should be from 52 to 55 VDC.
The Isolation must be 1500V RMS with respect to protective ground
Figure 18: C360 BUPS DC Input Terminal Block
1
2 3
Figure notes:
1. Protective plastic cover
2. BUPS DC input terminals
3. Earthing post
WARNING:
ADVERTENCIA:
● The terminals are marked "+" and “-“.
● The size of the two screws in the terminal block is M4.
● The pitch between each screw is 9.5mm.
1. Remove the protective plastic cover over the BUPS DC inputs by unscrewing the two
Phillips screws.
!
WARNING:
The conductors to be used for connecting the BUPS to the C360 must be UL
Recognized and CSA Certified and be a minimum of 16 AWG or have a cross-sectional area of 1.0 mm
2
.
!
ADVERTENCIA:
Los conductores que se utilizarán para conectar la BUPS con el C360 deben ser
Reconocidos por UL, Certificados por CSA y ser como mínimo de 16 AWG o tener un área de sección transversal de 1.0 mm
2
.
Issue 1 July 2006 53
Powering Up the Avaya C360
2. Connect the power cable to the terminals on the C360 and then external DC power supply.
WARNING:
!
WARNING:
Make sure that you connect the cables between the C360 and the external power supply correctly:
● Positive (“+") to positive (“+")
● Negative (“-") to negative (“-")
ADVERTENCIA:
!
ADVERTENCIA:
Asegúrese que las polaridades de los cables entre el C360 y la fuente de alimentación externa estén conectados correctamente:
● Positivo ("+") a Positivo ("+")
● Negativo ("-") a Negativo ("-")
3. Replace the plastic cover by aligning the holes with the screw receptacles and replacing the two Phillips screws.
Supplemental Earthing of the C360 (Optional)
When connecting a BUPS to the C360, you must also connect a ground wire to the ground stud provided on the rear of the unit. This ground conductor must be green/yellow, a minimum of 16
AWG and be terminated with a lug that is suitable for the M4 stud provided. The other end of the ground conductor is to be terminated to a suitable building ground point such as a cold water pipe.
54 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Connecting a BUPS
Sample Backup Power Supply Scheme
Figure 19 shows a connection example for a stack of three C363T-PWR switches. This
configuration provides power supply redundancy and up to 305 W of inline power per
C363T-PWR switch.
lists the equipment required for this scenario.
Figure 19: Sample Scheme
1 2 3
Figure notes:
1. AC power
2. BUPS DC input (+)
3. BUPS DC input (-)
Table 9: Required Equipment (C363T-PWR Scheme) 1 of 2
Quantity Description
3
1
C363T-PWR Power over
Ethernet Stackable Switch
Powerstax Front End AC-DC
Power Shelf
Material code
700305881
R2400A111*
PEC Code
1 of 2
Issue 1 July 2006 55
Powering Up the Avaya C360
Table 9: Required Equipment (C363T-PWR Scheme) 2 of 2
Quantity Description
2
3
1
2
6
Powerstax 800W PSUs (see
" Budgeting Power " for details)
X360STK Octaplane stacking module
X330RC Redundant Octaplane stacking cable
X330SC Short Octaplane stacking cable**
Power cables to connect
Powerstax Power Shelf to
C360-PWR switches.* (16AWG/
1.0 mm
2
or thicker cable; with terminals suitable for M4 screws)
Material code
A0800-085-545-CA1*
700305899
108563453
108592445
N/A
PEC Code
4705-065
4705-067
2 of 2
* These items are not available from Avaya.
** You can also use the long Octaplane stacking cables. See the “Avaya X360STK Installation Guide" for information.
56 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Connecting a BUPS
Budgeting Power
Note:
Note:
One Powerstax 800W PSU provides enough power for a stack of ten C363T and/ or C364T switches.
When deciding how many 800W PSUs to install in the Powerstax external DC power shelf, you need to take into account the configuration of the powerinline external power parameter in the
C360-PWR switch (set using the set powerinline external power CLI command).
Refer to Table 10 and Table 11
for guidelines:
Table 10: Budgeting Power - C363T-PWR
No. of Powerstax
PSUs
No. of C363T-PWR switches supported
2
3
Power requirement: 350W
1 2
4
6
Table 11: Budgeting Power - C364T-PWR
No. of Powerstax
PSUs
No. of C364T-PWR switches supported
Power requirement = 600W
1
2
3
1
2
4
If you set the powerinline external power parameter to other values, you need to recalculate the number of switches supported accordingly.
Issue 1 July 2006 57
Powering Up the Avaya C360
Post-Installation
The following indicate that you have performed the installation procedure correctly:
Table 12: Post-Installation Indications
Procedure
Powering the
C360
Creating stacks
Indication Troubleshooting
Information
● All front panel function LEDs illuminate briefly.
- If the PWR LED blinks once every 1 second, then the BUPS is active and the main PSU is down.
● The LINK, SYS and PWR LEDs light
● The port LEDs flash
The LED next to the appropriate connection
(“Cable to upper unit" or “Cable to lower unit") is lit.
Switch does not power up on page 201
Stacking not functioning on page 203
If you do not receive the appropriate indication, please refer to
Chapter 12: Troubleshooting the
58 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 5: Establishing Switch Access
This chapter describes various methods for accessing the C360 CLI and logging in with the appropriate security level:
C360 CLI
●
●
●
Establishing Connections
●
Establishing a Console Connection
●
Assigning C360 IP Stack Address
●
Establishing a Telnet Connection
●
Establishing an SSH Connection
●
Establishing Access to Other Entities in the Stack (C360 Sessions)
●
Establishing a Modem (PPP) Connection
●
Security
●
●
●
●
Issue 1 July 2006 59
Establishing Switch Access
CLI Architecture
The C360 stack supports both Layer 2 switching and Layer 3 switching.
The C360 CLI includes two CLI entities to support this functionality.
● The Switch CLI entity is used to manage Layer 2 switching of the entire stack. CLI commands for managing Layer 2 switching are described in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
● The Router CLI entity is used to manage Layer 3 switching of a single module. CLI commands for managing Layer 3 switching are described in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
To switch between the entities, use the session command.
Security Levels
There are three security access levels - User, Privileged, and Supervisor.
● The User level ('read-only') is a general access level used to show system parameter values.
● The Privileged level ('read-write') is used by site personnel to access stack configuration options.
● The Supervisor level ('administrator') is used to define user names, passwords, and access levels of up to 10 local CLI users, configure SNMPv1 community, configure
SNMPv3, configure RADIUS authentication and control access protocols to the device.
Tip:
Tip:
Tip:
If you wish to define more than ten users per switch, or accounts for a user on multiple switches, use RADIUS (Remote Authentication Dial-In User Service).
A login name and password are always required to access the CLI and the commands. The login name, password, and access-type (i.e., security level) for a user account are established using the username command.
Switching between the entities does not effect the security level since security levels are established specifically for each user. For example, if the operator with a privileged security level in the Switch entity switches to the Router entity, the privileged security level is retained.
Tip:
If you wish to increase security, you can disable SNMPv1 and allow only
SNMPv3.
60 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Tip:
Security Levels
Tip:
The Web management passwords are the same as those of the CLI. If you change the passwords of the CLI then those passwords become active for Web management as well.
Entering the Supervisor Level
The Supervisor level is the level in which you first enter C360 CLI and establish user names for up to 10 local users. When you enter the Supervisor level, you are asked for a Login name.
Type root as the Login name and the default password root (in lowercase letters):
Welcome to C360
Login: root
Password:****
Password accepted.
C360-N(super)#
Defining new local users
Define new users and access levels using the following command in Supervisor Level:
Table 13: Local User CLI Commands
In order to...
Use the following command...
Add a local user account and configure a user (name, password and access level) username
To remove a local user account no username
Display the username and access type for all users on the switch show username
Exiting the Supervisor Level
To exit the Supervisor level, use the exit CLI command.
Issue 1 July 2006 61
Establishing Switch Access
Entering the CLI
To enter the CLI, enter your username and password. Your access level is indicated in the
Table 14: CLI Prompts (Layer 2)
Level
User (read-only)
Privileged (read-write)
Supervisor
Configure
Prompt
C360-N>
C360-N#
C360-N(super)#
C360-N(configure)#
Establishing a Console Connection
This section describes the procedure for establishing switch access between a terminal and the
C360 switch over the serial port provided on the front panel of the C360 (RJ-45 connector
labeled "Console"). For information on the console port pin assignments, refer to Console Pin
Figure 20: C360 Console Port
1
Figure notes:
1. Console Port
62 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Establishing a Console Connection
1. Use the serial cable supplied to attach the RJ-45 console connector to the Console port of the master C360. Connect the DB-9 connector to the serial (COM) port on your PC/terminal.
- The master C360 is indicated by the SYS LED being ON.
2. Ensure that the serial port settings on the terminal are:
● 9600 baud
● 8 bits
● 1 stop bit
● no parity.
- If you reset or powered up the switch after connecting and configuring the terminal,
Welcome to C360 appears followed by the Login Name prompt.
- If the login prompt does not appear, press a key on the terminal.
3. Enter the default login: root.
- The Password prompt appears
4. Enter the user level password: root.
- You can now establish a connection to the Router or the Master switch (indicated when the SYS front panel LED is ON) using the Session commands and begin the configuration of module, stack, or router parameters.
Issue 1 July 2006 63
Establishing Switch Access
Assigning C360 IP Stack Address
Note:
Note:
All C360 switches are shipped with the same default IP address. You must change the IP address of the master C360 switch in a stack in order to guarantee that the stack has its own unique IP address in the network.
The network management station or a workstation running a Telnet client can establish communications with the stack once this address had been assigned and the stack has been inserted into the network. Use the CLI to assign the C360 stack an IP address and net mask.
To assign a C360 IP stack address:
1. Establish a serial connection by connecting a terminal to the master C360 switch of the stack.
2. When prompted for a Login Name, enter the default name root
3. When you are prompted for a password, enter the password root. You are now in
Supervisor Level.
4. At the prompt, type: set interface inband <vlan> <ip_address> <netmask>
Replace <vlan>, <ip_address> and <netmask> with the VLAN,
IP address, and net mask of the stack.
5. Press Enter to save the IP address and net mask.
6. At the prompt, type reset. Type y and press Enter to reset the stack. After the Reset, log in again as described above.
- At the prompt, type set ip route <dest> <gateway> and replace <dest> and
<gateway> with the destination and gateway IP addresses.
64 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Establishing a Telnet Connection
Establishing a Telnet Connection
Perform the following steps to establish a Telnet connection to the C360 for configuration of
Stack or Router parameters. You can Telnet the Stack Master IP address:
1. Connect your station to the network.
2. Verify that you can communicate with the C360 by pinging the IP of the C360. If there is no response using ping, check the IP address and default gateway of both the C360 and the station.
Tip:
Tip:
The C360 default IP address is 149.49.32.134 and the default subnet mask is
255.255.255.0.
3. From the Microsoft Windows taskbar of your PC click Start and then Run (or from the DOS prompt of your PC), then start the Telnet session by typing: telnet <C360_IP_address>
For example: telnet 149.49.32.134
4. If the IP Address in the Telnet command is the IP address of the stack, then connection is established with the Switch CLI entity of the Master module.
● The "Welcome to C360" screen appears
5. Enter the default name root at the Login name prompt.
6. Enter the User Level password root in lower case letters (do not use uppercase letters) at the Password prompt.
● The User level prompt will appear when you have established communications with the
C360.
You can now configure the C360 stack and change its IP address.
Issue 1 July 2006 65
Establishing Switch Access
Establishing an SSH Connection
Introduction to SSH
SSH (Secure Shell) protocol is a security protocol that enables establishing a remote session over a secured tunnel, also called a remote shell. SSH accomplishes this by creating a transparent encrypted channel between the local and remote devices. In addition to remote shell, SSH also provides secure file transfer between the local and remote devices.
SSH protocol currently has 2 versions, SSH1 and SSH2. SSH2 provides better security protection, key distribution services, and public key certificates than SSH1. SSH2 also has modular architecture which enables extension authentication and encryption techniques superior to SSH1. The OpenSSH package that Avaya uses for SSH implementation only supports SSH2.
SSH uses password authentication.
A maximum of two SSH sessions can be active per router in the stack, with two additional active
SSH sessions per stack. For example, if a stack contains three router modules, a maximum of eight SSH sessions can be active on the stack.
The C360 agent reports SSH sessions opened to it. In addition, each router module reports the
SSH sessions opened to its router interface. You can disconnect selected SSH sessions.
The SSH session-establishment process is divided into the following stages, as shown in
SSH client connection:
To connect the SSH client:
1. The C360 and the SSH client initiate protocol handshake by exchanging the version number and list of supported ciphers. This step is completed by agreement on the cipher to be used for SSH secure tunnel. In addition, the client sends the C360 a unique session id used to prevent replay attack.
2. The Diffie-Hellman protocol is then used to setup the shared session key. During this step, the client and C360 exchange the DH (Diffie-Hellman) parameters, i.e., the prime number p and the generator number g used by each party for deriving its private and public keys.
3. The client sends to C360 min., max and preferred values for p and the C360 sends client p and g values. In response, the client uses them to derive its DH private key x and its DH public key values by exponentiation of g with x, e = (g^x)mod p and sends the value e to the
C360
66 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Establishing an SSH Connection
4. The C360 derives its DH private key y and its DH public key f=(g^y)mod p, and sends the f value to the client, its public host key and the digital signature calculated for all values exchanged so far including f and public host key. The C360 uses DSA cipher and its host private key to calculate the signature.
5. The SSH client verifies the C360 identity. It checks the C360 host public key validity against the ~/.ssh/known_host file. This is the prompt that user receives if he or she connects to an unknown SSH server. It checks the known_hosts file for the host key offered by the server and prompts if it is not there or if it has changed
6. The SSH client verifies digital signature by decrypting it with DSA and the C360 host public key. This and the step above are essential to prevent a "man-in-the middle" attack by someone taking the C360 identity.
7. Using combination of each other public keys and their own private keys both parties now to calculate Diffie-Hellman shared secret. C360 calculate the shared secret K=f^x mod p and the client calculates K=e^ymod p. Both end up with the same value because of commutativity of exponentiation. The shared key is never sent on wire ensuring its secrecy.
The shared session key used then for deriving the TDES symmetric key. All messages exchanged between the parties from this point are encrypted with TDES using the derived
TDES key.
User Authentication
Before any data is transferred, the C360 requires the client to supply a user name and static password. This authenticates the user on the client side to the C360.
Issue 1 July 2006 67
Establishing Switch Access
Figure 21: SSH Session Establishment Process
SSH
Server
SSH Client Connection
Establish Connection
Public Key and Encryptions List
Private Key and Encryptions List
Acknowledgement (ACK)
Username List
HOST RSA Key
User Authentication
User Passwords
Initiate CLI Session
Hostnames List
Procedure for Establishing an SSH Connection
Perform the following steps to establish an SSH connection to the C360 for configuration of
Stack or Router parameters. You can open an SSH session to the Stack Master IP address:
1. Use the show ip ssh CLI command to ensure that an SSH key has been generated on the switch.
- Use the crypto key generate dsa CLI command to generate a key if necessary.
2. Enable SSH on the switch using the ip ssh enable CLI command.
3. Connect your station to the network.
4. Verify that you can communicate with the C360 using Ping to the IP of the C360. If there is no response using Ping, check the IP address and default gateway of both the C360 and the station.
- The C360 default IP address is 149.49.32.134 and the default subnet mask is
255.255.255.0.
68 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Establishing an SSH Connection
5. Using your SSH client software, open a session to the Stack Master IP address.
6. When you are prompted for a password, enter the User Level password root in lower case letters (do not use uppercase letters).
- The User level prompt will appear when you have established communications with the
C360. You can now configure the C360 stack and change its default IP address.
SSH Commands
The following SSH commands are accessible from Supervisor level.
Table 15: SSH CLI Commands
In order to...
Use the following command...
Enable SSH and configure SSH parameters
Disable the SSH server
Display active SSH sessions on the device. This command is only available from the master module switch context and from all router contexts.
ip ssh enable no ip ssh show ip ssh
Disconnect an existing SSH session. If an SSH session was entered from the router, it can only be disconnected from router mode.
disconnect ssh
Generate an SSH host key pair crypto key generate dsa
Issue 1 July 2006 69
Establishing Switch Access
Establishing Access to Other Entities in the Stack (C360
Sessions)
You can use sessions to switch between the CLI of C360 switches, other stack entities, or to switch between Layer 2 and Layer 3 commands.
To switch between stack entities use the session [<mod_num>] <mode> CLI command.
● <mod_num> is the number of the switch in the stack, counting from the bottom.
● <mode> can be switch, router, wan, or mgp.
Use switch mode to configure layer 2 commands.
Use router mode to configure routing commands.
Examples:
To configure router parameters in the module that you are currently logged into, type the following command: session router
To configure the switch parameters, on switch 6, type the command: session 6 switch .
Note:
Note:
When you use the session CLI command the security level stays the same.
70 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Establishing a Modem (PPP) Connection
Establishing a Modem (PPP) Connection
Point-to-Point Protocol (PPP) provides a Layer 2 method for transporting multi-protocol datagrams over modem links.
Connecting a Modem to the Console Port
Before you can establish a PPP connection with a modem can be established, you need to configure the following:
● C360 IP address: refer to
Assigning C360 IP Stack Address for further information.
● net-mask
● PPP parameters that are compatible with the modem's PPP parameters.
1. Connect a terminal to the console port of the C360 switch as described in Connecting a
Terminal to the C360 Serial port.
2. When you are prompted for a Login Name, enter the default name root.
3. When you are prompted for a password, enter the password root. You are now in
Supervisor Level.
4. At the prompt, type: set interface ppp <ip_addr> <net-mask> with an IP address and netmask to be used by the C360 to connect via its PPP interface.
Note:
Note:
The PPP interface configured with the set interface ppp command must be on a different subnet from the stack inband interface.
5. Set the baud rate, ppp authentication, and ppp time out required to match your modem.
These commands are described in the Reference Guide for the Avaya C360 Converged
Stackable Switch, 10-300506.
6. At the prompt, type: set interface ppp enable
● The CLI responds with the following:
Entering the Modem mode within 60 seconds...
Please check that the proprietary modem cable is plugged into the console port
7. Use the DB-25 to RJ-45 connector provided in the accessory kit to plug the console cable to the modem's DB-25 connector. Plug the other end of the cable RJ-45 connector to the
C360 console's RJ-45 port.
8. The C360 enters modem mode.
Issue 1 July 2006 71
Establishing Switch Access
9. You can now dial into the switch from a remote station, and open a Telnet session to the
PPP interface IP address.
72 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
SNMP Support
SNMP Support
Introduction to SNMP
SNMP Versions
There are currently three versions of SNMP (Simple Network Management Protocol):
● SNMPv1
● SNMPv2c
● SNMPv3
The C360 supports device access using all three versions of SNMP.
Managers and Agents
SNMP uses software entities called managers and agents to manage network devices. The manager monitors and controls all other SNMP-managed devices or network nodes on the network. There must be at least one SNMP Manager in a managed network. The manager is installed on a workstation located on the network.
An agent resides in a managed device or network node. The agent receives instructions from the SNMP Manager, generates reports in response to requests from the SNMP Manager, and also sends management information back to the SNMP Manager as events occur. Each C360 module has an agent. However, on each C360 stack, one module is selected to be the master module. The stack is managed via the master module's agent.
There are many SNMP management applications, but all these applications perform the same basic task. They allow SNMP managers to communicate with agents to configure, get statistics and information, and receive alerts from network devices. You can use any SNMP-compatible network management system to monitor and control the C360.
Manager/Agent Communication
There are several ways that the SNMP manager and the agent communicate.
The manager can:
● Retrieve a value - a get action
The SNMP manager requests information from the agent, such as the link status of an
Ethernet port or the number of good packets received on the switch. The agent gets the value of the requested MIB variable and sends the value back to the manager.
Issue 1 July 2006 73
Establishing Switch Access
● Retrieve the value immediately after the variable you name - a get-next action.
The SNMP manager retrieves values from the MIB tree. Using the get-next function, you do not need to know the exact variable name you are looking for. The SNMP manager takes the variable you name and then uses a sequential search to find the desired variable.
● Change a setting on the agent - a set action
The SNMP manager requests the agent to change the value of the MIB variable. For example, you can enable or disable a port.
● An agent can send an unsolicited message to the manager at any time if a significant, predetermined event takes place on the agent. This message is called a trap.
When a trap condition occurs, the SNMP agent sends an SNMP trap message to the specified trap receiver or trap host. The SNMP Administrator configures the trap host, usually the SNMP management station, to perform the action needed when a trap is detected.
SNMPv1
SNMPv1 uses community strings to limit access rights. Each SNMP device is assigned to a
read community and a read-write community. To communicate with a switch, you must send an
SNMP packet with the relevant community name.
By default, if you communicate with a switch using only the read community, you are assigned the security name "ReadCommN". This security name is mapped to the "ReadCommG" group by default. This allows you to view the agent's MIB tree, but cannot change any of the values in the MIB tree.
If you communicate with a switch using the write community, you are assigned the security name "WriteCommN". This security name is mapped to the "WriteComm" group by default. This allows you to view the agent's MIB tree and change any of the values in the MIB tree.
CAUTION:
!
CAUTION:
If you delete the ReadCommN or WriteCommN users, the ReadCommG or
WriteCommG groups, or the SNMPv1View you may not be able to access the switch using SNMPv1.
In addition, traps are sent to designated trap receivers. Packets with trap information also contains a trap community string.
SNMPv2c
SNMPv2c is very similar to SNMPv1. However, SNMPv2c adds support for the get-bulk action and supports a different trap format.
74 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
SNMP Support
SNMPv3
SNMPv3 enables the following features over SNMPv1 or v2c:
● User authentication with a username and password. Authentication is performed using md5 or sha-1.
● Communication encryption between the Network Management Station (NMS) and the
SNMP agent at the application level
● Access control definition for specific MIB items available on the SNMP agent
● Notification of specified network events directed toward specified users
● Definition of roles using access control, each with unique access permissions and authentication/encryption requirements
The basic components in SNMPv3 access control are users, groups, and views.
In addition. SNMPv3 uses an SNMP engine ID to identify an SNMP entity. An SNMP engine ID is assigned to each IP address of each device in the network. Each SNMP engine ID should be unique in the network.
Users
SNMPv3 uses the User-based Security Model (USM) for security, and the View-based Access
Control Model (VACM) for access control. USM uses the HMAC-MD5-96 and HMAC-SHA-96 protocols for user authentication, and the CBC-DES56 protocol for encryption.
A maximum of 21 users, including local users and remote users getting notifications can be defined on a stack. If the SNMP engine ID changes, all users other than the default user for the stack are invalid and must be redefined. The SNMP engine ID can be changed via the CLI. In addition, a change in the IP address of the stack automatically changes the SNMP engine ID.
SNMPv3 supports three security levels:
● NoAuthNoPriv - This is the lowest level of SNMPv3 security. No authentication is done and no encryption is performed. This method is maintains the same security level as SNMPv1, but provides a method for limiting the access rights of a user.
● AuthNoPriv - User authentication is performed based on MD5 or SHA algorithms. The message is sent with an HMAC that is calculated with the user key. The data part is sent unencrypted.
● AuthPriv - User authentication is performed based on MD5 or SHA algorithms. 'The message is sent with HMAC for authentication, and encrypted using DES.
To create an SNMPv3 user account, you must provide the following information:
● UserName - string representing the name of the user.
● Maximum length: 32 characters.
Issue 1 July 2006 75
Establishing Switch Access
● Authentication Protocol - The authentication protocol to use. Possible values are: No auth,
HMAC MD5, or HMAC SHA-1.
● Authentication Password - The authentication password is transformed using the authentication protocol and the SNMP engine ID to create an authentication key.
● Privacy Protocol - The privacy protocol to use. Possible values are: No privacy, DES privacy.
● Privacy Password - The privacy password is transformed using the privacy protocol and the SNMP engine ID to create a privacy key.
● GroupName - a string of up to 32 characters representing the name of the group.
● SecurityModel - The security model to use. Possible values are: 1 (SNMPv1), 2
(SNMPv2c), 3 (USM).
Groups
In SNMPv3, each user is mapped to a group. The group maps its users to defined views. These views define sets of access rights, including read, write, and trap or inform notifications the users can send.
The group maps its users to views based on the security model and level with which the user is communicating with the switch. Within a group, the following combinations of security model and level can be mapped to views:
● SNMPv1 - Only requests using SNMPv1 or higher.
● SNMPv2c - Only requests using SNMPv2 or higher.
● NoAuthNoPriv - An SNMPv3 user using the NoAuthNoPriv security level.
● AuthNoPriv - An SNMPv3 user using the AuthNoPriv security level.
● AuthPriv - An SNMPv3 user using the AuthPriv security level.
If a group with the specific security model and level does not exist, then a user can access a group with lower security model or level. If an SNMPv3 group with NoAuthNoPriv security level is not defined, SNMPv3 users with a NoAuthNoPriv security level can access the SNMPv2c view.
To create an SNMPv3 group, you must provide the following information:
● GroupName - String of up to 32 characters representing the name of the group.
● Security model:
- SNMPv1
- SNMPv2c
- SNMPv3
● Security level (for SNMPv3 only):
- NoAuthNoPriv
76 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
SNMP Support
- AuthNoPriv
- AuthPriv
● View names:
- Read - Allow read-only access to a specified list of Object IDs (OIDs) in the MIB tree.
- Write - Allow read-write access to a specified list of OIDs in the MIB tree.
- Notify - Allow SNMP notifications from a specified list of OIDs to be sent.
Views
Each view consists of a name and a list of OIDs in the MIB tree. This list can be created using multiple "snmp-server view" commands to either add OIDs to the list or exclude OIDs from a list of all of the OIDs in the switch's MIB tree.
You can use wildcards to include or exclude an entire branch of OIDs in the MIB tree, using an asterisk instead of the specific node.
To create an SNMPv3 view, you must provide the following information:
● ViewName - a string of up to 32 characters representing the name of the view.
● ViewType - Indicates whether the specified OID is included or excluded from the view.
● OIDs - A list of the OIDs accessible using the view.
SNMP Commands
The following SNMP commands are available.
Table 16: SNMP CLI Commands 1 of 3
In order to...
Enable SNMP access to the device
Disable SNMP access to the device
Enable SNMPv1 access to the device
Disable SNMPv1 access to the device
Use the following command...
ip snmp no ip snmp snmp-server community no snmp-server community
1 of 3
Issue 1 July 2006 77
Establishing Switch Access
Table 16: SNMP CLI Commands 2 of 3
In order to...
Use the following command...
Configure the SNMPv3 engine
ID
Return the SNMPv3 engine ID to its default value
Create an SNMPv3 user
Remove an SNMPv3 user
Create an SNMPv3 group snmp-server engineID no snmp-server engineID snmp-server user no snmp-server user snmp-server group
Remove an SNMPv3 group
Create a view or add or exclude
OIDs from a view
Delete an SNMPv3 view no snmp-server group snmp-server view
Set a read/write/trap SNMPv1 community name no snmp-server view set snmp community
Display a list of SNMPv3 views show snmp view
Display a table of SNMPv3 users and the groups with which they are mapped show snmp userToGroup
Display the SNMPv3 engine ID show snmp engineID
Display a list of SNMPv3 groups show snmp group
Display a list of SNMPv3 users show snmp user
Display a list SNMPv3 notification receivers and
SNMPv1 trap receivers show snmp
Enable or disable link up/link down notifications and traps set port trap
Define SNMPv1 trap receivers or configure the SNMPv1 traps sent by the device
Removes SNMPv1 trap receivers
Enable or disable SNMPv1 traps for authentication failures set snmp trap clear snmp trap set snmp trap enable/disable auth
2 of 3
78 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Table 16: SNMP CLI Commands 3 of 3
In order to...
Use the following command...
Enable SNMP notifications
(traps and inform)
Disable SNMP notifications
(traps and inform)
Create an SNMPv3 remote user for SNMP notifications
Remove an SNMPv3 remote user for SNMP notifications
Configure the SNMPv3 timeout and retries for notification
Define an SNMPv3 notification host
Remove an SNMPv3 notification host snmp-server enable notifications no snmp-server notifications snmp-server remote-user no snmp-server remote-user snmp-server informs snmp-server host no snmp-server host
3 of 3
SNMP Support
Issue 1 July 2006 79
Establishing Switch Access
RADIUS
Introduction to RADIUS
User accounts are typically maintained locally on the switch. Therefore, if a site contains multiple Avaya Switches, it is necessary to configure each switch with its own user accounts.
Additionally, if for example a "read-write" user has to be changed into a "read-only" user, you must change all the "read-write" passwords configured locally in every switch, in order to prevent him from accessing this level. This is obviously not effective management. A better solution is to have all of the user login information kept in a central location where all the switches can access it. C360 features such a solution: the Remote Authentication Dial-In User
Service (RADIUS).
A RADIUS authentication server is installed on a central computer at the customer's site. On this server user authentication (account) information is configured that provides various degrees of access to the switch. The C360 will run as a RADIUS client. When a user attempts to log into the switch, if there is no local user account for the entered user name and password, then the switch will send an Authentication Request to the RADIUS server in an attempt to authenticate the user remotely. If the user name and password are authenticated, then the RADIUS server responds to the switch with an Authentication Acknowledgement that includes information on the user's privileges ("administrator", "read-write", or "read-only"), and the user is allowed to gain access to the switch. If the user is not authenticated, then an Authentication Reject is sent to the switch and the user is not allowed access to the switch's embedded management.
The Remote Authentication Dial-In User Service (RADIUS) is an IETF standard (RFC 2138) client/server security protocol. Security and login information is stored in a central location known as the RADIUS server. RADIUS clients, such as the C360, communicate with the
RADIUS server to authenticate users.
All transactions between the RADIUS client and server are authenticated through the use of a
"shared secret" which is not sent over the network. The shared secret is an authentication password configured on both the RADIUS client and its RADIUS servers. The shared secret is stored as clear text in the client's file on the RADIUS server, and in the non-volatile memory of the C360. In addition, user passwords sent between the client and server are encrypted for increased security.
In the C360, RADIUS is used to authenticate management stations and (independently) for
802.1x port-based access control.
Figure 22 illustrates the RADIUS authentication procedure:
80 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
RADIUS
Figure 22: RADIUS Authentication Procedure
U ser attempts login
L o ca l Use r a cco u n t a u th e n tica te d in switch ?
N o
Authentication request sent to
R AD IU S Server
Y es
U ser name and passw ord authenticated?
N o
Authentication R eject sent to sw itch
U ser cannot access sw itch embedded management
Yes
Perform log -in according to user's privilege level
to sw itch
RADIUS is also part of IEEE 802.1x port-based network access control. For information on
802.1x, refer to IEEE 802.1x (Port Based Network Access Control) .
Issue 1 July 2006 81
Establishing Switch Access
RADIUS Commands
The following RADIUS commands are accessible from Supervisor level.
Table 17: RADIUS CLI Commands
In order to...
Use the following command...
Enable or disable authentication for the C360 switch. RADIUS authentication is disabled by default
Set a primary or secondary
RADIUS server IP address
Configure a character string to be used as a "shared secret" between the switch and the
RADIUS server
Set the RFC 2138 approved
UDP port number.
Set the number of times an access request is sent when there is no response
Set the time to wait before re-sending an access request
Remove a primary or secondary
RADIUS authentication server
Display all RADIUS authentication configurations.
Shared secrets are not displayed.
set radius authentication set radius authentication server set radius authentication secret set radius authentication udp-port set radius authentication retry-number set radius authentication retry-time clear radius authentication server show radius authentication
For a complete description of the RADIUS CLI commands, including syntax and output examples, refer to the Reference Guide for the Avaya C360 Converged Stackable Switch,
10-300506.
82 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Recovery Password
Recovery Password
Introduction to Recovery Password
Tip:
The C360 provides a recovery password in the event that you have forgotten the login password for the switch. The recovery password feature enables you to login to the device in a super user mode and change the regular login password.
The recovery password feature can be disabled preventing unauthorized user to login to the device using the recovery password. However, if the recovery password feature is disables and you forget the login password, it will not be possible to log in to the switch. By default the recovery password feature is enabled.
To use the recovery password feature, you must connect to the switch's console port. Log in using the user name "root" and password "ggdaseuaimhrke". Use the set username command to change the password for the user "root".
Tip:
Enabling and disabling the Recovery Password protocol can only be done using a direct console connection via the Console port.
Recovery Password CLI Commands
The following recovery password commands are available.
Table 18: Recovery Password CLI Commands
In order to...
Enable the recovery password feature on the switch
Disable the recovery password feature on the switch
Use the following command...
terminal recovery password enable no terminal recovery password
For a complete description of the recovery password commands, including syntax, refer to
Reference Guide for the Avaya C360 Converged Stackable Switch, 10-300506.
Issue 1 July 2006 83
Establishing Switch Access
Allowed Managers
Allowed Managers Introduction
Tip:
With the Allowed Managers feature, the network manager can determine who may or may not gain management access to the switch. The feature can be enabled or disabled (default is disabled). When enabled, only those stations that are configured in the Allowed Managers table are able to gain Telnet, HTTP, and SNMP management access to the switch.
You can configure up to 20 Allowed Managers by adding or removing their IP address from the
Allowed Managers List.
Tip:
The identification of an "Allowed Manager" is done by checking the Source
IP address of the packets. Thus, if the Source IP address is modified on the way
(NAT, Proxy, etc.), even an "Allowed Manager" will not be able to access the
C360.
Allowed Managers CLI Commands
The following Allowed Managers commands are available.
Table 19: Allowed Managers CLI Commands 1 of 2
In order to...
Use the following command...
When set to enabled - only managers with IP address specified in the allowed table will be able to access the device
Add/delete IP address of manager to/from the allowed table
Show the IP addresses of the managers that are allowed to access the device set allowed managers set allowed managers ip show allowed managers table
1 of 2
84 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Allowed Managers
Table 19: Allowed Managers CLI Commands 2 of 2
In order to...
Use the following command...
Show whether the status of allowed managers is enabled or disabled
Show the IP addresses of the managers that are currently connected show allowed managers status show secure current
2 of 2
Issue 1 July 2006 85
Establishing Switch Access
Allowed Protocols
Allowed Protocols Introduction
Tip:
With the Allowed Protocols feature, the network manager can determine the IP protocols enabled on the switch. This feature can be used to block access to the switch using specific IP protocols. Each protocol can be independently enabled or disabled on the switch.
Tip:
Enabling and disabling the Recovery Password protocol can only be done using a direct console connection via the Console port.
Allowed Protocols CLI Commands
The following Allowed Protocols commands are available.
Table 20: Allowed Protocol CLI Commands 1 of 2
In order to...
Use the following command...
Enable Telnet on the switch
Disable Telnet on the switch
Enable HTTP on the switch
Disable HTTP on the switch
Enable the switch agent to accept ICMP redirect packets sent to it
Enable the switch agent to ignore ICMP redirect packets sent to it ip telnet enable no ip telnet ip http enable no ip http ip icmp redirect no icmp redirect
Enable SNMP on the switch
Disable SNMP on the switch snmp-server no snmp-server
Enable SNMPv1 switch access snmp-server community
Disable SNMPv1 switch access no snmp-server community
1 of 2
86 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Allowed Protocols
Table 20: Allowed Protocol CLI Commands 2 of 2
In order to...
Enable SSH on the switch
Disable SSH on the switch
Enable Recovery Password on the switch
Disable Recovery Password on the switch
Enable Telnet access from the switch
Disable Telnet access from the switch
Use the following command...
ip ssh enable no ip ssh terminal recovery password enable no terminal recovery password ip telnet-client enable no ip telnet-client
2 of 2
Issue 1 July 2006 87
Establishing Switch Access
88 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Section 3: Avaya C360 Configuration
Issue 1 July 2006 89
90 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 6: Avaya C360 Default Settings
This section describes the procedures for the first-time configuration of the C360. The factory defaults are set out in detail in the tables included in this chapter.
Configuring the Switch
You may configure the C360 using the text-based Command Line Interface (CLI), the built-in
C360 Device Manager or Avaya Integrated Management.
For instructions on the CLI, see the Reference Guide for the Avaya C360 Converged Stackable
Switch, 10-300506.
For instructions on the use of the graphical user interfaces, refer to the C360 Device Manager
User Guide on the Avaya C360 Documentation and Utilities CD.
C360 Default Settings
The default settings for the C360 switch and its ports are determined by the C360 firmware.
These default settings are subject to change in newer versions of the C360 firmware. See the
C360 Release Notes for the most up-to-date settings.
Table 21: Default Switch Settings 1 of 2
Function Default Setting
IP address
Subnet Mask
Default gateway
Management VLAN ID
149.49.32.134
255.255.255.0
0.0.0.0
1
Spanning tree Enabled
Bridge priority for Spanning Tree 32768
Spanning tree version Common spanning tree
1 of 2
Issue 1 July 2006 91
Avaya C360 Default Settings
Table 21: Default Switch Settings 2 of 2
Function
MAC aging
MAC aging time
Keep alive frame transmission
Network time acquisition
IP multicast filtering
802.1x system-auth-control
802.1x port-control
RADIUS server
Time server IP address
Timezone offset
SNMPv1 communities:
Read-only
Read-write
Trap SNMP
SNMP authentication trap
CLI timeout
System logging
Allowed protocols:
SNMP
Telnet
HTTP
Telnet
ICMP redirect
SSH
Telnet client
Recovery password
User Name/Password
Default Setting
Enabled
5 minutes
Enabled
Enabled, Time protocol
Disabled
Disabled
Auto
Disabled
0.0.0.0
0 hours
Public
Public
Public
Disabled
15 Minutes
Disabled
Enabled
Enabled
Enabled
Enabled
Enabled
Disabled
Disabled
Enabled root/root
2 of 2
92 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Tip:
Configuring the Switch
Tip:
Functions operate in their default settings unless configured otherwise.
Table 22: Default Port Settings
Function Default Setting
Ports 1 to 24 or 1 to 48
Ports 51 and 52
Duplex mode
Port speed
Half/Full duplex depending on auto-negotiati on results
10/100 Mbps
Depending on auto- negotiation results
Full duplex only
1000 Mbps
Auto-negotiation
Flow control
1
Enable
Disabled (no pause)
Enable
Disabled (no pause)
Not applicable Disabled (no pause)
Flow control auto-negotiation advertisement
Administrative state Enable
Port VLAN ID 1
Eavesdropping
Prevention
Enable
1
Intrusion Prevention
Tagging mode
Spanning Tree port priority
Clear
Port priority 0
Spanning Tree cost 19
128
Clear
0
4
128
1. Ensure that the other side is also set to Autonegotiation
Enabled.
Issue 1 July 2006 93
Avaya C360 Default Settings
94 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 7: Switch Configuration
Introduction
This chapter describes the parameters you can define, such as its name and location, time parameters, and so on. In addition, this chapter describes methods for saving and deploying device configurations and monitoring CPU utilization.
This chapter contains the following sections:
●
●
Uploading and Downloading Device Configurations and Images
●
●
●
●
Basic Switch Configuration
Use the CLI commands briefly described below for configuring the display on your terminal or workstation.The rules of syntax and output examples are all set out in detail in the Reference
Guide for the Avaya C360 Converged Stackable Switch, 10-300506.
Table 23: Basic Switch Configuration CLI Commands 1 of 2
In order to...
Use the following command...
Open a CLI session to an entity in the stack
Display or set the terminal width
(in characters)
Display or set the terminal length (in lines)
Display or set the prompt session terminal width terminal length hostname
1 of 2
Issue 1 July 2006 95
Switch Configuration
Table 23: Basic Switch Configuration CLI Commands 2 of 2
In order to...
Use the following command...
Return the prompt to its default value
Clear the current terminal display
Set the number of minutes before an inactive CLI session automatically logs out
Display the number of minutes before an inactive CLI session automatically times out
Access Layer 3 configuration if not logged in as supervisor (see
no hostname clear screen set logout show logout configure
2 of 2
System Parameter Configuration
Identifying the system
In order to make a C360 switch easier to identify, you can define a name for the switch, contact information for the switch technician, and the location of the switch in the organization. The rules of syntax and output examples are all set out in detail in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
Table 24: System Identification CLI Commands
In order to...
Configure the system name.
Configure the system contact person
Configure the system location
Use the following command...
set system name set system contact set system location
96 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Basic Switch Configuration
Operating parameters
You can use the following commands to configure and display the mode of operation for the switch and display key parameters. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360 Converged Stackable Switch, 10-300506.
Table 25: Operating Parameter CLI Commands
In order to...
Configure the basic mode of operation of a module to either
Layer 2 or Router
Display the mode of operation
Display system parameters
Display module information for all modules within the stack
Use the following command...
set device-mode show device-mode show system show module
Network Time Acquiring Protocols Parameter Configuration
The C360 can acquire the time from a Network Time Server. C360 supports the SNTP Protocol
(RFC 958) over UDP port 123 or TIME protocol over UDP port 37. Use the CLI commands briefly described below for configuring and display time information and acquiring parameters.
The rules of syntax and output examples are all set out in detail in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Restore the time zone to its default, UTC.
Configure the time zone for the system clear timezone set timezone
Configure the time protocol for use in the system set time protocol
Enable or disable the time client set time client
Configure the network time server IP address set time server
Display the current time show time
1 of 2
Issue 1 July 2006 97
Switch Configuration
In order to...
Display the time status and parameters
Display the current time zone offset
Get the time from the time server
Use the following command...
show time parameters show timezone get time
2 of 2
98 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Uploading and Downloading Device Configurations and Images
Uploading and Downloading Device Configurations and
Images
The C360 allows you to backup and restore device configurations and configure multiple devices using Simple Network Management Protocol (SNMP) and Trivial File Transfer Protocol
(TFTP) or Secure Copy Protocol (SCP) to exchange information with the devices. For more
information on SNMP, refer to SNMP Support on page 73. For more information on SCP, refer
to SCP Protocol Support on page 103.
When you make changes to a switch’s configuration, you may find that the overall effect of the configuration change may have a negative effect on the performance of the device in your network. By uploading a switch’s configuration file before any configuration changes, you can easily restore the switch to a previous configuration.
In addition, you can download the same configuration file to multiple devices in the network, resulting in a consistent configuration.
You can also download image files to the switch. The image files provide the switch’s firmware and device manager.
Tip:
Tip:
Tip:
Only parameters that differ from the factory default settings for the switch are included in the configuration file. Therefore, it is important to re-initialize the
NVRAM to the factory default settings before downloading configuration files to the switch.
The C360 commands for uploading and downloading device configuration files differ for the
Layer 2 and Layer 3 configuration files.
Tip:
To upload or download files, you must log in to the device as a user with
Supervisor level privileges.
Table 26: Configuration Files and Their Contents
File name module-config stack-config running-config startup-config
Contents
Layer 2 switch-level configuration, e.g., port parameters, VLAN binding, LAGs
Layer 2 stack-level configuration, e.g. global parameters, Spanning Tree, VLANs
Layer 3 configuration currently running
(switch-level)
*
Layer 3 configuration used when switch is reset
(switch-level)
Issue 1 July 2006 99
Switch Configuration
Note:
Note:
*The running configuration is not saved automatically after a reset. If you wish to make the currently running configuration the startup configuration, use the copy running-config startup-config command before preforming a reset.
Layer 2 Configuration File
The Layer 2 configuration file contains the full Layer 2 configuration of the switch in the format of the CLI commands necessary to configure the device to its current configuration. You can edit the file in a text editor, however, it is recommended that you perform the configuration changes using the C360 Device Manager and/or the CLI. To upload or download Layer 2 configuration files, you must be in a switch mode.
Use the CLI commands described below for uploading and downloading Layer 2 configuration files. The rules of syntax and output examples are all set out in detail in the Reference Guide for
the Avaya C360 Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Download a module configuration file to the device using SCP
Download a stack configuration file to the device using SCP
Download a module configuration file to the device using TFTP
Download a stack configuration file to the device using TFTP
Upload a module configuration file from the device using SCP
Upload a stack configuration file from the device using SCP
Upload a module configuration file from the device using TFTP
Upload a stack configuration file from the device using TFTP copy scp module-config copy scp stack-config copy tftp module-config copy tftp stack-config copy module-config scp copy stack-config scp copy module-config tftp copy stack-config tftp
1 of 2
100 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Uploading and Downloading Device Configurations and Images
In order to...
Use the following command...
Display the status of file uploads show upload status
Display the status of file downloads show download status
2 of 2
Layer 3 Configuration File
The Configuration File feature allows the user to read the routing configuration parameters and save them to a file on the station. The routing configuration commands in the file are in CLI format. The user can edit the file (if required) and re-configure the router module by uploading the configuration file.
Although the file can be edited, it is recommended to keep changes to the file to a minimum.
The recommended configuration method is using C360 Device Manager and/or the CLI.
Changes to the configuration file should be limited to those required to customize a configuration file from one router to suit another.
Note:
Note:
To upload or download Layer 3 configuration files, you must be in a router mode.
Use the CLI commands briefly described below for uploading and downloading Layer 3 configuration files. The rules of syntax and output examples are all set out in detail in the
Reference Guide for the Avaya C360 Converged Stackable Switch, 10-300506.
In order to...
Download a startup configuration file to the device using SCP
Download a startup configuration file to the device using TFTP
Use the following command...
Tip: copy scp startup-config
Tip:
To use the startup configuration file, run the copy running-config starting-config command after the configuration file is downloaded to the device.
copy tftp startup-config
To use the startup configuration file, execute the copy running-config starting-config CLI command after the configuration file is downloaded to the device.
1 of 2
Issue 1 July 2006 101
Switch Configuration
In order to...
Use the following command...
Upload a startup configuration file from the device using SCP
Upload the running configuration file from the device using SCP
Upload a startup configuration file from the device using TFTP
Upload the running configuration file from the device using TFTP copy startup-config scp copy running-config scp copy startup-config tftp copy running-config tftp
2 of 2
102 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
SCP Protocol Support
SCP Protocol Support
In addition to data transfer via an SSH session, the SSH protocol is also used to support SCP for secure file transfer. When using SCP, the C360 is the client, and an SCP server must be installed on the management station. After defining users on the SCP server, the device acts as an SCP client.
The procedure described in the
Introduction to SSH on page 66 is used with the roles of the
C360 and the client computer reversed.
To accomplish secured transfers, a C360 launches a local SSH client via the CLI in order to establish a secured channel to the secured file server. The C360 authenticates itself to the server by providing a user name and password. With a Windows-based SSH server
(WinSSHD), the user name provided must be a defined user on the Windows machine with read/write privileges. The files transferred via SCP are saved in the "C:\Documents and
Settings\username" directory.
The network element performs file transfer in unattended mode.
SECURITY ALERT:
!
SECURITY ALERT:
The C360 doesn't block SCP traffic from users not on the allowed managers list, because it is the SSH client. In addition, the C360 doesn't prompt the user to accept the Server’s fingerprint nor warn the user if the fingerprint from an IP address has changed.
For information on SCP file transfer commands, refer to Uploading and Downloading Device
Configurations and Images on page 99.
Issue 1 July 2006 103
Switch Configuration
System Logging
System Logging Introduction
The C360 System Logging feature is capable of storing system messages on a device, outputting messages to the CLI console, Telnet session, or SSH session, and reporting remotely to a Syslog server. System Logging is an important tool used for routine maintenance, auditing, and monitoring access to the device.
The components of System Logging include:
● Logging Messages
● Sinks
● Message Facilities
System Logging Messages
System logging messages provide the following information:
● Module ID – The number of the module from which the message originated.
● Event Time – The time the event occurred. The Event Time is included only if a time server is configured for the device.
● Message Facility – The software sub-system from which the message originated.
● Severity Level – The severity level of the message. Severity levels from the highest severity to the lowest include: Emergency, Alert, Critical, Error, Warning, Notification,
Informational, Debug
● Message Content – A description of the event.
In order to reduce the number of collected and transmitted messages, filtering options should be used. The filtering options are based on message classification by Message Facility and severity. For a specified sink, you can define the threshold severity for messages output by each Message Facility. Messages with a severity lower than the defined threshold are not sent to the specified sink.
In addition, the session sink filters the messages using the access level of the user. Only messages the user is permitted to access are output to the console or Telnet/SSH session.
104 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
System Logging
Sinks
System logging messages can be sent via a number of "sinks" or methods. Table 27 provides a
list of available sinks.
Table 27: Available Sinks
Sink
Console/
Telnet/SSH
Log File
Syslog server
Description
Logging messages are sent to the console or a Telnet or
SSH session in non- blocking mode.
Logging messages are saved to a log file in the NVRAM of the master module in the stack. The log file is not erased by an NVRAM initialization.
Logging messages are sent to a Syslog server as ASCII text. Up to three Syslog servers can be defined for a stack.
Message Facilities
A message facility is a software sub-system from which a logging message can originate.
provides a list of supported message facilities:
Table 28: Supported Message Facilities 1 of 2
Message Facility
Codes
Description
All
Boot
System
ROUTER
CONFIG
FILESYS
FAN
SUPPLY
SECURITY
CASCADE
QOS
All messages
Boot messages
Operating system failures
Core routing system failures
Configuration changes
File System Problem (flash)
Cooling system messages
Power supply system messages
Authentication Failures
Stack CASCADE mechanism messages
Quality of Service messages
1 of 2
Issue 1 July 2006 105
Switch Configuration
Table 28: Supported Message Facilities 2 of 2
Message Facility
Codes
Description
SWITCHFABRIC Switch fabric failures
LAG Link Aggregation package messages
VLAN
SNMP
VLAN package messages
SNMP agent messages
POLICY
CLI
STP
THRESHOLD
Policy package messages
Command Line interpreter messages
Spanning tree package messages
RMON alarms messages
2 of 2
Syslog Servers
Remote logging using Syslog servers provides the following advantages:
● History and archiving – Storing logs remotely shifts the burden of storing log output to a device with an actual file system and cheap ample storage. This provides an option to keep large logs files and the ability to archive and store log files.
● Data Manipulation – Once the log data is on a system with tools that can manipulate it, log data can be used to generate valuable reports.
To configure logging via a Syslog server:
1. Define a Syslog host. Up to 3 Syslog servers can be defined.
2. Define the syslog “facility” that the messages are sent to on the remote syslog server. If a syslog facility is not defined, the default facility, local7, is used.
3. Enable the Syslog server.
Addition optional configuration includes
● You can associate the Syslog output with an access level. This limits access of the Syslog output to users with the proper security level. The default access level for Syslog output is
"read-write"
● You can define Message Facility filters to overrule the default threshold. The following is a list of default facility thresholds:
- Syslog server – Warning
106 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
System Logging
- Log file – Informational
- Console – Informational
- Telnet/SSH session – Warning
● System Logging Commands
Tip:
Tip:
The system logging configuration is not saved to NVRAM. The configuration only affects the active session from which the commands are executed. Each session must be configured separately.
● Clearing the system log file.
Tip:
Tip:
Resetting the device does not clear the log file.
Use the CLI commands briefly described below for configuring System Logging. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Define a filter rule for logging messages for the current session
Enable or disable logging for the current session
Display the logging configuration for the current session
Define a filter rule for logging messages for a Syslog server
Enable or disable logging for a
Syslog server
Update the server facility parameter of a configured
Syslog server
Update the server severity parameter of a configured
Syslog server set logging session condition set logging session {enable | disable} show logging session condition set logging server condition set logging server {enable | disable} set logging server facility set logging server severity
1 of 2
Issue 1 July 2006 107
Switch Configuration
In order to...
Use the following command...
Defines the access level associated with a Syslog server sink. A user cannot specify an admission level higher than the level assigned to him.
Delete a Syslog server from the
Syslog server table
Display the logging configuration for the specified Syslog server or for all servers
Define a filter rule for logging messages to a file
Enable or disable logging to a file on NVRAM
Display the logging configuration for the file sink.
Delete the log file and open an empty log file
Outputs the messages logged in the log file to the CLI console.
The output is arranged in descending order of occurrence, with the most recent events first.
set logging server access-level clear logging server show logging server condition set logging file condition set logging file {enable | disable} show logging file condition clear logging file show logging file
2 of 2
108 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Telnet Client Support
Telnet Client Support
Introduction to Telnet
The C360 supports invocation of a Telnet client from the CLI. The Telnet client implementation enables you to control the destination port for connecting daemons that listen on a non-default port.
Authentication when connecting to the switch via Telnet is identical to standard console connection authentication (local or RADIUS).
Tip:
Tip:
Enabling and disabling the Telnet-client service can only be done using a direct console connection via the Console port.
By default the Telnet-client service is disabled.
Telnet Commands
The following Telnet commands are available.
In order to...
Open a Telnet session to another device.
Enable Telnet access from the switch
Disable Telnet access from the switch
Use the following command...
telnet ip telnet-client enable no ip telnet-client
For a complete description of the Telnet CLI commands, including syntax and output examples, refer to the Reference Guide for the Avaya C360 Converged Stackable Switch, 10-300506.
Issue 1 July 2006 109
Switch Configuration
Monitoring CPU Utilization
The C360 provides you with the ability to monitor CPU utilization on each module of the stack.
Use the CLI commands briefly described below for enabling and disabling CPU utilization monitoring and viewing CPU utilization statistics. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360 Converged Stackable Switch,
10-300506.
In order to...
Use the following command...
Enable CPU utilization monitoring on a module or stack
Disable CPU utilization monitoring on a module or stack
Display CPU utilization statistics for a module or stack set utilization cpu clear utilization cpu show utilization
110 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 8: Avaya C360 Layer 2 Features
This section describes the C360 Layer 2 features. It provides the basic procedures for configuring the C360 for Layer 2 operation.
The C360 supports a range of Layer 2 features. Each feature has CLI commands associated with it. These commands are used to configure, operate, or monitor switch activity for each of the Layer 2 features.
This section of the C360 Installation and Maintenance Guide explains each of the features.
Specifically, the topics discussed here include:
● Ethernet
● VLANs
● IEEE 802.1x (Port Based Network Access Control)
● Spanning Tree Protocol
● MAC Security
● LAG (Link Aggregate Group)
● Port Redundancy
● IP Multicast Filtering
● RMON
● SMON
● Port Mirroring
● Weighted Queuing
● LLDP Server
Ethernet
Ethernet is one of the most widely implemented LAN standards. It uses the Carrier Sense
Multiple Access with Collision Detection (CSMA/CD) access method to handle simultaneous demands. CSMA/CD is a multi-user network allocation procedure in which every station can receive the transmissions of every other station. Each station waits for the network to be idle before transmitting and each station can detect collisions by other stations.
The first version of Ethernet supported data transfer rates of 10 Mbps, and is therefore known as 10BASE-T (over copper) or 10BASE-FX (over fiber).
Issue 1 July 2006 111
Avaya C360 Layer 2 Features
Fast Ethernet
Fast Ethernet is a newer version of Ethernet, supporting data transfer rates of 100 Mbps. Fast
Ethernet is sufficiently similar to Ethernet to support the use of most existing Ethernet applications and network management tools. The adoption of Fast Ethernet is as 100BASE-T
(over copper) or 100BASE-FX (over fiber).
Fast Ethernet is standardized as IEEE 802.3u.
Gigabit Ethernet
Gigabit Ethernet supports data rates of 1 Gbps. Gigabit Ethernet standards are 1000BASE-T
(over copper) or 1000BASE-ELX, 1000BASE-LX and 1000BASE-SX (over fiber).
Gigabit Ethernet is standardized as IEEE 802.3z.
Figure 23: maximum Ethernet Cable Lengths
1000 BASE-ELX
1550 nm
1000 BASE-LX
{
1300 nm
1000 BASE-SX
850 nm
{
10/100BASE-FX
9µ Single-mode
9µ Single-mode
50µ Multi-mode
62.5µ Multi-mode
50µ Multi-mode
62.5µ Multi-mode
9µ Single-mode
1000 BASE-T
10/100BASE-T
100 m
LANs
275 m 550 m
Building Backbones
2 km 5 km 10 km 70 km
Campus Backbone
112 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Ethernet
Configuring Ethernet Parameters
Auto-Negotiation
Auto-Negotiation is a protocol that runs between two stations, two switches or a station and a switch. When enabled, Auto-Negotiation negotiates port speed and duplex mode by detecting the highest common denominator port connection for the endstations. For example, if one workstation supports both 10 Mbps and 100 Mbps speed ports, while the other workstation only supports 10 Mbps, then Auto-Negotiation sets the port speed to 10 Mbps.
For Gigabit ports, Auto-Negotiation determines the Flow Control configuration of the port.
Full-Duplex/Half-Duplex
Devices that support Full-Duplex can transmit and receive data simultaneously, as opposed to half-duplex transmission where each device can only communicate in turn.
Full-Duplex provides higher throughput than half-duplex.
Speed
The IEEE defines three standard speeds for Ethernet: 10, 100 and 1000 Mbps (also known as
Ethernet, Fast Ethernet and Gigabit Ethernet respectively).
MDI/MDI-X Detection
Auto MDI/MDI-X (cross-over cable) detection allows use of both straight and crossover cables without the need to configure ports individually.
Flow Control
The process of adjusting the flow of data from one device to another to ensure that the receiving device can handle all of the incoming data. This is particularly important where the sending device is capable of sending data much faster than the receiving device can receive it.
There are many flow control mechanisms. One of the most common flow control protocols, used in Ethernet full-duplex, is called xon-xoff. In this case, the receiving device sends a an xoff message to the sending device when its buffer is full. The sending device then stops sending data. When the receiving device is ready to receive more data, it sends an xon signal.
Issue 1 July 2006 113
Avaya C360 Layer 2 Features
Priority
By its nature, network traffic varies greatly over time, so short-term peak loads may exceed the switch capacity. When this occurs, the switch must buffer frames until there is enough capacity to forward them to the appropriate ports.
This, however, can interrupt time-sensitive traffic streams, such as Voice and other converged applications. These packets need to be forwarded with the minimum of delay or buffering. In other words, they need to be given high priority over other types of network traffic.
Priority determines in which order packets are sent on the network and is a key part of QoS
(Quality of Service). The IEEE standard for priority on Ethernet networks is 802.1p.
The C360 supports four internal priority queues and the classification of packets within the queues is as follows:
Table 29: Packet Tagging to C360 Queue Mapping
Tagging
0, 1
2, 3
4, 5
6, 7
C360 Queue
Low
Normal
High
Highest
This classification is based either on the packet's original priority tag, or, if the packet arrives at the port untagged, based on the priority configured for the ingress port (using the set port level CLI command).
In cases where the packet was received tagged, this priority tag is retained when the packet is transmitted through a tagging port.
In cases where the priority is assigned based on the ingress priority of the port, then on an egress tagging port the packet will tagged according to the ingress port priority value configured by the set port level CLI command.
MAC Address
The MAC address is a unique 48-bit value associated with any network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN.
MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By convention, MAC addresses are usually written in one of the following two formats:
● MM:MM:MM:SS:SS:SS
● MM-MM-MM-SS-SS-SS
114 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Ethernet
The first half of a MAC address contains the ID number of the device manufacturer. These IDs are regulated by an Internet standards body. The second half of a MAC address represents the serial number assigned to the device by the manufacturer.
CAM Table
The CAM Table contains a mapping of learned MAC addresses to ports and VLANs. The switch checks forwarding requests against the addresses contained in the CAM Table:
● If the MAC address appears in the CAM Table, the packet is forwarded to the appropriate port.
● If the MAC address does not appear in the CAM Table, or the MAC Address mapping has changed, the frame is duplicated and copied to all the ports on the same VLAN. Once a reply is received, the CAM table is updated with the new address/VLAN port mapping.
MAC Aging
The MAC Aging feature allows the user to configure a time interval after which unused entries in the MAC Table will be deleted.
Following is the description of configuration of the C360 for the MAC Aging functionality.
● MAC Aging is configured on the stack level.
● MAC Aging can be globally enabled/disabled using the set mac-aging command.
● "mac-aging-time" is set in minutes:
- Default = five minutes
- Minimum time = one minute; maximum time = 3600 min.
Ethernet Configuration CLI Commands
The following table contains a list of the configuration CLI commands for the Ethernet feature.
The rules of syntax and output examples are all set out in detail in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
Table 30: Ethernet Configuration CLI Commands 1 of 3
In order to...
Enable/Disable MAC Aging
Set the MAC aging time in minutes (0=don't age).
Use the following command...
set mac-aging set mac-aging-time
1 of 3
Issue 1 July 2006 115
Avaya C360 Layer 2 Features
Table 30: Ethernet Configuration CLI Commands 2 of 3
In order to...
Use the following command...
Set the auto negotiation mode of a port
Administratively enable a port set port negotiation
Configure the duplex mode of a
10/100BASE-T port set port enable
Administratively disable a port set port disable
Set the speed for a 10/100 port set port speed set port duplex set port name set port flowcontrol
Configure a name for a port
Set the send/receive mode for flow-control frames for a full duplex port
Set the flow control advertisement for a Gigabit port when performing autonegotiation set port auto-negotiation-flowcontrol-advertisement
Set the priority level of a port
Display settings and status for all ports
Display per-port status information related to flow control set port level show port show port flowcontrol
Display the flow control advertisement for a Gigabit port used to perform auto-negotiation show port auto-negotiation-flowcontrol-advertisement
Display the CAM table entries for a specific port
Display the CAM table entries for a specific MAC address show cam show cam mac
Clear all the CAM table entries.
clear cam
Display the autopartition settings show autopartition
2 of 3
116 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
VLANs
Table 30: Ethernet Configuration CLI Commands 3 of 3
In order to...
Display the current status of the
MAC aging function
Display the MAC aging time in minutes.
Use the following command...
show mac-aging show mac-aging-time
3 of 3
VLANs
VLAN Overview
A VLAN is made up of a group of devices on one or more LANs that are configured so that they operate as if they form an independent LAN, when in fact they may be located on a number of different LAN segments. VLANs can be used to group together departments and other logical groups, thereby reducing network traffic flow and increasing security within the VLAN.
The figure below illustrates how a simple VLAN can connect several endpoints in different locations and attached to different hubs. In this example, the Management VLAN consists of stations on numerous floors of the building and which are connected to both Device A and
Device B.
Issue 1 July 2006 117
Avaya C360 Layer 2 Features
Figure 24: VLAN Overview
3
4
`
1
` `
2
`
5
Figure notes:
1. Management VLAN
2. Management LAN
3. R&D VLAN
4. Device A
5. Device B
In virtual topological networks, the network devices may be located in diverse places around the
LAN-such as in different departments, on different floors or in different buildings. Connections are made through software. Each network device is connected to a hub, and the network manager uses management software to assign each device to a virtual topological network.
Elements can be combined into a VLAN even if they are connected to different devices.
VLANs should be used whenever there are one or more groups of network users that you want to separate from the rest of the network.
In Figure 22 , the switch has three separate VLANs: Sales, Engineering, and Marketing (Mktg).
Each VLAN has several physical ports assigned to it with PC's connected to those ports. When traffic flows from a PC on the Sales VLAN for example, that traffic is only forwarded out the other ports assigned to that VLAN. Thus, the Engineering and Mktg VLANs are not burdened with processing that traffic.
118 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
VLANs
Figure 25: VLAN Switching and Bridging
1
2
3
Figure notes:
1. Sales
2. Engineering
3. Marketing
3
1
2
VLAN Tagging
VLAN Tagging is a method of controlling the distribution of information on the network. The ports on devices supporting VLAN Tagging are configured with the following parameters:
● Port VLAN ID
● Tagging Mode
The Port VLAN ID is the number of the VLAN to which the port is assigned. Untagged frames
(and frames tagged with VLAN 0) entering the port are assigned the port's VLAN ID. Tagged frames are unaffected by the port's VLAN ID.
The Tagging Mode determines the behavior of the port that processes outgoing frames:
● If Tagging Mode is set to "Clear", the port transmits frames that belong to the port's VLAN table. These frames leave the device untagged.
● If Tagging Mode is set to "IEEE-802.1Q", all frames keep their tags when they leave the device. Frames that enter the switch without a VLAN tag will be tagged with the VLAN ID of the port they entered through.
Multi VLAN Binding
Multi VLAN binding (Multiple VLANs per port) allows access to shared resources by stations that belong to different VLANs through the same port. This is useful in applications such as
Issue 1 July 2006 119
Avaya C360 Layer 2 Features multi-tenant networks, where each user has his a VLAN for privacy, but the whole building has a shared high-speed connection to the ISP.
In order to accomplish this, C360 allows you to set multiple VLANs per port. The three available
Port Multi-VLAN binding modes are:
● Bind to All - the port is programmed to support the entire 3K VLANs range. Traffic from any
VLAN is forwarded through a port defined as "Bind to All". This is intended mainly for easy backbone link configuration
● Bind to Configured - the port supports all the VLANs configured in the switch/stack. These may be either Port VLAN IDs (PVID) or VLANs that were manually added to the switch.
● Statically Bound - the port supports VLANs manually configured on it.
Tip:
Tip:
VLAN Binding - The forwarding mechanism of the C360 switches is based on frame's VLAN and MAC address. If a frame is destined to a known MAC address but arrives on a different VLAN than the VLAN on which this MAC address was learnt, this frame will be flooded as unknown to all ports that are bound to its
VLAN. Hence, VLAN binding should be executed with care, especially on ports connected to workstations or servers.
Figure 23 illustrates these binding modes in C360.
120 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
VLANs
Figure 26: Multiple VLAN Per-port Binding Modes
2
1 3
Figure notes:
1. Bind to All
- Any VLAN in the range of 1 to 3,071 will be allowed access through this port
- Intended mainly for easy backbone link
2. Static Binding
- You manually specify the list of VLAN IDs to be bound to the port, up to 3,071 VLANs
- Default mode for every port
- Only VLAN 9, and any other VLANs statically configured on the port will be allowed to access this port
3. Bind to Configured
- The VLAN table of the port will support all the Static VLAN entries and all the ports'
VLAN IDs (PVIDs) present in the switch
- VLANs 1,3,5,9,10 coming from the bus will be allowed access through this port
- All the ports in Bound to Configured mode will support the same list of VLANs
Ingress VLAN Security
Ingress VLAN security uses VLAN tagging information to drop packets which do not have the appropriate tagging. The accept or drop action depends on the binding mode of the ingress port.
Issue 1 July 2006 121
Avaya C360 Layer 2 Features
shows the relationship between the binding mode and the whether the packet is accepted.
Table 31: Ingress VLAN Security
Binding Mode
Static
Bind to Configured
Bind to All
Packets Permitted
Only user-defined VIDs
All VIDs defined in the switch
Any VID (1 to 3,071)
VLAN CLI Commands
The following table contains a list of the CLI commands for the VLAN feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
Table 32: VLAN CLI Commands 1 of 2
In order to...
Use the following command...
Assign the Port VLAN ID (PVID) set port vlan
Define the port binding method set port vlan-binding-mode
Define a static VLAN for a port
Configure the tagging mode of a port
Create VLANs set port static-vlan set trunk set vlan show port vlan-binding-mode Display the port VLAN binding mode settings
Display VLAN tagging information of the ports, port binding mode, port VLAN ID and the allowed VLANs on a port show trunk
Display the VLANs configured in the switch.
Clear VLAN entries show vlan clear vlan
1 of 2
122 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IEEE 802.1x (Port Based Network Access Control)
Table 32: VLAN CLI Commands 2 of 2
In order to...
Use the following command...
Clear a VLAN statically configured on a port
Clear the dynamic vlans learned by the switch from incoming traffic
Display the MAC addresses learned on a specific VLAN clear port static-vlan clear dynamic vlans show cam vlan
2 of 2
IEEE 802.1x (Port Based Network Access Control)
Port Based Network Access Control (IEEE 802.1x) is a method for performing authentication to obtain access to IEEE 802 LANs. The protocol defines an interaction between 3 entities:
● Supplicant - an entity at one end of a point-to-point LAN segment that is being authenticated by an authenticator attached to the other end of that link.
● Authenticator - an entity at one end of a point-to-point LAN segment that facilitates authentication of the entity attached to the other end of that link; in this case, the C360.
● Authentication (RADIUS) Server - an entity that provides an authentication service to an authenticator. This service determines, from the credentials provided by the supplicant, whether the supplicant is authorized to access the services provided by the authenticator.
The process begins with the supplicant trying to access a certain restricted network resource, and upon successful authentication by the authentication server, the supplicant is granted access to the network resources.
How 802.1x Authentication Works
802.1x provides a means of authenticating and authorizing users attached to a LAN port and of preventing access to that port in cases where the authentication process fails. The authentication procedure is port based, which means:
● access control is achieved by enforcing authentication on connected ports
● if an end-point station that connects to a port is not authorized, the port state is set to
"unauthorized" which closes the port to any traffic.
Issue 1 July 2006 123
Avaya C360 Layer 2 Features
● As a result of an authentication attempt, the C360 port can be either in a "blocked" or a
"forwarding" state.
802.1x interacts with existing standards to perform its authentication operation. Specifically, it makes use of Extensible Authentication Protocol (EAP) messages encapsulated within Ethernet frames (EAPOL), and EAP over RADIUS for the communication between the Authenticator and the Authentication Server.
IEEE 802.1x Implementation in the C360
This section lists the conditions that govern the implementation of the 802.1x standard in the
C360 line:
● You can configure 802.1x on the 10/100 Mbps Ethernet ports only.
● 802.1x can work only if a RADIUS server is configured on the C360 and the RADIUS server is carefully configured to support 802.1x.
● 802.1x and port/intermodule redundancy can co-exist on the same ports.
● 802.1x and LAGs can coexist on the same ports.
● 802.1x and Spanning Tree can be simultaneously active on a module.
Note:
Note:
If either 802.1x or STP/RSTP are in a blocking state, the final state of the port will be blocked.
● When 802.1x is activated, the application immediately places all ports in a blocking state unless they were declared "Force Authenticate". They will be reverted to "Forwarding" state only when the port is authorized by the RADIUS server.
Note:
Note:
The actual state of ports configured as "Force Authenticate" is determined by the
STA.
Configuring the C360 for 802.1x
This section lists the basic tasks required to configure a C360 stack for 802.1x. To configure
C360 for 802.1x, do the following:
● Configure a RADIUS server on a network reachable from the C360:
- Create user names and passwords for allowed users.
- Make sure the EAP option is enabled on this server.
● Configure the C360 for RADIUS:
- Configure RADIUS parameters.
124 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IEEE 802.1x (Port Based Network Access Control)
- Enable the RADIUS feature.
- Configure the port used to access the RADIUS server as "force-authorized."
Tip:
Tip:
You can configure on the RADIUS server a PVID, static VLAN binding and port level for each authenticated user. If the port that the user is connected to is authorized, those parameters will be assigned to the port.
● Connect the Supplicant - i.e., Windows XP clients - directly to the C360.
● Verify that the dot1x port-control is in auto mode.
● Set the dot1x system-auth-config to enable; the authentication process starts:
- The supplicant is asked to supply a user name and password.
- If authentication is enabled on the port, the Authenticator initiates authentication when the link is up.
- Authentication Succeeds: after the authentication process completes, the supplicant will receive a Permit/Deny notification.
- Authentication Fails: authentication will fail when the Supplicant fails to respond to requests from the Authenticator, when management controls prevent the port from being authorized, when the link is down, or when the user supplied incorrect logon information.
802.1x CLI Commands
The following table contains a list of the CLI commands for the 802.1x feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Disable dot1x on all ports and return to default values
Display the system dot1x capabilities, protocol version, and timer values
Display all the configurable values associated with the authenticator port access entity
(PAE) and backend authenticator
Use the following command...
clear dot1x config show dot1x show port dot1x
1 of 3
Issue 1 July 2006 125
Avaya C360 Layer 2 Features
In order to...
Use the following command...
Display all the port dot1x statistics
Set the minimal idle time between authentication attempts
Set the time interval between attempts to access the
Authenticated Station
Set the server retransmission timeout period for all ports
Set the authentication period (an idle time between re-authentication attempts)
Set the authenticator-to-supplicant retransmission timeout period
(the time for the switch to wait for a reply from the
Authenticated Station)
Set the max-req for all ports (the maximal number of times the port tries to retransmit requests to the Authenticated Station before the session is terminated) show port dot1x statistics set dot1x quiet-period set dot1x tx-period set dot1x server-timeout set dot1x re-authperiod set dot1x supp-timeout set dot1x max-req
Globally enable/disable 802.1x
set dot1x system-auth-control enable/disable
Set dot1x control parameter per port set port dot1x port-control
Initialize port dot1x
Set the port to re-authenticate set port dot1x initialize set port dot1x re-authenticate set port dot1x re-authentication Set dot1x re-authentication mode per port
Set the 802.1x quiet period per port set port dot1x quiet-period
Set the transmit period per port
(a time interval between attempts to access the
Authenticated Station) set port dot1x tx-period
2 of 3
126 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Spanning Tree Protocol
In order to...
Use the following command...
Set the supp-timeout per port (a time for the port to wait for a reply from the Authenticated
Station)
Set the server-timeout per port
(a time to wait for a reply from the Authentication Server)
Set the re-authentication period per port (an idle time between re-authentication attempts)
Set the max-req per port (the maximal number of times the port tries to retransmit requests to the Authenticated Station before the session is terminated) set port dot1x supp-timeout set port dot1x server-timeout set port dot1x re-authperiod set port dot1x max-req
3 of 3
Spanning Tree Protocol
Overview
C360 switches support both common Spanning Tree protocol (802.1d) and the enhanced Rapid
Spanning Tree protocol (802.1w). IEEE 802.1w is a faster and more sophisticated version of the
802.1d (STP) standard. Spanning Tree makes it possible to recover connectivity after an outage within a minute or so. RSTP, with its "rapid" algorithm, can restore connectivity to a network where a backbone link has failed in much less time.
In order to configure the switch to either common Spanning Tree or Rapid Spanning Tree protocol, use the set spantree version CLI command.
Spanning Tree Protocol
The Spanning Tree Algorithm ensures the existence of a loop-free topology in networks that contain parallel bridges. A loop occurs when there are alternate routes between hosts. If there is
Issue 1 July 2006 127
Avaya C360 Layer 2 Features a loop in an extended network, bridges may forward traffic indefinitely, which can result in increased traffic and degradation in network performance.
The Spanning Tree Algorithm:
● Produces a logical tree topology out of any arrangement of bridges. The result is a single path between any two end stations on an extended network.
● Provides a high degree of fault tolerance. It allows the network to automatically reconfigure the spanning tree topology if there is a bridge or data-path failure.
The Spanning Tree Algorithm requires five values to derive the spanning tree topology. These are:
1. A multicast address specifying all bridges on the extended network. This address is media-dependent and is automatically determined by the software.
2. A network-unique identifier for each bridge on the extended network.
3. A unique identifier for each bridge/LAN interface (a port).
4. The relative priority of each port.
5. The cost of each port.
After these values are assigned, bridges multicast and process the formatted frames (called
Bridge Protocol Data Units, or BPDUs) to derive a single, loop-free topology throughout the extended network. The bridges exchange BPDU frames quickly, minimizing the time that service is unavailable between hosts.
Spanning Tree per Port
The Spanning Tree can take up to 30 seconds to open traffic on a port. This delay can cause problems on ports carrying time-sensitive traffic. You can therefore enable/disable Spanning
Tree in C360 on a per-port basis to minimize this effect.
Rapid Spanning Tree Protocol (RSTP)
About the 802.1w Standard
The enhanced feature set of the 802.1w standard includes:
● Bridge Protocol Data Unit (BPDU) type 2
● New port roles: Alternate port, Backup port
● Direct handshaking between adjacent bridges regarding a desired topology change (TC).
This eliminates the need to wait for the timer to expire.
128 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Spanning Tree Protocol
● Improvement in the time it takes to propagate TC information. Specifically, TC information does not have to be propagated all the way back to the Root Bridge (and back) to be changed.
● Origination of BPDUs on a port-by-port basis.
Port Roles
At the center of RSTP-specifically as an improvement over STP (802.1d)-are the roles that are assigned to the ports. There are four port roles:
● Root port - port closest to the root bridge
● Designated port - corresponding port on the remote bridge of the local root port
● Alternate port - an alternate route to the root
● Backup port - an alternate route to the network segment
The RSTP algorithm makes it possible to change port roles rapidly through its fast topology change propagation mechanism. For example, a port in the "blocking" state can be assigned the role of "alternate port." When the backbone of the network fails the port may be rapidly changed to forwarding.
Whereas the STA passively waited for the network to converge before turning a port into the forwarding state, RSTP actively confirms that a port can safely transition to forwarding without relying on any specific, programmed timer configuration.
RSTP provides a means of fast network convergence after a topology change. It does this by assigning different treatments to different port types. The port types and the treatment they receive follow:
● Edge ports - Setting a port to "edge-port" admin state indicates that this port is connected directly to end stations that cannot create bridging loops in the network. These ports transition quickly to forwarding state. However, if BPDUs are received on an Edge port, it's operational state will be changed to "non-edge-port" and bridging loops will be avoided by the RSTP algorithm. The default admin state of all ports is "edge-port".
Note:
Note:
You must manually configure uplink and backbone ports (including LAG logical ports) to be "non-edge" ports, using the CLI command set port edge admin state .
● Point-to-point Link ports - This port type applies only to ports interconnecting RSTP compliant switches and is used to define whether the devices are interconnected using shared Ethernet segment or point-to-point Ethernet link. RSTP convergence is faster when switches are connected using point-to-point links. The default setting for all ports - automatic detection of point-to-point link - is sufficient for most networks.
Issue 1 July 2006 129
Avaya C360 Layer 2 Features
Spanning Tree Implementation in the C360
RSTP is implemented in C360 family of products so that it is interoperable with the existing implementation of STP. In order to configure the switch to either common Spanning Tree or
Rapid Spanning Tree protocol, use the set spantree version command.
The balance of this section lists the conditions and limitations that govern the implementation of
Spanning Tree in the C360 family.
● RSTP's fast convergence benefits are lost when interacting with legacy (STP) bridges.
● When RSTP detects STP Bridge Protocol Data Units (BPDUs type 1) on a specific port, it will begin to "speak" 802.1d on this port only. Specifically, this means:
- 802.1d bridges will ignore RSTP BPDUs and drop them.
- 802.1d bridges will send 802.1d format BPDUs back to the switch.
- The switch will change to 802.1d mode for that port only.
The C360 configured to RSTP is therefore able to simultaneously work with other switches implementing either RSTP or STP without specific user intervention.
● Spanning Tree configuration is performed on the stack level.
● RSTP is interoperable with C360 Port Redundancy and 802.1x applications. If either
RSTP or 802.1x put the port in blocking, its final state will be "blocking".
● You must manually configure uplink and backbone ports to be "non-edge" ports for both
STP and RST using the set port edge admin state CLI command.
● You must manually set the classification of uplink and backbone ports to "valuable" using the set port classification CLI command.
● STP and Self Loop Discovery (SLD) are incompatible. However, If Spanning Tree is set to rapid-spanning-tree version, there is no need to use the Self-loop-discovery feature; the
RSTP algorithm avoids loops generated by the IBM token ring cabling.
● The 802.1w standard defines differently the default path cost for a port compared to STP
(802.1d). In order to avoid network topology change when migrating to RSTP, the STP path cost is preserved when changing the spanning tree version to RSTP. You can use the default RSTP port cost by using the CLI command set port spantree cost auto.
130 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Spanning Tree Protocol
Spanning Tree Protocol CLI Commands
The following table contains a list of CLI commands for the Spanning Tree feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Enable/Disable the spanning tree application for the switch
Set the bridge priority for spanning tree
Set the RSTP bridge spanning tree max-age parameter
Set the RSTP bridge hello-time parameter set spantree set spantree priority set spantree max-age set spantree hello-time
Set the RSTP bridge forward-delay time parameter
Select between STP operation or
RSTP switch operation set spantree forward-delay set spantree version
Display the bridge and per-port spanning tree information show spantree
Set the TX hold count for the STA set spantree priority
Add a port to the spanning tree application set port spantree enable set port spantree disable Remove a port from the spanning tree application
Set the port spantree priority level
Set the cost of a port set port spantree priority set port spantree cost
Set the port as an RSTP port
(and not as a common STA port)
Display a port's edge admin and operational RSTP state set port spantree force-protocol-migration show port edge state
1 of 2
Issue 1 July 2006 131
Avaya C360 Layer 2 Features
In order to...
Use the following command...
set port edge admin state Set the port as an RSTP edge port or non-edge port
Set the port point-to-point admin status
Show the port's point-to-point admin and operational RSTP status set port point-to-point admin status show port point-to-point status
2 of 2
MAC Security
The MAC security function is intended to filter incoming frames (from the line) with an unauthorized source MAC address (SA).
MAC Security Implementation in the C360
When a frame is received on a secured port, its source MAC address is checked against the secured MAC Address Table. If either the source MAC address is not found there, or it is found but with a different ingress port location, then the frame is rejected
The C360 can be configured to take one of the following actions when an attempted intrusion occurs:
● Drop – Drops the packets for five seconds.
● Drop and notify – Drops the packets for five seconds and sends a notification to the management station.
● Disable and notify – Permanently disables the packets and sends a notification to the management station.
When the C360 is configured to send traps to report attempted intrusion, to prevent the flooding of the Console's trap log / network, the Agent sends an intruder alert every five seconds for the first 3 times a specific intruder is detected on a port, and then every 15 minutes if the intrusion continues.
You should first enable the MAC security global mode (use the set security mode CLI command) and then configure the ports which should be secured (use the set port security CLI command). When setting a port to secured, the MAC addresses that a
132 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
MAC Security
Tip: currently learnt on this port are preserved and considered as secure MAC, unless they are removed using clear secure mac command. Individual secure MACs can also be added.
Note:
Tip:
You can add a MAC address to more than one port on the device. This allows a specific device to communicate with the switch via more than one ingress port.
However the number of secured MAC addresses on any module cannot exceed
1,024.
Note:
Ports that are members of a port redundancy scheme should not be also configured as secure ports.
MAC Security CLI Commands
The following table contains a list of CLI commands for the MAC Security feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
set security mode Enable/Disable MAC security for the switch
Display the MAC security mode for the switch
Enable/Disable MAC security for a specific port
Display the MAC security mode for a port
Specify the action taken when there is a security violation
Add a MAC address to a port's list of allowed MAC addresses
Remove a MAC address from a port's list of allowed MAC addresses
Display a port's list of allowed
MAC addresses show security mode set port security show port security set security violation action set secure mac clear secure mac show secure mac
Issue 1 July 2006 133
Avaya C360 Layer 2 Features
LAG (Link Aggregate Group)
LAG Overview
A LAG uses multiple ports to create a high bandwidth connection with another device. For example: Assigning four 100BASE-T ports to a LAG on an C360 allows the switch to communicate at an effective rate of 400 Mbps with another switch. LAGs provide a cost-effective method for creating a high bandwidth connection. LAGs also provide built-in redundancy for the ports that belong to a LAG. If a port in a LAG fails, its traffic is directed to another port within the LAG.
The behavior of the LAG is derived from the base port (the first port that becomes a LAG member). The attributes of the base port, such as port speed, VLAN number, etc., are applied to all the other member ports in the LAG.
When created, each LAG is automatically assigned a logical port number (usually designated
10x). This logical port number can then be used as any regular panel port for all configuration required for the LAG (Spanning Tree, Redundancy, etc.).
Note:
Note:
You need to erase all ports in the LAG in order to remove it.
LAG CLI Commands
The following table contains a list of the CLI commands for the LAG feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Enable or disable a Link
Aggregation Group (LAG) logical port on the switch
Display Link Aggregation Group
(LAG) information for a specific switch or port set port channel show port channel
134 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Port Redundancy
LAG Implementation in the C360
This section describes the implementation of the LAG feature in the C360 product family.
● With the C363T and C363T-PWR, you can aggregate the two GBIC ports to form a LAG, you can aggregate the bandwidths of 3 groups of 10/100BASE-T ports in a LAG, for a maximum of four LAGs per switch.
● With the C364T and C364T-PWR, you can aggregate the two GBIC ports to form a LAG, you can aggregate the bandwidths of six 10/100BASE-T ports in a LAG, for a maximum of seven LAGs per switch.
Tip:
Tip:
You cannot combine 10/100BASE-T and 1000BASE-X ports in a LAG. You can only aggregate the bandwidths of 10/100BASE-T ports numbered 1-24 and 25-48 in a LAG within their respective ports groups, 1-24 or 25-48.
The relationship between the C360 Port Numbers and the LAG logical Port Number that will be assigned to each LAG is shown in Table 31 .
Table 33: LAG Logical Port Numbers
6
7
4
5
1
2
3
LAG Definition
Order
LAG Logical Port
Number
101
102
103
104
105
106
107
Port Redundancy
Port redundancy involves the duplication of devices, services, or connections, so that, in the event of a failure, the redundant device, service, or connection can take over for the one that failed.
Issue 1 July 2006 135
Avaya C360 Layer 2 Features
In addition to Link Aggregation Groups - which comprise the basic redundancy mechanism within the switch - the C360 offers an additional port redundancy scheme. To achieve port redundancy, you can define a redundancy relationship between any two ports in a stack. One port is defined as the primary port and the other as the secondary port. If the primary port fails, the secondary port takes over. You can configure up to 20 pairs of ports (or LAGs) per stack for port redundancy, and one pair per stack for intermodule redundancy. Each pair contains a primary and secondary port. You can configure any type of port to be redundant to any other.
Port Redundancy Operation
Tip:
The Port Redundancy feature supports up to 20 pairs of ports per stack. The redundant or secondary port takes over when the primary port link is down. Port redundancy provides for the following in the C360:
● Switchback from the secondary to primary port is allowed
● Switching time intervals can be set by the user
Tip:
Tip:
Port Redundancy interoperates with the Spanning Tree Algorithm.
The Port Redundancy feature functions as follows:
● Port Redundancy enables the user to establish 20 pairs of ports. Within each pair, primary and secondary ports are defined. To prevent loops, only one port is enabled at a time.
● Following initialization, the primary port is enabled and the secondary port is disabled.
- If the active port link fails, the system enables the secondary port.
- If the secondary port is enabled and the primary port link becomes available again, the system will "switchback" to the primary port, unless configured otherwise by the user.
● Two timers are available:
- "min-time-between-switchovers" - minimum time (in seconds) between the failure of the primary port link and switchover to the secondary (backup) port.
Tip:
The first time the primary port fails, the switchover is immediate. This timer applies to subsequent failures.
- "switchback-interval" - the minimum time (in seconds) that the primary port link has to be up (following failure) before the system switches back to the primary port. If you set this to zero, there is no switch back.
136 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Port Redundancy
Intermodule Port Redundancy
The intermodule port redundancy feature supports one pair of redundant ports per stack. Unlike
Port Redundancy definitions, intermodule port redundancy definitions are retained after stack renumbering. In other words, if you remove a switch which is not part of the redundancy scheme, the redundancy definition is unaffected. This makes intermodule port redundancy a better option for very important connections. In the example in Figure 24 , Intermodule Port
Redundancy is configured on ports in switch 1 (primary) and switch 4 (secondary). If switch 2 is removed, the redundancy definition is retained, and is between switches 1 and 3.
Figure 27: Intermodule Port Redundancy
3
2
5
4
1
2
1
4
3
Tip:
Tip:
The secondary port is activated:
● when the primary port link is down, or
● when the module in the stack holding the primary port has been powered down or removed.
Switching time for intermodule port redundancy is approximately 1 second.
Tip:
Defining intermodule port redundancy on ports with no link causes both ports to be disabled. You should connect the link prior to attempting to define intermodule port redundancy.
Tip:
Once a port has been designated in a redundancy scheme, either as a primary or a secondary port, it can not be designated in any other redundancy scheme.
Issue 1 July 2006 137
Avaya C360 Layer 2 Features
Tip:
Tip:
Intermodule Port Redundancy does not interwork with the Spanning Tree
Algorithm.
Port Redundancy CLI Commands
The following table contains a list of the CLI commands for the Redundancy feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya
C360 Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Define or remove port redundancy schemes
Enable the defined port redundancy schemes
Disable the defined port redundancy schemes
Define the timers that control the port redundancy operation
Display information on port redundancy schemes.
Define the switch's unique intermodule redundancy scheme
Clear the intermodule redundancy display the intermodule redundancy entry defined for the switch set port redundancy set port redundancy enable set port redundancy disable set port redundancy-interval show port redundancy set intermodule port redundancy set intermodule port redundancy off show intermodule port redundancy
138 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IP Multicast Filtering
Port Classification
Overview
With the C360, you can classify any port as regular or valuable. Setting a port to valuable means that, in case of Ethernet link failure of that port, a link fault trap can be sent even when the port is disabled. This feature is particularly useful for the link/intermodule redundancy application, where you need to be informed about a link failure on the dormant port and resume traffic quickly.
Port Classification CLI Commands
In order to...
Set the port classification to either regular or valuable
Display a port's classification
Use the following command...
set port classification show port classification
IP Multicast Filtering
Overview
IP Multicast is a method of sending a single copy of an IP packet to multiple destinations. It can be used by different applications including video streaming and video conferencing.
The Multicast packet is forwarded from the sender to the recipients, duplicated only when needed by routers along the way and sent in multiple directions such that it reaches all the members of the Multicast group. Multicast addresses are a special kind of IP addresses (class
D), each identifying a multicast group. Stations join and leave multicast groups using IGMP. This is a control-plane protocol through which IP hosts register with their router to receive packets for certain multicast addresses.
IP multicast packets are transmitted on LANs in MAC multicast frames. Traditional LAN switches flood these multicast packets like broadcast packets to all stations in the VLAN. In order to avoid sending multicast packets where they are not required, multicast filtering functions may be added to the layer 2 switches, as described in IEEE standard 802.1D. Layer 2 switches capable of multicast filtering send the multicast packets only to ports connecting members of that multicast group. This is typically based on IGMP snooping.
Issue 1 July 2006 139
Avaya C360 Layer 2 Features
The C360 supports multicast filtering. The C360 learns which switch ports need to receive which multicast packets and configures the necessary information into the switch's hardware tables. This learning is based on IGMP (version 1 or 2) snooping.
The multicast filtering function in the C360 is transparent to the IP hosts and routers. It does not affect the forwarding behavior apart from filtering multicast packets from certain ports where they are not needed. To the ports that do get the multicast, forwarding is performed in the same way as if there was no filtering, and the multicast packet will not be sent to any ports that would not receive it if there was no filtering.
The multicast filtering function operates per VLAN. A multicast packet arriving at the device on a certain VLAN will be forwarded only to a subset of the ports of that VLAN. If VLAN tagging mode is used on the output port, then the multicast packet will be tagged with the same VLAN number with which it arrived. This is interoperable with multicast routers that expect Layer 2 switching to be done independently for each VLAN.
Figure 28: IP Multicast Filtering in Action
`
`
1 2
` `
` `
`
`
Figure notes:
1. Network with no IP Multicast Filtering
- PC generates traffic for multicast group A
- All other PCs receive the traffic whether or nor they require it.
2. Network with IP Multicast Filtering
- Only PCs that have registered with group A receive the traffic
IP Multicast Filtering configuration is associated with the setting up of three timers:
● The Router Port Pruning timer ages out Router port information if IGMP queries are not received within the configured time.
● The Client Port Pruning time is the time after the C360 switch reset that the filtering information is learned by the switch but not configured on the ports.
140 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
RMON
● The Group Filtering Delay time is the time that the switch waits between becoming aware of a Multicast group on a certain VLAN and starting to filter traffic for this group.
IP Multicast CLI Commands
The following table contains a list of the CLI commands for the IP Multicast feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Use the following command...
Enable or disable the IP multicast filtering application set intelligent-multicast
Define aging time for client ports set intelligent-multicast client port pruning time
Define aging time for router ports
Define group filtering time delays set intelligent-multicast router port pruning time set intelligent-multicast group-filtering delay time show intelligent-multicast Display the status IP multicast filtering application
Shows whether the connected unit's hardware supports IP multicast filtering show intelligent-multicast hardware-support
RMON
RMON Overview
RMON, the internationally recognized network monitoring standard, is a network management protocol that allows network information to be gathered at a single workstation. You can use
RMON probes to monitor and analyze a single segment only. When you deploy a switch on the network, there are additional components in the network that cannot be monitored using
RMON. These components include the switch fabric, VLAN, and statistics for all ports.
Issue 1 July 2006 141
Avaya C360 Layer 2 Features
RMON is the internationally recognized and approved standard for detailed analysis of shared
Ethernet media. It ensures consistency in the monitoring and display of statistics between different vendors.
RMON's advanced remote networking capabilities provide the tools needed to monitor and analyze the behavior of segments on a network. In conjunction with an RMON agent, RMON gathers details and logical information about network status, performance and users running applications on the network.
RMON I analyzes the MAC layer (Layer 2 in the OSI seven-layer model).
An RMON agent is a probe that collects information about segments, hosts and traffic and sends the information to a management station. You use specific software tools to view the information collected by the RMON agent on the management station.
RMON CLI Commands
In order to...
Use the following command...
Create an RMON history entry
Delete an existing RMON history entry
Create a new RMON alarm entry
Delete an existing RMON alarm entry
Create an RMON event entry
Delete an existing RMON event entry
Display the RMON statistics counters for a certain interface number according to the MIB-2 interface table numbering scheme
Display the most recent RMON history log for a given History
Index
Display the parameters set for a specific alarm entry that was set using the rmon alarm command rmon history no rmon history rmon alarm no rmon alarm rmon event no rmon event show rmon statistics show rmon history show rmon alarm
1 of 2
142 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
SMON
In order to...
Use the following command...
Display the parameters of an
Event entry defined by the rmon event command or Device
Manager
Clears all RMON counters in the stack show rmon event clear rmon statistics
2 of 2
SMON
SMON Overview
SMON is Avaya's standard-setting switch monitoring technology that has now been adopted as
IETF standard RFC 2613. SMON extends the RMON standard to provide the switch monitoring tools and features you need to analyze the switched network and all its components.
SMON provides the basis for top-down network monitoring. Top-down monitoring starts when the you notice particular traffic flow patterns in a global view of the network. The network manager can progressively focus in and find the specific source or sources of the traffic.
Using this method, the amount of information the network manager must assess is kept to a minimum. Top-down monitoring is robust enough to enable control of even the most complex and sophisticated networks.
SMON is an extension of the RMON standard. SMON adds to the monitoring capabilities of
RMON in the following ways:
● It provides additional tools and features for monitoring in the switch environment.
● It provides a global view of traffic flow on a network with multiple switches.
SMON monitoring provides:
● A global view of traffic for all switches on the network
● An overall view of traffic passing through a specific switch
● Detailed data of the hosts transmitting packets through a switch
● An analysis of traffic passing through each port connected to a switch, and
● A view of traffic between various hosts connected to a switch.
Issue 1 July 2006 143
Avaya C360 Layer 2 Features
Tip:
SMON extends both RMON I for the MAC layer, and RMON 2 for the network layer and higher.
SMON monitoring collects and displays data in real-time.
Top-down view of all traffic:
● Network view for selected switches
● Network view for selected ports
● VLAN view
● History
Tip:
In order to use SMON, you need to install the SMON license on the C360 switch and use Avaya IM with SMON
Note:
SMON for the network layer is not supported in this version of the C360.
Note:
SMON CLI Commands
In order to...
Use the following command...
Enter the SMON license
Display licenses installed on the switch set license show license
Port Mirroring
Port Mirroring Overview
Port Mirroring copies all received and transmitted packets (including local traffic) from a source port to a predefined destination port, in addition to the normal destination port of the packets.
Port Mirroring, also known as "sniffing" is useful in debugging network problems.
Port mirroring allows you to define a source port and a destination port, regardless of port type.
For example, a 10 Mbps and a 100 Mbps port can form a valid source/destination pair. You cannot, however define the port mirroring source and destination ports as the same port.
You can define one source port and one destination port on each C360 stack for either received
- Rx - or transmitted and received - Tx + Rx - traffic.
144 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Weighted Queuing
Port Mirroring CLI commands
In order to...
Define a port mirroring source-destination pair in the switch
Display port mirroring information for the switch
Cancel port mirroring
Use the following command...
set port mirror show port mirror clear port mirror
Port Mirroring Implementation in the C360
Note the following limitations:
● The VLAN binding parameters of the source and destination ports must be identical.
● Ports which are members in a Link Aggregation Group (LAG) cannot also be used as Port
Mirroring Destination or Source ports.
● On the stack level, port mirroring pairs can be configured between any Giga port, and between any Giga port on the C360 and any 10/100Mbps port not residing on a C360.
Weighted Queuing
Tip:
The Weighted Queuing feature allows the user to configure the priority scheme between the internal priority queues as "Strict Priority" or to configure it as a Weighted Round Robin (WRR) scheme, with user-configurable weights.
Tip:
If the queuing scheme commands are to be implemented on a C360 switch other than the stack master, a session should be opened to the relevant switch.
Implementation of Weighted Queuing in the C360
The user is able to set the Priority scheme to either "Strict" or "WRR." The choice of option impacts in the following way on the operation of the modules installed in the stack.
Issue 1 July 2006 145
Avaya C360 Layer 2 Features
Tip:
● When the Priority scheme is set to "Strict", the Lower priority queue will transmit only if none of the Higher priority queues has nothing to transmit.
● When the Priority scheme is set to "WRR" queues will be transmit according to the weight factor.
Tip:
By default, the WWR weights between the four C360 priority queues are
1:4:16:64
Weighted Queuing CLI Commands
The following table contains a list of the CLI commands for the Weighted Queuing feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
In order to...
Switch between the Strict and
Weighted queuing schemes, and to set the weights
Returns the queuing scheme to
WRR with the default weights
Display the current queuing scheme settings
Use the following command...
set queuing scheme set default queuing scheme show queuing scheme
LLDP Agent
LLDP Agent Overview
IEEE 802.1AB Link Layer Discovery Protocol (LLDP) simplifies troubleshooting of enterprise networks and enhances the ability of network management tools to discover and maintain accurate network topologies in multi-vendor environments. It defines a set of advertisement messages, called TLVs, a protocol for transmitting and receiving the advertisements, and a method for storing the information contained in the received advertisements.
The LLDP protocol allows stations attached to a LAN to advertise information about the system
(such as its major capabilities and its management address) and information regarding the station's point of attachment to the LAN (port ID and VLAN information) to other stations
146 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
LLDP Agent attached to the same LAN. These can all be reported to management stations via IEEE-defined
Simple Network Management Protocol (SNMP) Management Information Bases (MIBs).
LLDP information is transmitted periodically. The IEEE has defined a recommended transmission rate of 30 seconds, however, the transmission rate is adjustable. LLDP devices, after receiving an LLDP message from a neighboring network device, stores the LLDP information in an SNMP MIB. This information is valid only for a finite period of time after TLV reception. The time is defined by the LLDP Time to Live (TTL) TLV value that is contained within the received packet, unless refreshed by a newly received TLV. The IEEE recommends a TTL value of 120 seconds, but you can change it if necessary. This ensures that only valid LLDP information is stored in the network devices and is available to network management systems.
LLDP information is associated with the specific device that sends it. The device itself is uniquely identified by the receiving party via both received chassis ID and port ID values.
Multiple LLDP devices can reside on a single port, using a hub for example, and all of the devices are reported via MIB. You can enable (Rx and TX, Rx or Tx) or disable LLDP operation on a per-port basis.
Supported TLVs
Mandatory
● End-of-LLDPDU
● Chassis ID
● Port ID
● Time to Live
Optional
● Port description
● System description
● System name
● System capabilities
● Management address
802.1 (optional)
● VLAN name
● Port VLAN
Issue 1 July 2006 147
Avaya C360 Layer 2 Features
Configuring the LLDP Agent
To configure LLDP:
1. Enable the LLDP agent globally using the set lldp system-control command.
C360-1 (super)# set lldp system-control enable
Done!
This command affects all C360 switches within a stack and activates TLV reception and mandatory TLV transmission on all stack ports according to the administrative LLDP port
2. Configure the administrative lldp port status using the set port lldp CLI command
(optional). The default value is rx-and-tx.
C360-1(super)# set port lldp 5/3 rx-only
Done!
The device now accepts LLDP TLVs from neighboring devices supporting LLDP on port 3 in module 5 in the stack.
3. Configure additional TLVs transmission using the set port lldp tlv CLI command
(optional). This allows you to advertise additional information about the device's and ports' description, VLAN information, system capabilities and management address. Additional
TLVs are disabled by default.
C360-1 (super)# set port lldp tlv 5/3 enable all
Done!
The device now advertises all mandatory and optional TLVs to neighboring network devices supporting LLDP.
4. Verify LLDP advertisements using the show lldp config CLI command.
148 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
LLDP Agent
LLDP Agent CLI Commands
The following table contains a list of the CLI commands for the LLDP Agent feature. The rules of syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Enable or disable the LLDP application globally (per stack).
Configure the interval at which the device transmits LLDP frames
Set the TxHoldMultiplier
Set the TxDelay
Set the reinitDelay
Display the global LLDP configuration
Change the administrative lldp port status
Enable or disable the transmission of the optional TLVs on a per-port basis
Display port-level lldp configuration.
Display the VLAN-Name TLVs that are being transmitted on a specific port
Display the LLDP information received on each port
Use the following command...
set lldp system-control set lldp tx-interval set lldp tx-hold-multiplier set lldp tx-delay lldp re-init-delay show lldp config set port lldp set port lldp tlv show port lldp config show port lldp vlan-name config show lldp
Issue 1 July 2006 149
Avaya C360 Layer 2 Features
150 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 9: Avaya C360 Layer 3 Features
This section describes the C360 Layer 3 features. It provides the basic procedures for configuring the C360 for Layer 3 operation.
●
Obtaining and Activating a License Key
●
●
●
●
RIP (Routing Interchange Protocol) Configuration
●
OSPF (Open Shortest Path First) Configuration
●
●
●
ARP (Address Resolution Protocol) Table Configuration
●
BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay Configuration
●
NetBIOS Re-broadcast Configuration
●
VRRP (Virtual Router Redundancy Protocol) Configuration
●
●
IP Fragmentation and Reassembly
Layer 3 features only apply to the C360 operating in router mode. You must purchase a Routing
License Key Certificate for the C360 and activate the feature in order to operate in router mode.
Refer to Obtaining and Activating a License Key on page 151 for further information.
Obtaining and Activating a License Key
Each Certificate is specific for:
● The switch type.
● The required feature.
● The number of devices.
After you purchase a Routing Licence Key Certificate, you must obtain and activate a Routing
License Key.
Issue 1 July 2006 151
Avaya C360 Layer 3 Features
Obtaining a Routing License Key
To obtain a License Key that enables routing features:
1. Go to http://license-lsg.avaya.com and click "request new license".
152 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
2. Enter the Certificate Key and Certificate Type.
Obtaining and Activating a License Key
3. Click Next.
Issue 1 July 2006 153
Avaya C360 Layer 3 Features
4. Enter contact information (once per certificate)
5. Click Next.
154 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
6. View number of licenses left.
Obtaining and Activating a License Key
Issue 1 July 2006 155
Avaya C360 Layer 3 Features
7. Enter serial number of the switch(es) or module. To identify serial numbers use the CLI command: show module-identity.
156 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Obtaining and Activating a License Key
8. Click Generate. The feature-enabling license code is generated
Issue 1 July 2006 157
Avaya C360 Layer 3 Features
Activating a Routing License Key
To activate a Routing License Key:
1. Enter the acquired Routing License Key into the C360 switch using the set license CLI
CLI command.
set license [module] [license] [featureName] where: module - C360 switch number (the location of the device in the stack) license - license code featureName - routing and press Enter.
2. Reset the module.
3. Check that the license is activated using the show license CLI command.
License Key CLI Commands
In order to...
Configure the feature license
Display the feature license
Display the switch identity required for acquiring a license
Use the following command...
set license show license show module-identity
What is Routing?
Routing enables transfer of a data packet from source to destination using a device called a router. Routing involves two basic activities:
● determining optimal routing paths
● transmitting information packets through an internetwork
Routers use routing tables to determine the routes to particular network destinations and, in some cases, metrics associated with those routes. Routers communicate with one another and maintain their routing tables through the transmission of a variety of messages.
158 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
What is Routing?
The Routing Update Message is one such message. Routing Updates generally consist of all or a portion of a routing table. By analyzing Routing Updates from all routers, a router can build a detailed picture of network topology.
A Link-State Advertisement is another example of a message sent between routers. Link-State
Advertisements inform other routers of the state of the sender's links. Link information can also be used to build a complete picture of the network's topology. Once the network topology is understood, routers can determine optimal routes to network destinations.
Routers can route only those messages that are transmitted in a routable protocol, such as IP or IPX. Messages in non-routable protocols, such as NetBIOS and LAT, cannot be routed, but they can be transferred from LAN to LAN via a bridge.
When a router receives a packet, it examines the packet's destination protocol address. The router then determines whether it knows how to forward the packet to the next hop. If the router does not know how to forward the packet, it typically drops the packet unless a default gateway is defined. If the router knows how to forward the packet, it changes the packet destination's physical address to that of the next hop and transmits the packet.
The next hop may or may not be the ultimate destination host. If not, the next hop is usually another router, which executes the same switching decision process. As the packet moves through the internetwork, its physical address changes but its protocol address remains constant. This process is illustrated in the figure below.
Issue 1 July 2006 159
Avaya C360 Layer 3 Features
Figure 29: Routing
`
` 1
2
Figure notes:
1. First Hop:
● Protocol address: Destination
● Physical address: Router 1
2. Second Hop:
● Protocol address: Destination
● Physical address: Router 2
The relation between the destination host's protocol address and its physical address is obtained by the routers using the ARP request/reply mechanism, and the information is stored within the ARP table in the router (see
Within an enterprise, routers serve as an intranet backbone that interconnects all networks. This architecture strings several routers together via a high-speed LAN topology such as Fast
Ethernet or Gigabit Ethernet. Within the global Internet, routers do all the packet switching in the backbones.
Another approach within an enterprise is the collapsed backbone, which uses a single router with a high-speed backplane to connect the subnets, making network management simpler and improving performance.
160 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Routing Configuration
Routing Configuration
Forwarding
The C360 forwards IP packets between IP networks. When it receives an IP packet through one of its interfaces, it forwards the packet through one of its interfaces. The C360 supports multinetting, enabling it to forward packets between IP subnets on the same VLAN as well as between different VLANs. Forwarding is performed through standard means in Router mode.
Multinetting (Multiple Subnets per VLAN)
Tip:
Tip:
In Router Mode, most applications such as RIP and OSPF, operate per IP interface. Other applications such as VRRP and DHCP/BOOTP Relay operate per VLAN. Configuration of these applications is done in the Interface mode. When there is only a single interface (subnet) per
VLAN then system behavior is intuitive since a subnet and a VLAN are the same.
Multiple interfaces (subnets) per VLAN are more complicated. For example, if there are two interfaces over the same VLAN and you configure DHCP server on one interface, it will be used also for the second interface over the same VLAN. This behavior might be less expected and in some cases wrong.
In order to prevent misconfiguration and unexpected results, the C360 prevents configuration of
VLAN-oriented commands on an interface unless explicitly you specifically request it by the user via the "enable vlan commands" CLI command.
Configuring the "enable vlan commands" on one interface defeats this option on other interfaces that belong to the same VLAN. This ensures that VLAN-oriented commands can be configured from one interface only.
In case there is only one interface over a VLAN, then VLAN oriented commands for this VLAN can be configured through the single interface without using the "enable vlan commands" command.
Tip:
VLAN-oriented commands that were configured affect the VLAN of the interface that was used at the time the command was issued.
Tip:
If you move the interface another VLAN using the ip vlan CLI command,
VLAN-oriented configuration still relates to the original VLAN.
Issue 1 July 2006 161
Avaya C360 Layer 3 Features
IP Configuration
IP Configuration CLI Commands
In order to...
Enable IP routing
Use the following command...
ip routing
Specify the format of netmasks in the show command output
Create and/or enter the
Interface Configuration Mode
Assign an IP address and mask to an interface
Set the administrative state of an IP interface
Update the interface broadcast address
Define a default gateway
(router)
Define the interface RIP route metric value
Enable net-directed broadcast forwarding ip netmask-format interface ip address ip admin-state ip broadcast-address ip default-gateway default-metric ip directed-broadcast
Set the IP routing mode of the interface ip routing-mode
Enable or disable the sending of redirect messages on the interface
Check host reachability and network connectivity
Trace route utility ip redirect ping traceroute
Create a router Layer 2 interface set vlan (Layer 3)
1 of 2
162 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IP Configuration
In order to...
Use the following command...
Specify the VLAN on which an
IP interface resides
Use this command before configuring VLAN-oriented parameters, when there is more than one interface on the same
VLAN
Display information about the IP unicast routing table
Display information for an IP interface
Display the status of ICMP error messages
Delete a Layer 2 Router interface ip vlan/ip vlan name enable vlan commands show ip route (Layer 3) show ip interface show ip icmp clear vlan
2 of 2
Assigning Initial Router Parameters
To configure the initial router parameters perform the following via the CLI:
1. Type set device-mode router and press Enter.
You will be prompted to reset the switch.
2. Type y.
Wait for the switch to restart and for the CLI prompt to reappear.
3. Type show device-mode and press Enter to ensure that the module is in router mode.
Tip:
Tip:
Assign the stack IP address as described in
Assigning C360 IP Stack Address on page 64 before you assign the Initial Router IP address.
4. To access Router commands from the Master module, type the command session
<module number> router where <module number> is the location of the router module in the stack, and press Enter.
The command prompt changes from C360-N> to Router-N#> where N is the number of
the router in the stack (see SNMP Support
).
5. Type configure and press Enter. The prompt Router-N(configure)# appears.
Issue 1 July 2006 163
Avaya C360 Layer 3 Features
Tip:
Tip:
If the IP interface is on VLAN #1, continue with Step 7.
6. Create the management/routing VLAN. Use the command set vlan <Vlan-id> name <Vlan-name> replacing <Vlan-id> by the VLAN number, and <Vlan-name> by the VLAN name. Press Enter.
7. Create an IP interface name. Type:
Router(configure)# interface <interface-name>
Press Enter.
The Router(configure-if:<interface-name>)# prompt appears.
8. Assign the IP address and network mask of the IP interface you have created. Use the command:
Router(configure-if:<interface-name>)# ip address <ip-address>
<netmask>
Press Enter
9. Assign a vlan to the IP interface you have created. Type: Assign a vlan to the IP interface you have created. Type:
Router(configure)# interface <interface-name># ip vlan <vland-id>
Press Enter.
10. Type exit and press Enter. This returns you to the prompt: Router(configure)#
11. If the management station is not on the same subnet as the switch, configure a default gateway (static route). Use the command: ip default-gateway <ip-address> and press Enter, replacing
<ip-address> with the IP address of the default gateway.
12. Save the configuration changes by typing copy running-config startup-config and press Enter.
RIP (Routing Interchange Protocol) Configuration
RIP Overview
RIP is a "distance vector protocol"- that is, the router decides which path to use on distance (the number of intermediate hops). In order for this protocol to work correctly, all of the routers (and possibly the nodes) need to gather information on how to reach each destination in the Internet.
The very simplicity of RIP has a disadvantage, however: it does not take into account the network bandwidth, physical cost, data priority, and so on.
The C360 supports the widely used RIP routing protocol (both RIPv1 and RIPv2). The RIPv1 protocol imposes some limitations on the network design with regard to subnetting. When
164 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
RIP (Routing Interchange Protocol) Configuration operating RIPv1, you must not configure variable length subnet masks (VLMS). Each IP network must have a single mask, implying that all subnets in a given IP network are of the same size. Also, when operating RIPv1, you must not configure supernets, which are networks with a mask smaller than the natural net mask of the address class, such as 192.1.0.0 with mask 255.255.0.0 (smaller than the natural class C mask which is 255.255.255.0). For detailed descriptions of RIP refer to the standards and published literature.
RIPv2 is a new version of the RIP routing protocol but with some advantages over RIPv1. RIPv2 solves some of the problems associated with RIPv1. The most important change in RIPv2 is the addition of a subnet mask field which allows RIPv2 to support variable length subnets. RIPv2 also includes an authentication mechanism similar to the one used in OSPF.
The RIP version, 1 or 2, is configured per IP interface. Configuration must be homogenous on all routers on each subnet-there can not be both RIPv1 and RIPv2 routers configured on the same subnet. However, different IP interfaces of the C360 can be configured with different RIP versions (as long as all routers on the subnet are configured to the same version).
RIPv2 and RIPv1 are considered the same protocol with regard to redistribution to/from OSPF and static route preferences.
RIP2
RIP2 overcomes some of the shortcomings of RIP. The table below summarizes the differences between RIP and RIP2.
Table 34: DIfferences Between RIP and RIP2
RIP2 RIP
Multicast addressing
Event-driven
Broadcast Addressing
Timer-based (update every 30 seconds)
VLSM support (subnet information transmitted) Fixed subnet masks
Issue 1 July 2006 165
Avaya C360 Layer 3 Features
RIP CLI Commands
In order to...
Use the following command...
Configure the Routing
Information Protocol (RIP)
Specify a list of networks on which the RIP is running
Redistribute routing information from other protocols into RIP
Specify the RIP version running on the interface basis
Set the interface RIP route metric value
Set the RIP Send and Receive mode on an interface
Enable learning of the default route received by the RIP
Enable split-horizon with poison-reverse on an interface router rip network redistribute ip rip rip-version default-metric ip rip send-receive ip rip default-route-mode ip rip poison-reverse
Enable split-horizon mechanism ip rip split-horizon
Specify the type of authentication used in RIP
Version 2 packets ip rip authentication mode ip rip authentication key Set the authentication string used on the interface
Specify the RIP timers values timers basic
166 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
OSPF (Open Shortest Path First) Configuration
OSPF (Open Shortest Path First) Configuration
OSPF Overview
OSPF is a routing protocol developed for IP networks based on the shortest path first or link-state algorithm. It was introduced to overcome the limitations of RIP in increasingly complex network designs.
OSPF is based on the cost of a particular path. In contrast, RIP uses hops as a path criterion.
Also, updates are sent on a "need to know" basis rather than every 30 seconds as with RIP.
The advantage of shortest path first algorithms is that they result in smaller more frequent updates everywhere. They converge quickly, thus preventing such problems as routing loops and Count-to-Infinity (when routers continuously increment the hop count to a particular network). This stabilizes the network.
The disadvantage of shortest path first algorithms is that they require a lot of CPU power and memory.
Routers use link-state algorithms to send routing information to all nodes in an internetwork by calculating the shortest path to each node. This calculation is based on a topography of the
Internet constructed by each node. Each router sends that portion of the routing table (keeps track of routes to particular network destinations) that describes the state of its own links, and it also sends the complete routing structure (topography).
The C360 supports the OSPF routing protocol. The C360 can serve as an OSPF Autonomous
System Boundary Router (ASBR) by configuration of route redistribution. The C360 can be installed in the OSPF backbone area (area 0.0.0.0) or in any OSPF area that is part of a multiple areas network. However, the C360 cannot be configured to be an OSPF area border router itself.
The C360 supports the equal-cost multipath (ECMP) feature which allows load balancing by splitting traffic between several equivalent paths.
While OSPF can be activated with default values for each interface using a single command, many of the OSPF parameters are configurable.
For a detailed description of OSPF, refer to the OSPF standards and published literature.
Issue 1 July 2006 167
Avaya C360 Layer 3 Features
OSPF CLI Commands
In order to...
Use the following command...
Enable OSPF protocol
Configure the area ID of the router
Configure router identity
Configure a passive ospf interface
Redistribute routing information from other protocols into OSPF
Configure the delay between runs of OSPF's SPF calculation
Configure interface metric
Specify the time interval between hellos the router sends
Configure the interval before declaring the neighbor as dead.
Configure interface priority used in DR election
Configure the interface authentication password
Display general information about OSPF routing
Display the OSPF-related interface information
Display OSPF neighbor information on a per-interface basis
Display lists of information related to the OSPF database for a specific router
Configure an interface as passive router ospf area ip ospf router-id passive-interface redistribute timers spf ip ospf cost ip ospf hello-interval ip ospf dead-interval ip ospf priority ip ospf authentication-key show ip ospf show ip ospf interface show ip ospf neighbor show ip ospf database passive-interface
168 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Static Routing Configuration
Static Routing Configuration
Static Routing Overview
When dynamic routing protocols (RIP or OSPF) are not appropriate, you can manually configure static routes to indicate the next hop on the path to the final packet destination.
A static route becomes inactive if the interface over which it is defined is disabled. When the interface is enabled, the static route becomes active again. They are never timed-out, or lost over reboot, and can only be removed by manual configuration. Deletion (by configuration) of the IP interface deletes the static routes using this interface as well.
Static routes can only be configured for remote destinations, i.e. destinations that are reachable via another router as a next hop. The next hop router must belong to one of the directly attached networks for which the C360 has an IP interface. "Local" static routes, such as those that have no next hop, are not allowed.
Two kinds of static routes can be configured:
● High Preference static routes which are preferred to routes learned from any routing protocol
● Low Preference static routes which are used temporarily until the route is learned from a routing protocol. By default, a static route has Low Preference.
Static routes can be advertised by routing protocols (i.e., RIP, OSPF) as described under Route redistribution.
Static routes also support load-balancing similar to OSPF. A static route can be configured with multiple next hops so that traffic is split between these next hops.
This can be used for example to load-balance traffic between several firewalls which serve as the default gateway.
Issue 1 July 2006 169
Avaya C360 Layer 3 Features
Static Routing Configuration CLI Commands
In order to...
Use the following command...
Establish a static route
Remove a static route
Set the maximum number of route entries in the routing table
Set the maximum number of route entries in the routing table to the default value
Define a default gateway
(router)
Remove the default gateway
(router)
Delete all the dynamic routing entries from the Routing Table
Display information about the IP unicast routing table
Display a routing table for a destination address
Display the static routes
Display the number of routes known to the switch ip route no ip route ip max-route-entries no ip max-route-entries ip default-gateway no ip default-gateway clear ip route show ip route show ip route best-match show ip route static show ip route summary
Route Preferences
The routing table may contain routes from different sources. Routes to a certain destination may be learned independently from RIP and from OSPF, and at the same time, a static route can also be configured to the same destination. While metrics are used to choose between routes of the same protocol, protocol preferences are used to choose between routes of different protocols.
The preferences only apply to routes for the same destination IP address and mask. They do not override the longest-match choice. For example, a high-preference static default route will not be preferred over a RIP route to the subnet of the destination.
170 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Route Redistribution
C360 protocol preferences are listed below from the most to the least preferred:
1. Local (directly attached net)
2. High-preference static (manually configured routes)
3. OSPF internal routes
4. RIP
5. OSPF external routes
6. Low-preference static (manually configured routes).
Route Redistribution
Route redistribution is the interaction of multiple routing protocols. OSPF and RIP can be operated concurrently in the C360. In this case, the C360 can be configured to redistribute routes learned from one protocol into the domain of the other routing protocol. Similarly, static routes may be redistributed to RIP and to OSPF. Route redistribution involves metric changes and sometimes causes routing loops in the presence of other routes with incompatible schemes for route redistribution and route preferences. Be careful!
The the C360 scheme for metric translation in route redistribution is as follows:
● Static to RIP metric configurable (default 1)
● OSPF internal metric N to RIP metric 1
● OSPF external type 1 metric N to RIP metric 1
● OSPF external type 2 metric N to RIP metric N+1
● Static to OSPF external type 2, metric configurable (default 1)
● RIP metric N to OSPF external type 2, metric N
● Direct to OSPF external type 2, metric 1.
By default, the C360 does not redistribute routes between OSPF and RIP. Redistribution from one protocol to the other can be configured. By default, static routes are not redistributed to RIP and OSPF. The C360 allows the user to globally enable redistribution of static routes to RIP, and separately, to globally enable redistribution of static routes to OSPF. In addition, the C360 lets the user configure, on a per static route basis, whether the route is to be redistributed to RIP and OSPF, and what metric (in the range of 1-15). The default state is to enable the route to be redistributed at metric 1. When static routes are redistributed to OSPF, they are always redistributed as external type 2.
Issue 1 July 2006 171
Avaya C360 Layer 3 Features
Route Redistribution Commands
In order to...
Redistribute routing information from other protocols
Use the following command...
redistribute
ARP (Address Resolution Protocol) Table Configuration
ARP Overview
IP logical network addresses are independent of physical addresses. Since the physical address must be used to convey data in the form of a frame from one device to another, a mechanism is required to acquire a destination device hardware address from its IP address.
This mechanism/ability is called ARP (Address Resolution Protocol).
The following mechanism describes how a station builds an ARP Table:
172 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
ARP (Address Resolution Protocol) Table Configuration
Figure 30: Building an ARP Table
Station 1 sends ARP Request
Broadcast, specifying IP address of
Station 2
Station 2 receives the broadcast and identifies its IP address
Station 2 sends an ARP Reply to
Station 1 containing Station 2 MAC
Address
Station 2 updates its ARP table with the Station 1 address mapping
Station 1 receives the ARP Reply
Station 1 updates its ARP table with the Station 2 address mapping
The ARP Table
The ARP table is used to store recently used pairs of IP/MAC addresses. This saves time and communication costs, since the host looks in the ARP cache first when transmitting a packet. If the information is not there, then the host sends an ARP Request (see
).
Issue 1 July 2006 173
Avaya C360 Layer 3 Features
ARP CLI Commands
In order to...
Use the following command...
Add a permanent entry to the
Address Resolution Protocol
(ARP) cache
Configure the amount of time that an entry remains in the ARP cache
Set the amount of time that an entry remains in the ARP cache back to default
Set the maximum number of
ARP cache entries allowed in the ARP cache
Set the maximum number of
ARP cache back to default
Enable proxy ARP on an interface
Disable proxy ARP on an interface
Delete all dynamic entries from the ARP cache and the IP route cache
Display the Address Resolution
Protocol (ARP) cache
Display the IP address of a host, based on a known MAC address arp arp timeout no arp timeout ip max-arp-entries no ip max-arp-entries ip proxy-arp no ip proxy-arp clear arp-cache show ip arp show ip reverse-arp
174 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay Configuration
BOOTP/DHCP (Dynamic Host Configuration Protocol)
Relay Configuration
BOOTP/DHCP Overview
BOOTP
Short for Bootstrap Protocol, BootP is an Internet protocol that enables a diskless workstation to discover its own IP address, the IP address of a BOOTP server on the network, and a file to be loaded into memory to boot the machine. This enables the workstation to boot without requiring a hard or floppy disk drive. It is used when the user/station location changes frequently.
The protocol is defined by RFC 951.
DHCP
Short for Dynamic Host Configuration Protocol, DHCP assigns dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. Many ISPs use dynamic IP addressing for dial-up users. However, dynamic addressing may not be desirable for a network server.
DHCP/BOOTP Relay
The C360 supports the DHCP/BOOTP Relay Agent function. This is an application that accepts
DHCP/BOOTP requests that are broadcast on one VLAN and sends them to a DHCP/BOOTP server that connects to another VLAN or a server that may be located across one or more routers that would otherwise not get the broadcast request. The relay agent handles the DHCP/
BOOTP replies as well, transmitting them to the client directly or as broadcast, according to a flag in the reply message. Note that the same DHCP/BOOTP relay agent serves both the
BOOTP and DHCP protocols.
When there is more than one IP interface on a VLAN, the C360 automatically chooses one of the IP interface's to determine the relay network. Alternatively, you can configure the relay networks that the C360 will use. If you have defined more than one network, the C360 selects the network to be relayed on a Round Robin basis.
Issue 1 July 2006 175
Avaya C360 Layer 3 Features
The DHCP/BOOTP server uses the relayed network information to decide from which subnet the address should be allocated. Therefore, the DHCP/BOOTP server must be configured to allocate addresses from the relayed networks configured on the C360.
DHCP/BOOTP Relay in C360 is configurable per VLAN and allows you to specify two DHCP/
BOOTP servers. In this case, it duplicates each request, and sends it to both servers. This provides redundancy and prevents the failure of a single server from blocking hosts from loading.
You can enable or disable or DHCP/BOOTP Relay in C360.
BOOTP/DHCP CLI Commands
In order to...
Use the following command...
Enable or disable relaying of bootp and dhcp requests to the
BOOTP/DHCP server
Add or remove a BOOTP/DHCP server to handle BOOTP/DHCP requests received by this interface
Select the networks from which the bootp/dhcp server shall allocate an address
[no] ip bootp-dhcp relay
[no] ip bootp-dhcp server
[no] ip bootp-dhcp network
NetBIOS Re-broadcast Configuration
NetBIOS Overview
Short for Network Basic Input Output System, an application programming interface (API) that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all
LANs for PCs are based on the NetBIOS. Some LAN manufacturers have even extended it, adding additional network capabilities.
You can configure the C360 to relay netbios UDP broadcast packets. This feature is used for applications such as WINS that use broadcast but may need to communicate with stations on other subnets or VLANs.
176 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
VRRP (Virtual Router Redundancy Protocol) Configuration
Configuration is performed on a per-interface basis. When a netbios broadcast packet arrives from an interface on which netbios rebroadcast is enabled, the packet is distributed to all other interfaces configured to rebroadcast netbios.
If the netbios packet is a net-directed broadcast (e.g., 149.49.255.255), the packet is relayed to all other interfaces on the list, and the IP destination of the packet is replaced by the appropriate interface broadcast address.
If the netbios broadcast packet is a limited broadcast (e.g., 255.255.255.255), it is relayed to all
VLANs on which there are netbios-enabled interfaces. In that case, the destination IP address remains the limited broadcast address.
NetBIOS Re-broadcast Configuration CLI Commands
In order to...
Set NetBIOS rebroadcasts mode on an interface
Disable NetBIOS rebroadcasts mode on an interface
Use the following command...
ip netbios-rebroadcast no ip netbios-rebroadcast
VRRP (Virtual Router Redundancy Protocol) Configuration
VRRP Overview
VRRP is an IETF protocol designed to support redundancy of routers on the LAN, as well as load balancing of traffic. VRRP is transparent to host stations, making it an ideal choice when redundancy, load balancing and ease of configuration are all required.
The concept underlying VRRP is that a router can backup other routers, in addition to performing its primary routing functions. This redundancy is achieved by introducing a virtual router. A virtual router is a routing entity associated with multiple physical routers. The routing functions of the virtual router are performed by one of the physical routers with which it is associated. This router is known as the master router. For each virtual router, VRRP selects a master router. If the selected master router fails, another router is selected as master router.
In VRRP, two or more physical routers can be associated with a virtual router, thus achieving extreme reliability. In a VRRP environment, host stations interact with the virtual router. They are not aware that this router is a virtual router, and they are not affected when a new router
Issue 1 July 2006 177
Avaya C360 Layer 3 Features takes over the role of master router. This makes VRRP fully interoperable with every host station.
VRRP can be activated on an interface using a single command while allowing for the necessary fine-tuning of the many VRRP parameters. For a detailed description of VRRP, refer to VRRP standards and published literature.
VRRP Configuration Example 1
Figure 31: VRRP Configuration Example (Case 1, Case 2)
Backup Router 2
VRID: 2, IP: 30.30.30.2
Ass. IP: 30.30.30.1
IP:
20.20.20.10
`
IP:
30.30.30.10
`
`
IP:
30.30.30.20
IP: 20.20.20.20
DG: 20.20.20.1
Backup Router 1
VRID: 1, IP: 20.20.20.2
Ass. IP: 20.20.20.1
VMAC: 00005E000101
(VRID)
Case#1
One main router on IP subnet 20.20.20.0 (C360 or any third-party router which supports VRRP) and a redundant router (more backup routers may be configured)
● The C360 itself must have an interface on the IP subnet (e.g. 20.20.20.2)
● All the routers are configured under the same VRID (Virtual Router ID- e.g.1)
This configuration must be done per VLAN).
● The C360 requires that this VRID must not be used in the network (even in different VLAN)
178 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
VRRP (Virtual Router Redundancy Protocol) Configuration
● By the end of the routers configuration, and when the network is up, the main router for each virtual router will be elected according to this order of preference:
- The virtual router IP address is also the router's interface IP address
- It has the highest priority (you can configure this parameter)
- It has the highest IP address if the previous cases do not apply
● The virtual router IP address needs to be configured as Default Gateway on the stations
● The MAC which will be advertised by the Main router as a response to the stations ARP requests, will be a 6 bytes Virtual MAC address in the format 00.00.5E.00.01.VRID.
● In the meantime, the redundant router will use a VRRP polling protocol to check the Main router integrity in one second intervals (default). Otherwise it will be idle.
● If the Main router fails, a redundant router that has not received a response from four consecutive polling requests (default) will take over and start to advertise the same Virtual
MAC for the ARP requests. Therefore the stations will not 'sense' any change neither in the configured DG nor in the MAC level.
● VRRP has no provisions for routing data base synchronization among the redundant routers. You need to perform this manually.
Case #2
● One router is Main on one IP subnet (e.g. 20.20.20.0) and redundant on another (e.g.
30.30.30.0)
● In this case each IP subnet must be in different VRID (e.g. 1 & 2)
● The above detailed information is valid for each router in its Main/Redundant roles.
VRRP CLI Commands
In order to...
Use the following command...
Enable or disable VRRP routing globally
Create or delete a virtual router on the interface
Assign or remove an IP address to the virtual router router vrrp ip vrrp ip vrrp address
1 of 2
Issue 1 July 2006 179
Avaya C360 Layer 3 Features
In order to...
Use the following command...
Set the virtual router advertisement timer value (in seconds) for the virtual router ID
Set the virtual router priority value used when selecting a master route
Set or disable the virtual router simple password authentication for the virtual router ID.
Configure or disable the router to preempt a lower priority master for the virtual router ID
Set the primary address that shall be used as the source address of VRRP packets for the virtual router ID
Accept or discard packets addressed to the IP address(es) associated with the virtual router, such as ICMP, SNMP, and TELNET (if it is not the IP address owner)
Display VRRP information
Display full VRRP-related information ip vrrp timer ip vrrp priority ip vrrp auth-key ip vrrp preempt ip vrrp primary ip vrrp override addr owner show ip vrrp show ip vrrp detail
2 of 2
Policy Configuration
Policy Configuration Overview
The C360 supports QoS (Quality of Service) by using multiple priority levels and IEEE 802.1p priority tagging to ensure that data and voice receive the necessary levels of service.
The C360 can enforce QoS policy on routed packets and change their 802.1p priority, according to the following criteria:
180 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Policy Configuration
Tip:
● The packet protocol
● Matching the packet's source or destination IP address to the configured priority policy.
● Whether the packet source or destination TCP/UDP port number falls within a pre-defined range.
In addition, the 802.1p priority of a packet can be modified according to the DSCP value in the
IP header based on the DSCP-802.1p mapping configured by the user.
The C360 supports Access Control policy. Access Control rules define how the C360 should handle routed packets. There are three possible ways to handle such packets:
● Forward the packet (Permit operation)
● Discard the packet (Deny operation)
● Discard the packet and notify the management station (Deny and Notify)
The C360 can enforce Access Control policy on each routed packet, according to the following criteria:
● Matching the packet's source or destination IP address to the configured Access Control policy.
● Determine if the packet protocol and source or destination TCP/UDP port number falls within a pre-defined range.
● Using the ACK bit of the TCP header.
The C360 uses policy lists containing both Access Control rules and QoS rules. The policy lists are ordered by rule indexing.
Tip:
Use the Command Line Interface and the Avaya central policy management application under Avaya Integrated Management to set up the C360 access control rules
Policy Configuration CLI Commands
In order to...
Use the following command...
Set the default action for a given
Policy List.
Create an access-list rule in a specific Access List. ip access-default-action ip access-list
1 of 3
Issue 1 July 2006 181
Avaya C360 Layer 3 Features
In order to...
Use the following command...
Set the source list, destination list, and destination module for copying an entire Policy List
Set the DSCP-to-COS mapping.
Based on range and action parameters, system will apply mapping to frames
Designates which original frame fields influence internal queues selection ip access-list-copy ip access-list-dscp operation ip access-list-dscp trust
Assign a name to a Policy List
Add the name of an owner to a
Policy List
Delete an access-list element or a Policy List
Activate a Policy List ip access-list-name ip access-list-owner no ip access-list
Deactivate a Policy List
Display the DSCP to CoS map of a policy-list
Set the list cookie for a specific policy list
Display an access list
Display the active policy-list number
Display the DSCP to CoS map of a policy-list ip access-group no ip access-group show ip access-list dscp ip access-list-cookie show ip access-list
Activate the "simulate" process for a packet containing a specific field ip simulate
Test the validity of a Policy List validate-group show ip access-group show ip access-list-dscp
Display summary information regarding all configured access lists show ip-access-list-summary
2 of 3
182 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Policy Configuration
In order to...
Set the policy control source to either local or remote policy server
Copy current policy and router configuration to the startup configuration file
Use the following command...
set qos policy source copy running-config startup-config
3 of 3
Policy Configuration Example
Figure 32: C360 Policy
4
5 6
1 8
2
3
7
Figure notes:
1. Voice packet
2. Data packet
3. Unauthorized packet
4. Policy Rules
5. Access Control
6. QoS
7. Packet dropped
8. Four egress queues (Highest, High, Normal, Low)
Issue 1 July 2006 183
Avaya C360 Layer 3 Features
Policy Configuration Example
The following shows configuration of Access List 100:
1. Assigning priority 6 to all TCP traffic originating in network 149.49.0.0 - rule 1:
C360-1(super)# ip access-list 100 1 fwd6 tcp 149.49.0.0
0.0.255.255 any done!
2. Assigning priority 3 to all TCP traffic going to the host 172.44.17.1 - rule 2:
C360-1(super)# ip access-list 100 2 fwd3 tcp any host
172.44.17.1
done!
3. Denying Telnet sessions originated by the host 192.168.5.33 - rule 3:
C360-1(super)# ip access-list 100 3 deny tcp host 192.168.5.33 any eq 23 done!
IP Fragmentation and Reassembly
IP Fragmentation and Reassembly Overview
The C360 supports IP Fragmentation and Reassembly. This feature allows the router to send and receive large IP packets where the underlying data link protocol constrains MTU (maximum transport unit).
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields, along with the "more" fragment and "don't" fragment flags in the IP header, are used for
IP fragmentation and reassembly.
IP Fragmentation works as follows:
1. IP packet is divided into fragments
2. each fragment becomes its own IP packet
3. each packet has same identifier, source, destination address
184 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IP Fragmentation and Reassembly
4. fragments are usually not reassembled until final destination
IP Fragmentation/Reassembly CLI Commands
In order to...
Use the following command...
Clear the fragment database and restore its defaults
Set the maximum number of fragments that can comprise a single IP packet
Set the maximum number of fragmented IP packets, destined for the router, to reassemble at any given time
Set the maximum number of seconds to reassemble a fragmented IP packet destined for the router.
Display information regarding fragmented IP packets that are destined for the router clear fragment fragment chain fragment size fragment timeout show fragment
Issue 1 July 2006 185
Avaya C360 Layer 3 Features
186 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 10: Avaya C360 Power over Ethernet
Features
This chapter describes the C360-PWR PoE (Power over Ethernet Features). It provides the basic procedures for configuring the C360 for PoE operation.
It contains the following sections:
●
●
●
●
Power over Ethernet in Converged Networks
●
Power over Ethernet CLI Commands
Power Over Ethernet
The C360-PWR switches provides IEEE 802.3af-compliant "Inline" DC power over the signal pairs in addition to switched Ethernet on the existing LAN infrastructure for devices such as IP telephones and Wireless LAN access points. This allows you to deploy devices in the network that require power without installing standard power cables in hard to access areas. The
C360-PWR switches are pre-configured to supply power according to the load detection criteria
(see
Load Detection ), so you can use it right out of the box. The C360-PWR switches provide
power over standard Category 3 and Category 5 cables.
Load Detection
The C360-PWR switches periodically check all ports, powered and non-powered to check their status and the power status of connected devices.
The C360-PWR switches will supply power to a port only after it has detected a suitable PD
(powered device) is connected to the port. The check consists of the C360-PWR switches looking for a signature from the device that indicates it needs to supply power.
Issue 1 July 2006 187
Avaya C360 Power over Ethernet Features
How the C360-PWR Switches Detect a Powered Device
The C360-PWR switches use the specific resistance powered device signature and PD
(powered device) connection verification to determine whether to supply power to a give port.
Figure 33: Powered Device Detection
Start Check
Valid
Resistance
Signature?
Yes
No
No
Apply Power
Yes
PD still connected?
Specific Resistance Signature (IEEE 802.3af)
The C360-PWR switches apply a low voltage to the power feed pairs and measures the current.
A resistance of 19k
Ω to 26.5kΩ is considered valid according to the IEEE standard; if a valid signature is detected, power is supplied to the port.
PD Connected
Once power is provided to a port, it is checked periodically to see if a PD is still connected. If a
PD is disconnected from a powered port, then power is denied to the port.
188 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Power Over Ethernet
“Plug and Play" Operation
You can add and remove powered devices without manually reconfiguring the switch, since it performs a periodic automatic load detection scan on non-powered ports.
● If a powered device that fits the above criteria is detected on a non-powered port, then power is applied to the port.
● If a powered device is removed from a port, then power is denied to that port. The disconnected port is then scanned as well.
Powering Devices
The C360 ports can receive Inline power from one of two sources: an internal -48VDC power supply or an external DC power supply.
Each port can supply up to 15.4W by default to the powered device.
The internal power supply delivers a maximum of 305W for all the ports on the C363T-PWR and
520W on the C364T-PWR.
If a powered device tries to draw more than the maximum allowed for the connected port, power is denied and you receive an "overcurrent" warning. Similarly, if the power drops below the lower limit, for a port, power is denied to that port and an "undercurrent" warning is issued.
Priority
Since the internal power supply may not be capable of driving powered devices on all the ports simultaneously, Avaya has implemented a priority mechanism.
This mechanism determines the order in which ports are powered after the switch is booted and powered down if the power resources of the switch are exhausted.
There are three user-configurable priority levels:
● Low
● High
● Critical
The default value is "Low" for all ports.
Within these levels, priority is according to port number: the lower the port number, the higher the priority.
Power will automatically be restored to PDs according to their priority when the power budget increases. If the power budget is exceeded, power will not be provided to a new PD when you attach it, even if you define its priority as "High" or "Critical."
Issue 1 July 2006 189
Avaya C360 Power over Ethernet Features
Power over Ethernet in Converged Networks
Figure 34 shows the C364T-PWR as part of an ultra-reliable Avaya network. It provides power
to IP telephones, wireless network access devices and Web cameras.
Figure 34: Powered Ethernet Application
Both the data and power paths from the C360-PWR to the PBX are backed-up. Using LAGs for data with UPSs (Uninterruptible Power Supplies) for power ensures non-stop IP communications.
190 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Power Over Ethernet
Power over Ethernet CLI Commands
In order to...
Perform a hardware reset of the switch and the PoE circuitry
Perform a hardware reset of the entire stack and the PoE circuitry
Enable the load detection process and power delivery for the port
Disable the load detection process and power delivery for the port
Configure the priority level of powering the port.
Set the type of powered device connected to the PoE port.
Configure PoE traps and the consumption usage threshold value.
Show the current status of the
PD inline power on all ports
Use the following command...
reset module-and-powerinline reset stack-and-powerinline set port powerinline enable set port powerinline disable set port powerinline priority set port powerinline type set powerinline trap show powerinline
Issue 1 July 2006 191
Avaya C360 Power over Ethernet Features
192 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 11: C360 Device Manager
This chapter describes the installation procedures for the C360 Device Manager
Overview
The Device Manager provides the following:
● Managing and monitoring Power over Ethernet.
● Device Configuration - Viewing and modifying the different device configurations.
● Virtual LANs - Viewing and editing Virtual LAN information.
● Link Aggregation Groups (LAGs) - Viewing and editing LAG information.
● Port Redundancy - Setting port redundancy for ports in a C360 Switch.
● Port Mirroring - Setting up port mirroring for ports in a C360 Switch.
● Trap Managers Configuration - Viewing and modifying the Trap Managers Table.
● Switch Connected Addresses - View devices connected to selected ports. Port Security.
● Intermodule Redundancy
● One pair per stack.
● Also operates as a result of a module fault, for example, power failure.
Issue 1 July 2006 193
C360 Device Manager
System Requirements
Minimum hardware and operating system requirements are:
● Pentium II 400 Mhz-based computer with 128 Mb of RAM
● Screen resolution of 1024 x 768 pixels
● Microsoft Internet Explorer 5 or higher
● Microsoft Windows 2000 Workstation or Windows XP
● Sun Microsystems Java plug-in (supplied on the "Documentation and Utilities" CD)
● Refer to the Release Notes for the exact version of the Java plug-in
Configuring the Device Manager
You can configure several Device Manager parameters using the CLI. These parameters include the time-out and retries parameters and the location of the Web server that provides the help files for the Device Manager and the Java plug-in required for running the Device Manager.
Device Manager Commands
The following Device Manager commands are available.
In order to...
Use the following command...
Set the SNMP retries parameter set snmp retries
Set the SNMP time-out parameter set snmp time-out
Set the location of the Web server with the help files and the
Java plug-in
Display the SNMP retries parameter set web aux-files-url show snmp retries
194 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Running the Device Manager
In order to...
Use the following command...
Display the SNMP time-out parameter
Display the URL of the Web server with the help files and the
Java plug-in show snmp time-out show web aux-files-url
Running the Device Manager
Note:
Note:
Assign an inband or out-of-band interface IP address to the switch before beginning this procedure.
To run the Device Manager:
1. Open your browser.
2. Enter the URL of the switch in the format http://aaa.bbb.ccc.ddd where aaa.bbb.ccc.ddd
is the inband or outband interface IP address of the switch.
- The user name is "root"
- The default password for read-only access is "root"
- The default passwords for read-write access is "root".
Note:
Note:
The C360 Device Manager passwords are the same as those of the CLI. If you change the passwords of the CLI then those passwords become active for
Device Management as well. For further information on the passwords, please
refer to Security Levels on page 60.
3. The welcome page is displayed. See
Issue 1 July 2006 195
C360 Device Manager
Figure 35: The Welcome Page
4. If you have the Java plug-in installed, the Device Manager should open in a new window
).
Figure 36: Device Manager
196 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Installing the Java Plug-in
5. If you do not have the Java plug-in installed, follow the instructions on the Welcome page to
install the plug-in (see Installing the Java Plug-in ).
Installing the Java Plug-in
If the network manager has configured the system, the plug-in should be installed automatically.
Note:
Note:
Ensure that Java or JavaScript is enabled on your Web browser. Please refer to your browser on-line help or documentation for further information.
If the plug-in is not installed automatically, then you have three options for installing it manually:
Installing from the C360 Documentation and Utilities CD
To install from the C360 documentation and Utilities CD:
1. Close all unnecessary applications on your PC.
2. Insert the Avaya C360 Documentation and Utilities CD in the CD drive.
3. Open Windows Explorer.
4. Open the embweb-aux-files\ folder on the CD
5. Double click on the plugin_a_b_c.exe file (a, b and c are the version numbers of the plug-in).
6. Follow the on-screen instructions.
Install from the Avaya Web Site
Click on the link in the Welcome page.
Install from your Local Web Site
Click on the link in the Welcome page.
Note:
Note:
This option is only available if the network manager has placed the files on the local Web server.
Issue 1 July 2006 197
C360 Device Manager
Installing the On-Line Help and Java Plug-In on your Web
Site
Tip:
Tip:
This procedure is optional
Copying the help files and Java plug-in to a local Web server allows users to access the on-line help for the Embedded Manager and enables automatic Installation and Maintenance of the
Java plug-in the first time the users tries to manage the device.
1. Copy the emweb-aux-files directory from the Avaya C360 Documentation and Utilities
CD to your local Web server. Please refer to your Web server documentation for full instructions.
2. Define the URL in the C360 using the following CLI command:
set web aux-files-url //IP address/directory name where //IP address/directory name is the location of the directory from the previous step.
Documentation
The Device Manager comes with a detailed User's Guide including a Glossary of Terms and an overview of Data Communications concepts.
198 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Section 4: Troubleshooting and Maintaining the Avaya C360
Issue 1 July 2006 199
200 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 12: Troubleshooting the Installation
Troubleshooting the Installation
This section will allow you to perform basic troubleshooting of the installation. If you are unable to solve the problem after following the procedures in this chapter, please contact Avaya
Technical Support.
Table 35: Troubleshooting 1 of 3
Problem/Cause Suggested Solution
Switch does not power up
●
●
AC power cord not inserted or faulty
DC power cord not connected correctly or faulty
If the cord is inserted correctly, check that the power source is working by connecting a different device in place of the C360.
● If that device works, refer to the next step.
● If that device does not work, check the power
● C360 AC power supply not functioning
● Use an optional BUPS (Backup
Power Supply)
● Contact your local Avaya distributor. The power supply is
not user-replaceable.
No data on 10/100 Mbps link
● Check that the AC power cord is inserted correctly
● Replace the power cord
● Check the wiring (refer to
Source (C364T NEBS Only) on page 51).
● Replace the power cord.
● Faulty cable ● Replace the cable
1 of 3
Issue 1 July 2006 201
Troubleshooting the Installation
Table 35: Troubleshooting 2 of 3
Problem/Cause Suggested Solution
● Mis-configuration ● Use the show port CLI command to show the port parameters and check they are compatible with the attached device.
Tip:
● Faulty NIC ● Replace the NIC
Connected device does not receive power from switch (C360-PWR only)
Tip:
Use the show powerinline CLI command to show
PoE status
● Device connected is not a PD (powered device), such as a computer
(PoE LED blinks)
● PD not connected properly (PoE LED blinks)
● PD not compatible
(PoE LED blinks)
● Switch Inline power capacity exceeded
(PoE LED blinks)
● Check that the cable to the PD is inserted and connected correctly
● Overcurrent or undercurrent detected.
● Increase the priority of the PD port to High or Critical (see page)
● Move the PD to a higher-numbered port
● Disconnect unnecessary PDs from the switch.
● Connect an additional Inline DC power source to the switch
● Check that the PD is working correctly.
2 of 3
202 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Troubleshooting the Installation
Table 35: Troubleshooting 3 of 3
Problem/Cause Suggested Solution
Tip:
Stacking not functioning
Tip:
Use the stack health command to display the status of the stack. See
Stack Health on page 204 for further
information.
● Check that modules are installed correctly
● X360-STK modules not inserted correctly
(LEDs on stacking module do not light)
● Octaplane cables not installed correctly
(LEDs on stacking module do not light)
●
●
Check that the cables are inserted correctly
Check that there are no cross-corrections
● Replace the cable ● The pins on the
Octaplane cable are bent or broken
● The socket on the stacking module is damaged
● Replace the stacking module
● NVRAM INIT jumper is bridged
● Remove the stacking module and then unbridge the jumper.
3 of 3
Issue 1 July 2006 203
Troubleshooting the Installation
Stack Health
The C360 software provides a Stack Health feature for verifying the integrity of the C360 and
P330 and P330-ML stacking module and cables.
Overview
The Stack Health feature will identify defective modules and cables that may be installed in the
C360 stack. The Stack Health algorithm separately checks all stacking modules and the
Octaplane connections (including Redundant cable).
Implementation of Stack Health in the C360
Tip:
Tip:
When activating the Stack Health feature, the agents in all modules start sending special packets of various length via all stacking cables to one another. The Master module synchronizes this process and collects the results.
● When the Redundant Cable is present, the user is prompted to disconnect one of the short
Octaplane cables and the redundant connection will be checked. Then, when prompted, the cable should be reconnected and the test will run a second time to check the regular
Octaplane connections.
● The stack is reset after the Stack Health process completes.
Tip:
You should not load the stack with traffic during this test.
Tip:
If the stack health process fails, try to fasten or replace the stack cable between the modules where the failure has occurred. If the problem persists, try to fasten or replace either or both of the stacking modules.
204 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Stack Health
Stack Health CLI Commands
The following table contains a list of the CLI commands for the Stack Health feature. The syntax and output examples are set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.
In order to...
Initiate the stack health testing procedure
Use the following command...
stack health
Issue 1 July 2006 205
Troubleshooting the Installation
206 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 13: Maintenance
Introduction
This section provides basic maintenance information for the C360 and its components. For
issues that are not covered in this chapter or in Chapter 12: Troubleshooting the Installation
please contact your Avaya representative.
CAUTION:
!
CAUTION:
Please refer to Before you Install the Avaya C360 before undertaking any of the
procedures detailed in this section.
Replacing the Stacking Module
To replace the X360STK stacking module:
1. Power to the switch may remain on.
2. Loosen the screws to the stacking module by turning the knurled knobs anti-clockwise.
3. Take hold of the two knobs (one near each side of the front panel) and pull gently but firmly towards yourself.
4. Insert the new stacking module gently into the slot, ensuring that the PCB (printed circuit board) is aligned with the guide rails.
5. Press the stacking module in firmly until it is completely inserted into the C360.
CAUTION:
!
CAUTION:
Ensure that the screws on the module are properly aligned with the holes in the chassis before tightening them.
CAUTION:
!
CAUTION:
To prevent EMI, cover any unused ports on the stacking modules using the grey plugs provided. Insert the plug labelled "left" into the lower port; insert the plug labelled "right" into the upper port.
6. Tighten the two screws on the side panel of the stacking module by turning the knurled knobs clockwise.
Issue 1 July 2006 207
Maintenance
Hardware NVRAM Initialization
If you wish to perform a hardware NVRAM initialization, then perform the following steps:
CAUTION:
!
CAUTION:
C360 switches and stacking modules contain components sensitive to electrostatic discharge. Touching the circuit boards unless instructed to do so may damage them.
PRECAUCION:
CAUTION:
!
PRECAUCIÓN:
El switch C360 y sus módulos de ampliación contienen componentes sensibles a descargas electrostáticas. Tocar las tarjetas sin autorización del personal técnico puede dañarlas.
!
CAUTION:
Do not leave the stacking slots open. Cover empty slots using the blanking plates supplied.
PRECAUCION:
!
PRECAUCIÓN:
No deje las aberturas de ampliación abiertas. Cubrir las aberturas vacias con las placas bloqueadoras proporcionadas con el equipo.
1. Remove the bridge from the jumper labelled "SPARE JUMPER" on the PCB.
2. Bridge the NVRAM INIT jumper before inserting the X360STK module.
- See
for the location of the jumpers.
208 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Figure 37: Location of the NVRAM INIT Jumpers
2
Hardware NVRAM Initialization
1
Figure notes:
1. SPARE JUMPER
2. NVRAM INIT Jumper
3. Insert the X360STK module into the C360 switch where you wish to perform the NVRAM
initialization. Refer to Installing the X360STK Stacking Module
for further information.
Tip:
Tip:
Refer to the Reference Guide for the Avaya C360 Converged Stackable Switch,
10-300506 for further information on the NVRAM initialization
4. The NVRAM initialization process starts. When you receive a CLI message on to remove the module, you can remove the X360STK from the switch.
5. Remove the bridge from the NVRAM INIT jumper and return it to the SPARE JUMPER.
Important:
!
Important:
You must remove the bridge from the NVRAM INIT jumper before you can use the X360STK as a stacking module.
Issue 1 July 2006 209
Maintenance
210 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Chapter 14: Updating the Firmware
This section provides the basic procedure for downloading and updating the C360 system firmware.
CAUTION:
!
CAUTION:
Refer to
Before you Install the Avaya C360
before undertaking any of the procedures detailed in this section.
Firmware Download
You can perform firmware download using the CLI or Avaya Software Update Manager (part of the Avaya Integrated Management Suite).
Obtain Software Online
You can obtain the firmware and C360 Device Manager from the "Downloads" section on the
Avaya Support Site at http://support.avaya.com
.
Downloading Firmware
Download the firmware and Device Manager as follows:
Use the CLI following command: copy tftp SW_image <image-file> EW_archive <filename> <ip> <mod_num> image-file filename ip mod_num firmware image file name (full path)
Device Manager image file name (full path)
The IP address of the TFTP server
Target switch number
Please see the CLI Chapters of the User's Guides for related information.
Issue 1 July 2006 211
Updating the Firmware
Tip:
Tip:
Please download both the new Avaya firmware and the new Device Manager versions. Whichever version of the firmware you decide to run, always be sure to match the correct firmware and Device Manager versions.
Download New Version without Overwriting Existing
Version
Firmware Banks
The C360 has two firmware banks, Bank A and Bank B that contain the firmware necessary to run the switch. Each bank is independent of the other and you may use them to store the same or different versions of the firmware.
Sometimes it is desirable to upgrade to a new software version while retaining the option of booting from the previous version. The following process copies the previous version from memory Bank B to Bank A, and download the new version to Bank B. This process accomplishes the following:
● prevents the device manager image-file from being downloaded into Bank A - by providing a non-existent file name for the Device Manager file.
● preserves the old version in Bank A
● allows the user to boot from either Bank A or Bank B (in other words using either the old or new software version)
Note:
Note:
In normal operation, the Device Manager file should be copied to Bank A, and the new firmware version should be downloaded to Bank B. This process copies the old software version to Bank A and the new firmware version to Bank B, and allows the user to boot from either version via the set boot bank command.
To perform this process, using the following CLI command: copy tftp SW_image <new_ver_file> EW_image dummy <TFTP_server_IP_addr>
<module_number>
Example: copy tftp SW_image c:\versions\C360\c363t EW_image x 149.49.138.170 1
● Since file "x" doesn't exist the Device Manager image will not be downloaded.
212 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Appendix A: Mixed Stacks
This appendix covers deployment of the C360 in mixed stack environments. Please refer to the relevant section for information.
Tip:
Tip:
For additional information, see the Release Notes or the Avaya Support site: http://support.avaya.com
.
You may stack the C360 with P333T-PWR, P332G-ML and P332GT-ML switches and G700
Media Gateway, subject to certain limitations which are described in this appendix. Please read the information carefully before creating mixed stacks.
Important:
!
Important:
You should update existing stacks and modules to the appropriate firmware version before adding C360 switches to the stack.
Important:
!
Important:
You can only stack the C360 switches with the following versions of the G700,
P333T-PWR and P332G-ML and P332GT-ML devices:
Table 36: Compatible Firmware Versions
Device Firmware version
G700
P333T-PWR
4.1
4.1
P332G-ML 4.5
P332GT-ML 4.5
Issue 1 July 2006 213
Mixed Stacks
Hardware Compatibility
This section describes hardware compatibility issues.
Stacking
Tip:
Tip:
It is recommended to put the C360 switches at the bottom or top of a mixed stack for easier connection of cables.
You may use the same Octaplane cables for stacking all the switches. However, the stacking modules are not interchangeable. Please refer to
for information on which stacking module to use.
Table 37: Stacking Module Compatibility
Switch
C360
G700
P333T-PWR
P332G-ML
P332GT-ML
Stacking Module
X360STK (refer to
X360STK Stacking Module on page 41 for further information)
X330STK
1
X330STK
1
X330STK-ML
X330STK-ML
1. You should use Stacking Modules version C/S:1.x or higher.
214 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Hardware Compatibility
BUPS
The Backup Power Supplies are not interchangeable. Please refer to
on which stacking module to use.
Table 38: BUPS Compatibility
Switch
C360
G700
P333T-PWR
P332G-ML
P332GT-ML
BUPS
Powerstax 800 (refer to
for further information)
N/A
P330 BUPS + Powerstax 800
P330 BUPS-ML
P330 BUPS-ML
Tip:
Please refer to the appropriate documentation for further information.
Tip:
Issue 1 July 2006 215
Mixed Stacks
Feature Compatibility
While most features are the same on all the switches, there are some differences in implementation and functionality. Please refer to
for further information.
Table 39: Feature Compatibility 1 of 2
Feature C360
SSH
Logging
SCP
SNMPv3
LLDP
802.1x
QoS
Queues
+
+
+
+
+
+
4
+
2
P333T-PWR
G700
P332G-ML
P332GT-ML
+
1
+
+
+
+
2
1
1
1
1
Notes
You can open SSH sessions to the stack or
Layer 3 interface.
You can access the G700
MGP after opening an
SSH connection to the stack IP and then using the session command.
Events generated in the
P333T-PWR and G700 are not logged.
You can download any configuration files via SCP.
However, you can only
upload P333T-PWR and
G700 configuration files via TFTP.
Traps generated by the
P333T-PWR and G700 are sent via SMPv1 only.
C360 ports only.
10/100 Mbps ports only.
Queues are mapped.
.
1 of 2
216 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Feature Compatibility
Table 39: Feature Compatibility 2 of 2
Feature C360
Layer 3
VLANs
+
3,071
P333T-PWR
G700
P332G-ML
P332GT-ML
3,071
+
252
Notes
P332G-ML and
P332GT-ML will only recognize the first 252
VLANs, the others will not be used.
It is recommended not to define more than 252
VLANs in a mixed stack.
2 of 2
Note:
1. Software version 4.5 only.
Note:
Certain CLI commands apply to the C360 only. If you run them on other switches you may receive an "operation failed" message.
QoS Mapping
The four C360 QoS queues are mapped to the two QoS queues in the G700, P333T-PWR,
P332G-ML and P332GT-ML as follows:
Table 40: QoS Mapping
C360 Priority C360 Queue G700, P333T-PWR,
P332G-ML P332GT-ML
Queue
Low (tagged as 0) 0,1
2,3
4,5
6,7
Low
Normal
High
Highest
High (tagged as 4)
Issue 1 July 2006 217
Mixed Stacks
218 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Appendix B: Configuring C360 QoS for Avaya IP
Telephones
Introduction
This appendix covers configuring C360 QoS settings for Avaya IP Telephony environments.
Table 41: Configuration for ports connected to Avaya IP Telephones
Parameter
PVID
Port tagging
Assigned port VLANs
Scheduling scheme
Trust policy in routing mode
Value CLI command
Data VLAN set port vlan <vlan_num>
<module>/<port>
None (i.e., not a trunk port) set trunk <module/port> off
Data VLAN, VoIP VLAN set port static-vlan
<vlan_num> <module>/
<port> set queuing scheme strict Strict priority
Trust DSCP+CoS for VoIP
LAN
Untrusted for Data VLAN ip access-list-dscp trust
<policy-list-number> trust-dscp
Tip:
Tip:
For additional information, refer to the IP Telephony Deployment Guide on the
Avaya Support Site: http://support.avaya.com
.
Issue 1 July 2006 219
Configuring C360 QoS for Avaya IP Telephones
220 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Appendix C: Standards and Compatibility
Avaya C360 Standards Supported
The Avaya C360 complies with the following standards.
IEEE
● 802.1D Bridges and STA
● 802.1p Priority Tagging on all ports
● 802.1Q VLAN Tagging support on all ports
● 802.1w Rapid Spanning Tree
● 802.3af Power over Ethernet on C360-PWR switches
● 802.3x Flow Control on all ports
● 802.1x Port Based Network Access Control
● 802.3z Gigabit Ethernet
● 802.3u Ethernet/Fast Ethernet
IETF - Layer 2
● RFC-1155 Structure and identification of management information for TCP/IP-based internets
● RFC-1157 Simple Network Management Protocol (SNMPv1)
● RFC-1213 MIB-II
● RFC-1314 Bridge MIBs for STP, and for CAM contents
● RFC-1332 PPP Internet Protocol Control Protocol (IPCP)
● RFC-1334 PPP Authentication Protocols (PAP & CHAP)
● RFC-1493 Bridge MIB for Spanning Tree
● RFC-1661 Point-to-Point Protocol (PPP)
● RFC-1757 RMON (support for groups 1,2,3 and 9)
● RFC-1769 Simple Network Time Protocol (SNTP)
Issue 1 July 2006 221
Standards and Compatibility
● RFC-2613 SMON support for groups - Data Source Capabilities, Port Copy, VLAN and
Priority Statistics
● RFC-2674 Bridge MIB Groups - dot1dbase and dot1dStp fully implemented. Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent)
● RFC-2863 Interfaces Group MIB
● RFC-2865 Remote Authentication Dial In User Service (RADIUS)
IETF - Layer 3
● RFC 791 - Internet Protocol
● RFC 792 - Internet Control Message Protocol
● RFC 826 - Ethernet Address Resolution Protocol
● RFC 894 - Standard for the transmission of IP datagrams over Ethernet
● RFC 922 - Broadcasting Internet datagrams in the presence of subnets
● RFC 950 - Internet Standard Subnetting Procedure
● RFC 951 - Bootstrap Protocol
● RFC 1027 - Using ARP to implement transparent subnet gateways
● RCF 1058 - Routing Information Protocol
● RFC 1112 - Hosts Extensions for IP Multicasting
● RFC 1122 - Requirements for Internet Hosts - Communications Layers
● RFC 1533 - DHCP Options and BOOTP Vendor Extensions
● RFC 1534 -Interoperation between DHCP and BOOTP
● RFC 1541 - Dynamic Host Configuration Protocol
● RFC 1542 - Clarifications and Extensions for the Bootstrap Protocol Information
● RFC 1583 - OSPF Version 2
● RFC 1723 - RIP Version 2 Carrying Additional Information
● RFC 1724 - RIP Version 2 MIB Extension
● RFC 1812- Requirements for IP Version 4 Routers
● RFC 1850 -OSPF Version 2 Management Information Base
● RFC 2096 - IP Forwarding Table MIB
● RFC 2338 - Virtual Router Redundancy Protocol
222 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
IETF - Network Monitoring
IETF - Network Monitoring
● RMON (RFC 1757) support for groups 1,2,3, and 9
- Statistics
- History
- Alarms
- Events
● SMON (RFC 2613) support for groups
- Data Source Capabilities
- Port Copy
- VLAN and Priority Statistics
● Bridge MIB Groups - RFC 2674
- dot1dbase and dot1dStp fully implemented.
- Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent)
Issue 1 July 2006 223
Standards and Compatibility
224 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Appendix D: Specifications
Physical
Height
Width
Depth
Weight
● C363T
●
●
C363T-PWR
C364T
●
●
C364T-NEBS
C364T-PWR
1U (44.45 mm, 1.75”)
431 mm (17”)
365 mm (14.4”)
4.9 kg (10.8 lb.)
5.5 kg (12.1 lb.)
5.0 kg (11 lb.)
5.0 kg (11 lb.)
6.8 kg (15 lb.)
Issue 1 July 2006 225
Specifications
Power Requirements
Input voltage
C363T
100 to 240 VAC
50/60 Hz
60 W max Power dissipation
AC Input current 1.3 A max
DC Input current 2 A max
C363T-PWR
100 to 240 VAC
50/60 Hz
420 W max
4.2 A max
8 A max
226 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Input voltage
C364T
100 to 240 VAC
50/60 Hz
90 W max Power dissipation
AC Input current 1.3 A max
DC Input current‘
2 A max
C364T-NEBS
-36 to -60 VDC
90 W max
N/A
2 A max
C364T-PWR
100 to 240 VAC
50/60 Hz
760 W max
7.6 A max
15 A max
Environmental.
Environmental.
Operating Temp.
0° to 40°C (32° to 104°F)
Storage Temp.
-40° to 70°C (-14° to 184°F)
Rel. Humidity 5% to 95% non-condensing
Note:
The C364T NEBS complies to the NEBS standard
Note:
Safety
● UL listed to UL60950-1.
● C-UL (UL for Canada) certified to CAN/CSA-C22.2 No. 60950-0-03.
● CE for Europe approved according to EN 60950 and IEC 60950-1.
● Laser components are Laser Class I approved:
- EN-60825/IEC-825 for Europe
- FDA CFR 1040 for USA
● Branch Circuit Protection: A UL Listed and CSA Certified 15A branch circuit protective device is to be provided in the building AC mains wiring installation.
Issue 1 July 2006 227
Specifications
MTBF
Product
C363T
C364T
C364T-NEBS
C363T-PWR
C364T-PWR
MTBF (Hours)
300,000
210,000
245,000
170,000
Interfaces
● C363T: 24 x 10/100 BASE-T RJ-45 port connectors + 2 x SFP GBIC connectors.
● C363T-PWR: 24 x 10/100 PoE BASE-T RJ-45 port connectors + 2 x SFP GBIC connectors.
● C364T: 48 x 10/100 BASE-T PoE RJ-45 port connectors + 2 x SFP GBIC connectors.
● C364T-NEBS: 48 x 10/100 BASE-T PoE RJ-45 port connectors + 2 x SFP GBIC connectors.
● C364T-PWR: 48 x 10/100 BASE-T PoE RJ-45 port connectors + 2 x SFP GBIC connectors.
● RS-232 for terminal setup via RJ-45 connector on front panel.
GBIC Transceivers
LX Transceiver
You may connect a 9 µm or 10 µm single-mode fiber (SMF) cable to a 1000BASE-LX SFF/SFP
GBIC port. The maximum length is 10 km. (32,808 ft.).
You may connect a 50 µm or 62.5 µm multimode (MMF) fiber cable to a 1000BASE-LX SFF/
SFP GBIC port. The maximum length is 550 m (1,804 ft.) for 50 µm and 62.5 µm cable.
228 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
GBIC Transceivers
The LX transceiver has a Wavelength of 1300 nm, Transmission Rate of 1.25 Gbps, Input
Voltage of 3.3V, and Maximum Output Wattage of -2 dBm.
SX Transceiver
You may connect a 50 µm or 62.5 µm multimode (MMF) fiber cable to a 1000BASE-SX SFF/
SFP GBIC port. The maximum length is 500 m (1,640 ft.) for 50 µm and 220 m (722 ft.) for
62.5 µm cable.
The SX transceiver has a Wavelength of 850 nm, Transmission Rate of 1.25 Gbps, Input
Voltage of 3.3V, and Maximum Output Wattage of -4 dBm.
ELX Transceiver
You may connect a 9 mm or 10 mm single-mode fiber (SMF) cable to a 1000BASE-ELX SFP
GBIC port. The fiber length should be between a minimum length of 10 km (32,808) and a maximum length of 70 km (229,656 ft.). The fiber attenuation must be less than 0.3 dB/km for
70 km of fiber length.
The ELX transceiver has a Wavelength of 1550 nm, Transmission Rate of 1.25 Gbps, Input
Power of 3.3V, and Maximum Output Optical Power of +5 dBm.
Copper Transceiver
Tip:
You may connect a 4-pair (8-wire) category 5 Ethernet cable terminated with an RJ-45 connector to a 1000BASE-T SFP GBIC port. The cable length can be a maximum of 100 m
(328 ft.).
Tip:
The copper ports operate at 1000 Mbps full-duplex only.
Issue 1 July 2006 229
Specifications
Console Pin Assignments
For direct Console communications, connect the C360 to the Console Terminal using the supplied RJ-45 crossed cable and RJ-45 to DB-9 adapter.
C360 RJ-45 Pin
1
2
3
4
5
6
7
8
Name
(DCE View)
For future use
TXD
(C360 input)
RXD
(C360 output)
CD
GND
DTR
RTS
CTS
Terminal
DB-9 Pins
NC
3
2
4
5
1
8
7
Modem
DB-25 Pins
See note
3
2
8
7
20
4
5
Tip:
Pin 1 of the Modem DB-25 connector is internally connected to Pin 7 GND.
Tip:
230 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Ethernet
● VLANs
- Layer 2: 3,071
- Layer 3: 255
● MAC addresses: minimum 16k
● Priority queuing: 4 queues
● Multicast groups: 1k
Ethernet
Issue 1 July 2006 231
Specifications
232 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Index
Index
Numerical
802.1x support . . . . . . . . . . . . . . . . . . .
CLI commands . . . . . . . . . . . . . . . . .
configuring procedure . . . . . . . . . . . . . .
A
AC power, connecting . . . . . . . . . . . . . . .
Access, restricting management . . . . . . . . . .
Accessing the switch . . . . . . . . . . . . . . . .
Activating a routing license . . . . . . . . . . . . .
ARP table configuration . . . . . . . . . . . . . .
Auto-negotiation . . . . . . . . . . . . . . . . . .
Avaya IP Telephones configuring QoS for . . . . . . . . . . . . . . .
B
Binding, multi-VLAN . . . . . . . . . . . . . . . .
BOOTP/DHCP relay configuration . . . . . . . . .
C
C360 features . . . . . . . . . . . . . . . . . . . .
layer 3 support . . . . . . . . . . . . . . . . .
manageability . . . . . . . . . . . . . . . . .
management options . . . . . . . . . . . . . .
monitoring . . . . . . . . . . . . . . . . . . .
network optimization . . . . . . . . . . . . . .
nomenclature . . . . . . . . . . . . . . . . . .
PoE support . . . . . . . . . . . . . . . . . .
QoS . . . . . . . . . . . . . . . . . . . . . .
redundancy . . . . . . . . . . . . . . . . . .
security stacking
. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
switch configurations
VLAN support
. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . .
CAM table . . . . . . . . . . . . . . . . . . . . .
Classification of ports for port redundancy . . . . . .
CLI architecture in switch . . . . . . . . . . . . . .
assigning stack IP to switch . . . . . . . . . . .
entering in switch . . . . . . . . . . . . . . . .
establishing layer 2 and layer 3 connections . . .
establishing PPP connection via modem . . . . .
establishing SSH connection . . . . . . . . . .
establishing Telnet connection . . . . . . . . . .
initial switch configuration settings . . . . . . . .
Client, configuring Telnet support . . . . . . . . .
Compatibility features in stacking different devices . . . . . .
hardware in stacking different devices standards
. . . . .
. . . . . . . . . . . . . . . . . . .
Configurations, switch hardware . . . . . . . . . . .
Configuring
ARP table . . . . . . . . . . . . . . . . . . .
basic switch functions . . . . . . . . . . . . . .
BOOTP/DHCP relay . . . . . . . . . . . . . .
CPU utilization monitoring . . . . . . . . . . . .
Device Manager . . . . . . . . . . . . . . . .
ethernet parameters with CLI . . . . . . . . . . .
initial router IP parameters
IP
. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
IP fragmentation . . . . . . . . . . . . . . . .
IP multicast filtering with CLI . . . . . . . . . .
LAGs with CLI . . . . . . . . . . . . . . . . .
license key with CLI . . . . . . . . . . . . . .
LLDP Agent with CLI netBIOS re-broadcast
. . . . . . . . . . . . .
. . . . . . . . . . . . .
network time parameters . . . . . . . . . . . . .
OSPF . . . . . . . . . . . . . . . . . . . .
PoE with CLI . . . . . . . . . . . . . . . . .
policy . . . . . . . . . . . . . . . . . . . . .
port mirroring with CLI . . . . . . . . . . . . .
port redundancy with CLI . . . . . . . . . . .
RIP . . . . . . . . . . . . . . . . . . . . . .
RMON with CLI . . . . . . . . . . . . . . . .
route redistribution . . . . . . . . . . . . . . .
SCP support . . . . . . . . . . . . . . . . .
SMON with CLI . . . . . . . . . . . . . . . .
SNMP with CLI . . . . . . . . . . . . . . . . .
spanning tree protocol with CLI . . . . . . . . .
static routing . . . . . . . . . . . . . . . . .
switch default settings . . . . . . . . . . . . . .
system parameters . . . . . . . . . . . . . . .
Telnet client support . . . . . . . . . . . . . .
uploading and downloading images . . . . . . . .
VLAN features with CLI . . . . . . . . . .
VRRP . . . . . . . . . . . . . . . . . . . .
weighted queuing with CLI . . . . . . . . .
Configuring QoS for Avaya IP Telephones . . . . . . . . . . . .
Connecting
AC power . . . . . . . . . . . . . . . . . . . .
DC backup power . . . . . . . . . . . . . . . .
DC power . . . . . . . . . . . . . . . . . . . .
Issue 1 July 2006 233
Index network . . . . . . . . . . . . . . . . . . . .
supplemental grounding . . . . . . . . . . . . .
Connections budgeting power . . . . . . . . . . . . . . . .
establishing console . . . . . . . . . . . . . .
establishing layer 2 and layer 3 . . . . . . . . .
establishing PPP . . . . . . . . . . . . . . . .
establishing SSH . . . . . . . . . . . . . . . .
establishing Telnet . . . . . . . . . . . . . . .
verifying proper . . . . . . . . . . . . . . . . .
Console pin assignments . . . . . . . . . . . . . .
Conventions in documentation . . . . . . . . . . .
Converged networks and PoE . . . . . . . . . . .
CPU utilization monitoring . . . . . . . . . . . . .
D
DC backup power, connecting . . . . . . . . . . .
DC power, connecting . . . . . . . . . . . . . . .
Default device settings . . . . . . . . . . . . . . .
Device compatibility standards . . . . . . . . . . . . .
configurations, uploading and downloading . . . .
maintenance . . . . . . . . . . . . . . . . . .
specifications . . . . . . . . . . . . . . . . . .
Device Manager . . . . . . . . . . . . . . . . . .
configuring . . . . . . . . . . . . . . . . . . .
documentation . . . . . . . . . . . . . . . . .
installing java plug-in installing on-line help
. . . . . . . . . . . . . .
. . . . . . . . . . . . . .
running . . . . . . . . . . . . . . . . . . . . .
system requirements . . . . . . . . . . . . . .
Documentation conventions . . . . . . . . . . . . . . . . . .
Device Manager . . . . . . . . . . . . . . . .
Downloading configurations new firmware
. . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
E
Earthing, connecting supplemental . . . . . . . . .
Environmental specifications . . . . . . . . . . . . . . . . . .
Ethernet . . . . . . . . . . . . . . . . . . . . . .
fast . . . . . . . . . . . . . . . . . . . . . .
specifications . . . . . . . . . . . . . . . . . .
Ethernet features auto-negotiation . . . . . . . . . . . . . . . .
CAM table . . . . . . . . . . . . . . . . . . .
configuring parameters fast ethernet
. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
flow control . . . . . . . . . . . . . . . . . . .
full-duplex, half-duplex . . . . . . . . . . . . .
gigabit ethernet . . . . . . . . . . . . . . . . .
MAC address . . . . . . . . . . . . . . . . . .
MAC aging . . . . . . . . . . . . . . . . . . .
priority . . . . . . . . . . . . . . . . . . . . .
speed . . . . . . . . . . . . . . . . . . . . .
F
Fast ethernet . . . . . . . . . . . . . . . . . . . .
Features layer 2 . . . . . . . . . . . . . . . . . . . . .
layer 2, ethernet . . . . . . . . . . . . . . . . .
layer 2, IEEE 802.1x
. . . . . . . . . . . . . .
layer 2, IP multicast filtering . . . . . . . . . .
layer 2, LAGs . . . . . . . . . . . . . . . . .
layer 2, LLDP Agent . . . . . . . . . . . . . .
layer 2, mac security . . . . . . . . . . . . . .
layer 2, port mirroring . . . . . . . . . . . . .
layer 2, port redundancy . . . . . . . . . . . .
layer 2, RMON . . . . . . . . . . . . . . . .
layer 2, SMON . . . . . . . . . . . . . . . .
layer 2, spanning tree protocol . . . . . . . . .
layer 2, VLANs . . . . . . . . . . . . . . . . .
layer 2, weighted queuing . . . . . . . . . . .
layer 3 . . . . . . . . . . . . . . . . . . . .
layer 3, ARP table configuration . . . . . . . .
layer 3, BOOTP/DHCP relay configuration . . .
layer 3, forwarding . . . . . . . . . . . . . . .
layer 3, IP configuration . . . . . . . . . . . .
layer 3, IP fragmentation configuration . . . . .
layer 3, multinetting . . . . . . . . . . . . . .
layer 3, netBIOS rebroadcast configuration . . .
layer 3, OSPF configuration . . . . . . . . . .
layer 3, policy configuration layer 3, RIP configuration
. . . . . . . . . .
. . . . . . . . . . .
layer 3, route redistribution configuration . . . .
layer 3, static routing configuration . . . . . . .
layer 3, VRRP configuration
PoE
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
routing . . . . . . . . . . . . . . . . . . . .
routing configuration . . . . . . . . . . . . . .
Features and benefits, overview . . . . . . . . . . .
Firmware update downloading . . . . . . . . . . . . . . . . . .
downloading without overwriting . . . . . . . .
Flow control of data . . . . . . . . . . . . . . . . .
Forwarding, routing . . . . . . . . . . . . . . . .
Front panel general description . . . . . . . . . . . . . . .
LED description . . . . . . . . . . . . . . . . .
LEDs functioning order . . . . . . . . . . . . .
Full-duplex . . . . . . . . . . . . . . . . . . . . .
G
GBIC transceiver
234 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
Index installing . . . . . . . . . . . . . . . . . . . .
specifications . . . . . . . . . . . . . . . . . .
Gigabit ethernet . . . . . . . . . . . . . . . . . .
Grounding, connecting supplemental . . . . . . . .
H
Half-duplex . . . . . . . . . . . . . . . . . . . .
Hardware NVRAM initialization . . . . . . . . . . .
Health, verifying stack . . . . . . . . . . . . . . .
I
IEEE 802.1x support . . . . . . . . . . . . . . . .
CLI commands . . . . . . . . . . . . . . . . .
configuring procedure . . . . . . . . . . . . . .
implementation in C360
IEEE, standards supported
. . . . . . . . . . . . .
. . . . . . . . . . . . .
IETF layer 2 standards supported . . . . . . . . . . .
layer 3 standards supported . . . . . . . . . . .
network monitoring standards supported . . . . .
Ingress VLAN security . . . . . . . . . . . . . . .
Initialization, hardware NVRAM . . . . . . . . . . .
Installation budgeting power in rack . . . . . . . . . . . . .
connecting stacked devices . . . . . . . . . . .
connecting to AC power . . . . . . . . . . . . .
connecting to DC backup power . . . . . . . . .
connecting to DC power . . . . . . . . . . . . .
connecting to network . . . . . . . . . . . . . .
GBIC transceivers . . . . . . . . . . . . . . .
mounting device in a rack . . . . . . . . . . . .
overview . . . . . . . . . . . . . . . . . . . .
preparing needed tools site preparation
. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . .
stacking devices . . . . . . . . . . . . . . . .
stacking module . . . . . . . . . . . . . . . .
supplemental grounding . . . . . . . . . . . . .
troubleshooting . . . . . . . . . . . . . . . . .
verifying proper . . . . . . . . . . . . . . . . .
wall mounting . . . . . . . . . . . . . . . . . .
Installing java plug-in . . . . . . . . . . . . . . . . . . .
on-line help for Device Manager
Interface specifications
. . . . . . . . .
. . . . . . . . . . . . . . .
Intermodule port redundancy . . . . . . . . . . . .
IP assigning stack . . . . . . . . . . . . . . . . .
configuration . . . . . . . . . . . . . . . . . .
configuration, assigning router parameters . . . .
fragmentation and reassembly . . . . . . . . . .
multicast filtering, configuring with CLI . . . . . .
IP multicast filtering . . . . . . . . . . . . . . . .
J
Java plug-in, installing . . . . . . . . . . . . . .
L
Layer 2 and Layer 3 connections, establishing in device 70
Layer 2 features . . . . . . . . . . . . . . . . . .
ethernet . . . . . . . . . . . . . . . . . . . .
IEEE 802.1x
. . . . . . . . . . . . . . . . .
IP multicast filtering
LAGs
. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
LLDP Agent . . . . . . . . . . . . . . . . . .
mac security . . . . . . . . . . . . . . . . .
port mirroring . . . . . . . . . . . . . . . . .
port redundancy . . . . . . . . . . . . . . . .
RMON . . . . . . . . . . . . . . . . . . . .
SMON . . . . . . . . . . . . . . . . . . . .
spanning tree protocol
VLANs
. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
weighted queuing . . . . . . . . . . . . . . .
Layer 3 features . . . . . . . . . . . . . . . . .
ARP table configuration . . . . . . . . . . . .
BOOTP/DHCP relay configuration . . . . . . .
configuring routing . . . . . . . . . . . . . . .
forwarding . . . . . . . . . . . . . . . . . .
IP configuration . . . . . . . . . . . . . . . .
IP fragmentation configuration . . . . . . . . .
multinetting . . . . . . . . . . . . . . . . . .
netBIOS re-broadcast configuration . . . . . . .
OSPF configuration . . . . . . . . . . . . . .
policy configuration . . . . . . . . . . . . . .
RIP configuration . . . . . . . . . . . . . . .
route redistribution configuration . . . . . . . .
routing . . . . . . . . . . . . . . . . . . . .
static routing configuration . . . . . . . . . . .
VRRP configuration . . . . . . . . . . . . . .
Layer 3 support . . . . . . . . . . . . . . . . . . .
LEDs descriptions . . . . . . . . . . . . . . . . . . .
function order . . . . . . . . . . . . . . . . . .
License key configuring with CLI . . . . . . . . . . . . . .
obtaining and activating, routing . . . . . . . .
Link Aggregation Groups (LAGs) . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . .
implementation in C360 . . . . . . . . . . . .
LLDP Agent configuration with CLI . . . . . . . . . . . . .
supported TLVs . . . . . . . . . . . . . . . .
LLDP Agent overview . . . . . . . . . . . . . . .
Load detection, PoE . . . . . . . . . . . . . . .
Logging, system . . . . . . . . . . . . . . . . .
Issue 1 July 2006 235
Index
M
MAC address . . . . . . . . . . . . . . . . . . . .
aging . . . . . . . . . . . . . . . . . . . . .
security . . . . . . . . . . . . . . . . . . . .
MAC security . . . . . . . . . . . . . . . . . . .
Maintenance . . . . . . . . . . . . . . . . . . . .
hardware NVRAM initialization . . . . . . . . . .
replacing the X360STK stacking module . . . . .
Manageability . . . . . . . . . . . . . . . . . . .
Management options . . . . . . . . . . . . . . . . . . . . .
restricting access . . . . . . . . . . . . . . . .
Manager, Device . . . . . . . . . . . . . . . . . .
Mixed-device stacks . . . . . . . . . . . . . . . .
Monitoring . . . . . . . . . . . . . . . . . . . . .
Mounting device in rack . . . . . . . . . . . . . . . . . .
device in stack . . . . . . . . . . . . . . . . .
device on a wall stack . . . . . . . . . . . . . .
Multinetting, routing . . . . . . . . . . . . . . . .
Multi-VLAN binding . . . . . . . . . . . . . . . .
N
NetBIOS re-broadcast configuration . . . . . . . . .
Network optimization . . . . . . . . . . . . . . . .
Network time parameters configuration . . . . . . .
Nomenclature . . . . . . . . . . . . . . . . . . .
NVRAM, hardware initialization . . . . . . . . . . .
O
Obtaining a routing license . . . . . . . . . . . . .
On-line help, installing for Device Manager . . . . .
Optimization, network . . . . . . . . . . . . . . .
OSPF configuration . . . . . . . . . . . . . . . .
Overview, general . . . . . . . . . . . . . . . . .
P
Password, recovery . . . . . . . . . . . . . . . .
Physical specifications . . . . . . . . . . . . . . .
Pin assignments, console . . . . . . . . . . . . .
Plug and play, PoE . . . . . . . . . . . . . . . . .
PoE configuring with CLI . . . . . . . . . . . . . . .
in converged networks . . . . . . . . . . . . .
support . . . . . . . . . . . . . . . . . . . . .
PoE features . . . . . . . . . . . . . . . . . . .
load detection plug and play
. . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
powering devices . . . . . . . . . . . . . . . .
Policy configuration . . . . . . . . . . . . . . . .
Port mirroring . . . . . . . . . . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . .
Port redundancy classification
. . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . .
configuration with CLI . . . . . . . . . . . . .
intermodule . . . . . . . . . . . . . . . . . .
operation in C360 . . . . . . . . . . . . . . .
Power budget for device . . . . . . . . . . . . . . . .
specifications . . . . . . . . . . . . . . . . .
Powering devices, PoE . . . . . . . . . . . . . .
Powering up . . . . . . . . . . . . . . . . . . . .
connecting AC power . . . . . . . . . . . . . .
connecting DC power . . . . . . . . . . . . . .
PPP connection, establishing to device
Preparation of site for installation
. . . . . . .
. . . . . . . . . .
Priority . . . . . . . . . . . . . . . . . . . . . . .
Protocols supported . . . . . . . . . . . . . . . .
Q
QoS . . . . . . . . . . . . . . . . . . . . . .
settings for Avaya IP Telephones . . . . . . . .
R
RADIUS support . . . . . . . . . . . . . . . . . .
Rear panel . . . . . . . . . . . . . . . . . . . . .
Redundancy . . . . . . . . . . . . . . . . . . . .
Replacing the X360STK stacking module
RIP configuration
. . . . .
. . . . . . . . . . . . . . . . .
RMON . . . . . . . . . . . . . . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . .
Route leaking . . . . . . . . . . . . . . . . . . . .
redistribution configuration
Routing
. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
configuration . . . . . . . . . . . . . . . . .
forwarding . . . . . . . . . . . . . . . . . .
license, obtaining and activating . . . . . . . .
multinetting . . . . . . . . . . . . . . . . . .
RSTP . . . . . . . . . . . . . . . . . . . . . .
S
Safety specifications . . . . . . . . . . . . . . .
SCP protocol support
Security
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
allowed protocols . . . . . . . . . . . . . . . .
ingress VLAN . . . . . . . . . . . . . . . . .
levels in switch . . . . . . . . . . . . . . . . .
password recovery . . . . . . . . . . . . . . .
RADIUS support . . . . . . . . . . . . . . . .
236 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
restricting management access . . . . . . . . .
SCP support . . . . . . . . . . . . . . . . . .
SNMP . . . . . . . . . . . . . . . . . . . . .
Settings, device default . . . . . . . . . . . . . . .
Site preparation . . . . . . . . . . . . . . . . . .
SMON . . . . . . . . . . . . . . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . . .
SNMP . . . . . . . . . . . . . . . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . . .
SNMPv1 . . . . . . . . . . . . . . . . . . . .
SNMPv2c . . . . . . . . . . . . . . . . . . .
SNMPv3 . . . . . . . . . . . . . . . . . . . .
Spanning Tree Protocol . . . . . . . . . . . . . .
configuring with CLI . . . . . . . . . . . . . . .
implementation in C360 . . . . . . . . . . . . .
RSTP . . . . . . . . . . . . . . . . . . . . .
Specifications . . . . . . . . . . . . . . . . . . .
console pin assignments . . . . . . . . . . . .
environmental . . . . . . . . . . . . . . . . .
ethernet . . . . . . . . . . . . . . . . . . . .
GBIC transceivers . . . . . . . . . . . . . . .
interfaces . . . . . . . . . . . . . . . . . . .
physical . . . . . . . . . . . . . . . . . . . .
power . . . . . . . . . . . . . . . . . . . . .
safety . . . . . . . . . . . . . . . . . . . . .
Speeds of ethernet . . . . . . . . . . . . . . . . .
SSH connection, establishing to device . . . . . . .
Stack health, verifying . . . . . . . . . . . . . . . . .
IP, assigning to device . . . . . . . . . . . . .
Stacking . . . . . . . . . . . . . . . . . . . . . .
connecting stacked devices . . . . . . . . . . .
devices . . . . . . . . . . . . . . . . . . . .
different devices, feature compatibility . . . . . .
different devices, hardware compatibility . . . . .
installing stacking module . . . . . . . . . . . .
installing the X360STK stacking module . . . . .
inter-connecting switches . . . . . . . . . . . .
mixing Avaya devices . . . . . . . . . . . . . .
replacing the X360STK stacking module . . . . .
the C360 . . . . . . . . . . . . . . . . . . . .
Standards supported . . . . . . . . . . . . . . . .
IEEE . . . . . . . . . . . . . . . . . . . . . .
IETF layer 2 . . . . . . . . . . . . . . . . . .
IETF layer 3 . . . . . . . . . . . . . . . . . .
IETF network monitoring . . . . . . . . . . . .
Static routing configuration . . . . . . . . . . . . .
Supported standards . . . . . . . . . . . . . . . .
Switch configuration, basic . . . . . . . . . . . . . . .
hardware configurations . . . . . . . . . . . . .
Switch access assigning stack IP . . . . . . . . . . . . . . .
CLI architecture . . . . . . . . . . . . . . . .
entering CLI . . . . . . . . . . . . . . . . . .
Index establishing console connection . . . . . . . . .
establishing layer 2 and layer 3 connections . . . .
establishing PPP connection via modem . . . . .
establishing SSH connection . . . . . . . . . . .
establishing Telnet connection . . . . . . . . . .
overview . . . . . . . . . . . . . . . . . . . .
security levels . . . . . . . . . . . . . . . . . .
System logging . . . . . . . . . . . . . . . . . . . .
parameters configuration . . . . . . . . . . . . .
requirements, Device Manager . . . . . . . . .
T
Tagging, VLAN . . . . . . . . . . . . . . . . . . .
Telnet client support, configuring . . . . . . . . . . .
connection, establishing to device . . . . . . . .
TLVs . . . . . . . . . . . . . . . . . . . . . .
Transceiver installing . . . . . . . . . . . . . . . . . . . .
specifications, GBIC . . . . . . . . . . . . . .
Troubleshooting installation . . . . . . . . . . . .
verifying stack integrity (health) . . . . . . . . .
U
Uploading configurations . . . . . . . . . . . . . .
V
VLAN features configuring with CLI . . . . . . . . . . . .
ingress security . . . . . . . . . . . . . . . .
multi-VLAN binding . . . . . . . . . . . . . . .
tagging . . . . . . . . . . . . . . . . . . . . .
VLAN support . . . . . . . . . . . . . . . . . . .
VRRP configuration . . . . . . . . . . . . . . . .
W
Weighted queuing . . . . . . . . . . . . . . . .
configuration with CLI . . . . . . . . . . .
implementation in C360 . . . . . . . . . . . .
X
X360STK stacking module installing . . . . . . . . . . . . . . . . . . . .
replacing . . . . . . . . . . . . . . . . . . .
Issue 1 July 2006 237
Index
238 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 13 Safety Information
- 14 Conventions Used in the Documentation
- 14 CLI Conventions
- 15 Notes, Cautions, and Warnings
- 19 C360 Features and Benefits
- 19 Stacking
- 20 Network Optimization
- 20 Manageability
- 21 Redundancy
- 22 VLAN Support
- 22 Security
- 23 Quality of Service (QoS)
- 23 Monitoring
- 24 Power over Ethernet (PoE) Support on C360-PWR switches
- 24 Layer 3 Support
- 25 Management
- 25 Management Interface Options
- 26 C360 Switch Configurations
- 29 C360 Front Panels
- 33 C360 Rear Panel
- 35 Preparing Needed Tools
- 36 Site Preparation
- 37 Rack Mounting (Optional)
- 38 Before you Install the C360 in a Rack
- 40 Wall Mounting (Optional)
- 41 Stacking (optional)
- 41 Installing the X360STK Stacking Module
- 42 Inter-Connecting Switches
- 42 To connect stacked switches:
- 44 Making Connections to Network Equipment
- 44 Prerequisites
- 44 Connecting Cables to Network Equipment
- 45 Installing SFP GBIC Transceivers
- 45 Safety Information
- 45 Usage Restriction
- 46 Installing and Removing a SFP GBIC Transceiver
- 47 Copper GBIC Transceiver Installation Notes
- 50 Connecting to an AC Power Supply
- 50 AC Power Cable
- 51 Connecting to a DC Power Source (C364T NEBS Only)
- 53 Connecting a BUPS
- 54 Supplemental Earthing of the C360 (Optional)
- 55 Sample Backup Power Supply Scheme
- 57 Budgeting Power
- 58 Post-Installation
- 60 CLI Architecture
- 60 Security Levels
- 61 Entering the Supervisor Level
- 61 Defining new local users
- 61 Exiting the Supervisor Level
- 62 Entering the CLI
- 62 Establishing a Console Connection
- 64 Assigning C360 IP Stack Address
- 65 Establishing a Telnet Connection
- 66 Establishing an SSH Connection
- 66 Introduction to SSH
- 66 SSH client connection:
- 67 User Authentication
- 68 Procedure for Establishing an SSH Connection
- 69 SSH Commands
- 70 Establishing Access to Other Entities in the Stack (C360 Sessions)
- 71 Establishing a Modem (PPP) Connection
- 71 Connecting a Modem to the Console Port
- 73 SNMP Support
- 73 Introduction to SNMP
- 73 SNMP Versions
- 73 Managers and Agents
- 73 Manager/Agent Communication
- 74 SNMPv1
- 74 SNMPv2c
- 75 SNMPv3
- 75 Users
- 76 Groups
- 77 Views
- 77 SNMP Commands
- 80 RADIUS
- 80 Introduction to RADIUS
- 82 RADIUS Commands
- 83 Recovery Password
- 83 Introduction to Recovery Password
- 83 Recovery Password CLI Commands
- 84 Allowed Managers
- 84 Allowed Managers Introduction
- 84 Allowed Managers CLI Commands
- 86 Allowed Protocols
- 86 Allowed Protocols Introduction
- 86 Allowed Protocols CLI Commands
- 91 Configuring the Switch
- 91 C360 Default Settings
- 95 Introduction
- 95 Basic Switch Configuration
- 96 System Parameter Configuration
- 96 Identifying the system
- 97 Operating parameters
- 97 Network Time Acquiring Protocols Parameter Configuration
- 99 Uploading and Downloading Device Configurations and Images
- 100 Layer 2 Configuration File
- 101 Layer 3 Configuration File
- 103 SCP Protocol Support
- 104 System Logging
- 104 System Logging Introduction
- 104 System Logging Messages
- 105 Sinks
- 105 Message Facilities
- 106 Syslog Servers
- 109 Telnet Client Support
- 109 Introduction to Telnet
- 109 Telnet Commands
- 110 Monitoring CPU Utilization
- 111 Ethernet
- 112 Fast Ethernet
- 112 Gigabit Ethernet
- 113 Configuring Ethernet Parameters
- 113 Auto-Negotiation
- 113 Full-Duplex/Half-Duplex
- 113 Speed
- 113 MDI/MDI-X Detection
- 113 Flow Control
- 114 Priority
- 114 MAC Address
- 115 CAM Table
- 115 MAC Aging
- 115 Ethernet Configuration CLI Commands
- 117 VLANs
- 117 VLAN Overview
- 119 VLAN Tagging
- 119 Multi VLAN Binding
- 121 Ingress VLAN Security
- 122 VLAN CLI Commands
- 123 IEEE 802.1x (Port Based Network Access Control)
- 123 How 802.1x Authentication Works
- 124 IEEE 802.1x Implementation in the C360
- 124 Configuring the C360 for 802.1x
- 125 802.1x CLI Commands
- 127 Spanning Tree Protocol
- 127 Overview
- 127 Spanning Tree Protocol
- 128 Spanning Tree per Port
- 128 Rapid Spanning Tree Protocol (RSTP)
- 128 About the 802.1w Standard
- 129 Port Roles
- 130 Spanning Tree Implementation in the C360
- 131 Spanning Tree Protocol CLI Commands
- 132 MAC Security
- 132 MAC Security Implementation in the C360
- 133 MAC Security CLI Commands
- 134 LAG (Link Aggregate Group)
- 134 LAG Overview
- 134 LAG CLI Commands
- 135 LAG Implementation in the C360
- 135 Port Redundancy
- 136 Port Redundancy Operation
- 137 Intermodule Port Redundancy
- 138 Port Redundancy CLI Commands
- 139 Port Classification
- 139 Overview
- 139 Port Classification CLI Commands
- 139 IP Multicast Filtering
- 139 Overview
- 141 IP Multicast CLI Commands
- 141 RMON
- 141 RMON Overview
- 142 RMON CLI Commands
- 143 SMON
- 143 SMON Overview
- 144 SMON CLI Commands
- 144 Port Mirroring
- 144 Port Mirroring Overview
- 145 Port Mirroring CLI commands
- 145 Port Mirroring Implementation in the C360
- 145 Weighted Queuing
- 145 Implementation of Weighted Queuing in the C360
- 146 Weighted Queuing CLI Commands
- 146 LLDP Agent
- 146 LLDP Agent Overview
- 147 Supported TLVs
- 148 Configuring the LLDP Agent
- 149 LLDP Agent CLI Commands
- 151 Obtaining and Activating a License Key
- 152 Obtaining a Routing License Key
- 158 Activating a Routing License Key
- 158 License Key CLI Commands
- 158 What is Routing?
- 161 Routing Configuration
- 161 Forwarding
- 161 Multinetting (Multiple Subnets per VLAN)
- 162 IP Configuration
- 162 IP Configuration CLI Commands
- 163 Assigning Initial Router Parameters
- 164 RIP (Routing Interchange Protocol) Configuration
- 164 RIP Overview
- 165 RIP2
- 166 RIP CLI Commands
- 167 OSPF (Open Shortest Path First) Configuration
- 167 OSPF Overview
- 168 OSPF CLI Commands
- 169 Static Routing Configuration
- 169 Static Routing Overview
- 170 Static Routing Configuration CLI Commands
- 170 Route Preferences
- 171 Route Redistribution
- 172 Route Redistribution Commands
- 172 ARP (Address Resolution Protocol) Table Configuration
- 172 ARP Overview
- 173 The ARP Table
- 174 ARP CLI Commands
- 175 BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay Configuration
- 175 BOOTP/DHCP Overview
- 175 BOOTP
- 175 DHCP
- 175 DHCP/BOOTP Relay
- 176 BOOTP/DHCP CLI Commands
- 176 NetBIOS Re-broadcast Configuration
- 176 NetBIOS Overview
- 177 NetBIOS Re-broadcast Configuration CLI Commands
- 177 VRRP (Virtual Router Redundancy Protocol) Configuration
- 177 VRRP Overview
- 178 VRRP Configuration Example 1
- 178 Case#1
- 179 Case #2
- 179 VRRP CLI Commands
- 180 Policy Configuration
- 180 Policy Configuration Overview
- 181 Policy Configuration CLI Commands
- 183 Policy Configuration Example
- 184 Policy Configuration Example
- 184 IP Fragmentation and Reassembly
- 184 IP Fragmentation and Reassembly Overview
- 185 IP Fragmentation/Reassembly CLI Commands
- 187 Power Over Ethernet
- 187 Load Detection
- 188 How the C360-PWR Switches Detect a Powered Device
- 188 Specific Resistance Signature (IEEE 802.3af)
- 188 PD Connected
- 189 “Plug and Play" Operation
- 189 Powering Devices
- 189 Priority
- 190 Power over Ethernet in Converged Networks
- 191 Power over Ethernet CLI Commands
- 193 Overview
- 194 System Requirements
- 194 Configuring the Device Manager
- 194 Device Manager Commands
- 195 Running the Device Manager
- 197 Installing the Java Plug-in
- 197 Installing from the C360 Documentation and Utilities CD
- 197 Install from the Avaya Web Site
- 197 Install from your Local Web Site
- 198 Installing the On-Line Help and Java Plug-In on your Web Site
- 198 Documentation
- 201 Troubleshooting the Installation
- 204 Stack Health
- 204 Overview
- 204 Implementation of Stack Health in the C360
- 205 Stack Health CLI Commands
- 207 Introduction
- 207 Replacing the Stacking Module
- 208 Hardware NVRAM Initialization
- 211 Firmware Download
- 211 Obtain Software Online
- 211 Downloading Firmware
- 212 Download New Version without Overwriting Existing Version
- 212 Firmware Banks
- 214 Hardware Compatibility
- 214 Stacking
- 215 BUPS
- 216 Feature Compatibility
- 217 QoS Mapping
- 219 Introduction
- 221 Avaya C360 Standards Supported
- 221 IEEE
- 221 IETF - Layer 2
- 222 IETF - Layer 3
- 223 IETF - Network Monitoring
- 225 Physical
- 226 Power Requirements
- 227 Environmental.
- 227 Safety
- 228 MTBF
- 228 Interfaces
- 228 GBIC Transceivers
- 228 LX Transceiver
- 229 SX Transceiver
- 229 ELX Transceiver
- 229 Copper Transceiver
- 230 Console Pin Assignments
- 231 Ethernet