SlideShare ist ein Scribd-Unternehmen logo

3 com stackable_desktop switchtechsept120908[1]

â€ĒAls PPTX, PDF herunterladenâ€Ē
â€Ē
3
3619717
Bildung
1 von 189
1 3Com Stackable/Desktop Switch
2 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļ•āļīāļ”āļ•āļąāđ‰āļ‡āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāđƒāļ™āļ›āļąāļˆāļˆāļļāļšāļąāļ™
3 3 3Com LAN Switching Portfolio Solutions for Business’s of all Sizes Features,Functions,Scalability Core & Distribution Switching Modular “High-End” Switch 8800 Modular “Mid-Range” Switch 7750 Distribution & Workgroup Switching 10/100/1000 10/100 Switch 5500G Switch 4500G Switch 4200G Switch 5500 Switch 4500 Switch 4210 Switch 4800G Switch 7900
44 Entry Level Gigabit Switch > Basic QoS > Traffic Management & Security features > Static Routing 3Com Switch 5500G Mid-range Gigabit Edge Switch > Basic Layer 3 Routing > All models support up to four10-Gigabit uplinks Premium Stackable > Advanced Layer 3 Routing > Multilayer QoS for Convergence Networking > Granular Traffic Management & Holistic Security > Disaster Protection with XRN 3Com Stackable/Desktop Switch Access Connectivity for Medium-Small Enterprises 3Com Switch 5500-EI Premium L3 Stackable > Advanced Layer 3 Routing > Multilayer QoS for Convergence Networking > Granular Traffic Management & Holistic Security > SI is upgradeable to advanced L3 and security Mid-range Stackable > Multilayer QoS and PoE for Convergence Networking > Basic Layer 3 Routing Entry Level L2 > Layer 2 Switching > Basic QoS > Traffic Management & Security features 3Com Switch 4210/ 3Com Switch 4200 10/100/1000 10/100 3Com Switch 4500G 3Com Switch 4500 3Com Switch 4200G 3Com Switch 4800G
5 3Com Switch 4210
6 Switch 4210 â€Ē Switch 4210 9-Port (3CR17331-91) – 8 10/100 port plus 1 dual-personality (1000Base-T or SFP)Gigabit ports â€Ē Switch 4210 18-Port (3CR17332-91) – 16 10/100 port plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 26-Port (3CR17333-91) – 24 10/100 port plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 9-Port (3CR17341-91) – 8 10/100 port PWR plus 1 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 18-Port (3CR17342-91) – 16 10/100 port PWR plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 26-Port (3CR17343-91) – 24 10/100 port PWR plus 2 dual-personality (1000Base-T or SFP) Gigabit ports
7 Switch 4210 â€Ē Layer 2 switching â€Ē Clustered stacking of up to 32 devices for simplified wiring closet administration â€Ē Centrally manage via SNMP, CLI or web â€Ē For enterprise branch and small workgroup deployments â€Ē Power over Ethernet for voice and wireless-ready networking â€Ē 3Com’s lifetime warranty including PSU and fans â€Ē Advanced Hardware Replacement with next business day shipment in most regions -Rack-mount 26-port -Small form factor units 9-port and 18 ports in both PoE and non-PoE variants **Can mixed clusters of Switch 4210, 4200G, 4500G, 5500 and 5500G devices
8 Family-Level Comparison Chart The 3Com Switch 4210 is a next-generation Switch 4200. Here are key comparisons: New Switch 4210 Switch 4200 A-SKUs Port Configuration PoE Versions : 9-Port -- 8 10/100 + 1 combo 10/100/1000 or SFP) 18-Port -- 16 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 combo 10/100/1000 or SFP) Non-PoE Versions : 9-Port -- 8 10/100 + 1 combo 10/100/1000 or SFP) 18-Port -- 16 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 fixed 10/100/1000) 28-Port -- 24 10/100 + 2 fixed 10/100/1000 + 2 SFP) 50-Port – 48 10/100 + 2 fixed 10/100/1000) These do not support PoE. Performance 9-Port : 3.6Gbps / 2.7Mbps 18-Port : 5.2Gbps / 3.9Mbps 26-Port : 8.8Gbps / 6.6Mbps 26-Port: 8.8Gbps / 6.6Mbps 28-Port: 12.8Gbps / 9.5Mbps 50-Port: 13.6Gbps / 10.1Mbps Stacking / Clustering Clustering up to 32 high Stacking up to 4-high LACP Yes Yes STP / RSTP / MSTP Yes STP, Yes RSTP, Yes MSTP Yes STP, Yes RSTP, No MSTP IGMP Snooping Yes Yes DUD Yes Yes Priority Queues 4 2 NTP Yes No IPv6 Yes No GVRP No No SSHv2 / SSL Yes / No No / No
9 3Com Switch 4200G
10 Switch 4200G Products Overview â€Ē Switch 4200G 12-Port (3CR17660-91) – 12 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and 1 10-Gigabit slot â€Ē Switch 4200G 24-port (3CR17661-91) – 24 10/100/1000 port , 4dual-personality (1000Base-T or SFP) Gigabit ports and 2 10-Gigabit slot â€Ē Switch 4200G 48-Port (3CR17662-91) – 48 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and 2 10-Gigabit slot User-configurable SFP Gigabit Ports Provide Media Flexibility Choice of 10/100/1000 (RJ45) or SFP Interface SFP Interfaces Enable Multimode or Single mode Fiber Connectivity Same SFP Transceivers as for Other Products Supporting SFP’s
11 â€Ē Cost-Effective, Feature-Rich – Managed 10/100/1000 switches – 12-, 24- and 48-port models – User configurable combo Gigabit ports – Extensive layer 2 switching – Static layer 3 routing – Clustered stacking of up to 16 devices New Switch 4200G Gigabit Ethernet Family Affordable Gigabit to the Desktop for the Workgroup Edge â€Ē Standards-Based Design for Interoperability â€Ē Proven, Reliable 3Com Operating System Software â€Ē Enterprise Class Lifetime Warranty with Next Business Day Response â€Ē No PoE Supported Model, Not Support Redundant Power Supply
12 Switch 4200G Clustered Stacking â€ĒManage up to 16 devices with single IP management â€ĒMix and match with other Switch 4200G, with Switch 5500 / 5500G, and with future Switch 4500G, for simplified 3Com device management Kindergarten School Core Switch 5500G-EI Classroom 1 Switch 4200G-48 Classroom 2 Switch 4200G-12 Classroom 2 Switch 4200G-48 Classroom 2 Switch 4200G-12 Single IP Mgmt Common CLI Common Web Common Look & Feel 10G Uplink
13 3Com Switch 4200G - 10-Gigabit Uplinks â€Ē All models support 10-Gigabit uplinks – Switch 4200G 12-Port has one 10-Gigabit slot – Switch 4200 24- and 48-Port have two 10-Gigabit slots â€Ē Direct plug-in of 10-Gigabit XENPAK transceiver – No other hardware is required â€Ē Via a module, also 10-Gigabit XFP transceivers Plug module (3C17666) here XENPAK Transceivers: â€Ē3CXENPAK91 10GBASE- LX4 â€Ē3CXENPAK92 10GBASE-LR â€Ē3CXENPAK94 10GBASE-SR â€Ē3CXENPAK95 10GBASE- CX4 â€Ē3CXENPAK96 10GBASE-ER XFP Transceivers: â€Ē3CXFP96 10GBASE-ER â€Ē3CXFP92 10GBASE-LR â€Ē3CXFP94 10GBASE-SR Plug XFP here Plug XENPAK here
14 Comparison Chart This table compares the 24-Port model across various 3Com families New 4210 26-Port Baseline 2226 Plus 4200 26 / 28 4200G 24 SKU 3CR17343-91 3C16470 3C17300A 3C17304A 3CR17661-91 Total ports 24x 10/100 2x Combo Gig 24x 10/100 2x Combo Gig 26-Port Model 24x 10/100 2x 10/100/1000 28-Port Model 24x 10/100 2x 10/100/1000 2x SFP Gig ports 20x 10/100/1000 4x Combo Gig Up to 2x 10-Gig Technology L2 L2 L2 L2 with static L3 Performance 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 12.8Gbps / 9.5Mbps 88Gbps / 65Mbps MAC addresses 8K 4K 8K 8K VLANs 256 64 255 4,094 Stacking Clustering Standalone Stacking Clustering Priority Queues 4 4 2 8
15 3Com Switch 4500 Family
16 Switch 4500 Family Introduction â€Ē Four Fixed-Configuration Models: – Switch 4500 26-Port (3CR17561-91) 24 x 10/100 Ports + 2 x Combo Gig Ports – Switch 4500 50-Port (3CR17562-91) 48 x 10/100 Ports + 2 x Combo Gig Ports – Switch 4500 PWR 26-Port (3CR17571-91) 24 x 10/100 Ports (PoE) + 2 x Combo Gig Ports – Switch 4500 PWR 50-Port (3CR17572-91) 48 x 10/100 Ports (PoE) + 2 x Combo Gig Ports â€Ē User-configurable Gigabit Ports – Provide Media Flexibility – Choice of 10/100/1000 (RJ45) or SFP Interfaces â€Ē SFP Interfaces Enable Multimode or Singlemode Fiber Connectivity â€Ē Same SFP Transceivers as for Other Products Supporting SFP’s â€Ē Compact Enclosure (1 RU High) â€Ē -48V DC Supplemental Power Option (PoE Models) – Supplemental PoE Power and/or Power Redundancy
17 Switch 4500 Family Software Basics â€Ē Support 56/168 bit encryption – Ships with 56 bit encryption image – Download 168 bit encryption in regions allows by regulations â€Ē 8K MAC Addresses â€Ē 256 802.1Q VLANs â€Ē Link Aggregation using LACP (802.3ad) – Not across stacked units â€Ē Spanning Tree enable/disable per port â€Ē RSTP â€Ē Fast Start mode on 10/100 ports â€Ē Broadcast Storm Control per VLAN â€Ē IGMPv1 & v2 â€Ē Filtering for 128 Multicast groups
18 Switch 4500 ( 10/100 ) New release ( version 3.03) Support Link Aggregation Across stack Support Clustering 32 device New Software Feature Improvement of web, CLI and SNMP performance Clustering management up to 32 devices. Distributed Link Aggregation for Switch 4500 stack IPv6 Management -- network discovery over IPv6, Telnet6, DNS6, TFTP6, TraceRoute6, IGMP6 Many to 1 port mirroring Jumbo Frame support to 9K packets Loopback Detection Device Link Detection Protocol (DLDP) to testing links IEEE 802.1s Multiple Spanning Tree -- 16 instances Q-in-Q Increase in ARP table size from 10 to 16 Increase in static routes from 12 to 16 Legacy Mode to deal with Cisco voice installations. QoS marking / remarking of 802.1p Guest VLAN assignment via 802.1X Mix modes 802.1X and MAC-based authentication Mac lock-down / sticky mode IGMP Snooping v3 IGMP Non Flooding
19 3Com Switch 4500/4500G Clustered Stacking â€Ē Manage up to 32 devices with single IP management â€Ē Mix and match with other Switch 4500G, with Switch 5500 / 5500G, and with Switch 4200G, for simplified 3Com device management School Administration Core Switch 5500G-EI Classroom 1 Switch 4500G-48 Classroom 2 Switch 4500G-PWR-48 Classroom 3 Switch 4200G-48 Classroom 4 Switch 4200G-12 Single IP Mgmt Common CLI Common Web Common Look & Feel 10G Uplink
20 Switch 4500 Hardware Basics â€Ē Switch 4500 supports: – 26-Port: 8.8Gbps forwarding / 6.5Mpps switching capacity – 50-Port: 13.6Gbps forwarding / 10.1Mpps switching capacity â€Ē 1U high, 19” Rack mountable â€Ē Stacking – Non-resilient â€Ē Layer 2 and Layer 3 switching â€Ē All ports auto negotiate speed, duplex and MDI/MDIX. â€Ē Console port interface
21 Switch 4500 26-Port 3CR17561-91 Port 13 Port 12 10/100 Base-T Port 1 Ports 25 & 26 Combo Ports SFP ports OR 10/100/1000Base-T Port 25 & 26 LED Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue
22 Switch 4500 50-Port 3CR17562-91 Port 25 Port 24 10/100 Base-T Port 1 Ports 49 & 50 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue
23 Switch 4500 PWR 26-Port 3CR17571-91 Port 13 Port 12 10/100 Base-T Port 1 Ports 25 & 26 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Port 25 & 26 LED Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue RPS Connector
24 Switch 4500 PWR 50-Port 3CR17572-91 Port 25 Port 24 10/100 Base-T Port 1 Ports 49 & 50 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue RPS Connector
25 Comparison Chart This table compares the 24-Port model across various 3Com families New 4210 26-Port Baseline 2226 Plus 4200 26 / 28 4200G 24 4500 24 SKU 3CR17343-91 3C16470 3C17300A 3C17304A 3CR17661-91 3CR17561-91 Total ports 24x 10/100 2x Combo Gig 24x 10/100 2x Combo Gig 26-Port Model 24x 10/100 2x 10/100/1000 28-Port Model 24x 10/100 2x 10/100/1000 2x SFP Gig ports 20x 10/100/1000 4x Combo Gig Up to 2x 10-Gig 24x 10/100 2x Combo Gig Technology L2 L2 L2 L2 with static L3 L2 with dynamic L3 Performance 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 12.8Gbps / 9.5Mbps 88Gbps / 65Mbps 8.8Gbps / 6.6Mbps MAC addresses 8K 4K 8K 8K 8K VLANs 256 64 255 4,094 256 Stacking Clustering Standalone Stacking Clustering Stacking and clustering Priority Queues 4 4 2 8 8
26 NEW 3Com Switch 4800G
2727 Switch 4800G Details ‹ Four “standard” 10/100/1000 units ― 24-Port ― 48-Port ― PWR 24-Port ― PWR 48-Port ― These include four 100/1000 combo ports; all have dual 2x10G expansion slots ‹ One SFP unit ― 24-Port SFP: with 24-SFP (100/1000) including 8 combo ports with 10/100/1000 ― Supports dual PSUs. Ships with one, order a second for 1+1 PSU redundancy ‹ Modules shared with 3Com Switch 4500G and H3C S5500 ― 1x 10-Gigabit XFP ― 2x 10-Gigabit XFP ― 2x 10-Gigabit CX4
2828 4800G Software Intro ‹ Switch runs Comware V5, our latest generation OS ― Comware V5: 4500G, 4800G, S7900E, some 8800, some 7750 ― Comware V3: 4210, 4200G, 4500, 5500, 5500G, some 8800, some 7750 ‹ Switch is a superset of Switch 4500G functionality ― In all major ways, it will act like a 4500G ― Yes more features and some evolution of the code
2929  CLI  Web management  SNMPv1/v2/v3  sFlow  VCT, DLDP  LDT  4K L2-L4 hardware based ACL  Ingress and EGRESS ACL  VLAN and port based ACL  uRPF  ARP detection  RRPP (Rapid Ring Network Protect Protocol)  SMARTLINK  VRRP  Redundant power supply  Up to 4 10GE uplinks  128G/176G switching capacity  Full wire speed L2/L3 switching and forwarding  32K MAC, 12K routing table  IPv4/IPv6 dual stack  RIP, OSPF, BGP, RIPng, OSPFv3, BGP4+  IGMP, PIM SM/DM, MLD, PIM6 SM/DM  IPv4/IPv6 Policy Based Routing  IPv6 Ready phase-II certification 3Com Switch 4800G Performance IPv6 Securit y Reliability Management & Maintenance Highlights
3030 More Features ‹ L2: ― MSTP, LACP, QinQ, Selective QinQ, GVRP, DHCP, VCT, Guest VLAN, Port Isolate , Voice VLAN, Mac based VLAN, Protocol based VLAN, IP subnet based VLAN, RRPP, DLDP ‹ L3: ― RIP, RIPng, OSPF, OSPFv3, BGP4, BGP4+, ISIS, ISISv6, ARP Proxy, DHCP relay, DHCP server, VRRP, policy-routing, ECMP ‹ Multicast: ― IGMP Snooping, MLD Snooping, IGMP v1/v2/v3, MLD v1/v2, MVR+, IGMP querier, IGMP group-policy, IGMP group-restriction, source address-checking, unknown packet discarding ‹ Multicast route: ― PIM-DM, PIM-SM, PIM-SSM for, MSDP ‹ Security: ― Port Security, 802.1x, MAC authentication, learning No. of MAC, Radius, TACACS+, SSHv2, Https, IP source guard, sFlow, CPU defensing DOS
3131 High Performance Capabilities: Layer 2 Forwarding / Layer 3 Routing ‹ High capability of L2/L3 for IPv4/IPv6 ‹ IPv4 Routing: ― 256 for static ― RIPv1/v2, maximum 2K ― OSPF/BGP4/IS-IS,maximum 12K ‹ IPv6 Routing: ― 256 for static ― RIPng, maximum 2k ― OSPFv3/BGP4+/IS-ISv6, maximum 6K ‹ MAC Address Table ― 1024 for static ― Supporting 32K MAC for one unit
3232 High Performance 10-Gigabit Uplinks ‹ Two expansion slots available ‹ Flexible expansion, three interface cards supported: ― 1-port XFP 10GE ― 2-port XFP 10GE ― 2-port CX4 10GE – this for short-distance low-cost 10GE interconnect ‹ Modules shared with 4500G
3333 Switch 4800G Clustering ‹ Supports clustering just like the 4500G ― Single IP management shared with 4210, 4200G, 4500, 4500G, 5500, 5500G ― No resilient loopback ― No Distributed Link Aggregation or advanced XRN stacking features ‹ Components needed: ― Two-Port Local Connection (CX4) Module (soon repriced to $495 list) ― Switch to switch local connection cables ― The other slot is available for 10G uplinks back to the core ‹ XRN is on the roadmap by end 2008
3434 Switch 4800G Stacking ‹ Initial releases support clustering ‹ Late 2008 release will support full XRN stacking (shown above) ― Distributed Device Management with single agent management and single IP ― Distributed Link Aggregation ― Distributed Resilient Routing ‹ Components needed: ― Two-Port Local Connection (CX4) Module ― Switch to switch local connection cables with resilient loopback ― The other slot is available for 10G uplinks back to the core
35 3Com Switch 4500G
36 Switch 4500G Family â€Ē Switch 4500G 24-Port (3CR17761-91) – 24 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G 48-Port (3CR17762-91) – 48 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G PWR 24-Port (3CR1771-91) – 24 10/100/1000 port PWR, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G PWR 48-Port (3CR1772-91) – 48 10/100/1000 port PWR, 4dual-personality (1000Base-T or SFP) Gigabit ports and
37 Switch 4500G Hardware / Software new feature â€Ē New mid-range managed quad-speed enterprise switch – 10/100/1000 and 10-Gigabit (Up to 4 ports for All Models) â€Ē Suitable at the network edge and for small-to-medium core â€Ē Layer 2 switching and Layer 3 dynamic (RIP) routing â€Ē Power over Ethernet for voice and wireless-ready networking â€Ē 3Com’s lifetime warranty including PSU and fans â€Ē Support Redundant Power Supply for PWR Model â€Ē Centrally manage via SNMP, CLI or web; cluster up to 32 devices for simplified wiring closet administration
383Com Confidential 3Com Switch 4500G - 10-Gigabit Uplinks â€Ē All models support up to four10-Gigabit uplinks â€Ē Choose local connection and / or XFP-based – Local Connection module supports CX4 4X InfiniBand cabling up to 3 meters long; ideal for local stacking – XFP module supports the standard flexible XFP interface, supporting various medium-long distance fiber technologies Plug the XFP Module (3C17766) here XFP Transceivers: â€Ē3CXFP96 10GBASE-ER â€Ē3CXFP92 10GBASE-LR â€Ē3CXFP94 10GBASE-SR CX4 Cables: â€Ē3C17775 50 cm â€Ē3C17776 100 cm â€Ē3C17777 300 cm Plug XFP here Plug the Local Connect Module (3C17767) here Plug CX4 Cable here Consider this: The 3Com Switch 4500G compares in price to switches that don’t support 10- Gigabit! Your network is more future-proof with the 3Com solution!
39 39 > Positioned for — Businesses deploying new service such as VoIP — Scaling to meet a growing business > Key Features — Enterprise-Class L2 & L3 IP Feature set — Basic Layer 3 IP Routing (Static, RIP, RIP2) — Copper and Power over Ethernet versions — 8 Hardware Queues Per Port, Traffic Shaping per port — L2, 3, 4 Access Control List — Lifetime Warranty with advanced hardware replacement — Stacking / Clustering Support — Designed for Voice Ready Networks > Business Benefits — Able to power an vendors phone system, prioritize and segment into a VLAN — Pay as you Grow – add more ports as needed and manage as one entity — Future proofed design with a full service & support offering Switch 4500 /4500G Ethernet Family Access Connectivity for Small Enterprises Switch 4500G Switch 4500 NEW â€ĒSwitch 4500G 24-Port 24 x 10/100/1000 Ports 4 Gig SFP (Combo) 2 Dual 10G Slots â€ĒSwitch 4500G 48-Port 48 x 10/100/1000 Ports 4 Gig SFP (Combo) 2 Dual 10G Slots â€ĒSwitch 4500G 24-Port PWR Same as 4500G 24-Port with PWR â€ĒSwitch 4500G 48-Port PWR Same as 4500G 48-Port with PWR â€ĒSwitch 4500 26-Port 24 x 10/100 Ports 2 Gig SFP/ 2 Gig Copper (Combo) â€ĒSwitch 4500 50-Port 24 x 10/100 PoE Ports 2 Gig SFP/ 2 Gig Copper (Combo) â€ĒSwitch 4500 26-Port PWR Same as 4500 24-Port with PWR â€ĒSwitch 4500 50-Port PWR Same as 4500 48-Port with PWR IEEE 802.3af ( Power Over Ethernet )
40 Comparison Chart This table compares the 24-Port Gigabit model across various 3Com families 4200G 24 3870 24 4500G 24 Total ports 20 x 10/100/1000 4 x Dual Personality Up to 2x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 1x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 4x 10-Gig Technology L2+ L2 / L3 L2 / L3 Performance 88-Gbps 65.5-Mpps 108-Gbps 80.0-Mpps 128.0-Gbps 95.2-Mpps MAC addresses 8,000 16,000 8,000 VLANs 256 255 256 Stacking Clustering Stacking Clustering Priority Queues 8 8 8
41 3Com Switch 5500/5500G Family
42 Introducing 3Com Switch 5500 Premium Switching Solution â€Ē Premium Enterprise stackable switches – For wiring closets, aggregation points, branch offices and data centers â€Ē 3Com OS: Same as 7700, 8800, Routers â€Ē XRNÂŪ technology 8-High â€Ē Seven 10/100 Fast Ethernet models – Standard Image / Enhanced Image â€Ē 5500-SI 28 / 52-Port; 5500-EI 28 / 52 Port – PoE Variants of EI â€Ē 5500-EI 28-Port PWR; 5500-EI 52-Port PWR – 100BASE-FX Variant â€Ē 5500-EI 28-Port FX â€Ē Five 10/100/1000 Gigabit models – Enhanced image, without and with PoE â€Ē 5500G-EI 24- / 48-Port; 5500G-EI 24- / 48-Port PWR – SFP Variant â€Ē 5500G-EI 24-Port SFP 3Com Switch 5500 Portfolio
43 Target use: Advanced Enterprise wiring closet access switch; small aggregation Availability: Routing functions are totally distributed across all switches in the stack massively increasing performance and uptime Scalability: Extend connectivity with a mixture of PoE and fibre switches Connectivity: Jumbo Frames are supported on all gigabit uplinks for interoperability with equipment downstream Application-Aware: Advanced Time-Based ACLs are supported that can be automatically executed on a per user or machine basis Port Configurations: 24 x 10/100 Ports + 4 SFP 48 x 10/100 Ports + 4 SFP 24 x 10/100 PoE + 4 SFP 48 x 10/100 PoE + 4 SFP 24 100BASE FX SFP + 2 10/100/1000 + 2 SFP Includes Enhanced Image (EI) software â€Ē Includes ALL SI software plus: XRN â€Ē Distributed Device Management Mix and match any 5500-EI product in a stack, including PWR and FX SKUs â€Ē Distributed Link Aggregation Allows up to 32 groups to be spread across any ports in the stack (8 FE / 4 GE per group) â€Ē Distributed Resilient Routing All switches in the stack are actively routing and sharing LSDB and ARP tables 256 static routes with 2K RIP entries 4K ARP Table 6K LSDB size for OSPF Multicast Routing PIM Sparse Mode / Dense Mode â€Ē 4096 Port-Based VLANs â€Ē Time-based Access Control Lists â€Ē DHCP Tracker â€Ē Traffic Redirection â€Ē Traffic Mirroring â€Ē Syslog Switch 5500-EI 28-Port Key Points Switch 5500-EI 52-Port Switch 5500-EI 28-Port PWR Switch 5500-EI 52-Port PWR Switch 5500-EI 28-Port FX Switch 5500-EI Overview
44 Target use: Advanced Enterprise wiring closet access switch; Building aggregation and server farm Availability: Pluggable Power Supply for reducing time to repair Scalability: Instantly enable Power over Ethernet via a plug-in PoE Power Supply Connectivity: Add up to 448 Gigabit ports 16 x 10G links per stack for ultimate performance Application-Aware: Advanced bespoke classification masks can be programmed for any QoS or ACL rule Port Configurations: 24 x 10/100/1000 Ports + 4 SFP + 1 Application Module Slot (PoE Ready) 48 x 10/100/1000 Ports + 4 SFP + 1 Application Module Slot (PoE Ready) â€Ē24 x SFP Ports + 10/100/1000 + 1 Application Module Slot Includes Enhanced Image (EI) software â€Ē Includes ALL SI software plus: â€Ē Hot-swappable Application Module Slot for expansion cards : 8-Port SFP, 1-Port 10G, 2-Port 10G â€Ē Removable PSU XRN â€Ē Distributed Device Management Mix and match any 5500G-EI product in a stack 48 Gigabit Bi-directional stacking link with redundant loop â€Ē Distributed Link Aggregation Allows up to 32 groups to be spread across any ports in the stack (8 GE / 4 10GE per group) â€Ē Distributed Resilient Routing All switches in the stack are actively routing and sharing LSDB and ARP tables 100 static routes with 2K RIP entries 8K ARP Table 12K LSDB size for OSPF Multicast Routing PIM Sparse Mode / Dense Mode Switch 5500G-EI 24-Port Key Points Switch 5500G-EI 48-Port Switch 5500G-EI 24-Port SFP Switch 5500G-EI Overview
45 Switch 5500 Premium Switching Services â€Ē Security: SNMP v3, Extended 802.1X Network Login with RADA (RADIUS Authentication Device Access), Time of Day ACLs, Secure Shell (SSH), Layer 3 and Layer 4 Auto VLANs, four different administrator levels, Denial of Service attack prevention, MAC port binding (formally DUD), MAC address limitation â€Ē Application-Aware: Auto-Qos, Auto-VLAN, Ingress/Egress Rate limiting, IPv4 and IPv6, Advanced QoS L2-4 with DSCP and fully configurable Time-of-Day QoS, WRR, SPQ, WFQ, advanced traffic mirroring â€Ē Availability: Distributed Resilient Routing (RIP, OSFP and PIM SM/DM) Distributed Link Aggregation (802.3ad), 802.1w with STP route guard, IGMP snooping, AC or DC power input, hot-swappable media modules*, hot-swappable power supplies and fans*, Dual software agents, Denial of Service device protection, resilient XRN stacking architecture, Thermal control and monitoring * Where applicable
46 Switch 5500 8-High XRNÂŪ Stacking Key Benefits of Evolved Technology â€Ē Unified management of stack – Single IP Address; single CLI; single web interface; automatic consistency â€Ē Full self-healing resiliency with all units sharing critical routing information – No master / slave set-up or limitations – Local L2/L3 switching improves performance – Full “pay as you grow” expansion without “hot standby” insurance â€Ē Distributed resilient connections – Easy dual homing, spanning of units, yet single trunk – 10/100 units can be geographically remote 1992 200519951994 Industry 1st Stackable Hub 3Com FMS Resilient Cascade Stacking system 3Com Hub 10/40/50 2000 Self-healing stacking SuperStack 3 Switch 4400 SuperStack SuperStack 2 Switch 1100/3300 2002 XRN 48Gbps L2/3/4 Stacking DLA DDM DRR XRN 8Gbps L2/3/4 Stacking DLA DDM DRR Hot-Swap Cascade 2Gbps L2/4 Stacking DLA Matrix Stacking 1Gbps L2 stacking Stacking 10Mbps Single Stack Management Revolutionary XRN – L2 &3 Stacking Switch 4900 XRN Evolution Multi-Layer Routing Switch 5500
47 SuperStack 4 Switch 5500G-EI SuperStack 4 Switch 5500-EI SuperStack 3 Switch 4400 Switch 5500 & XRNÂŪ Technology 4 Gbps Load Balanced LAG Multiple links fail without affecting connectivity back to the aggregation point Fully compatible with existing 4400 Family
48 â€Ē XRN : Distributed Device Management (DDM) – Intelligent management ensures all switches act as a single logical device – Resilient architecture provides access to management in the event of any switch failing – Rapid stack-wide feature configuration – Automatic and Manual stack configuration – Stack up to 8 units 192.168.1.254 â€Ē Stack-Wide Management – Single entity for SNMP, WEB and CLI Management – Display ALL configurations in one screen with Device View – Reduces configuration time – Improved monitoring responsiveness r222# telnet 192.168.0.33 r222# configure terminal r222(config)# interface ethernet 0/0 r222(config-if)# ip address 7.7.7.7 255.255.255.0 r222(config)# interface pos 4/0/0 XRN – Distributed Device Management
49 â€Ē Distributed Link Aggregation (DLA) – Create incredibly resilient network designs that are highly flexible – XRN technology binds all the switches into a single entity allowing connections from ANY port across the fabric to be connected together using IEEE 802.3ad LACP – LACP will then automatically configure the links as aggregated links Switch 5500G-EISwitch 5500-EI Switch 4400 3870 LACP 802.3ad 5500-EI provides geographical separation 5500G-EI provides closet separation; up to 12ft / 5M Interoperable with other 3Com DLA switches XRN – Distributed Link Aggregation
50 â€Ē Distributed Resilient Routing (DRR) – Provides chassis like resilience for routed (L3) networks – Local layer 3 routing using Rip – XRN synchronizes OSFP FIB table to all hosts in the fabric – All ACL information is distributed to all host units 1 2 ROUTER TABLE VLAN 1 0.0.0.0 255.255.0.1 Router Interface information is synchronised across all switches L3 traffic can be handled locally by the switch and intelligently passed up or down the XRN stack Student VLAN Admin VLAN XRN – Distributed Resilient Routing
51 â€Ē XRN Stacking – Each switch uses the last two Gigabit SFP ports to provide a 2Gbps FD link – No extra hardware required – Stack up to 8 units of any variety – Automatic or manual stack configuration – A return link provides rapid fail-over in the event of a normal link or unit failing – XRN Stack units together over 70km apart! Normal Stacking Link: 1 Gbps UP / 1 Gbps DOWN Standby Stacking loop connection: 1 Gbps UP / 1 Gbps DOWN Switch 5500-EI/SI Use ANY Gigabit SFP to link the units together Stacking – Powered by XRN
52 Stacking – Powered by XRN â€Ē 96Gbps XRN Stacking – Each switch has two bi-directional cascade links providing a massive 96Gb/s bandwidth – Industry Leading! – Stack up to 8 units of any variety – Automatic or manual stack configuration – A return link is ACTIVE! Providing fastest path around the XRN fabric – Stacking bandwidth is not shared with any other resource – 65cm, 150cm & 5M cables are available Normal Stacking Link: 24 Gbps UP / 24 Gbps DOWN Standby Stacking loop connection: 24 Gbps UP / 24 Gbps DOWN Switch 5500G-EI Ultra high-speed robust Infiniband 12X connectors and cables
53 Stacking Numbering - XRN â€Ē Each switch has a unique unit ID in the fabric â€Ē By default, the unit ID of a switch is set to 1 – The Unit ID can be manually set â€Ē Every switch has a unit name (sysname) – All units in the stack must have the same sysname â€Ē By default XRN will automatically number the switches to constitute a fabric – Unit 1 will be the unit with the lowest MAC address – Units will subsequently number from unit 1 up upupdown down down Unit 1 Unit 2 Unit 3 Unit 4
55 3Com Switch 5500 Portfolio “Firsts” of the 3Com Switch 5500 â€Ē Industry leading performance - up to 384Gbps backplane bandwidth â€Ē Highest stackable density - 448G ports in 8 “rack units” â€Ē Fastest totally resilient stacking at 48Gbps (96Gbps full duplex) â€Ē First with upgradeable PoE for 10/100/1000 Gigabit model â€Ē Only switch to ship with flexible AC or DC power input for n+1 power redundancy â€Ē Convergence-optimized - Auto-detects IP phones, prioritizes voice traffic, filters onto VLAN or mirror voice calls for recording â€Ē First Layer 3 XRN 8-high Stackable
56 Comparison Chart This table compares the 24-Port Gigabit model across various 3Com families 4200G 24 3870 24 4500G 24 5500G-EI Total ports 20 x 10/100/1000 4 x Dual Personality Up to 2x 10- Gig 20 x 10/100/1000 4 x Dual Personality Up to 1x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 4x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 2x 10-Gig 2x stacking Technology L2+ L2 / L3 L2 / L3 L2 / L3 Performance 88-Gbps 65.5-Mpps 108-Gbps 80.0-Mpps 128.0-Gbps 95.2-Mpps 184-Gbps 136.9-Mpps MAC addresses 8,000 16,000 8,000 16,000 VLANs 256 255 256 4,094 Stacking Clustering Stacking Clustering Stacking and clustering Priority Queues 8 8 8 8
57 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļ‚āļ­āļ‡ Stackable/Desktop Switch
58 LAN Local Area Network on single Broadcast Domain
59 The command line provides the following views: ■ User view ■ System view ■ Ethernet Port view ■ VLAN view ■ VLAN interface view ■ Local-user view ■ User interface view ■ FTP client view ■ PIM view ■ RIP view ■ OSPF view ■ OSPF area view ■ Route policy view ■ Basic ACL view ■ Advanced ACL view ■ Layer-2 ACL view ■ RADIUS server group view ■ ISP domain view ■ BGP view ■ ISIS view Command Line View
60 āļāļēāļĢ Configuration āļœāđˆāļēāļ™ Console Port Run terminal emulator (such as Terminal on Windows 3X or the Hyper Terminal on Windows XP) on the PC. Set the terminal communication parameters as follows: Baud rate = 19200 Databit = 8 Parity check = none Stopbit = 1 Flow control = none Terminal type = VT100
61 āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āļ‚āļ­āļ‡āļŠāļ§āļīāļ•āļŠāđŒ
62 āļāļēāļĢāđāļšāđˆāļ‡āļĢāļ°āļ”āļąāļšāļŠāļīāļ—āļ˜āļīāļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āļ‚āļ­āļ‡āļŠāļ§āļīāļ•āļŠāđŒ ATTRIBUTE 3Com-User-Access-Level Access_mode Integer VALUE 3Com-User-Access-Level Visit 0 VALUE 3Com-User-Access-Level Monitor 1 VALUE 3Com-User-Access-Level Manager 2 VALUE 3Com-User-Access-Level Administrator 3 Visit level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļē network diagnosis (āđ€āļŠāđˆāļ™āļāļēāļĢ ping āđāļĨāļ° tracert), āđ€āļ›āļĨāļĩāđˆāļĒāļ™āļ āļēāļĐāļēāļšāļ™ user interface (language-mode) āđ„āļ”āđ‰ āđāļĨāļ°āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ telnet āļŠāđˆāļ§āļ™āļāļēāļĢ save configuration file āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđ„āļ”āđ‰ āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰ Monitoring level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ display āđ„āļ”āđ‰āđāļĨāļ°āļāļēāļĢāļ—āļēāļ„āļēāļŠāļąāđˆāļ‡ debugging āđ„āļ”āđ‰ āđ€āļžāļ·āđˆāļ­āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ—āļē system maintenance, service fault diagnosis āļŠāđˆāļ§āļ™āļāļēāļĢ save configuration file āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđ„āļ”āđ‰āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰ System level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ service configuration, āļĢāļ§āļĄāļ–āļķāļ‡āļāļēāļĢāđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē routing āđāļĨāļ°āļ„āļēāļŠāļąāđˆāļ‡āļŠāļēāļŦāļĢāļąāļšāđāļ•āđˆāļĨāļ° network layer āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ” network service āđƒāļŦāđ‰āļāļąāļšuser āđ„āļ”āđ‰ Management level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļ‚āļ­āļ‡ system āđāļĨāļ°āļāļēāļĢāļĢāļ­āļ‡āļĢāļąāļš module āļ‹āļķāđˆāļ‡āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰āļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢ āļˆāļąāļ”āļāļēāļĢ file system, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļœāđˆāļēāļ™ FTP, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļœāđˆāļēāļ™ TFTP, XModem downloading, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢ user āđāļĨāļ°āļāļēāļŦāļ™āļ”āļĢāļ°āļ”āļąāļš āđƒāļ™āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āļŠāļ§āļīāļ•āļŠāđŒ
63 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” User Interface Operation Command Enter a single User Interface View or multi User Interface Views user-interface [ type ] first-number [ last-number ] Configure the user interface-supported protocol protocol inbound { all | ssh | telnet } Configure the authentication method Configure no authentication authentication-mode { password | scheme } authentication-mode none Configure the local authentication password set authentication password { cipher | simple }password Set command level used after a user logs in service-type { ftp [ ftp-directory directory | lan- access | { ssh | telnet | terminal }* [ level level ] } Set command level used after a user logs in from a user interface user privilege level level Display the user application information of the user interface display users [ all ]
64 â€Ē<Sysname> system-view â€Ē[Sysname]user-interface vty 0 â€Ē[Sysname-ui-vty0] set authentication password simple xxxx (xxxx is the preset login password of the Telnet user) āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļī User āļœāđˆāļēāļ™ Telnet 1. āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđƒāļ™āļāļēāļĢTelnet āļ‚āļ­āļ‡ user āļœāđˆāļēāļ™ console port āļāđˆāļ­āļ™āļ—āļĩāđˆ userāļˆāļ° log in āļœāđˆāļēāļ™ Telnet. â€Ē āđ‚āļ”āļĒāļ„āđˆāļē default āļˆāļ°āļ•āđ‰āļ­āļ‡āļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ” password āđ€āļžāļ·āđˆāļ­āļ—āļĩāđˆāļˆāļ°āđƒāļŦāđ‰āļŠāļīāļ—āļ˜āļī user āđƒāļ™āļāļēāļĢ log in āļœāđˆāļēāļ™ Telnet āđ„āļ›āļĒāļąāļ‡ Switch āļ–āđ‰āļēāļĄāļĩ user logs in āļœāđˆāļēāļ™ Telnet āđ‚āļ”āļĒāđ„āļĄāđˆāļĄāļĩ password, āļˆāļ°āđ€āļŦāđ‡āļ™āļ‚āđ‰āļ­āļ„āļ§āļēāļĄāđāļŠāļ”āļ‡ Login password has not been set!.
65 āļāļēāļĢāļāļēāļŦāļ™āļ” username āđāļĨāļ° password āļˆāļ°āļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđ€āļĄāļ·āđˆāļ­ userāļĄāļĩāļāļēāļĢ logs in āļœāđˆāļēāļ™ VTY 0 user interface āđ‚āļ”āļĒāļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ” username āđāļĨāļ° password āđ€āļ›āđ‡āļ™ tset1 āđāļĨāļ° 3Com āļ•āļēāļĄāļĨāļēāļ”āļąāļš [Sysname-ui-vty1]authentication-mode scheme [Sysname-ui-vty1]quit [Sysname]local-user test1 [Sysname-luser-test1]password simple 3Com [Sysname-luser-test1]service-type telnet [Sysname-luser-test1]Level 3 3. āđ„āļĄāđˆāļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ”āļĢāļđāļ›āđāļšāļšāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļī [Sysname-ui –vty2] authentication-mode none āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāļ‚āļ­āļ‡āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āđāļĨāļ° username, password 2. āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđƒāļŦāđ‰ username āđāļĨāļ° password āļ—āļēāļāļēāļĢ remote āļŠāļ§āļīāļ•āļŠāđŒāļ‚āļ­āļ‡āđāļ•āđˆāļĨāļ° user interface āđ‚āļ”āļĒāđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļĢāļđāļ›āđāļšāļšāđ€āļ›āđ‡āļ™ authentication-mode scheme āļ‹āļķāđˆāļ‡āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āđ€āļ›āđ‡āļ™ local āļŦāļĢāļ·āļ­ remote āļœāđˆāļēāļ™ username āđāļĨāļ° password āļ—āļĩāđˆāļāļēāļŦāļ™āļ”āđ‚āļ”āļĒāļŠāļ™āļīāļ”āļ‚āļ­āļ‡āļŠāļīāļ—āļ˜āļīāļ—āļĩāđˆāđ€āļ‚āđ‰āļēāļĄāļēāđƒāļŠāđ‰āļ‡āļēāļ™āļˆāļ°āļ‚āļķāđ‰āļ™āļ­āļĒāļđāđˆāļāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ”āļ•āļēāļĄ āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡
66 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāđāļŠāļ”āļ‡āļœāļĨ â€Ē Display version â€Ē Display current-configuration â€Ē Display device â€Ē Display power â€Ē Display user-interface â€Ē Display cpu â€Ē Display memory â€Ē Display vlan â€Ē Display environment â€Ē Display interface
67 āļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡āļžāļ­āļĢāđŒāļ•
68 Operation Command Enter Ethernet Port View interface { interface_type interface_num | interface_name } Set IP address IP address ip-address ip-mask Set IP second address IP address ip-address ip-mask sub Disable an Ethernet port Shutdown Enable an Ethernet port Undo shutdown Set duplex attribute for Ethernet port Restore the default duplex attribute of Ethernet port. duplex { auto | full | half } undo duplex Set the Ethernet port speed Restore the default speed for the Ethernet port speed { 10 | 100 | 1000 | auto undo speed Set the type of the cable connected to an Ethernet port. mdi { across | auto | normal } Permit jumbo frame to pass through the Ethernet port jumboframe enable Enable Ethernet port flow control flow-control āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡āļžāļ­āļĢāđŒāļ•
69 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡āļžāļ­āļĢāđŒāļ• <Sysname> system view [Sysname] Interface GigabitEthernet1/0/1 [Sysname-GigabitEthernet1/0/1] speed auto [Sysname-GigabitEthernet1/0/1] duplex auto [Sysname-GigabitEthernet1/0/1] jumboframe enable [Sysname-GigabitEthernet1/0/1] mdi auto 192.168.1.1/24 Port 1/0/1
70 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Power over Ethernet (PoE)
71 PoE āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Power over Ethernet (PoE) āđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđƒāļŦāđ‰āļ­āļļāļ›āļāļĢāļ“āđŒ devices āļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļāļĢāļ°āđāļŠāđ„āļŸāļŸāđ‰āļēāļœāđˆāļēāļ™āļŠāļēāļĒ twisted pairs āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāļˆāđˆāļēāļĒāđ„āļŸāļˆāļēāļžāļ§āļ powered devices (PD) āđƒāļ™ network āđ‚āļ”āļĒ āļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ†āđ„āļ›āļžāļĢāđ‰āļ­āļĄāļāļąāļ™āļ”āđ‰āļ§āļĒ āļ›āļĢāļ°āđ‚āļĒāļŠāļ™āđŒāļ‚āļ­āļ‡ PoE ■ Reliability: āđ€āļ›āđ‡āļ™āđāļŦāļĨāđˆāļ‡āļˆāđˆāļēāļĒ power āļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļŦāļēāđ„āļ”āđ‰āļ‡āđˆāļēāļĒ āđ‚āļ”āļĒāļŠāļēāļĄāļēāļĢāļ–āļĢāļ§āļĄāļāļēāļĢāļˆāļąāļ”āļāļēāļĢāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ power āđ„āļ§āđ‰āļ—āļĩāđˆāđ€āļ”āļĩāļĒāļ§ āđāļĨāļ°āļĒāļąāļ‡āļĄāļĩāļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāļŠāļđāļ‡āļ­āļĩāļāļ”āđ‰āļ§āļĒ ■ Easy connection: āđ€āļžāļĩāļĒāļ‡āđāļ„āđˆāđ€āļ›āđ‡āļ™āļ­āļļāļ›āļāļĢāļ“āđŒNetwork āļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļš āđāļĨāļ°āļĄāļĩāļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļœāđˆāļēāļ™ Ethernet cable āđ‚āļ”āļĒāđ„āļĄāđˆ āļ•āđ‰āļ­āļ‡āļĄāļĩ power supply āļ”āđ‰āļēāļ™āļ™āļ­āļ ■ Standard: PoE āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļ•āļēāļĄāļĄāļēāļ•āļĢāļāļēāļ™ IEEE 802.3af āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļˆāđˆāļēāļĒ power āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļšāļĄāļēāļ•āļĢāļāļēāļ™ āđ„āļ”āđ‰āļŦāļĨāļēāļāļŦāļĨāļēāļĒāļŠāļ™āļīāļ” ■ Bright application prospect: PoE āļŠāļēāļĄāļēāļĢāļ–āļˆāđˆāļēāļĒ power āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļˆāļēāļžāļ§āļ IP phones, wireless access points (APs), chargers for portable devices, card readers, network cameras, āđāļĨāļ° data collection system.
72 āļŠāđˆāļ§āļ™āļ›āļĢāļ°āļāļ­āļšāļ‚āļ­āļ‡ PoE PoE āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ 3 āļŠāđˆāļ§āļ™: power sourcing equipment (PSE), PD, āđāļĨāļ° power interface (PI). ■ PSE: PSE āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ power āđāļĨāļ°module āļ‹āļķāđˆāļ‡āļˆāļ°āđƒāļŠāđ‰āđ€āļ›āđ‡āļ™āđ€āļ„āļĢāļ·āđˆāļ­āļ‡āļĄāļ·āļ­āđƒāļ™āļāļēāļĢāļ„āđ‰āļ™āļŦāļē PD, āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļēāļ‡ power āļ‚āļ­āļ‡ PD, PoE,āļ•āļĢāļ§āļˆāļŠāļ­āļšāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ power supply āđāļĨāļ°āļ—āļēāļāļēāļĢ power-off āļ­āļļāļ›āļāļĢāļ“āđŒ ■ PD: PD āļˆāļ°āļ„āļ­āļĒāļĢāļąāļš powerāļˆāļēāļ PSE āļ‹āļķāđˆāļ‡āļĄāļĩāļ—āļąāđ‰āļ‡ PDs āļ—āļĩāđˆāđ€āļ›āđ‡āļ™ standard PDs āđāļĨāļ° nonstandard PDsāđ‚āļ”āļĒ Standard PDs āļˆāļ°āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļĄāļēāļ•āļĢāļāļēāļ™ 802.3af āļ‹āļķāđˆāļ‡āļˆāļ°āļĄāļĩāļ­āļļāļ›āļāļĢāļ“āđŒāļŦāļĨāļēāļĒāļŠāļ™āļīāļ” āđ€āļŠāđˆāļ™ IP phones, Wireless APs, network cameras āđāļĨāļ°āļ­āļļāļ›āļāļĢāļ“āđŒāļ­āļ·āđˆāļ™āđ† ■ PI: PIs āļāđ‡āļ„āļ·āļ­āļŠāļēāļĒ RJ45 āļ—āļĩāđˆāđƒāļŠāđ‰āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļĢāļ°āļŦāļ§āđˆāļēāļ‡ PSE/PDs āļšāļ™network
73 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ PoE Operation Command Enable the PoE feature on a port poe enable Set the maximum output power on the port poe max-power max-power Set the PoE management mode for the switch poe power-management {auto | manual } Set the PoE priority of a port poe priority { critical | high | low } Set the PoE mode on the port to signal. poe mode signal Enable the PD compatibility detection function. poe legacy enable Configure a PD disconnection detection mode. poe disconnect { ac | dc } Enable PoE over-temperature protection on the switch. Poe temperature-protection enable
74 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ PoE Operation Command Upgrade the PSE processing software online. poe update { refresh | full } filename Upgrade the PSE processing software of the fabric switch online. update fabric { file-url | device-name file-url } Display the current PD disconnection detection mode of the switch display poe disconnect Display the PoE status of a specific port or all ports of the switch display poe interface [interface-type interface-number ] Display the PoE power information of a specific port or all ports of the switch display poe interface power [ interface-type interface-number ] Display the PSE parameters display poe powersupply Display the status (enabled/disabled) of the PoE over-temperature protection feature on the switch display poe temperature- protection
75 GigabitEthernet1/0/1 and GigabitEthernet1/0/2 are connected to IP telephones. GigabitEthernet1/0/5 and GigabitEthernet1/0/6 are connected to access point (AP) devices. The power priority of GigabitEthernet1/0/2 is critical. The power of the AP device connected to GigabitEthernet1/0/5 does not exceed 9,000 milliwatts āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē PoE
76 Configuration procedure 1.Enable PoE on GigabitEthernet1/0/1, GigabitEthernet1/0/2, GigabitEthernet1/0/5, and GigabitEthernet1/0/6. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] poe enable [Sysname-GigabitEthernet1/0/1]quit [Sysname] interface gigabitethernet 1/0/2 [Sysname-GigabitEthernet1/0/2] poe enable [Sysname-GigabitEthernet1/0/2]quit [Sysname] interface gigabitethernet 1/0/5 [Sysname-GigabitEthernet1/0/5] poe enable [Sysname-GigabitEthernet1/0/5]quit [Sysname] interface gigabitethernet 1/0/6 [Sysname-GigabitEthernet1/0/6] poe enable 2.Set the power priority level of GigabitEthernet1/0/2 to critical. <Sysname> system view [Sysname] interface gigabitethernet 1/0/2 [Sysname-GigabitEthernet1/0/2] poe priority critical 3.Set the maximum power of GigabitEthernet1/0/5 to 9,000 milliwatts. [Sysname] interface gigabitethernet 1/0/5 [Sysname-GigabitEthernet1/0/5] poe max-power 9000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē PoE
77 Vlan 2 Vlan 1 Vlan 1 Local Area Network on multiple Broadcast Domain
78 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs Port base
79 VLAN āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Virtual local area network (VLAN) āļ„āļ·āļ­āļāļēāļĢāļŠāļĢāđ‰āļēāļ‡ logical groups āļ‚āļ­āļ‡ LAN deviceāđ‚āļ”āļĒ āļ—āļēāļāļēāļĢāđāļšāđˆāļ‡āđ€āļ›āđ‡āļ™ virtual workgroups āļĄāļēāļ•āļĢāļāļēāļ™āļ‚āļ­āļ‡ VLANāļˆāļ°āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļ•āļēāļĄ IEEE 802.1Qāđ€āļĄāļ·āđˆāļ­āļ›āļĩ 1999 āļ‹āļĩāđˆāļ‡āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļ—āļĩāđˆāđ€āļžāļīāđˆāļĄāđ€āļ•āļīāļĄāļĄāļēāļ•āļĢāļāļēāļ™āļˆāļ™āđ€āļ›āđ‡āļ™ VLAN solutions. āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ VLAN technology āļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāđāļšāđˆāļ‡ physical LAN āđ„āļ›āđ€āļ›āđ‡āļ™ broadcast domains āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™ āļ‹āļķāđˆāļ‡āđāļ•āđˆāļĨāļ° VLAN āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ•āđ‰āļ§āļĒāļāļĨāļļāđˆāļĄāļ‚āļ­āļ‡ workstations āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ—āļĩāđˆ āđ€āļŦāļĄāļ·āļ­āļ™āļāļąāļ™āđ‚āļ”āļĒāđāļ•āđˆāļĨāļ° workstations āļ—āļĩāđˆāļ­āļĒāļđāđˆāļšāļ™ VLAN āļˆāļ°āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļ­āļĒāļđāđˆāļšāļ™ physical LAN āđ€āļ”āļĩāļĒāļ§āļāļąāļ™ āđ„āļ”āđ‰ āļ āļēāļĒāđƒāļ™ VLAN āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ broadcast āđāļĨāļ° unicast traffic āļ—āļĩāđˆāđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļ‚āđ‰āļēāļĄāđ„āļ›āļĒāļąāļ‡ VLANs āļ­āļ·āđˆāļ™āđ„āļ”āđ‰ āļ­āļĒāđˆāļēāļ‡āđ„āļĢāļāđ‡āļ•āļēāļĄāļāļēāļĢāļāļēāļŦāļ™āļ” VLANsāļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄ network traffic, āļŠāđˆāļ§āļĒāļ›āļĢāļ°āļŦāļĒāļąāļ”āļāļēāļĢāļĨāļ‡āļ—āļļāļ™ āđƒāļ™āļāļēāļĢāļ—āļĩāđˆāļ•āđ‰āļ­āļ‡āļ‹āļ·āđ‰āļ­āļ­āļļāļ›āļāļĢāļ“āđŒāļĄāļēāđāļšāđˆāļ‡ network, āļ‡āđˆāļēāļĒāļ•āđˆāļ­āļāļēāļĢāļˆāļąāļ”āļāļēāļĢ network āđāļĨāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāļ—āļē security āđ„āļ›āđƒāļ™ āļ•āļąāļ§āļ”āđ‰āļ§āļĒ
80 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs Operation Command Create a VLAN and enter the VLAN View Delete the specified VLAN vlan vlan_id undo vlan { vlan_id [ to vlan_id ] | all } Add Ethernet ports to a VLAN Remove Ethernet ports from a VLAN port interface_list undo port interface_list Display information about the VLAN interface display interface vlan-interface [ vlan_id ] Display information about the VLAN display vlan [ vlan_id | all | static | dynamic ] â€ĒNote that the default VLAN, namely VLAN 1, cannot be deleted. Specifying/Removing the VLAN Interface Use the following command to specify/remove the VLAN interface. To implement the network layer function on a VLAN interface, the VLAN interface must be configured with an IP address and a subnet mask. Create a new VLAN interface and enter VLAN Interface View interface vlan-interface vlan_id Assign IP address and Subnet mask to a interface VLAN IP address [ip_address] [subnet_mask]
81 Configuration Procedure 1. Create VLAN 2 and enter its view. [Sysname]vlan 2 2. Add Ethernet1/0/1 and Ethernet1/0/2 to VLAN2. [Sysname-vlan2]port ethernet1/0/1 to ethernet1/0/2 3. Create VLAN 3 and enter its view. [Sysname-vlan2]vlan 3 4. Add Ethernet1/0/3 and Ethernet1/0/4 to VLAN3. [Sysname-vlan3]port ethernet1/0/3 to ethernet1/0/4 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLAN
82 Reduntdant link to block loop network Vlan 2 Vlan 1 Vlan 1
83 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” STP āđāļĨāļ° MSTP
84 STP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Spanning Tree Protocol (STP) āļāļēāļŦāļ™āļ”āđ‚āļ”āļĒ IEEE 802.1D āđ€āļ›āđ‡āļ™āļāļēāļĢāļ›āļĢāļąāļšāđ€āļ›āļĨāļĩāđˆāļĒāļ™ loop network āđƒāļŦāđ‰āļ—āļēāļāļēāļĢ block āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđƒāļ”āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļŦāļ™āļķāđˆāļ‡āđ„āļ›āđ€āļ›āđ‡āļ™āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāđ€āļ›āđ‡āļ™redundant āļāļēāļĢāđƒāļŠāđ‰ STP āđ€āļ›āđ‡āļ™āļāļēāļĢ āļŦāļĨāļĩāļāđ€āļĨāļĩāđˆāļĒāļ‡āļāļēāļĢāļ‚āļĒāļēāļĒ āđāļĨāļ°āļāļēāļĢāļŠāđˆāļ‡ packet āļ§āļ™āļĢāļ­āļšāđāļšāļšāđ„āļĄāđˆāļĢāļđāđ‰āļˆāļšāđƒāļ™ loop network āđƒāļ™āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ STP āļ•āļąāļ§ āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļ—āļēāļāļēāļĢāđāļĨāļāđ€āļ›āļĨāļĩāđˆāļĒāļ™ packetsāļ—āļĩāđˆāđ€āļĢāļĩāļĒāļāļ§āđˆāļē Bridge Protocol Data UnitsāļŦāļĢāļ·āļ­ BPDU āļ‹āļķāđˆāļ‡āļˆāļ°āđ€āļ›āđ‡āļ™ āļ•āļąāļ§āļāļēāļŦāļ™āļ”āļĢāļ°āļšāļšāļ‚āļ­āļ‡ network āđ‚āļ”āļĒāļ•āļąāļ§ BPDU āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡āļŠāļ§āļīāļ•āļŠāđŒāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ„āļēāļ™āļ§āļ“āļāļēāļĢāļ—āļēāļ‡āļēāļ™ spanning tree āđ„āļ”āđ‰ āļāļēāļĢāļāļēāļŦāļ™āļ”āļ‚āļ­āļ‡ BPDU āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ† āļ”āļąāļ‡āļ™āļĩāđ‰ : ■ root ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ root priority āđāļĨāļ° MAC address ■ āļ„āđˆāļēāļ‚āļ­āļ‡āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļŠāļąāđ‰āļ™āļ—āļĩāđˆāļŠāļļāļ”āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ root ■ āļāļēāļĢāļĢāļ°āļšāļļ switch ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļāļēāļĢāļĢāļ°āļšāļļ switch priority āđāļĨāļ° MAC address ■ āļāļēāļĢāļĢāļ°āļšāļļ port ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ port priority āđāļĨāļ° port number ■ āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (MessageAge) ■ āđ€āļ§āļĨāļēāļŠāļđāļ‡āļŠāļļāļ”āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (MaxAge) ■ āļŠāđˆāļ§āļ‡āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (HelloTime) ■ āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļŠāđˆāļ‡āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļŦāļ™āđˆāļ§āļ‡āļ‚āļ­āļ‡ port (ForwardDelay)
85 5 āļŠāļ–āļēāļ™āļ°āđƒāļ™āļāļēāļĢāļ—āļē Spanning Tree Initialization Blocking Listening Learning Forwarding Disabled
86 (R) Root port (D) Designated port (B) Backup port LAN 1 LAN 2 LAN 3 LAN 4 (D) (D) (D) (D) Root Bridge Designated bridge for LANs 1, 2, and 4 Designated bridge for LAN 3 (R) (B) (R) â€Ē Bridges āđƒāļŠāđ‰ algorithm āđƒāļ™āļāļēāļĢāđ€āļĨāļ·āļ­āļāļ§āđˆāļēāļˆāļ°āđƒāļŦāđ‰ single bridge āđ€āļ›āļĨāļĩāđˆāļĒāļ™āđ€āļ›āđ‡āļ™ root bridge â€Ē Bridges āļˆāļ°āļ„āļēāļ™āļ§āļ“āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļ”āļĩāļ—āļĩāđˆāļŠāļļāļ”āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļ­āļļāļ›āļāļĢāļ“āđŒ āļ—āļąāđ‰āļ‡āļŦāļĄāļ”āđāļĨāļ° root bridge â€Ē Bridge āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļĨāļ·āļ­āļ designated bridge āđƒāļ™ āđāļ•āđˆāļĨāļ°āļ§āļ‡āđāļĨāļ™āđƒāļ™bridge āđ‚āļ”āļĒāļˆāļ°āđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļĄāļĩāļ„āđˆāļēāļ™āđ‰āļ­āļĒāļ—āļĩāđˆ āļ•āđˆāļ­āđ„āļ›āļĒāļąāļ‡ root bridge – āđ‚āļ”āļĒ port āļ—āļĩāđˆāļ•āđˆāļ­āđ„āļ›āļĒāļąāļ‡ designated bridge āļ‚āļ­āļ‡āđāļ•āļĨāļ°āļ§āđˆāļ‡āđāļĨāļ™āļˆāļ°āļ–āļđāļāđ€āļĨāļ·āļ­āļāđ€āļ›āđ‡āļ™designated port â€Ē Bridges āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļĨāļ·āļ­āļāļ§āđˆāļē ports āđƒāļ”āļšāđ‰āļēāļ‡āļ—āļĩāđˆāļˆāļ°āļ­āļĒāļđāđˆāđƒāļ™ STP topology āļšāđ‰āļēāļ‡ – āđ‚āļ”āļĒāļ”āļđāļˆāļēāļāļ‚āđ‰āļ­āļĄāļđāļĨ traffic āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āļˆāļēāļ ports āđāļĨāđ‰āļ§āļ–āļķāļ‡āļˆāļ°āđ€āļĨāļ·āļ­āļāļ§āđˆāļēāļˆāļ°āđ€āļ›āđ‡āļ™ STP topology āļŦāļĢāļ·āļ­āđ„āļĄāđˆ āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ STP Root , Designated Bridges āđāļĨāļ° Ports
87 MSTP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Implements the Multiple Spanning Tree Protocol (MSTP) āļāļēāļŦāļ™āļ”āđ‚āļ”āļĒ IEEE 802.1s āļ‹āļķāđˆāļ‡ MSTP āđ€āļ›āđ‡āļ™āļāļēāļĢāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļŠāļēāļĄāļēāļĢāļ–āđƒāļ™āļāļēāļĢāļ—āļēāļ‡āļēāļ™ STP āđāļĨāļ°āļ„āļĨāļ­āļšāļ„āļĨāļļāļĄāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ—āļąāđ‰āļ‡ STP āđāļĨāļ° RSTP āļ—āļĩāđˆāļāļēāļŦāļ™āļ”āļ•āļēāļĄāļĄāļēāļ•āļĢāļāļēāļ™ IEEE 802.1w āđ‚āļ”āļĒāļŠāļ§āļīāļ•āļŠāđŒāļ—āļĩāđˆāļ—āļē MSTP āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļ­āļ‡āļĢāļąāļšāļ—āļąāđ‰āļ‡ STP āđāļĨāļ° RSTP packets āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļ™āļēāļ—āļąāđ‰āļ‡āļŦāļĄāļ”āļĄāļēāļ„āļēāļ™āļ§āļ“āđāļšāļš spanning tree āđ‚āļ”āļĒāļžāļ·āđ‰āļ™āļāļēāļ™āļāļēāļĢāļ—āļē MSTP functions āļ•āļąāļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļžāļīāđˆāļĄāļāļēāļĢāļĢāļ­āļ‡āļĢāļąāļš MSTP features āļ‹āļķāđˆāļ‡āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļžāļīāđˆāļĄ root bridge hold, secondary root bridge, root protection āđāļĨāļ° BPDU protection āđƒāļ™āļŠāđˆāļ§āļ™āļ™āļĩāđ‰āļˆāļ°āļĄāļēāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļŠāļēāļĄāļēāļĢāļ–āļ‚āļ­āļ‡ STP āļ—āļĩāđˆāđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļē āđƒāļŦāđ‰ network āļ—āļĩāđˆāļĄāļĩāļ„āļ§āļēāļĄāļĢāļ§āļ”āđ€āļĢāđ‡āļ§āļĄāļĩāđ€āļŠāļ–āļĩāļĒāļĢāļ āļēāļžāđ„āļ”āđ‰ āļ—āļąāđ‰āļ‡āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āđāļšāļšpoint-to-point āļŦāļĢāļ·āļ­āđāļšāļšedge port āđ‚āļ”āļĒ MSTP āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āđ€āļžāļīāđˆāļĄāļŠāđˆāļ§āļ‡āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļŠāđˆāļ‡packet āđāļšāļšāļ—āļ§āļĩāļ„āļđāļ“āļāđˆāļ­āļ™āļ—āļĩāđˆāļˆāļ°āļ—āļēāđƒāļŦāđ‰ network āļĄāļĩāļ›āļąāļāļŦāļēāļ‹āļķāđˆāļ‡āļŠāļēāļĄāļēāļĢāļ–āļ—āļēāđ„āļ”āđ‰āļ­āļĒāđˆāļēāļ‡ āļĢāļ§āļ”āđ€āļĢāđ‡āļ§āđāļĨāļ°āļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļŠāđˆāļ‡āļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡ VLANs āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āđƒāļ™āđāļ•āđˆāļĨāļ°āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ”āļąāļ‡āļ™āļąāđ‰āļ™āļāļēāļĢāļ—āļē MSTPāļˆāļķāļ‡āđ€āļ›āđ‡āļ™āļĢāļđāļ›āđāļšāļšāļ—āļĩāđˆāļ”āļĩāļ‚āļ­āļ‡āļāļĨāđ„āļāļāļēāļĢāļ—āļē load-balance mechanism āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ—āļē redundant links
88 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡ MSTP
89 Operation Command Enable MSTP on a device. stp enable Disable MSTP on a device. stp disable Enable MSTP on a port. stp interface interface-list enable | disable Setup MSTP mode configuration STP mode [MSTP | STP ] Show the configuration information about the current port and the switch. display stp instance instance-id [ interface interface-list ] [ brief ] Clear the MSTP statistics information. reset stp [ interface interface-list ] Enable/Disable MSTP (packet receiving/transmitting, event, error) debugging on the port. [ undo ] debugging stp [ interface interface-list ] { packet | event } āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” STP
90 1.Configuration on Switch A a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
91 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch A as the root bridge of MST instance 1. [3Com] stp instance 1 root primary d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
92 2.Configuration on Switch B a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch B as the root bridge of MST instance 3. [3Com] stp instance 3 root primary āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
93 d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
94 3.Configuration on Switch C a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch C as the root bridge of MST instance 4. [3Com] stp instance 4 root primary āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
95 d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
96 4.Configuration on Switch D a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
97 c.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
98 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan 1
99 Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2
100 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™
101 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™ Operation Command Configure the port as an access port port link-type access Configure the port as a hybrid port port link-type hybrid Configure the port as a trunk port port link-type trunk Restore the default link type, that is, access port undo port link-type Add the current trunk port to specified VLANs Remove the current trunk port from specified VLANs port trunk permit vlan { vlan_id_list | all } undo port trunk permit vlan { vlan_id_list | all } Add the current hybrid port to specified VLANs port hybrid vlan vlan_id_list { tagged | untagged } āļāļēāļĢāļāļēāļŦāļ™āļ” Link Type āļŠāļēāļŦāļĢāļąāļš Ethernet Port āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ Ethernet port āļŠāļēāļĄāļēāļĢāļ–āđāļšāđˆāļ‡āđ„āļ”āđ‰āđ€āļ›āđ‡āļ™ 4 āđāļšāļš link types āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āļ„āļ·āļ­ access, hybrid, trunk āđāļĨāļ° stack āđ‚āļ”āļĒ access port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡ VLAN āđ€āļžāļĩāļĒāļ‡ VLAN āđ€āļ”āļĩāļĒāļ§āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļšāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āļŠāđˆāļ§āļ™ trunk port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāđ„āļ”āđ‰āļĄāļēāļāļāļ§āđˆāļēāļŦāļ™āļķāđˆāļ‡ VLAN āđāļĨāļ°āļĢāļąāļšāļŠāđˆāļ‡ packetsāđ„āļ”āđ‰āļŦāļĨāļēāļĒāđ† VLANs āļžāļĢāđ‰āļ­āļĄāļāļąāļ™ āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™ āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļŠāļ§āļīāļ•āļ‹āđŒ āļŠāđˆāļ§āļ™ hybrid port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāđ„āļ”āđ‰āļĄāļēāļāļāļ§āđˆāļēāļŦāļ™āļķāđˆāļ‡ VLAN āđāļĨāļ°āļĢāļąāļšāļŠāđˆāļ‡ packetsāđ„āļ”āđ‰āļŦāļĨāļēāļĒāđ† VLANs āļžāļĢāđ‰āļ­āļĄāļāļąāļ™ āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļŠāļ§āļīāļ•āļ‹āđŒ āđāļĨāļ°āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļšāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāļ”āđ‰āļ§āļĒ āļ‚āđ‰āļ­āđāļ•āļāļ•āđˆāļēāļ‡āļĢāļ°āļŦāļ§āđˆāļēāļ‡ hybrid port āđāļĨāļ° trunk port āļ„āļ·āļ­ hybrid port āļŠāļēāļĄāļēāļĢāļ–āļĒāļ­āļĄāđƒāļŦāđ‰āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āļˆāļēāļāļŦāļĨāļēāļĒāđ† VLANs āđ‚āļ”āļĒāļŠāđˆāļ‡āđāļšāļšāđ„āļĄāđˆāđƒāļŠāđˆ tags āđ„āļ›āļ”āđ‰āļ§āļĒāļžāļĢāđ‰āļ­āļĄāđ†āļāļąāļ™āđāļ•āđˆ trunk port āļĒāļ­āļĄāđƒāļŦāđ‰āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āļˆāļēāļ default VLAN āđ‚āļ”āļĒāļŠāđˆāļ‡āđāļšāļšāđ„āļĄāđˆāđƒāļŠāđˆ tags āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™
102 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™ Router VLAN 101 VLAN 102 ISP Switch A VLAN 100 VLAN 100 VLAN 101 VLAN 102 Switch B Trunk ports Carries VLAN 100, 101, and 102 traffic
103 Configuration Procedure Switch A: 1. Enter the GigabitEthernet interface view: [Sysname] interface Gigabit3/1/23 2. Configure the port as a trunk port [Sysname] port link-type trunk 3. Add the current trunk port to specified VLANs [Sysname] port trunk permit vlan all Switch B: 1. Enter the GigabitEthernet interface view: [Sysname] interface Gigabit3/1/23 2. Configure the port as a trunk port [Sysname] port link-type trunk 3. Add the current trunk port to specified VLANs [Sysname] port trunk permit vlan all āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™
104 Hybrid-Port-Based VLAN ■ āļāļēāļĢāļāļēāļŦāļ™āļ” Trunk port āđƒāļŦāđ‰āđ„āļ›āđ€āļ›āđ‡āļ™Hybrid port (āļŦāļĢāļ·āļ­āđƒāļ™āļ—āļēāļ‡āļāļĨāļąāļšāļāļąāļ™) āļˆāļ°āļ•āđ‰āļ­āļ‡āļ„āļēāļŠāļąāđˆāļ‡ Access port āđ€āļ›āđ‡āļ™āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđ€āļŠāđˆāļ™ Trunk port āļˆāļ°āļ•āđ‰āļ­āļ‡āļāļēāļŦāļ™āļ”āđ„āļ›āđ€āļ›āđ‡āļ™ Access port āļāđˆāļ­āļ™ āđāļĨāđ‰āļ§āļ„āđˆāļ­āļĒāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ Hybrid port ■ āļ”āļąāļ‡āļ™āļąāđ‰āļ™āļˆāļ°āļ•āđ‰āļ­āļ‡āđāļ™āđˆāđƒāļˆāļ§āđˆāļēāļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āļ­āļĒāļđāđˆāļāđˆāļ­āļ™āđāļĨāđ‰āļ§ āļ–āļķāļ‡āļˆāļ°āļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ Hybrid port. ■ āđ‚āļ”āļĒ default VLAN IDs āļ‚āļ­āļ‡Hybrid ports āļˆāļ°āļ­āļĒāļđāđˆāļšāļ™ local āđāļĨāļ°āļˆāļ°āļ•āđ‰āļ­āļ‡āļ­āļĒāļđāđˆāļšāļ™āļ­āļļāļ›āļāļĢāļ“āđŒāļ•āļąāļ§ āđ€āļ”āļĩāļĒāļ§āļāļąāļ™āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āđ„āļĄāđˆāđ€āļŠāđˆāļ™āļ™āļąāđ‰āļ™āļˆāļ°āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āđ„āļ”āđ‰
105 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđāļšāļš Hybrid â€Ē Hybrid port āļˆāļ°āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļŦāļ™āļķāđˆāļ‡āļ‚āļ­āļ‡āļŦāļĨāļēāļĒāđ† VLANs āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āđ„āļ”āđ‰āđƒāļ™ Ethernet port view āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ Operation Command Configure the port link type as Hybrid. port link-type hybrid Allow the specified VLANs to pass through the current Hybrid port. port hybrid vlan vlan-id-list { tagged | untagged } Configure the default VLAN of the Hybrid port. port hybrid pvid vlan vlan-id Display the hybrid or trunk Ports. display port { hybrid | trunk }
106 Vlan 1 Vlan 2 Vlan 1 Vlan 2 Vlan 1 Vlan trunk 1,2
107 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Link Aggregation
108 â€Ē āļŠāļĢāļļāļ›āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ LACP IEEE802.3ad-based Link Aggregation control protocol (LACP) āļˆāļ°āđƒāļŠāđ‰āļāļēāļĢāđāļĨāļāđ€āļ›āļĨāļĩāđˆāļĒāļ™ āļ‚āđ‰āļ­āļĄāļđāļĨāļœāđˆāļēāļ™ LACP data unit (LACPADU)āđ€āļžāļ·āđˆāļ­āļ•āļĢāļ§āļˆāļŠāļ­āļšāļ§āđˆāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđƒāļ”āđ€āļ›āđ‡āļ™ link aggregation āļ‹āļķāđˆāļ‡āđ€āļĄāļ·āđˆāļ­āļĄāļĩāļāļēāļĢ enable LACP āļŠāļ§āļīāļŠāļŠāđŒāļˆāļ°āļĄāļĩāļāļēāļĢāđāļˆāđ‰āļ‡āđ„āļ›āļ—āļĩāđˆ port āđ‚āļ”āļĒāļāļēāļĢāļŠāđˆāļ‡ LACPDU āđ„āļ›āļ•āļĢāļ§āļˆāļŠāļ­āļšāļ„āđˆāļēāļ‚āļ­āļ‡ system priority, system MAC, port priority, port number āđāļĨāļ° operation key āđāļĨāđ‰āļ§āļ™āļēāļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™ āđ€āļžāļ·āđˆāļ­āļ„āļēāļ™āļ§āļ“āļ§āđˆāļē ports āđ„āļŦāļ™āđ€āļ›āđ‡āļ™ aggregated āļšāđ‰āļēāļ‡ āđāļĨāđ‰āļ§āļˆāļķāļ‡āļˆāļ°āđ„āļ›āļĢāļ°āļšāļļāļ§āđˆāļēāđ€āļ›āđ‡āļ™ dynamic aggregation group āđ„āļŦāļ™āļ•āļēāļĄāļĨāļēāļ”āļąāļš â€Ē āļāļēāļĢāļ—āļē Link aggregation āļŦāļĄāļēāļĒāļ–āļķāļ‡āļāļēāļĢāļĢāļ§āļĄāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ ports āđ€āļ‚āđ‰āļēāļ”āđ‰āļ§āļĒāļāļąāļ™āļ•āļēāļĄāļˆāļēāļ™āļ§āļ™āļ‚āļ­āļ‡ ports āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļĢāļąāļš/āļŠāđˆāļ‡ āļ‚āđ‰āļ­āļĄāļđāļĨāļāļąāļ™āđ€āļžāļ·āđˆāļ­āļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļžāļĢāđ‰āļ­āļĄāļāļąāļ™āđāļĨāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļ™āđˆāļēāđ€āļŠāļ·āđˆāļ­āļ–āļ·āļ­āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™ āļ‹āļķāđˆāļ‡āļāļēāļĢāļ—āļē Link aggregation āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļāļēāļĢāļ—āļēāđāļšāļš manual aggregation, dynamic LACP aggregation, āđāļĨāļ° static LACP aggregation āđƒāļ™āļĢāļđāļ›āđāļšāļšāļ‚āļ­āļ‡ load sharing āļāļēāļĢāļ—āļē link aggregation āļšāļēāļ‡āļ„āļĢāļąāđ‰āļ‡āļˆāļ°āđ€āļ›āđ‡āļ™āđāļšāļš load sharing aggregation āđāļĨāļ° non-load sharing aggregation āļ āļēāļžāļĢāļ§āļĄ LACP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
109 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation Operation Command Enable LACP at the port Disable LACP at the port lacp enable Undo lacp enable Create an aggregation group Disable an aggregation group link-aggregation group agg-id mode { manual | static } Undo link-aggregation group agg-id Configure port priority Restore the default port priority lacp port-priority port_priority_value undo lacp port-priority Disable an Ethernet port Shutdown You cannot enable LACP at a â€Ē stack port â€Ē mirrored port â€Ē port with a static MAC address configured â€Ē port with static ARP configured â€Ē port with 802.1x enabled â€Ē port in a manual aggregation group
110 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation 1. Manual link aggregation a. Create manual aggregation group 1. [Sysname] link-aggregation group 1 mode manual b. Add Ethernet ports Ethernet1/0/1 to Ethernet1/0/3 into aggregation group 1. [Sysname] interface ethernet1/0/1 [Sysname-Ethernet1/0/1] port link-aggregation group 1 [Sysname-Ethernet1/0/1] interface ethernet1/0/2 [Sysname-Ethernet1/0/2] port link-aggregation group 1 [Sysname-Ethernet1/0/2] interface ethernet1/0/3 [Sysname-Ethernet1/0/3] port link-aggregation group 1
111 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation 2. Static LACP aggregation a. Create static LACP aggregation group 1. [Sysname]link-aggregation group 1 mode static b. Add Ethernet ports Ethernet1/0/1 to Ethernet1/0/3 into aggregation group 1. [Sysname]interface ethernet1/0/1 [Sysname-Ethernet1/0/1]port link-aggregation group 1 [Sysname-Ethernet1/0/1]interface ethernet1/0/2 [Sysname-Ethernet1/0/2]port link-aggregation group 1 [Sysname-Ethernet1/0/2]interface ethernet1/0/3 [Sysname-Ethernet1/0/3]port link-aggregation group 1 3. Dynamic LACP aggregation a.Enable LACP at Ethernet ports Ethernet1/0/1 to Ethernet1/0/3. [Sysname]interface ethernet1/0/1 [Sysname-Ethernet1/0/1]lacp enable [Sysname-Ethernet1/0/1]interface ethernet1/0/2 [Sysname-Ethernet1/0/2]lacp enable [Sysname-Ethernet1/0/2]interface ethernet1/0/3 [Sysname-Ethernet1/0/3]lacp enable
112 Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2 Vlan 4Vlan 3 Vlan trunk 1,2
113 āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ IP ROUTING PROTOCOL
114 IP Routing Protocol āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Routers āļŠāļēāļĄāļēāļĢāļ–āļĢāļ°āļšāļļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ‚āđ‰āļēāļĄ network āđƒāļŦāđ‰āļŠāđˆāļ‡ IP packet āđ„āļ›āļ–āļķāļ‡āļˆāļļāļ”āļŦāļĄāļēāļĒāļ›āļĨāļēāļĒāļ—āļēāļ‡āđ„āļ”āđ‰ āđ‚āļ”āļĒāđāļ•āđˆāļĨāļ° āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ‚āļ­āļ‡ router āļ—āļĩāđˆāļĢāļąāļš packet āđāļĨāļ°āļŠāđˆāļ‡āđ„āļ›āļĒāļąāļ‡ router āļ•āļąāļ§āļ•āđˆāļ­āđ„āļ› āļ‹āļķāđˆāļ‡ router āļ•āļąāļ§āļŠāļļāļ”āļ—āđ‰āļēāļĒāļˆāļ°āļŠāđˆāļ‡ packet āđ„āļ› āļāļĨāļąāļšāđ„āļ›āļĒāļąāļ‡ host āļ›āļĨāļēāļĒāļ—āļēāļ‡
115 āļāļēāļĢāđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļœāđˆāļēāļ™ Routing Table āļāļēāļĢāđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļœāđˆāļēāļ™ Routing table āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ†āļ”āļąāļ‡āļ™āļĩāđ‰ ■ Destination address āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļdestination IP address āļŦāļĢāļ·āļ­ destination network āļ‚āļ­āļ‡ IP packet āđ‚āļ”āļĒāļĄāļĩāļ‚āļ™āļēāļ”āļ„āļ§āļēāļĄāļĒāļēāļ§ 32 bits ■ Network mask āđ€āļ›āđ‡āļ™āļ•āļąāļ§āđ€āļĨāļ‚āļĄāļĩāļ„āļ§āļēāļĄāļĒāļēāļ§ 32 āļšāļīāļ• āđāļšāđˆāļ‡āļ­āļ­āļāđ€āļ›āđ‡āļ™āļŠāļĩāđˆāļŠāļļāļ”āđ€āļŠāđˆāļ™āđ€āļ”āļĩāļĒāļ§āļāļąāļš ip āđāļ•āđˆāļ„āđˆāļēāļ‚āļ­āļ‡ subnet mask āļˆāļ° āļ‚āļķāđ‰āļ™āļ­āļĒāļđāđˆāļāļąāļšāļ„āļ§āļēāļĄāļ•āđ‰āļ­āļ‡āļāļēāļĢāđƒāļ™āļāļēāļĢāđāļšāđˆāļ‡ subnet āļ§āđˆāļēāļ•āđ‰āļ­āļ‡āļāļēāļĢāļˆāļēāļ™āļ§āļ™ subnet āđ€āļ—āđˆāļēāđƒāļ”āđāļĨāļ°āļĄāļĩāļˆāļēāļ™āļ§āļ™āđ‚āļŪāļŠāđ€āļ—āđˆāļēāđƒāļ” āļŦāļēāļāļ™āļē subnet mask āļĄāļēāđ€āļ‚āļĩāļĒāļ™āđ€āļ›āđ‡āļ™āđ€āļĨāļ‚āļāļēāļ™āļŠāļ­āļ‡ āļˆāļ°āļĄāļĩāļĨāļąāļāļĐāļ“āļ°āļžāļīāđ€āļĻāļĐāļ„āļ·āļ­ āļ‚āļķāđ‰āļ™āļ•āđ‰āļ™āļ”āđ‰āļ§āļĒāđ€āļĨāļ‚ 1 āļĄāļĩāļˆāļēāļ™āļ§āļ™āļāļĩāđˆāļ•āļąāļ§āļāđ‡āđ„āļ”āđ‰ āļ•āļēāļĄāđāļ•āđˆāļ„āļ§āļēāļĄāļ•āđ‰āļ­āļ‡āļāļēāļĢāđƒāļ™āļāļēāļĢāđāļšāđˆāļ‡ subnet āđāļĨāļ°āļ•āļēāđāļŦāļ™āđˆāļ‡āļ—āļĩāđˆāđ€āļŦāļĨāļ·āļ­āļˆāļ°āļĄāļĩāļ„āđˆāļēāđ€āļ›āđ‡āļ™ 0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđ€āļŠāđˆāļ™ āļ–āđ‰āļēāļĄāļĩ destination address āđ€āļ›āđ‡āļ™129.102.8.10 āļˆāļ°āļĄāļĩ address āļ‚āļ­āļ‡ network āļ—āļĩāđˆāļˆāļ°āđāļšāđˆāļ‡ host āļŦāļĢāļ·āļ­ router āļ—āļĩāđˆāđƒāļŠāđ‰ maskāđ€āļ›āđ‡āļ™ 255.255.0.0 āļāđ‡āļˆāļ°āļĢāļ°āļšāļļāđ„āļ”āđ‰āđ€āļ›āđ‡āļ™ 129.102.0.0. ■Output interface āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļ interface āļ—āļĩāđˆāđƒāļŠāđ‰āđƒāļ™āļāļēāļĢāļŠāđˆāļ‡IP packet ■Next hop address āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļ router āļ•āļąāļ§āļ–āļąāļ”āđ„āļ›āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļŠāđˆāļ‡āļœāđˆāļēāļ™ IP packet ■āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļ‚āļ­āļ‡ IPāđƒāļ™ routing table āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ„āđ‰āļ™āļŦāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡ āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļāļŠāļ™āļīāļ”āļ‚āļ­āļ‡āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļāļēāļŦāļ™āļ” āļ‹āļķāđˆāļ‡ āļšāļēāļ‡āļ—āļĩāļ­āļēāļˆāļĄāļĩāļŦāļĨāļēāļĒāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđ‚āļ”āļĒāļĄāļēāļˆāļēāļ next hops āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āđ„āļ›āļĒāļąāļ‡āļˆāļļāļ”āļŦāļĄāļēāļĒāļ›āļĨāļēāļĒāļ—āļēāļ‡āđ€āļ”āļĩāļĒāļ§āļāļąāļ™ āđƒāļ™āļāļēāļĢāļ„āđ‰āļ™āļŦāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ™āļĩāđ‰āļŠāļēāļĄāļēāļĢāļ– āļ•āļĢāļ§āļˆāļŠāļ­āļšāđ„āļ”āđ‰āļˆāļēāļrouting protocols āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™ āļŦāļĢāļ·āļ­āļŠāļēāļĄāļēāļĢāļ–āļĢāļ°āļšāļļāđ€āļ›āđ‡āļ™ static routes āļ—āļĩāđˆāđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđāļšāļš manual āđ‚āļ”āļĒāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļĄāļĩāļ„āđˆāļēāļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļĄāļēāļāļˆāļ°āļ–āļđāļāđ€āļĨāļ·āļ­āļāđƒāļŦāđ‰āđ€āļ›āđ‡āļ™āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāđƒāļŠāđ‰āļ‡āļēāļ™
116 The Routing Table
117 Configuration Procedure 1. If the VLAN does not currently exist, then create it. This example uses VLAN ID 3. [Sysname]vlan 3 [Sysname-vlan3]quit 2. Enter the VLAN interface view: [Sysname]interface vlan-interface 3 3. Provide the IP address and subnet mask: [Sysname-Vlan-interface3]ip address 192.168.1.5 255.255.255.0 [Sysname-Vlan-interface3]quit āļāļēāļĢāļāļēāļŦāļ™āļ” IP Address āļšāļ™ VLAN interface āđ€āļžāļ·āđˆāļ­ route āļ‚āđ‰āļēāļĄ VLAN
118 Operation Command Add a static route ip route-static ip_address { mask | mask_length } { interface_type interface_number | gateway_address } [ preference value ] [ reject | blackhole ] Delete a static route undo ip route-static ip_address { mask | mask_length } [ interface_type interface_number | gateway_address ] [ preference value ] [ reject | blackhole ] Delete all static routes delete static-routes all āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Static Route āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Default Route Operation Command Configure a default route ip route-static 0.0.0.0 { 0.0.0.0 | 0 } { interface_type interface_number | gateway_address } [ preference value ] [ reject | blackhole ] Delete a default route undo ip route-static 0.0.0.0 { 0.0.0.0 | 0 } [ interface_type interface_number | gateway_address ] [ preference value ] [ reject | blackhole ]
119 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ Displaying āđāļĨāļ° Debugging Static Routes
120 Configuration procedure 1. Configure the static route for Ethernet Switch A [Switch A]ip route-static 1.1.3.0 255.255.255.0 1.1.2.2 [Switch A]ip route-static 1.1.4.0 255.255.255.0 1.1.2.2 [Switch A]ip route-static 1.1.5.0 255.255.255.0 1.1.2.2 2. Configure the static route for Ethernet Switch B [Switch B]ip route-static 1.1.2.0 255.255.255.0 1.1.3.1 [Switch B]ip route-static 1.1.5.0 255.255.255.0 1.1.3.1 [Switch B]ip route-static 1.1.1.0 255.255.255.0 1.1.3.1 3. Configure the static route for Ethernet Switch C [Switch C]ip route-static 1.1.1.0 255.255.255.0 1.1.2.1 [Switch C]ip route-static 1.1.4.0 255.255.255.0 1.1.3.2 4. Configure the default gateway of the Host A to be 1.1.5.2 5. Configure the default gateway of the Host B to be 1.1.4.1 6. Configure the default gateway of the Host C to be 1.1.1.2 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Typical Static Route
121 Enabling RIP and Entering the RIP View Operation Command Enable RIP and enter RIP view Disable RIP RIP undo rip Enable RIP on the specified network Disable RIP on the specified network network network_address undo network network_address Configure unicast RIP message Cancel unicast RIP message peer ip_address undo peer ip_address Specify the interface version as RIP-1 or 2 Restore the default RIP version running on the interface rip version 1|2 undo rip ver Enable the interface to run RIP rip work Enable the interface to receive RIP update packets rip input Enable the interface to send RIP update packets rip output â€ĒNote that peer should be restricted using the following commands: rip work, rip output, rip input and network. And rip2 default multicast address 224.0.0.9
122 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđƒāļ™āļāļēāļĢāļ—āļē RIP
123 1. Configure RIP on Switch A [Switch A] rip [Switch A-rip]network 110.11.2.0 [Switch A-rip]network 155.10.1.0 2. Configure RIP on Switch B [Switch B] rip [Switch B-rip]network 196.38.165.0 [Switch B-rip]network 110.11.2.0 3. Configure RIP on Switch C [Switch C] rip [Switch C-rip]network 117.102.0.0 [Switch C-rip]network 110.11.2.0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē RIP
124 āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” DHCP
125 DHCP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Dynamic Host Configuration Protocol (DHCP) āđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ” IP address āđāļšāļš dynamic āļ—āļĩāđˆāļ—āļēāļ‡āļēāļ™āđƒāļ™āđāļšāļš Client-Server mode āļŠāļēāļŦāļĢāļąāļš protocol āļ™āļĩāđ‰āđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ DHCP Client āļˆāļ°āļĄāļĩāļāļēāļĢāļĢāđ‰āļ­āļ‡āļ‚āļ­āļ‚āđ‰āļ­āļĄāļđāļĨ āđāļšāļš dynamic āđ„āļ›āđāļĨāļ°DHCP server āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āļ‚āđ‰āļ­āļĄāļđāļĨāđƒāļŦāđ‰āļāļąāļš Client āļ­āļĩāļāļ„āļĢāļąāđ‰āļ‡āļŦāļ™āļķāđˆāļ‡ DHCP relay āļ—āļēāļŦāļ™āđ‰āļēāļ—āļĩāđˆāđ€āļŠāļĄāļ·āļ­āļ™āļĢāļēāļ‡āļ™āđ‰āļēāļ—āļĩāđˆāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļĢāļ°āļŦāļ§āđˆāļēāļ‡ DHCP Client āđāļĨāļ°server āļ—āļĩāđˆāļ­āļĒāļđāđˆ āļ•āđˆāļēāļ‡ subnets āļāļąāļ™āđ‚āļ”āļĒ DHCP āļˆāļ°āļŠāđˆāļ‡packets āļĢāļĩāđ€āļĨāļĒāđŒāļˆāļēāļāļ•āđ‰āļ™āļ—āļēāļ‡āđ„āļ›āļĒāļąāļ‡āļ›āļĨāļēāļĒāļ—āļēāļ‡āļ—āļĩāđˆāđ€āļ›āđ‡āļ™ DHCP server āļŦāļĢāļ·āļ­ Client āđ‚āļ”āļĒāļŠāļēāļĄāļēāļĢāļ–āļ‚āđ‰āļēāļĄ Network āđ„āļ”āđ‰ āļ•āļąāļ§ DHCP client āļ—āļĩāđˆāļ­āļĒāļđāđˆāļ•āđˆāļēāļ‡ Network āļāļąāļ™ āļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰ DHCP server āļ•āļąāļ§āđ€āļ”āļĩāļĒāļ§āļāļąāļ™āđ„āļ”āđ‰ āļ‹āļķāđˆāļ‡āļˆāļ°āļŠāđˆāļ§āļĒāđƒāļŦāđ‰āđ€āļāļīāļ”āļāļēāļĢāļ›āļĢāļ°āļŦāļĒāļąāļ” āļŠāļ°āļ”āļ§āļ āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļˆāļēāļāļˆāļļāļ”āļĻāļđāļ™āļĒāđŒāļāļĨāļēāļ‡
126 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡ DHCP Server āđāļĨāļ° DHCP Relay DHCP Server DHCP Relay
127 â€Ē UDP Helper is required to support the forwarding of BootP/DHCP/DNS requests across a routed network VLAN1 10.x.x.x L3 VLAN2 20.x.x.x VLAN3 30.x.x.x DHCP Server (IP address=20.1.1.1) (Multiple DHCP scopes) BootP / DHCP / DNS Clients (IP address=? ) IP UDP BootP request IP Bcast: 255.255.255.255 1 Layer 3 Switch UDP Helper: 20.1.1.1 2 3 4 DHCP/UDP Helper
128 Operation Command Configure IP address for DHCP server Delete all DHCP server IP addresses dhcp-server groupNo ip ipaddress1 [ ipaddress2 ] undo dhcp-server groupNo Configure DHCP server group corresponding to VLAN interfaces Delete DHCP server group dhcp-server groupNo undo dhcp-server Configure user address entry for DHCP server group Delete the user address entry in the DHCP server group dhcp-security static ip_address mac_address undo dhcp-security { ip_address | all | dynamic | static } Enable DHCP security feature on VLAN interface Disable DHCP security feature on VLAN interface address-check enable address-check disable Display configuration information of DHCP server group display dhcp-server groupNo Display configuration information about the DHCP Server group corresponding to the VLAN interface display dhcp-server interface vlan- interface vlan_id āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” DHCP & DHCP Relay
129 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢ Debugging DHCP Operation Command Display address allocation information of DHCP client display dhcp client [ verbose ] Enable/disable DHCP client debugging [ undo ] debugging dhcp client { all | error | event | packet } Enable/disable DHCP Client hot backup debugging [ undo ] debugging dhcp xrn xha Enable/disable DHCP relay debugging [ undo ] debugging dhcp-relay
130 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” DHCP Relay Configuration Procedure 1.Create a DHCP server group that will use two DHCP servers (a master and an optional backup) and assign it the IP addresses of the two DHCP servers (the first IP address is the master). [Sysname]dhcp-server 0 ip 192.168.1.1 192.168.2.12 Configure the Switch so all clients use DHCP server group '0'. [Sysname]interface vlan-interface 1 [Sysname-Vlan-interface1] dhcp-server 0 [Sysname-Vlan-interface1] quit [Sysname] interface vlan-interface 10 [Sysname-Vlan-interface10] dhcp-server 0 [Sysname-Vlan-interface10] quit
131 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL Control
132 ACL Overview The Access Control List (ACL) āđ€āļ›āđ‡āļ™āļāļēāļĢāđāļĒāļāļ›āļĢāļ°āđ€āļ āļ—āļ‚āļ­āļ‡ data packets āđ‚āļ”āļĒāļĢāļ°āļšāļļāđƒāļŦāđ‰āļ•āļĢāļ‡āļāļąāļš rules āļ—āļĩāđˆāļĄāļĩāļāļēāļĢ āļāļēāļŦāļ™āļ” source address, destination address āđāļĨāļ° port number āļ•āļąāļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļš data packets āļ§āđˆāļēāļ•āļĢāļ‡āļāļąāļš rules āđƒāļ™ ACLāļŦāļĢāļ·āļ­āđ„āļĄāđˆ āđāļĨāļ°āļˆāļķāļ‡āļĄāļēāđ€āļĨāļ·āļ­āļāļāļēāļĢāļŠāđˆāļ‡ āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļŦāļĢāļ·āļ­āļāļēāļĢāđ„āļĄāđˆāļŠāđˆāļ‡ packet āđƒāļ™āļāļēāļĢāļĢāļ°āļšāļļāđƒāļŦāđ‰āļ•āļĢāļ‡āļāļąāļš rules āļ‚āļ­āļ‡ network devices āļ—āļĩāđˆāļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļš packets āļ™āļąāđ‰āļ™āļŦāļĨāļąāļ‡āļˆāļēāļāļ•āļĢāļ§āļˆāļŠāļ­āļšāđāļĨāđ‰āļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĒāļ­āļĄāļĢāļąāļšāļŦāļĢāļ·āļ­āđ„āļĄāđˆ āļĒāļ­āļĄāļĢāļąāļšāđƒāļŦāđ‰āļĄāļĩāļŠāđˆāļ‡āļœāđˆāļēāļ™āļ™āļąāđ‰āļ™āļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļšāļœāđˆāļēāļ™āļĢāļđāļ›āđāļšāļšāļ‚āļ­āļ‡ policy āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ ACL āļˆāļ°āđƒāļŠāđ‰āđ€āļ„āļĢāļ·āđˆāļ­āļ‡āļĄāļ·āļ­āđƒāļ™āļāļēāļĢāļ•āļĢāļ§āļˆāļŠāļ­āļšāļ•āļēāļĄāļĢāļđāļ›āđāļšāļš āļ™āļĩāđ‰ āļ‹āļĩāđˆāļ‡ data packet āļ—āļĩāđˆāļ•āļĢāļ‡āļāļąāļš rulesāļ–āļķāļ‡āļˆāļ°āđ„āļ›āļ•āļĢāļ§āļˆāļŠāļ­āļšāļāļąāļš ACLāđ„āļ”āđ‰ āļŠāđˆāļ§āļ™āļ–āđ‰āļēāļĄāļĩāļāļēāļĢāđƒāļŠāđ‰āđƒāļ™āļĢāļđāļ›āđāļšāļšāļ­āļ·āđˆāļ™āļˆāļ°āđ€āļ›āđ‡āļ™āđƒāļ™āļŠāđˆāļ§āļ™ traffic classification āđ€āļŠāđˆāļ™āļāļēāļĢāļ—āļē traffic classification āļ‚āļ­āļ‡ QoS.
133 â€Ē āļŠāļēāļŦāļĢāļąāļš basic ACL statementsāļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļˆāļēāļ source address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™ āļ–āđ‰āļē wildcards āļ•āļĢāļ‡āļāļąāļ™ āļ–āļķāļ‡āļˆāļ°āļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āđƒāļ™āļĨāļēāļ”āļąāļšāļ•āđˆāļ­āđ„āļ› â€Ē āļŠāļēāļŦāļĢāļąāļš ACL based āđƒāļ™āļāļēāļĢāļ—āļē interface filter āļˆāļ°āļ—āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ rule āļ—āļĩāđˆāļˆāļ°āļāļēāļŦāļ™āļ”āđƒāļ™āļŠāđˆāļ§āļ™āļ—āđ‰āļēāļĒāļ‚āļ­āļ‡āļĢāļēāļĒāļāļēāļĢ āļ‚āļ“āļ°āļ—āļĩāđˆ āđƒāļ™āļŠāđˆāļ§āļ™āļ­āļ·āđˆāļ™āļāđ‡āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļ•āļēāļĄāļĨāļēāļ”āļąāļš â€Ē āļŠāļēāļŦāļĢāļąāļš advanced ACL āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļˆāļēāļ source address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāđ€āļ›āđ‡āļ™āļ­āļąāļ™āļ”āļąāļšāđāļĢāļ āļ‹āļķāđˆāļ‡āļ–āđ‰āļē āļ•āļĢāļ‡āļāļąāļ™āļˆāļ°āđ„āļ›āļžāļīāļˆāļēāļĢāļ“āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ destination address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļ­āļĩāļāļ„āļĢāļąāđ‰āļ‡ āļŠāļēāļŦāļĢāļąāļš destination address wildcards āļ—āļĩāđˆāļ•āļĢāļ‡āļāļąāļ™āļāđ‡āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ ranges of port numbers āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™āđƒāļ™āļĢāļēāļĒāļāļēāļĢāļ‹āļķāđˆāļ‡ āļ–āđ‰āļē port numbers āļ•āļĢāļ‡āļāļąāļ™āđƒāļ™ range āļāđ‡āļˆāļ°āļĄāļĩāļāļēāļĢāļžāļīāļˆāļēāļĢāļ“āļēāļ•āļĢāļ§āļˆāļŠāļ­āļšāļ•āđˆāļ­āđ„āļ› The specific 3Com ACL
134 With L2 ACL configuration, during the time range from 8:00 to 18:00 everyday the switch filters the packets with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303 (configuring at the port GigabitEthernet2/1/1 to the switch.) MAC 00e0-fc01-0303 MAC 00e0-fc01-0101 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” L2 ACL
135 1. Define the time range from 8:00 to 18:00. [Sysname]time-range 3com 8:00 to 18:00 daily 2. Define the traffic with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303.Create a name-based L2 ACL “4000" and enter it. [Sysname]acl number 4000 Define ACL rule for the traffic with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303. [Sysname-acl-link-traffic-of-link]rule 1 deny source 00e0-fc01-0101 0-0-0 destination 00e0-fc01-0303 0-0-0 time-range 3com 3. Activate the ACL "traffic-of-host". [Sysname-GigabitEthernet2/1/1]packet-filter inbound link-group 4000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” L2 ACL
136 1. Define the time range from 8:00 to 18:00. [Sysname]time-range 3com 8:00 to 18:00 working-day 2. Define inbound traffic to the wage server. Create a name-based advanced ACL "traffic-of-payserver" and enter it. [Sysname]acl number 3000 Define ACL rule for other departments. [Sysname-acl-adv-traffic-of-payserver]rule 1 deny ip source any destination 129.110.1.2 0.0.0.0 time-range 3com Define an ACL rule for CEO's office. [Sysname-acl-adv-traffic-of-payserver]rule 2 permit ip source 129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0 3. Activate the ACL "traffic-of-payserver". [Sysname-GigabitEthernet2/1/1]packet-filter inbound ip- group 3000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” advanced ACL
137 āļŠāļ§āļīāļ•āļŠāđŒāļĢāļ­āļ‡āļĢāļąāļšāļĢāļđāļ›āđāļšāļšāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āđˆāļē āđ„āļ”āđ‰ 3 āļĢāļđāļ›āđāļšāļšāļ„āļ·āļ­ SNMP (Simple Network Management Protocol) access, Telnet access āđāļĨāļ° HTTP (Hypertext Transfer Protocol) access āļŠāđˆāļ§āļ™āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄāļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāļˆāļ°āđāļšāđˆāļ‡āđ€āļ›āđ‡āļ™ 2 levels: Connection request control āļˆāļ°āđ€āļ›āđ‡āļ™levelāđāļĢāļ āđƒāļ™āļāļēāļĢāļ„āļ§āļĄāļ„āļļāļĄāđāļĨāļ°āļāļēāļĢāļāļēāļŦāļ™āļ” ACL configuration āđ€āļžāļ·āđˆāļ­āđƒāļŦāđ‰āđāļ™āđˆāđƒāļˆāļ§āđˆāļē users āļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āđ€āļ‚āđ‰āļēāļĄāļēāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļ•āļŠāđŒāđ„āļ”āđ‰ āļŠāđˆāļ§āļ™āļāļēāļĢāļ—āļē Password authentication āļˆāļ°āđ€āļ›āđ‡āļ™level āļ—āļĩāđˆ 2 āđāļĨāļ°āđƒāļŠāđ‰āđ€āļ‰āļžāļēāļ°āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āļ‹āļķāđˆāļ‡āļ–āđ‰āļēāđ€āļ›āđ‡āļ™ passwordsāļ—āļĩāđˆāļ–āļđāļāļ•āđ‰āļ­āļ‡āļāđ‡āļˆāļ°āļŠāļēāļĄāļēāļĢāļ– log on āđ€āļ‚āđ‰āļēāđ„āļ›āļāļēāļŦāļ™āļ”āļŠāļ§āļīāļ•āļŠāđŒāđ„āļ”āđ‰ ACL Control switch support
138 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš Telnet Users Operation Command Enter basic ACL (System View) acl number acl_number match-order { config | auto } Define a sub-rule (Basic ACL View) Delete a sub-rule (Basic ACL View) rule [ rule-id ] { permit | deny } [ source { source_addr wildcard | any } | fragment | logging | time-range name ]* undo rule rule_id [ source | fragment | logging | time- range ]* Delete an ACL or all ACLs (System View) undo acl { number acl_number | all } Enter user interface view (System View) user-interface [ type ] first_number [ last_number ] Import the ACL (User Interface View) acl acl_number { inbound | outbound } Currently only number-based ACLs can be imported, with the number ranging from 2000 to 3999.
139 Only the Telnet users from 10.110.100.52 and 10.110.100.46 can access the Switch. Configuration Procedure 1. Define a basic ACL. [Sysname]acl number 2000 match-order config [Sysname-acl-basic-2000]rule 1 permit source 10.110.100.52 0 [Sysname-acl-basic-2000]rule 2 permit source 10.110.100.46 0 [Sysname-acl-basic-2000]quit 2. Import the ACL. [Sysname]user-interface vty 0 4 [Sysname-ui-vty0-4]acl 2000 inbound āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢ Telnet
140 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš SNMP Users Operation Command Import the defined ACL into the commands with SNMP community configured snmp-agent community { read | write } community_name [ [ mib-view view_name ] | [ acl acl_number ] ]* Import the defined ACL into the commands with SNMP group name configured snmp-agent group { v1 | v2c } group_name [ read-view read_view ] [ write-view write_view ] [ notify-view notify_view ] [ acl acl-number ] snmp-agent group v3 group_name [ authentication | privacy ] [ read-view read_view ] [ write-view write_view ] [ notify-view notify_view ] [ acl acl_number ] Import the defined ACL into the commands with SNMP username configured snmp-agent usm-user { v1 | v2c } user_name group_name [ acl acl_number ] snmp-agent usm-user v3 user_name group_name [ authentication-mode { md5 | sha } auth_password ] [ privacy-mode des56 priv_password ] [ acl acl_number ] â€Ē SNMP community is one of the features of SNMP v1 and SNMP v2, so you import the ACL into the commands with SNMP community configured, for the SNMP V1 and SNMP V2. â€Ē SNMP username or group name is one of the features of SNMP V2 and above, therefore you import the ACL into the commands with SNMP username or group name configured, for the SNMP V2 and above. If you import the ACL into both features, the Switch will filter both features for the users.
141 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš SNMP Users Only SNMP server from 10.110.100.52 can access the Switch. Configuration Procedure 1. Define a basic ACL. [Sysname]acl number 2000 match-order config [Sysname-acl-baisc-2000]rule 1 permit source 10.110.100.52 0 [Sysname-acl-baisc-2000]quit 2. Import the ACL. [Sysname]snmp-agent community read 3Com acl 2000 [Sysname]snmp-agent group v2c 3Comgroup acl 2000 [Sysname]snmp-agent usm-user v2c 3Comuser 3Comgroup acl 2000 snmp_server 10.110.100.52
142 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL Control āļ‚āļ­āļ‡ HTTP Users â€ĒāļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāļ—āļē remote management āļœāđˆāļēāļ™ Web interface āđ‚āļ”āļĒ users āļŠāļēāļĄāļēāļĢāļ–āđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ āļœāđˆāļēāļ™ HTTP āļ‹āļķāđˆāļ‡āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ” ACL āļĄāļēāļŠāđˆāļ§āļĒāđƒāļ™āļāļēāļĢāļāļĢāļ­āļ‡ users āđāļĨāļ°āļ›āđ‰āļ­āļ‡āļāļąāļ™āļāļēāļĢāđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ āļŦāļĨāļąāļ‡āļˆāļēāļ āļāļēāļŦāļ™āļ”āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄ users āļœāđˆāļēāļ™ ACL āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļāļēāļŦāļ™āļ”āđƒāļŦāđ‰āļĄāļĩāļāļēāļĢāđƒāļŠāđ‰ Web user āđāļ„āđˆāļ„āļĢāļąāđ‰āļ‡āđ€āļ”āļĩāļĒāļ§āđƒāļ™āļāļēāļĢāđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ Operation Command Call an ACL to control the WEB NM users. ip http acl acl_number Cancel the ACL control function. undo ip http acl
143 Only permit Web NM user from 10.110.100.46 access Switch. Configuration Procedure 1. Define the basic ACL. [Sysname]acl number 2030 match-order config [Sysname-acl-basic-2030]rule 1 permit source 10.110.100.46 0 [Sysname-acl-basic-2030]quit 2. Call the basic ACL. [Sysname]ip http acl 2030 10.110.100.46 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” ACL Control āļ‚āļ­āļ‡ HTTP Users
144 Cluster Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2 Vlan 4Vlan 3 Vlan trunk 1,2
145 āļāļēāļĢāļāļēāļŦāļ™āļ” Cluster management
146 Stacking and clustering are industry terms that are often used interchangeably but which technically are distinct. Here is how 3Com defines these terms: Stacking is a technology allowing multiple discrete units to be grouped together with the broad benefits of simplified administration, scalable and economical growth, and high resiliency for the collection of units in the stack. Clustering is a simplified variation of stacking which focuses on the benefit of simplified administration. As with stacking, there is grouping of discrete units, but as compared with true stacking, there are fewer capabilities that extend across units. As a result, there are limited scalability and resiliency benefits. About Stacking and Clustering
147 Clustering and Stacking with 3Com Products 3Com Clustering 3Com Traditional Stacking 3Com XRN Stacking Devices 4210, 4200G, 4500,.4500G, 5500,5500G 4400, 5500-SI, 4500, 3870 5500-EI, 5500G-EI Dedicated bandwidth No Yes Yes Layer 2 Yes Yes Yes Layer 3 No No Yes Stack/Cluster Resiliency No Yes Yes Mix of families Yes No No One mgmt point of contact Yes Yes Yes Single IP Yes Yes Yes Link Aggregation across units No Yes Yes
148 Configuration Procedure 1. Configure the management device. Enable the cluster function. [3Com] cluster enable Enter cluster view. [3Com] cluster [3Com-cluster] Configure an IP address pool for the cluster. The IP address pool contains six IP addresses, starting from 172.16.0.1. [3Com-cluster] ip-pool 172.16.0.1 255.255.255.248 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” Cluster management
149 Specify a name for the cluster and create the cluster. [3Com-cluster] build aaa [aaa_0.3Com-cluster] Configure the holdtime of the member device information to be 100 seconds. [aaa_0.3Com-cluster] holdtime 100 Configure the interval to send handshake packets to be 10 seconds. [aaa_0.3Com-cluster] timer 10 2. Configure the member devices Enable the cluster function. [3Com] cluster enable Upon the completion of the above configurations, you c cluster switch-to { member-num | mac-address H-H-H } command on the management device to switch to member device view to maintain and manage a member device. You can then execute the cluster switch-to administrator command to resume the management device view. āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” Cluster management
150 āļāļēāļĢāļˆāļąāļ”āļāļēāļĢ FILE SYSTEM
151 Operation Command Display the information about directoriesor files dir [ / all ] [ file-url ] Copy a file copy fileurl-source fileurl-dest Delete a file from the recycle bin permanently reset recycle-bin file-url Delete a file Undelete a file delete [ /unreserved ] file-url undelete file-url Format the storage device format filesystem Display the saved-configuration information of the Switch display saved-configuration Display the current-configuration information of the Switch display current-configuration [ controller | interface interface-type [ interface-number ] | configuration [ configuration ] ] [ | { begin | exclude | include } regular-expression ] Save the current-configuration save [ file-name | safely ] Erase configuration files from Flash Memory reset saved-configuration Move a file move fileurl-source fileurl-dest āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ File Operation
152 FTP Overview FTP āđ€āļ›āđ‡āļ™āļ§āļīāļ˜āļĩāđƒāļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļšāļ™ Internet āđāļĨāļ° IP network āļ‹āļķāđˆāļ‡āļāđˆāļ­āļ™āļ—āļĩāđˆāļˆāļ°āļĄāļĩāļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™ World Wide Web (WWW) āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļ—āļēāđ„āļ”āđ‰āđƒāļ™ command line mode āđāļĨāļ° FTP āļāđ‡āđ€āļ›āđ‡āļ™āļ§āļīāļ˜āļĩāļāļēāļĢāļ—āļĩāđˆāļ™āļīāļĒāļĄāđƒāļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāđƒāļ™āļ‚āļ“āļ°āļ™āļąāđ‰āļ™ āļˆāļ™āļāļĢāļ°āļ—āļąāđˆāļ‡āļ›āļąāļˆāļˆāļļāļšāļąāļ™āļˆāļ°āđ€āļ›āļĨāļĩāļĒāļ™āđ€āļ›āđ‡āļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļœāđˆāļēāļ™ email āđāļĨāļ° Web āđāļ—āļ™ āļŠāļ§āļīāļ•āļŠāđŒāļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļē FTP services āđ„āļ”āđ‰: - FTP server: āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļ™āđ‚āļ›āļĢāđāļāļĢāļĄ FTP client āđƒāļ™āļāļēāļĢlog in āđ„āļ›āļ—āļĩāđˆ server āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒ āđ„āļ”āđ‰ - FTP client: āļŦāļĨāļąāļ‡āļˆāļēāļāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļš serverāļœāđˆāļēāļ™āļāļēāļĢāļĢāļąāļ™āđ‚āļ›āļĢāđāļāļĢāļĄ terminal emulator āļŦāļĢāļ·āļ­ Telnet āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāđ‚āļ”āļĒāđƒāļŠāđ‰ FTP command. ftp protocol
153 Operation Command Enable the FTP server Disable the FTP server ftp server enable undo ftp server Create new local user and enter local User View (System View) local-user username Delete local user (System View) undo local-user [ username | all [ service-type ftp ] ] Configure password for local user (Local User View) password [ cipher | simple ] password Configure service type for local user (Local User View) service-type ftp ftp-directory directory Configure FTP server connection timeouts ftp timeout minute By default, the FTP server connection timeout is 30 minutes. Display FTP server Display the connected FTP users. display ftp-server display ftp-user āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server
154 āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server FTP Server Configuration Example â€ĒThe Switch serves as FTP server and the remote PC as FTP client. The configuration on FTP server: Configure a FTP user named as Switch, with password hello and with read and write authority over the flash root directory on the PC. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 1.1.1.2. The Switch and PC are reachable. â€ĒThe Switch application switch.app is stored on the PC. Using FTP, the PC can upload the switch.app from the remote FTP server and download the config.cfg from the FTP server for backup purpose. ftp client 1.1.1.2 ftp server 1.1.1.1
155 1. Configure the Switch Log into the Switch (locally through the Console port or remotely using Telnet). <Sysname> 2. Start FTP function and set username, password and file directory. [Sysname]ftp server enable [Sysname]local-user switch [Sysname-luser-switch]service-type ftp ftp-directory flash: [Sysname-luser-switch]password simple hello 3. Run FTP client on the PC and establish FTP connection. Upload the switch.app to the Switch under the Flash directory and download the config.cfg from the Switch. FTP client is not shipped with the Switch, so you need to buy it separately. 4. When the uploading is completed, initiate the file upgrade on the Switch. <Sysname> Use the boot boot-loader command to specify the downloaded program as the application at the next login and reboot the Switch. <Sysname> boot boot-loader switch.app <Sysname> reboot āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server
156 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Client â€Ē on the PC. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 1.1.1.2. The Switch and PC are reachable. â€Ē The Switch application switch.app is stored on the PC. Using FTP, the Switch can downloadthe switch.app from the remote FTP server and upload the config.cfg to the FTP server under the Switch directory for backup purpose. Configuration Procedure 1. Configure the FTP server parameters on the PC: a user named as Switch, password hello, read and write authority over the Switch directory on the PC. 2. Configure the Switch Log into the Switch (locally through the Console port or remotely using Telnet). <Sysname> <Sysname> ftp 2.2.2.2 Trying ... Press CTRL+K to abort Connected. 220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user User(none):switch 331 Give me your password, please Password:***** 230 Logged in successfully [ftp]
157 3. Type in the authorized directory of the FTP server. [ftp]cd switch 4. Use the put command to upload the config.cfg to the FTP server. [ftp]put config.cfg 5. Use the get command to download the switch.app from the FTP server to the flash directory on the FTP server. [ftp]get switch.app 6. Use the quit command to release FTP connection and return to User View. [ftp]quit <Sysname> 7. Use the boot boot-loader command to specify the downloaded program as the application at the next login and reboot the Switch. <Sysname> boot boot-loader switch.app <Sysname> reboot āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Client
158 TFTP Client Configuration Example â€ĒThe Switch serves as TFTP client and the remote PC as TFTP server. Authorized TFTP directory is set on the TFTP server. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 2.2.2.2. The interface on the Switch connecting the PC belong to the same VLAN. Run TFTP server IP 1.1.1.2 â€ĒThe Switch application switch.app is stored on the PC. Using TFTP, the Switch can download the switch.app from the remote TFTP server and upload the config.cfg to the TFTP server under the Switch directory for backup purpose. IP 1.1.1.1 āļāļēāļĢ Download Files āđ‚āļ”āļĒāđƒāļŠāđ‰ TFTP
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]
3 com stackable_desktop switchtechsept120908[1]

Empfohlen

Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...
Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...
Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...Edureka!
 
Short term-rental-presentation final-1
Short term-rental-presentation final-1Short term-rental-presentation final-1
Short term-rental-presentation final-1Brendan O'Connor
 
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresasmarcesil
 
Huawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mappingHuawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mappingIPMAX s.r.l.
 
How to Configure QinQ?
How to Configure QinQ?How to Configure QinQ?
How to Configure QinQ?Huanetwork
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme NetworksDani Royman Simanjuntak
 
Vlan
Vlan Vlan
Vlan sanss40
 
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°tuplschool
 

Empfohlen

Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...
Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...
Salesforce Interview Questions And Answers | Salesforce Tutorial | Salesforce...Edureka!
 
Short term-rental-presentation final-1
Short term-rental-presentation final-1Short term-rental-presentation final-1
Short term-rental-presentation final-1Brendan O'Connor
 
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresas
3 Com Novas SoluçOes Para Grandes MÃĐDias E Pequenas Empresasmarcesil
 
Huawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mappingHuawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mappingIPMAX s.r.l.
 
How to Configure QinQ?
How to Configure QinQ?How to Configure QinQ?
How to Configure QinQ?Huanetwork
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme NetworksDani Royman Simanjuntak
 
Vlan
Vlan Vlan
Vlan sanss40
 
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°
āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āđ€āļ‰āļžāļēāļ°tuplschool
 
Basic_Networking.pdf
Basic_Networking.pdfBasic_Networking.pdf
Basic_Networking.pdfssuser917a06
 
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢāđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢāļ™āļēāļĒāļ“āļąāļāļ™āļ™āļ—āđŒ āļĨāļģāļŠāļĄāļļāļ—āļĢ
 
1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdf1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdfPawachMetharattanara
 
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒekkachai kaikaew
 
Network System
Network SystemNetwork System
Network SystemNattawut Pornonsung
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒARAM Narapol
 
Arista
AristaArista
Aristajetsadasinsiritakuln
 
Siemens molded case circuit breakers
Siemens molded case circuit breakersSiemens molded case circuit breakers
Siemens molded case circuit breakersSomhathai Ch.
 
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405Te Mu Su
 
Example-Net.pdf
Example-Net.pdfExample-Net.pdf
Example-Net.pdfssuser7453d3
 
Solution Case Study.ppt
Solution Case Study.pptSolution Case Study.ppt
Solution Case Study.pptPawachMetharattanara
 
Man et mini spi can1
Man et mini spi can1Man et mini spi can1
Man et mini spi can1billsprouse
 
Ngn
NgnNgn
Ngncaptsupphanuth
 
Ngn
NgnNgn
Ngncaptsupphanuth
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtotāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtotnoii pinyo
 
Wiimax
WiimaxWiimax
Wiimaxāļ­āļļāļŽāļēāļĢ āļ§āļīāļĢāļīāļĒāļ°āļˆāļļāļ‘āļē
 
Wiimax
WiimaxWiimax
Wiimaxāļ­āļļāļŽāļēāļĢ āļ§āļīāļĢāļīāļĒāļ°āļˆāļļāļ‘āļē
 
Wiimax
WiimaxWiimax
Wiimaxāļ­āļļāļŽāļēāļĢ āļ§āļīāļĢāļīāļĒāļ°āļˆāļļāļ‘āļē
 
Ethernet
EthernetEthernet
Ethernetkokkoy222
 
Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)takcapol
 

Weitere ÃĪhnliche Inhalte

Ähnlich wie 3 com stackable_desktop switchtechsept120908[1]

Basic_Networking.pdf
Basic_Networking.pdfBasic_Networking.pdf
Basic_Networking.pdfssuser917a06
 
1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdf1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdfPawachMetharattanara
 
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒekkachai kaikaew
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒARAM Narapol
 
Siemens molded case circuit breakers
Siemens molded case circuit breakersSiemens molded case circuit breakers
Siemens molded case circuit breakersSomhathai Ch.
 
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405Te Mu Su
 
Example-Net.pdf
Example-Net.pdfExample-Net.pdf
Example-Net.pdfssuser7453d3
 
Man et mini spi can1
Man et mini spi can1Man et mini spi can1
Man et mini spi can1billsprouse
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtotāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtotnoii pinyo
 
Ethernet
EthernetEthernet
Ethernetkokkoy222
 
Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)takcapol
 

Ähnlich wie 3 com stackable_desktop switchtechsept120908[1] (20)

Basic_Networking.pdf
Basic_Networking.pdfBasic_Networking.pdf
Basic_Networking.pdf
 
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢāđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
āđ€āļ—āļ„āđ‚āļ™āđ‚āļĨāļĒāļĩ Sigfox āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
 
1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdf1. ________________ Surveillance Solution.pdf
1. ________________ Surveillance Solution.pdf
 
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
āļŦāļ™āđˆāļ§āļĒāļ—āļĩāđˆ 2 āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļŠāļ·āđˆāļ­āļŠāļēāļĢāļ‚āđ‰āļ­āļĄāļđāļĨāļšāļ™āđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ
 
Network System
Network SystemNetwork System
Network System
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒ
 
Arista
AristaArista
Arista
 
Siemens molded case circuit breakers
Siemens molded case circuit breakersSiemens molded case circuit breakers
Siemens molded case circuit breakers
 
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
āļŠāļēāļĒāļ„āļđāđˆāļšāļīāļ”āđ€āļāļĨāļĩāļĒāļ§(āļŠāļļāļ āļ§āļąāļ’āļ“āđŒ+āļ āļđāļšāļ”āļĩ) 405
 
Example-Net.pdf
Example-Net.pdfExample-Net.pdf
Example-Net.pdf
 
Solution Case Study.ppt
Solution Case Study.pptSolution Case Study.ppt
Solution Case Study.ppt
 
Man et mini spi can1
Man et mini spi can1Man et mini spi can1
Man et mini spi can1
 
Ngn
NgnNgn
Ngn
 
Ngn
NgnNgn
Ngn
 
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtotāļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
āļĢāļ°āļšāļšāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒtot
 
Wiimax
WiimaxWiimax
Wiimax
 
Wiimax
WiimaxWiimax
Wiimax
 
Wiimax
WiimaxWiimax
Wiimax
 
Ethernet
EthernetEthernet
Ethernet
 
Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)Week 1 2-wimax_(g6)
Week 1 2-wimax_(g6)
 

3 com stackable_desktop switchtechsept120908[1]

  • 3. 3 3 3Com LAN Switching Portfolio Solutions for Business’s of all Sizes Features,Functions,Scalability Core & Distribution Switching Modular “High-End” Switch 8800 Modular “Mid-Range” Switch 7750 Distribution & Workgroup Switching 10/100/1000 10/100 Switch 5500G Switch 4500G Switch 4200G Switch 5500 Switch 4500 Switch 4210 Switch 4800G Switch 7900
  • 4. 44 Entry Level Gigabit Switch > Basic QoS > Traffic Management & Security features > Static Routing 3Com Switch 5500G Mid-range Gigabit Edge Switch > Basic Layer 3 Routing > All models support up to four10-Gigabit uplinks Premium Stackable > Advanced Layer 3 Routing > Multilayer QoS for Convergence Networking > Granular Traffic Management & Holistic Security > Disaster Protection with XRN 3Com Stackable/Desktop Switch Access Connectivity for Medium-Small Enterprises 3Com Switch 5500-EI Premium L3 Stackable > Advanced Layer 3 Routing > Multilayer QoS for Convergence Networking > Granular Traffic Management & Holistic Security > SI is upgradeable to advanced L3 and security Mid-range Stackable > Multilayer QoS and PoE for Convergence Networking > Basic Layer 3 Routing Entry Level L2 > Layer 2 Switching > Basic QoS > Traffic Management & Security features 3Com Switch 4210/ 3Com Switch 4200 10/100/1000 10/100 3Com Switch 4500G 3Com Switch 4500 3Com Switch 4200G 3Com Switch 4800G
  • 6. 6 Switch 4210 â€Ē Switch 4210 9-Port (3CR17331-91) – 8 10/100 port plus 1 dual-personality (1000Base-T or SFP)Gigabit ports â€Ē Switch 4210 18-Port (3CR17332-91) – 16 10/100 port plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 26-Port (3CR17333-91) – 24 10/100 port plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 9-Port (3CR17341-91) – 8 10/100 port PWR plus 1 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 18-Port (3CR17342-91) – 16 10/100 port PWR plus 2 dual-personality (1000Base-T or SFP) Gigabit ports â€Ē Switch 4210 PWR 26-Port (3CR17343-91) – 24 10/100 port PWR plus 2 dual-personality (1000Base-T or SFP) Gigabit ports
  • 7. 7 Switch 4210 â€Ē Layer 2 switching â€Ē Clustered stacking of up to 32 devices for simplified wiring closet administration â€Ē Centrally manage via SNMP, CLI or web â€Ē For enterprise branch and small workgroup deployments â€Ē Power over Ethernet for voice and wireless-ready networking â€Ē 3Com’s lifetime warranty including PSU and fans â€Ē Advanced Hardware Replacement with next business day shipment in most regions -Rack-mount 26-port -Small form factor units 9-port and 18 ports in both PoE and non-PoE variants **Can mixed clusters of Switch 4210, 4200G, 4500G, 5500 and 5500G devices
  • 8. 8 Family-Level Comparison Chart The 3Com Switch 4210 is a next-generation Switch 4200. Here are key comparisons: New Switch 4210 Switch 4200 A-SKUs Port Configuration PoE Versions : 9-Port -- 8 10/100 + 1 combo 10/100/1000 or SFP) 18-Port -- 16 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 combo 10/100/1000 or SFP) Non-PoE Versions : 9-Port -- 8 10/100 + 1 combo 10/100/1000 or SFP) 18-Port -- 16 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 combo 10/100/1000 or SFP) 26-Port -- 24 10/100 + 2 fixed 10/100/1000) 28-Port -- 24 10/100 + 2 fixed 10/100/1000 + 2 SFP) 50-Port – 48 10/100 + 2 fixed 10/100/1000) These do not support PoE. Performance 9-Port : 3.6Gbps / 2.7Mbps 18-Port : 5.2Gbps / 3.9Mbps 26-Port : 8.8Gbps / 6.6Mbps 26-Port: 8.8Gbps / 6.6Mbps 28-Port: 12.8Gbps / 9.5Mbps 50-Port: 13.6Gbps / 10.1Mbps Stacking / Clustering Clustering up to 32 high Stacking up to 4-high LACP Yes Yes STP / RSTP / MSTP Yes STP, Yes RSTP, Yes MSTP Yes STP, Yes RSTP, No MSTP IGMP Snooping Yes Yes DUD Yes Yes Priority Queues 4 2 NTP Yes No IPv6 Yes No GVRP No No SSHv2 / SSL Yes / No No / No
  • 10. 10 Switch 4200G Products Overview â€Ē Switch 4200G 12-Port (3CR17660-91) – 12 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and 1 10-Gigabit slot â€Ē Switch 4200G 24-port (3CR17661-91) – 24 10/100/1000 port , 4dual-personality (1000Base-T or SFP) Gigabit ports and 2 10-Gigabit slot â€Ē Switch 4200G 48-Port (3CR17662-91) – 48 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and 2 10-Gigabit slot User-configurable SFP Gigabit Ports Provide Media Flexibility Choice of 10/100/1000 (RJ45) or SFP Interface SFP Interfaces Enable Multimode or Single mode Fiber Connectivity Same SFP Transceivers as for Other Products Supporting SFP’s
  • 11. 11 â€Ē Cost-Effective, Feature-Rich – Managed 10/100/1000 switches – 12-, 24- and 48-port models – User configurable combo Gigabit ports – Extensive layer 2 switching – Static layer 3 routing – Clustered stacking of up to 16 devices New Switch 4200G Gigabit Ethernet Family Affordable Gigabit to the Desktop for the Workgroup Edge â€Ē Standards-Based Design for Interoperability â€Ē Proven, Reliable 3Com Operating System Software â€Ē Enterprise Class Lifetime Warranty with Next Business Day Response â€Ē No PoE Supported Model, Not Support Redundant Power Supply
  • 12. 12 Switch 4200G Clustered Stacking â€ĒManage up to 16 devices with single IP management â€ĒMix and match with other Switch 4200G, with Switch 5500 / 5500G, and with future Switch 4500G, for simplified 3Com device management Kindergarten School Core Switch 5500G-EI Classroom 1 Switch 4200G-48 Classroom 2 Switch 4200G-12 Classroom 2 Switch 4200G-48 Classroom 2 Switch 4200G-12 Single IP Mgmt Common CLI Common Web Common Look & Feel 10G Uplink
  • 13. 13 3Com Switch 4200G - 10-Gigabit Uplinks â€Ē All models support 10-Gigabit uplinks – Switch 4200G 12-Port has one 10-Gigabit slot – Switch 4200 24- and 48-Port have two 10-Gigabit slots â€Ē Direct plug-in of 10-Gigabit XENPAK transceiver – No other hardware is required â€Ē Via a module, also 10-Gigabit XFP transceivers Plug module (3C17666) here XENPAK Transceivers: â€Ē3CXENPAK91 10GBASE- LX4 â€Ē3CXENPAK92 10GBASE-LR â€Ē3CXENPAK94 10GBASE-SR â€Ē3CXENPAK95 10GBASE- CX4 â€Ē3CXENPAK96 10GBASE-ER XFP Transceivers: â€Ē3CXFP96 10GBASE-ER â€Ē3CXFP92 10GBASE-LR â€Ē3CXFP94 10GBASE-SR Plug XFP here Plug XENPAK here
  • 14. 14 Comparison Chart This table compares the 24-Port model across various 3Com families New 4210 26-Port Baseline 2226 Plus 4200 26 / 28 4200G 24 SKU 3CR17343-91 3C16470 3C17300A 3C17304A 3CR17661-91 Total ports 24x 10/100 2x Combo Gig 24x 10/100 2x Combo Gig 26-Port Model 24x 10/100 2x 10/100/1000 28-Port Model 24x 10/100 2x 10/100/1000 2x SFP Gig ports 20x 10/100/1000 4x Combo Gig Up to 2x 10-Gig Technology L2 L2 L2 L2 with static L3 Performance 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 12.8Gbps / 9.5Mbps 88Gbps / 65Mbps MAC addresses 8K 4K 8K 8K VLANs 256 64 255 4,094 Stacking Clustering Standalone Stacking Clustering Priority Queues 4 4 2 8
  • 16. 16 Switch 4500 Family Introduction â€Ē Four Fixed-Configuration Models: – Switch 4500 26-Port (3CR17561-91) 24 x 10/100 Ports + 2 x Combo Gig Ports – Switch 4500 50-Port (3CR17562-91) 48 x 10/100 Ports + 2 x Combo Gig Ports – Switch 4500 PWR 26-Port (3CR17571-91) 24 x 10/100 Ports (PoE) + 2 x Combo Gig Ports – Switch 4500 PWR 50-Port (3CR17572-91) 48 x 10/100 Ports (PoE) + 2 x Combo Gig Ports â€Ē User-configurable Gigabit Ports – Provide Media Flexibility – Choice of 10/100/1000 (RJ45) or SFP Interfaces â€Ē SFP Interfaces Enable Multimode or Singlemode Fiber Connectivity â€Ē Same SFP Transceivers as for Other Products Supporting SFP’s â€Ē Compact Enclosure (1 RU High) â€Ē -48V DC Supplemental Power Option (PoE Models) – Supplemental PoE Power and/or Power Redundancy
  • 17. 17 Switch 4500 Family Software Basics â€Ē Support 56/168 bit encryption – Ships with 56 bit encryption image – Download 168 bit encryption in regions allows by regulations â€Ē 8K MAC Addresses â€Ē 256 802.1Q VLANs â€Ē Link Aggregation using LACP (802.3ad) – Not across stacked units â€Ē Spanning Tree enable/disable per port â€Ē RSTP â€Ē Fast Start mode on 10/100 ports â€Ē Broadcast Storm Control per VLAN â€Ē IGMPv1 & v2 â€Ē Filtering for 128 Multicast groups
  • 18. 18 Switch 4500 ( 10/100 ) New release ( version 3.03) Support Link Aggregation Across stack Support Clustering 32 device New Software Feature Improvement of web, CLI and SNMP performance Clustering management up to 32 devices. Distributed Link Aggregation for Switch 4500 stack IPv6 Management -- network discovery over IPv6, Telnet6, DNS6, TFTP6, TraceRoute6, IGMP6 Many to 1 port mirroring Jumbo Frame support to 9K packets Loopback Detection Device Link Detection Protocol (DLDP) to testing links IEEE 802.1s Multiple Spanning Tree -- 16 instances Q-in-Q Increase in ARP table size from 10 to 16 Increase in static routes from 12 to 16 Legacy Mode to deal with Cisco voice installations. QoS marking / remarking of 802.1p Guest VLAN assignment via 802.1X Mix modes 802.1X and MAC-based authentication Mac lock-down / sticky mode IGMP Snooping v3 IGMP Non Flooding
  • 19. 19 3Com Switch 4500/4500G Clustered Stacking â€Ē Manage up to 32 devices with single IP management â€Ē Mix and match with other Switch 4500G, with Switch 5500 / 5500G, and with Switch 4200G, for simplified 3Com device management School Administration Core Switch 5500G-EI Classroom 1 Switch 4500G-48 Classroom 2 Switch 4500G-PWR-48 Classroom 3 Switch 4200G-48 Classroom 4 Switch 4200G-12 Single IP Mgmt Common CLI Common Web Common Look & Feel 10G Uplink
  • 20. 20 Switch 4500 Hardware Basics â€Ē Switch 4500 supports: – 26-Port: 8.8Gbps forwarding / 6.5Mpps switching capacity – 50-Port: 13.6Gbps forwarding / 10.1Mpps switching capacity â€Ē 1U high, 19” Rack mountable â€Ē Stacking – Non-resilient â€Ē Layer 2 and Layer 3 switching â€Ē All ports auto negotiate speed, duplex and MDI/MDIX. â€Ē Console port interface
  • 21. 21 Switch 4500 26-Port 3CR17561-91 Port 13 Port 12 10/100 Base-T Port 1 Ports 25 & 26 Combo Ports SFP ports OR 10/100/1000Base-T Port 25 & 26 LED Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue
  • 22. 22 Switch 4500 50-Port 3CR17562-91 Port 25 Port 24 10/100 Base-T Port 1 Ports 49 & 50 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue
  • 23. 23 Switch 4500 PWR 26-Port 3CR17571-91 Port 13 Port 12 10/100 Base-T Port 1 Ports 25 & 26 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Port 25 & 26 LED Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue RPS Connector
  • 24. 24 Switch 4500 PWR 50-Port 3CR17572-91 Port 25 Port 24 10/100 Base-T Port 1 Ports 49 & 50 Combo Ports SFP with any transceiver OR SFP with 1000Base-T transceiver Serial port 100-230V Power Input Stacking LED Color is 3Com stackable blue RPS Connector
  • 25. 25 Comparison Chart This table compares the 24-Port model across various 3Com families New 4210 26-Port Baseline 2226 Plus 4200 26 / 28 4200G 24 4500 24 SKU 3CR17343-91 3C16470 3C17300A 3C17304A 3CR17661-91 3CR17561-91 Total ports 24x 10/100 2x Combo Gig 24x 10/100 2x Combo Gig 26-Port Model 24x 10/100 2x 10/100/1000 28-Port Model 24x 10/100 2x 10/100/1000 2x SFP Gig ports 20x 10/100/1000 4x Combo Gig Up to 2x 10-Gig 24x 10/100 2x Combo Gig Technology L2 L2 L2 L2 with static L3 L2 with dynamic L3 Performance 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 8.8Gbps / 6.6Mbps 12.8Gbps / 9.5Mbps 88Gbps / 65Mbps 8.8Gbps / 6.6Mbps MAC addresses 8K 4K 8K 8K 8K VLANs 256 64 255 4,094 256 Stacking Clustering Standalone Stacking Clustering Stacking and clustering Priority Queues 4 4 2 8 8
  • 27. 2727 Switch 4800G Details ‹ Four “standard” 10/100/1000 units ― 24-Port ― 48-Port ― PWR 24-Port ― PWR 48-Port ― These include four 100/1000 combo ports; all have dual 2x10G expansion slots ‹ One SFP unit ― 24-Port SFP: with 24-SFP (100/1000) including 8 combo ports with 10/100/1000 ― Supports dual PSUs. Ships with one, order a second for 1+1 PSU redundancy ‹ Modules shared with 3Com Switch 4500G and H3C S5500 ― 1x 10-Gigabit XFP ― 2x 10-Gigabit XFP ― 2x 10-Gigabit CX4
  • 28. 2828 4800G Software Intro ‹ Switch runs Comware V5, our latest generation OS ― Comware V5: 4500G, 4800G, S7900E, some 8800, some 7750 ― Comware V3: 4210, 4200G, 4500, 5500, 5500G, some 8800, some 7750 ‹ Switch is a superset of Switch 4500G functionality ― In all major ways, it will act like a 4500G ― Yes more features and some evolution of the code
  • 29. 2929  CLI  Web management  SNMPv1/v2/v3  sFlow  VCT, DLDP  LDT  4K L2-L4 hardware based ACL  Ingress and EGRESS ACL  VLAN and port based ACL  uRPF  ARP detection  RRPP (Rapid Ring Network Protect Protocol)  SMARTLINK  VRRP  Redundant power supply  Up to 4 10GE uplinks  128G/176G switching capacity  Full wire speed L2/L3 switching and forwarding  32K MAC, 12K routing table  IPv4/IPv6 dual stack  RIP, OSPF, BGP, RIPng, OSPFv3, BGP4+  IGMP, PIM SM/DM, MLD, PIM6 SM/DM  IPv4/IPv6 Policy Based Routing  IPv6 Ready phase-II certification 3Com Switch 4800G Performance IPv6 Securit y Reliability Management & Maintenance Highlights
  • 30. 3030 More Features ‹ L2: ― MSTP, LACP, QinQ, Selective QinQ, GVRP, DHCP, VCT, Guest VLAN, Port Isolate , Voice VLAN, Mac based VLAN, Protocol based VLAN, IP subnet based VLAN, RRPP, DLDP ‹ L3: ― RIP, RIPng, OSPF, OSPFv3, BGP4, BGP4+, ISIS, ISISv6, ARP Proxy, DHCP relay, DHCP server, VRRP, policy-routing, ECMP ‹ Multicast: ― IGMP Snooping, MLD Snooping, IGMP v1/v2/v3, MLD v1/v2, MVR+, IGMP querier, IGMP group-policy, IGMP group-restriction, source address-checking, unknown packet discarding ‹ Multicast route: ― PIM-DM, PIM-SM, PIM-SSM for, MSDP ‹ Security: ― Port Security, 802.1x, MAC authentication, learning No. of MAC, Radius, TACACS+, SSHv2, Https, IP source guard, sFlow, CPU defensing DOS
  • 31. 3131 High Performance Capabilities: Layer 2 Forwarding / Layer 3 Routing ‹ High capability of L2/L3 for IPv4/IPv6 ‹ IPv4 Routing: ― 256 for static ― RIPv1/v2, maximum 2K ― OSPF/BGP4/IS-IS,maximum 12K ‹ IPv6 Routing: ― 256 for static ― RIPng, maximum 2k ― OSPFv3/BGP4+/IS-ISv6, maximum 6K ‹ MAC Address Table ― 1024 for static ― Supporting 32K MAC for one unit
  • 32. 3232 High Performance 10-Gigabit Uplinks ‹ Two expansion slots available ‹ Flexible expansion, three interface cards supported: ― 1-port XFP 10GE ― 2-port XFP 10GE ― 2-port CX4 10GE – this for short-distance low-cost 10GE interconnect ‹ Modules shared with 4500G
  • 33. 3333 Switch 4800G Clustering ‹ Supports clustering just like the 4500G ― Single IP management shared with 4210, 4200G, 4500, 4500G, 5500, 5500G ― No resilient loopback ― No Distributed Link Aggregation or advanced XRN stacking features ‹ Components needed: ― Two-Port Local Connection (CX4) Module (soon repriced to $495 list) ― Switch to switch local connection cables ― The other slot is available for 10G uplinks back to the core ‹ XRN is on the roadmap by end 2008
  • 34. 3434 Switch 4800G Stacking ‹ Initial releases support clustering ‹ Late 2008 release will support full XRN stacking (shown above) ― Distributed Device Management with single agent management and single IP ― Distributed Link Aggregation ― Distributed Resilient Routing ‹ Components needed: ― Two-Port Local Connection (CX4) Module ― Switch to switch local connection cables with resilient loopback ― The other slot is available for 10G uplinks back to the core
  • 36. 36 Switch 4500G Family â€Ē Switch 4500G 24-Port (3CR17761-91) – 24 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G 48-Port (3CR17762-91) – 48 10/100/1000 port, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G PWR 24-Port (3CR1771-91) – 24 10/100/1000 port PWR, 4dual-personality (1000Base-T or SFP) Gigabit ports and â€Ē Switch 4500G PWR 48-Port (3CR1772-91) – 48 10/100/1000 port PWR, 4dual-personality (1000Base-T or SFP) Gigabit ports and
  • 37. 37 Switch 4500G Hardware / Software new feature â€Ē New mid-range managed quad-speed enterprise switch – 10/100/1000 and 10-Gigabit (Up to 4 ports for All Models) â€Ē Suitable at the network edge and for small-to-medium core â€Ē Layer 2 switching and Layer 3 dynamic (RIP) routing â€Ē Power over Ethernet for voice and wireless-ready networking â€Ē 3Com’s lifetime warranty including PSU and fans â€Ē Support Redundant Power Supply for PWR Model â€Ē Centrally manage via SNMP, CLI or web; cluster up to 32 devices for simplified wiring closet administration
  • 38. 383Com Confidential 3Com Switch 4500G - 10-Gigabit Uplinks â€Ē All models support up to four10-Gigabit uplinks â€Ē Choose local connection and / or XFP-based – Local Connection module supports CX4 4X InfiniBand cabling up to 3 meters long; ideal for local stacking – XFP module supports the standard flexible XFP interface, supporting various medium-long distance fiber technologies Plug the XFP Module (3C17766) here XFP Transceivers: â€Ē3CXFP96 10GBASE-ER â€Ē3CXFP92 10GBASE-LR â€Ē3CXFP94 10GBASE-SR CX4 Cables: â€Ē3C17775 50 cm â€Ē3C17776 100 cm â€Ē3C17777 300 cm Plug XFP here Plug the Local Connect Module (3C17767) here Plug CX4 Cable here Consider this: The 3Com Switch 4500G compares in price to switches that don’t support 10- Gigabit! Your network is more future-proof with the 3Com solution!
  • 39. 39 39 > Positioned for — Businesses deploying new service such as VoIP — Scaling to meet a growing business > Key Features — Enterprise-Class L2 & L3 IP Feature set — Basic Layer 3 IP Routing (Static, RIP, RIP2) — Copper and Power over Ethernet versions — 8 Hardware Queues Per Port, Traffic Shaping per port — L2, 3, 4 Access Control List — Lifetime Warranty with advanced hardware replacement — Stacking / Clustering Support — Designed for Voice Ready Networks > Business Benefits — Able to power an vendors phone system, prioritize and segment into a VLAN — Pay as you Grow – add more ports as needed and manage as one entity — Future proofed design with a full service & support offering Switch 4500 /4500G Ethernet Family Access Connectivity for Small Enterprises Switch 4500G Switch 4500 NEW â€ĒSwitch 4500G 24-Port 24 x 10/100/1000 Ports 4 Gig SFP (Combo) 2 Dual 10G Slots â€ĒSwitch 4500G 48-Port 48 x 10/100/1000 Ports 4 Gig SFP (Combo) 2 Dual 10G Slots â€ĒSwitch 4500G 24-Port PWR Same as 4500G 24-Port with PWR â€ĒSwitch 4500G 48-Port PWR Same as 4500G 48-Port with PWR â€ĒSwitch 4500 26-Port 24 x 10/100 Ports 2 Gig SFP/ 2 Gig Copper (Combo) â€ĒSwitch 4500 50-Port 24 x 10/100 PoE Ports 2 Gig SFP/ 2 Gig Copper (Combo) â€ĒSwitch 4500 26-Port PWR Same as 4500 24-Port with PWR â€ĒSwitch 4500 50-Port PWR Same as 4500 48-Port with PWR IEEE 802.3af ( Power Over Ethernet )
  • 40. 40 Comparison Chart This table compares the 24-Port Gigabit model across various 3Com families 4200G 24 3870 24 4500G 24 Total ports 20 x 10/100/1000 4 x Dual Personality Up to 2x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 1x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 4x 10-Gig Technology L2+ L2 / L3 L2 / L3 Performance 88-Gbps 65.5-Mpps 108-Gbps 80.0-Mpps 128.0-Gbps 95.2-Mpps MAC addresses 8,000 16,000 8,000 VLANs 256 255 256 Stacking Clustering Stacking Clustering Priority Queues 8 8 8
  • 42. 42 Introducing 3Com Switch 5500 Premium Switching Solution â€Ē Premium Enterprise stackable switches – For wiring closets, aggregation points, branch offices and data centers â€Ē 3Com OS: Same as 7700, 8800, Routers â€Ē XRNÂŪ technology 8-High â€Ē Seven 10/100 Fast Ethernet models – Standard Image / Enhanced Image â€Ē 5500-SI 28 / 52-Port; 5500-EI 28 / 52 Port – PoE Variants of EI â€Ē 5500-EI 28-Port PWR; 5500-EI 52-Port PWR – 100BASE-FX Variant â€Ē 5500-EI 28-Port FX â€Ē Five 10/100/1000 Gigabit models – Enhanced image, without and with PoE â€Ē 5500G-EI 24- / 48-Port; 5500G-EI 24- / 48-Port PWR – SFP Variant â€Ē 5500G-EI 24-Port SFP 3Com Switch 5500 Portfolio
  • 43. 43 Target use: Advanced Enterprise wiring closet access switch; small aggregation Availability: Routing functions are totally distributed across all switches in the stack massively increasing performance and uptime Scalability: Extend connectivity with a mixture of PoE and fibre switches Connectivity: Jumbo Frames are supported on all gigabit uplinks for interoperability with equipment downstream Application-Aware: Advanced Time-Based ACLs are supported that can be automatically executed on a per user or machine basis Port Configurations: 24 x 10/100 Ports + 4 SFP 48 x 10/100 Ports + 4 SFP 24 x 10/100 PoE + 4 SFP 48 x 10/100 PoE + 4 SFP 24 100BASE FX SFP + 2 10/100/1000 + 2 SFP Includes Enhanced Image (EI) software â€Ē Includes ALL SI software plus: XRN â€Ē Distributed Device Management Mix and match any 5500-EI product in a stack, including PWR and FX SKUs â€Ē Distributed Link Aggregation Allows up to 32 groups to be spread across any ports in the stack (8 FE / 4 GE per group) â€Ē Distributed Resilient Routing All switches in the stack are actively routing and sharing LSDB and ARP tables 256 static routes with 2K RIP entries 4K ARP Table 6K LSDB size for OSPF Multicast Routing PIM Sparse Mode / Dense Mode â€Ē 4096 Port-Based VLANs â€Ē Time-based Access Control Lists â€Ē DHCP Tracker â€Ē Traffic Redirection â€Ē Traffic Mirroring â€Ē Syslog Switch 5500-EI 28-Port Key Points Switch 5500-EI 52-Port Switch 5500-EI 28-Port PWR Switch 5500-EI 52-Port PWR Switch 5500-EI 28-Port FX Switch 5500-EI Overview
  • 44. 44 Target use: Advanced Enterprise wiring closet access switch; Building aggregation and server farm Availability: Pluggable Power Supply for reducing time to repair Scalability: Instantly enable Power over Ethernet via a plug-in PoE Power Supply Connectivity: Add up to 448 Gigabit ports 16 x 10G links per stack for ultimate performance Application-Aware: Advanced bespoke classification masks can be programmed for any QoS or ACL rule Port Configurations: 24 x 10/100/1000 Ports + 4 SFP + 1 Application Module Slot (PoE Ready) 48 x 10/100/1000 Ports + 4 SFP + 1 Application Module Slot (PoE Ready) â€Ē24 x SFP Ports + 10/100/1000 + 1 Application Module Slot Includes Enhanced Image (EI) software â€Ē Includes ALL SI software plus: â€Ē Hot-swappable Application Module Slot for expansion cards : 8-Port SFP, 1-Port 10G, 2-Port 10G â€Ē Removable PSU XRN â€Ē Distributed Device Management Mix and match any 5500G-EI product in a stack 48 Gigabit Bi-directional stacking link with redundant loop â€Ē Distributed Link Aggregation Allows up to 32 groups to be spread across any ports in the stack (8 GE / 4 10GE per group) â€Ē Distributed Resilient Routing All switches in the stack are actively routing and sharing LSDB and ARP tables 100 static routes with 2K RIP entries 8K ARP Table 12K LSDB size for OSPF Multicast Routing PIM Sparse Mode / Dense Mode Switch 5500G-EI 24-Port Key Points Switch 5500G-EI 48-Port Switch 5500G-EI 24-Port SFP Switch 5500G-EI Overview
  • 45. 45 Switch 5500 Premium Switching Services â€Ē Security: SNMP v3, Extended 802.1X Network Login with RADA (RADIUS Authentication Device Access), Time of Day ACLs, Secure Shell (SSH), Layer 3 and Layer 4 Auto VLANs, four different administrator levels, Denial of Service attack prevention, MAC port binding (formally DUD), MAC address limitation â€Ē Application-Aware: Auto-Qos, Auto-VLAN, Ingress/Egress Rate limiting, IPv4 and IPv6, Advanced QoS L2-4 with DSCP and fully configurable Time-of-Day QoS, WRR, SPQ, WFQ, advanced traffic mirroring â€Ē Availability: Distributed Resilient Routing (RIP, OSFP and PIM SM/DM) Distributed Link Aggregation (802.3ad), 802.1w with STP route guard, IGMP snooping, AC or DC power input, hot-swappable media modules*, hot-swappable power supplies and fans*, Dual software agents, Denial of Service device protection, resilient XRN stacking architecture, Thermal control and monitoring * Where applicable
  • 46. 46 Switch 5500 8-High XRNÂŪ Stacking Key Benefits of Evolved Technology â€Ē Unified management of stack – Single IP Address; single CLI; single web interface; automatic consistency â€Ē Full self-healing resiliency with all units sharing critical routing information – No master / slave set-up or limitations – Local L2/L3 switching improves performance – Full “pay as you grow” expansion without “hot standby” insurance â€Ē Distributed resilient connections – Easy dual homing, spanning of units, yet single trunk – 10/100 units can be geographically remote 1992 200519951994 Industry 1st Stackable Hub 3Com FMS Resilient Cascade Stacking system 3Com Hub 10/40/50 2000 Self-healing stacking SuperStack 3 Switch 4400 SuperStack SuperStack 2 Switch 1100/3300 2002 XRN 48Gbps L2/3/4 Stacking DLA DDM DRR XRN 8Gbps L2/3/4 Stacking DLA DDM DRR Hot-Swap Cascade 2Gbps L2/4 Stacking DLA Matrix Stacking 1Gbps L2 stacking Stacking 10Mbps Single Stack Management Revolutionary XRN – L2 &3 Stacking Switch 4900 XRN Evolution Multi-Layer Routing Switch 5500
  • 47. 47 SuperStack 4 Switch 5500G-EI SuperStack 4 Switch 5500-EI SuperStack 3 Switch 4400 Switch 5500 & XRNÂŪ Technology 4 Gbps Load Balanced LAG Multiple links fail without affecting connectivity back to the aggregation point Fully compatible with existing 4400 Family
  • 48. 48 â€Ē XRN : Distributed Device Management (DDM) – Intelligent management ensures all switches act as a single logical device – Resilient architecture provides access to management in the event of any switch failing – Rapid stack-wide feature configuration – Automatic and Manual stack configuration – Stack up to 8 units 192.168.1.254 â€Ē Stack-Wide Management – Single entity for SNMP, WEB and CLI Management – Display ALL configurations in one screen with Device View – Reduces configuration time – Improved monitoring responsiveness r222# telnet 192.168.0.33 r222# configure terminal r222(config)# interface ethernet 0/0 r222(config-if)# ip address 7.7.7.7 255.255.255.0 r222(config)# interface pos 4/0/0 XRN – Distributed Device Management
  • 49. 49 â€Ē Distributed Link Aggregation (DLA) – Create incredibly resilient network designs that are highly flexible – XRN technology binds all the switches into a single entity allowing connections from ANY port across the fabric to be connected together using IEEE 802.3ad LACP – LACP will then automatically configure the links as aggregated links Switch 5500G-EISwitch 5500-EI Switch 4400 3870 LACP 802.3ad 5500-EI provides geographical separation 5500G-EI provides closet separation; up to 12ft / 5M Interoperable with other 3Com DLA switches XRN – Distributed Link Aggregation
  • 50. 50 â€Ē Distributed Resilient Routing (DRR) – Provides chassis like resilience for routed (L3) networks – Local layer 3 routing using Rip – XRN synchronizes OSFP FIB table to all hosts in the fabric – All ACL information is distributed to all host units 1 2 ROUTER TABLE VLAN 1 0.0.0.0 255.255.0.1 Router Interface information is synchronised across all switches L3 traffic can be handled locally by the switch and intelligently passed up or down the XRN stack Student VLAN Admin VLAN XRN – Distributed Resilient Routing
  • 51. 51 â€Ē XRN Stacking – Each switch uses the last two Gigabit SFP ports to provide a 2Gbps FD link – No extra hardware required – Stack up to 8 units of any variety – Automatic or manual stack configuration – A return link provides rapid fail-over in the event of a normal link or unit failing – XRN Stack units together over 70km apart! Normal Stacking Link: 1 Gbps UP / 1 Gbps DOWN Standby Stacking loop connection: 1 Gbps UP / 1 Gbps DOWN Switch 5500-EI/SI Use ANY Gigabit SFP to link the units together Stacking – Powered by XRN
  • 52. 52 Stacking – Powered by XRN â€Ē 96Gbps XRN Stacking – Each switch has two bi-directional cascade links providing a massive 96Gb/s bandwidth – Industry Leading! – Stack up to 8 units of any variety – Automatic or manual stack configuration – A return link is ACTIVE! Providing fastest path around the XRN fabric – Stacking bandwidth is not shared with any other resource – 65cm, 150cm & 5M cables are available Normal Stacking Link: 24 Gbps UP / 24 Gbps DOWN Standby Stacking loop connection: 24 Gbps UP / 24 Gbps DOWN Switch 5500G-EI Ultra high-speed robust Infiniband 12X connectors and cables
  • 53. 53 Stacking Numbering - XRN â€Ē Each switch has a unique unit ID in the fabric â€Ē By default, the unit ID of a switch is set to 1 – The Unit ID can be manually set â€Ē Every switch has a unit name (sysname) – All units in the stack must have the same sysname â€Ē By default XRN will automatically number the switches to constitute a fabric – Unit 1 will be the unit with the lowest MAC address – Units will subsequently number from unit 1 up upupdown down down Unit 1 Unit 2 Unit 3 Unit 4
  • 54. 55 3Com Switch 5500 Portfolio “Firsts” of the 3Com Switch 5500 â€Ē Industry leading performance - up to 384Gbps backplane bandwidth â€Ē Highest stackable density - 448G ports in 8 “rack units” â€Ē Fastest totally resilient stacking at 48Gbps (96Gbps full duplex) â€Ē First with upgradeable PoE for 10/100/1000 Gigabit model â€Ē Only switch to ship with flexible AC or DC power input for n+1 power redundancy â€Ē Convergence-optimized - Auto-detects IP phones, prioritizes voice traffic, filters onto VLAN or mirror voice calls for recording â€Ē First Layer 3 XRN 8-high Stackable
  • 55. 56 Comparison Chart This table compares the 24-Port Gigabit model across various 3Com families 4200G 24 3870 24 4500G 24 5500G-EI Total ports 20 x 10/100/1000 4 x Dual Personality Up to 2x 10- Gig 20 x 10/100/1000 4 x Dual Personality Up to 1x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 4x 10-Gig 20 x 10/100/1000 4 x Dual Personality Up to 2x 10-Gig 2x stacking Technology L2+ L2 / L3 L2 / L3 L2 / L3 Performance 88-Gbps 65.5-Mpps 108-Gbps 80.0-Mpps 128.0-Gbps 95.2-Mpps 184-Gbps 136.9-Mpps MAC addresses 8,000 16,000 8,000 16,000 VLANs 256 255 256 4,094 Stacking Clustering Stacking Clustering Stacking and clustering Priority Queues 8 8 8 8
  • 57. 58 LAN Local Area Network on single Broadcast Domain
  • 58. 59 The command line provides the following views: ■ User view ■ System view ■ Ethernet Port view ■ VLAN view ■ VLAN interface view ■ Local-user view ■ User interface view ■ FTP client view ■ PIM view ■ RIP view ■ OSPF view ■ OSPF area view ■ Route policy view ■ Basic ACL view ■ Advanced ACL view ■ Layer-2 ACL view ■ RADIUS server group view ■ ISP domain view ■ BGP view ■ ISIS view Command Line View
  • 59. 60 āļāļēāļĢ Configuration āļœāđˆāļēāļ™ Console Port Run terminal emulator (such as Terminal on Windows 3X or the Hyper Terminal on Windows XP) on the PC. Set the terminal communication parameters as follows: Baud rate = 19200 Databit = 8 Parity check = none Stopbit = 1 Flow control = none Terminal type = VT100
  • 61. 62 āļāļēāļĢāđāļšāđˆāļ‡āļĢāļ°āļ”āļąāļšāļŠāļīāļ—āļ˜āļīāļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āļ‚āļ­āļ‡āļŠāļ§āļīāļ•āļŠāđŒ ATTRIBUTE 3Com-User-Access-Level Access_mode Integer VALUE 3Com-User-Access-Level Visit 0 VALUE 3Com-User-Access-Level Monitor 1 VALUE 3Com-User-Access-Level Manager 2 VALUE 3Com-User-Access-Level Administrator 3 Visit level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļē network diagnosis (āđ€āļŠāđˆāļ™āļāļēāļĢ ping āđāļĨāļ° tracert), āđ€āļ›āļĨāļĩāđˆāļĒāļ™āļ āļēāļĐāļēāļšāļ™ user interface (language-mode) āđ„āļ”āđ‰ āđāļĨāļ°āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ telnet āļŠāđˆāļ§āļ™āļāļēāļĢ save configuration file āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđ„āļ”āđ‰ āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰ Monitoring level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ display āđ„āļ”āđ‰āđāļĨāļ°āļāļēāļĢāļ—āļēāļ„āļēāļŠāļąāđˆāļ‡ debugging āđ„āļ”āđ‰ āđ€āļžāļ·āđˆāļ­āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ—āļē system maintenance, service fault diagnosis āļŠāđˆāļ§āļ™āļāļēāļĢ save configuration file āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđ„āļ”āđ‰āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰ System level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢ service configuration, āļĢāļ§āļĄāļ–āļķāļ‡āļāļēāļĢāđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē routing āđāļĨāļ°āļ„āļēāļŠāļąāđˆāļ‡āļŠāļēāļŦāļĢāļąāļšāđāļ•āđˆāļĨāļ° network layer āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ” network service āđƒāļŦāđ‰āļāļąāļšuser āđ„āļ”āđ‰ Management level: āđ€āļ›āđ‡āļ™āļĢāļ°āļ”āļąāļšāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļēāļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļ‚āļ­āļ‡ system āđāļĨāļ°āļāļēāļĢāļĢāļ­āļ‡āļĢāļąāļš module āļ‹āļķāđˆāļ‡āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļĢāļ°āļ”āļąāļšāļ™āļĩāđ‰āļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢ āļˆāļąāļ”āļāļēāļĢ file system, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļœāđˆāļēāļ™ FTP, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļœāđˆāļēāļ™ TFTP, XModem downloading, āļāļēāļĢāļˆāļąāļ”āļāļēāļĢ user āđāļĨāļ°āļāļēāļŦāļ™āļ”āļĢāļ°āļ”āļąāļš āđƒāļ™āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āļŠāļ§āļīāļ•āļŠāđŒ
  • 62. 63 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” User Interface Operation Command Enter a single User Interface View or multi User Interface Views user-interface [ type ] first-number [ last-number ] Configure the user interface-supported protocol protocol inbound { all | ssh | telnet } Configure the authentication method Configure no authentication authentication-mode { password | scheme } authentication-mode none Configure the local authentication password set authentication password { cipher | simple }password Set command level used after a user logs in service-type { ftp [ ftp-directory directory | lan- access | { ssh | telnet | terminal }* [ level level ] } Set command level used after a user logs in from a user interface user privilege level level Display the user application information of the user interface display users [ all ]
  • 63. 64 â€Ē<Sysname> system-view â€Ē[Sysname]user-interface vty 0 â€Ē[Sysname-ui-vty0] set authentication password simple xxxx (xxxx is the preset login password of the Telnet user) āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļī User āļœāđˆāļēāļ™ Telnet 1. āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđƒāļ™āļāļēāļĢTelnet āļ‚āļ­āļ‡ user āļœāđˆāļēāļ™ console port āļāđˆāļ­āļ™āļ—āļĩāđˆ userāļˆāļ° log in āļœāđˆāļēāļ™ Telnet. â€Ē āđ‚āļ”āļĒāļ„āđˆāļē default āļˆāļ°āļ•āđ‰āļ­āļ‡āļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ” password āđ€āļžāļ·āđˆāļ­āļ—āļĩāđˆāļˆāļ°āđƒāļŦāđ‰āļŠāļīāļ—āļ˜āļī user āđƒāļ™āļāļēāļĢ log in āļœāđˆāļēāļ™ Telnet āđ„āļ›āļĒāļąāļ‡ Switch āļ–āđ‰āļēāļĄāļĩ user logs in āļœāđˆāļēāļ™ Telnet āđ‚āļ”āļĒāđ„āļĄāđˆāļĄāļĩ password, āļˆāļ°āđ€āļŦāđ‡āļ™āļ‚āđ‰āļ­āļ„āļ§āļēāļĄāđāļŠāļ”āļ‡ Login password has not been set!.
  • 64. 65 āļāļēāļĢāļāļēāļŦāļ™āļ” username āđāļĨāļ° password āļˆāļ°āļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđ€āļĄāļ·āđˆāļ­ userāļĄāļĩāļāļēāļĢ logs in āļœāđˆāļēāļ™ VTY 0 user interface āđ‚āļ”āļĒāļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ” username āđāļĨāļ° password āđ€āļ›āđ‡āļ™ tset1 āđāļĨāļ° 3Com āļ•āļēāļĄāļĨāļēāļ”āļąāļš [Sysname-ui-vty1]authentication-mode scheme [Sysname-ui-vty1]quit [Sysname]local-user test1 [Sysname-luser-test1]password simple 3Com [Sysname-luser-test1]service-type telnet [Sysname-luser-test1]Level 3 3. āđ„āļĄāđˆāļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ”āļĢāļđāļ›āđāļšāļšāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļī [Sysname-ui –vty2] authentication-mode none āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāļ‚āļ­āļ‡āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āđāļĨāļ° username, password 2. āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļīāļ—āļ˜āļīāđƒāļŦāđ‰ username āđāļĨāļ° password āļ—āļēāļāļēāļĢ remote āļŠāļ§āļīāļ•āļŠāđŒāļ‚āļ­āļ‡āđāļ•āđˆāļĨāļ° user interface āđ‚āļ”āļĒāđƒāļŠāđ‰āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļĢāļđāļ›āđāļšāļšāđ€āļ›āđ‡āļ™ authentication-mode scheme āļ‹āļķāđˆāļ‡āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āđ€āļ›āđ‡āļ™ local āļŦāļĢāļ·āļ­ remote āļœāđˆāļēāļ™ username āđāļĨāļ° password āļ—āļĩāđˆāļāļēāļŦāļ™āļ”āđ‚āļ”āļĒāļŠāļ™āļīāļ”āļ‚āļ­āļ‡āļŠāļīāļ—āļ˜āļīāļ—āļĩāđˆāđ€āļ‚āđ‰āļēāļĄāļēāđƒāļŠāđ‰āļ‡āļēāļ™āļˆāļ°āļ‚āļķāđ‰āļ™āļ­āļĒāļđāđˆāļāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ”āļ•āļēāļĄ āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡
  • 65. 66 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāđāļŠāļ”āļ‡āļœāļĨ â€Ē Display version â€Ē Display current-configuration â€Ē Display device â€Ē Display power â€Ē Display user-interface â€Ē Display cpu â€Ē Display memory â€Ē Display vlan â€Ē Display environment â€Ē Display interface
  • 67. 68 Operation Command Enter Ethernet Port View interface { interface_type interface_num | interface_name } Set IP address IP address ip-address ip-mask Set IP second address IP address ip-address ip-mask sub Disable an Ethernet port Shutdown Enable an Ethernet port Undo shutdown Set duplex attribute for Ethernet port Restore the default duplex attribute of Ethernet port. duplex { auto | full | half } undo duplex Set the Ethernet port speed Restore the default speed for the Ethernet port speed { 10 | 100 | 1000 | auto undo speed Set the type of the cable connected to an Ethernet port. mdi { across | auto | normal } Permit jumbo frame to pass through the Ethernet port jumboframe enable Enable Ethernet port flow control flow-control āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡āļžāļ­āļĢāđŒāļ•
  • 68. 69 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡āļžāļ­āļĢāđŒāļ• <Sysname> system view [Sysname] Interface GigabitEthernet1/0/1 [Sysname-GigabitEthernet1/0/1] speed auto [Sysname-GigabitEthernet1/0/1] duplex auto [Sysname-GigabitEthernet1/0/1] jumboframe enable [Sysname-GigabitEthernet1/0/1] mdi auto 192.168.1.1/24 Port 1/0/1
  • 70. 71 PoE āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Power over Ethernet (PoE) āđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđƒāļŦāđ‰āļ­āļļāļ›āļāļĢāļ“āđŒ devices āļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļāļĢāļ°āđāļŠāđ„āļŸāļŸāđ‰āļēāļœāđˆāļēāļ™āļŠāļēāļĒ twisted pairs āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāļˆāđˆāļēāļĒāđ„āļŸāļˆāļēāļžāļ§āļ powered devices (PD) āđƒāļ™ network āđ‚āļ”āļĒ āļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ†āđ„āļ›āļžāļĢāđ‰āļ­āļĄāļāļąāļ™āļ”āđ‰āļ§āļĒ āļ›āļĢāļ°āđ‚āļĒāļŠāļ™āđŒāļ‚āļ­āļ‡ PoE ■ Reliability: āđ€āļ›āđ‡āļ™āđāļŦāļĨāđˆāļ‡āļˆāđˆāļēāļĒ power āļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļŦāļēāđ„āļ”āđ‰āļ‡āđˆāļēāļĒ āđ‚āļ”āļĒāļŠāļēāļĄāļēāļĢāļ–āļĢāļ§āļĄāļāļēāļĢāļˆāļąāļ”āļāļēāļĢāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ power āđ„āļ§āđ‰āļ—āļĩāđˆāđ€āļ”āļĩāļĒāļ§ āđāļĨāļ°āļĒāļąāļ‡āļĄāļĩāļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāļŠāļđāļ‡āļ­āļĩāļāļ”āđ‰āļ§āļĒ ■ Easy connection: āđ€āļžāļĩāļĒāļ‡āđāļ„āđˆāđ€āļ›āđ‡āļ™āļ­āļļāļ›āļāļĢāļ“āđŒNetwork āļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļš āđāļĨāļ°āļĄāļĩāļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļœāđˆāļēāļ™ Ethernet cable āđ‚āļ”āļĒāđ„āļĄāđˆ āļ•āđ‰āļ­āļ‡āļĄāļĩ power supply āļ”āđ‰āļēāļ™āļ™āļ­āļ ■ Standard: PoE āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļ•āļēāļĄāļĄāļēāļ•āļĢāļāļēāļ™ IEEE 802.3af āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļˆāđˆāļēāļĒ power āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļ—āļĩāđˆāļĢāļ­āļ‡āļĢāļąāļšāļĄāļēāļ•āļĢāļāļēāļ™ āđ„āļ”āđ‰āļŦāļĨāļēāļāļŦāļĨāļēāļĒāļŠāļ™āļīāļ” ■ Bright application prospect: PoE āļŠāļēāļĄāļēāļĢāļ–āļˆāđˆāļēāļĒ power āđƒāļŦāđ‰āļāļąāļšāļ­āļļāļ›āļāļĢāļ“āđŒāļˆāļēāļžāļ§āļ IP phones, wireless access points (APs), chargers for portable devices, card readers, network cameras, āđāļĨāļ° data collection system.
  • 71. 72 āļŠāđˆāļ§āļ™āļ›āļĢāļ°āļāļ­āļšāļ‚āļ­āļ‡ PoE PoE āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ 3 āļŠāđˆāļ§āļ™: power sourcing equipment (PSE), PD, āđāļĨāļ° power interface (PI). ■ PSE: PSE āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ power āđāļĨāļ°module āļ‹āļķāđˆāļ‡āļˆāļ°āđƒāļŠāđ‰āđ€āļ›āđ‡āļ™āđ€āļ„āļĢāļ·āđˆāļ­āļ‡āļĄāļ·āļ­āđƒāļ™āļāļēāļĢāļ„āđ‰āļ™āļŦāļē PD, āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļēāļ‡ power āļ‚āļ­āļ‡ PD, PoE,āļ•āļĢāļ§āļˆāļŠāļ­āļšāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ power supply āđāļĨāļ°āļ—āļēāļāļēāļĢ power-off āļ­āļļāļ›āļāļĢāļ“āđŒ ■ PD: PD āļˆāļ°āļ„āļ­āļĒāļĢāļąāļš powerāļˆāļēāļ PSE āļ‹āļķāđˆāļ‡āļĄāļĩāļ—āļąāđ‰āļ‡ PDs āļ—āļĩāđˆāđ€āļ›āđ‡āļ™ standard PDs āđāļĨāļ° nonstandard PDsāđ‚āļ”āļĒ Standard PDs āļˆāļ°āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļĄāļēāļ•āļĢāļāļēāļ™ 802.3af āļ‹āļķāđˆāļ‡āļˆāļ°āļĄāļĩāļ­āļļāļ›āļāļĢāļ“āđŒāļŦāļĨāļēāļĒāļŠāļ™āļīāļ” āđ€āļŠāđˆāļ™ IP phones, Wireless APs, network cameras āđāļĨāļ°āļ­āļļāļ›āļāļĢāļ“āđŒāļ­āļ·āđˆāļ™āđ† ■ PI: PIs āļāđ‡āļ„āļ·āļ­āļŠāļēāļĒ RJ45 āļ—āļĩāđˆāđƒāļŠāđ‰āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļĢāļ°āļŦāļ§āđˆāļēāļ‡ PSE/PDs āļšāļ™network
  • 72. 73 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ PoE Operation Command Enable the PoE feature on a port poe enable Set the maximum output power on the port poe max-power max-power Set the PoE management mode for the switch poe power-management {auto | manual } Set the PoE priority of a port poe priority { critical | high | low } Set the PoE mode on the port to signal. poe mode signal Enable the PD compatibility detection function. poe legacy enable Configure a PD disconnection detection mode. poe disconnect { ac | dc } Enable PoE over-temperature protection on the switch. Poe temperature-protection enable
  • 73. 74 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ PoE Operation Command Upgrade the PSE processing software online. poe update { refresh | full } filename Upgrade the PSE processing software of the fabric switch online. update fabric { file-url | device-name file-url } Display the current PD disconnection detection mode of the switch display poe disconnect Display the PoE status of a specific port or all ports of the switch display poe interface [interface-type interface-number ] Display the PoE power information of a specific port or all ports of the switch display poe interface power [ interface-type interface-number ] Display the PSE parameters display poe powersupply Display the status (enabled/disabled) of the PoE over-temperature protection feature on the switch display poe temperature- protection
  • 74. 75 GigabitEthernet1/0/1 and GigabitEthernet1/0/2 are connected to IP telephones. GigabitEthernet1/0/5 and GigabitEthernet1/0/6 are connected to access point (AP) devices. The power priority of GigabitEthernet1/0/2 is critical. The power of the AP device connected to GigabitEthernet1/0/5 does not exceed 9,000 milliwatts āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē PoE
  • 75. 76 Configuration procedure 1.Enable PoE on GigabitEthernet1/0/1, GigabitEthernet1/0/2, GigabitEthernet1/0/5, and GigabitEthernet1/0/6. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] poe enable [Sysname-GigabitEthernet1/0/1]quit [Sysname] interface gigabitethernet 1/0/2 [Sysname-GigabitEthernet1/0/2] poe enable [Sysname-GigabitEthernet1/0/2]quit [Sysname] interface gigabitethernet 1/0/5 [Sysname-GigabitEthernet1/0/5] poe enable [Sysname-GigabitEthernet1/0/5]quit [Sysname] interface gigabitethernet 1/0/6 [Sysname-GigabitEthernet1/0/6] poe enable 2.Set the power priority level of GigabitEthernet1/0/2 to critical. <Sysname> system view [Sysname] interface gigabitethernet 1/0/2 [Sysname-GigabitEthernet1/0/2] poe priority critical 3.Set the maximum power of GigabitEthernet1/0/5 to 9,000 milliwatts. [Sysname] interface gigabitethernet 1/0/5 [Sysname-GigabitEthernet1/0/5] poe max-power 9000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē PoE
  • 76. 77 Vlan 2 Vlan 1 Vlan 1 Local Area Network on multiple Broadcast Domain
  • 78. 79 VLAN āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Virtual local area network (VLAN) āļ„āļ·āļ­āļāļēāļĢāļŠāļĢāđ‰āļēāļ‡ logical groups āļ‚āļ­āļ‡ LAN deviceāđ‚āļ”āļĒ āļ—āļēāļāļēāļĢāđāļšāđˆāļ‡āđ€āļ›āđ‡āļ™ virtual workgroups āļĄāļēāļ•āļĢāļāļēāļ™āļ‚āļ­āļ‡ VLANāļˆāļ°āļ­āđ‰āļēāļ‡āļ­āļīāļ‡āļ•āļēāļĄ IEEE 802.1Qāđ€āļĄāļ·āđˆāļ­āļ›āļĩ 1999 āļ‹āļĩāđˆāļ‡āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļ—āļĩāđˆāđ€āļžāļīāđˆāļĄāđ€āļ•āļīāļĄāļĄāļēāļ•āļĢāļāļēāļ™āļˆāļ™āđ€āļ›āđ‡āļ™ VLAN solutions. āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ VLAN technology āļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāđāļšāđˆāļ‡ physical LAN āđ„āļ›āđ€āļ›āđ‡āļ™ broadcast domains āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™ āļ‹āļķāđˆāļ‡āđāļ•āđˆāļĨāļ° VLAN āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ•āđ‰āļ§āļĒāļāļĨāļļāđˆāļĄāļ‚āļ­āļ‡ workstations āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ—āļĩāđˆ āđ€āļŦāļĄāļ·āļ­āļ™āļāļąāļ™āđ‚āļ”āļĒāđāļ•āđˆāļĨāļ° workstations āļ—āļĩāđˆāļ­āļĒāļđāđˆāļšāļ™ VLAN āļˆāļ°āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļ­āļĒāļđāđˆāļšāļ™ physical LAN āđ€āļ”āļĩāļĒāļ§āļāļąāļ™ āđ„āļ”āđ‰ āļ āļēāļĒāđƒāļ™ VLAN āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ broadcast āđāļĨāļ° unicast traffic āļ—āļĩāđˆāđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļ‚āđ‰āļēāļĄāđ„āļ›āļĒāļąāļ‡ VLANs āļ­āļ·āđˆāļ™āđ„āļ”āđ‰ āļ­āļĒāđˆāļēāļ‡āđ„āļĢāļāđ‡āļ•āļēāļĄāļāļēāļĢāļāļēāļŦāļ™āļ” VLANsāļˆāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄ network traffic, āļŠāđˆāļ§āļĒāļ›āļĢāļ°āļŦāļĒāļąāļ”āļāļēāļĢāļĨāļ‡āļ—āļļāļ™ āđƒāļ™āļāļēāļĢāļ—āļĩāđˆāļ•āđ‰āļ­āļ‡āļ‹āļ·āđ‰āļ­āļ­āļļāļ›āļāļĢāļ“āđŒāļĄāļēāđāļšāđˆāļ‡ network, āļ‡āđˆāļēāļĒāļ•āđˆāļ­āļāļēāļĢāļˆāļąāļ”āļāļēāļĢ network āđāļĨāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāļ—āļē security āđ„āļ›āđƒāļ™ āļ•āļąāļ§āļ”āđ‰āļ§āļĒ
  • 79. 80 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs Operation Command Create a VLAN and enter the VLAN View Delete the specified VLAN vlan vlan_id undo vlan { vlan_id [ to vlan_id ] | all } Add Ethernet ports to a VLAN Remove Ethernet ports from a VLAN port interface_list undo port interface_list Display information about the VLAN interface display interface vlan-interface [ vlan_id ] Display information about the VLAN display vlan [ vlan_id | all | static | dynamic ] â€ĒNote that the default VLAN, namely VLAN 1, cannot be deleted. Specifying/Removing the VLAN Interface Use the following command to specify/remove the VLAN interface. To implement the network layer function on a VLAN interface, the VLAN interface must be configured with an IP address and a subnet mask. Create a new VLAN interface and enter VLAN Interface View interface vlan-interface vlan_id Assign IP address and Subnet mask to a interface VLAN IP address [ip_address] [subnet_mask]
  • 80. 81 Configuration Procedure 1. Create VLAN 2 and enter its view. [Sysname]vlan 2 2. Add Ethernet1/0/1 and Ethernet1/0/2 to VLAN2. [Sysname-vlan2]port ethernet1/0/1 to ethernet1/0/2 3. Create VLAN 3 and enter its view. [Sysname-vlan2]vlan 3 4. Add Ethernet1/0/3 and Ethernet1/0/4 to VLAN3. [Sysname-vlan3]port ethernet1/0/3 to ethernet1/0/4 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLAN
  • 81. 82 Reduntdant link to block loop network Vlan 2 Vlan 1 Vlan 1
  • 83. 84 STP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Spanning Tree Protocol (STP) āļāļēāļŦāļ™āļ”āđ‚āļ”āļĒ IEEE 802.1D āđ€āļ›āđ‡āļ™āļāļēāļĢāļ›āļĢāļąāļšāđ€āļ›āļĨāļĩāđˆāļĒāļ™ loop network āđƒāļŦāđ‰āļ—āļēāļāļēāļĢ block āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđƒāļ”āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļŦāļ™āļķāđˆāļ‡āđ„āļ›āđ€āļ›āđ‡āļ™āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāđ€āļ›āđ‡āļ™redundant āļāļēāļĢāđƒāļŠāđ‰ STP āđ€āļ›āđ‡āļ™āļāļēāļĢ āļŦāļĨāļĩāļāđ€āļĨāļĩāđˆāļĒāļ‡āļāļēāļĢāļ‚āļĒāļēāļĒ āđāļĨāļ°āļāļēāļĢāļŠāđˆāļ‡ packet āļ§āļ™āļĢāļ­āļšāđāļšāļšāđ„āļĄāđˆāļĢāļđāđ‰āļˆāļšāđƒāļ™ loop network āđƒāļ™āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ STP āļ•āļąāļ§ āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļ—āļēāļāļēāļĢāđāļĨāļāđ€āļ›āļĨāļĩāđˆāļĒāļ™ packetsāļ—āļĩāđˆāđ€āļĢāļĩāļĒāļāļ§āđˆāļē Bridge Protocol Data UnitsāļŦāļĢāļ·āļ­ BPDU āļ‹āļķāđˆāļ‡āļˆāļ°āđ€āļ›āđ‡āļ™ āļ•āļąāļ§āļāļēāļŦāļ™āļ”āļĢāļ°āļšāļšāļ‚āļ­āļ‡ network āđ‚āļ”āļĒāļ•āļąāļ§ BPDU āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡āļŠāļ§āļīāļ•āļŠāđŒāļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āļ„āļēāļ™āļ§āļ“āļāļēāļĢāļ—āļēāļ‡āļēāļ™ spanning tree āđ„āļ”āđ‰ āļāļēāļĢāļāļēāļŦāļ™āļ”āļ‚āļ­āļ‡ BPDU āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ† āļ”āļąāļ‡āļ™āļĩāđ‰ : ■ root ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ root priority āđāļĨāļ° MAC address ■ āļ„āđˆāļēāļ‚āļ­āļ‡āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļŠāļąāđ‰āļ™āļ—āļĩāđˆāļŠāļļāļ”āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ root ■ āļāļēāļĢāļĢāļ°āļšāļļ switch ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļāļēāļĢāļĢāļ°āļšāļļ switch priority āđāļĨāļ° MAC address ■ āļāļēāļĢāļĢāļ°āļšāļļ port ID āļ—āļĩāđˆāļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒ port priority āđāļĨāļ° port number ■ āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (MessageAge) ■ āđ€āļ§āļĨāļēāļŠāļđāļ‡āļŠāļļāļ”āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (MaxAge) ■ āļŠāđˆāļ§āļ‡āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” BPDU (HelloTime) ■ āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļŠāđˆāļ‡āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļŦāļ™āđˆāļ§āļ‡āļ‚āļ­āļ‡ port (ForwardDelay)
  • 84. 85 5 āļŠāļ–āļēāļ™āļ°āđƒāļ™āļāļēāļĢāļ—āļē Spanning Tree Initialization Blocking Listening Learning Forwarding Disabled
  • 85. 86 (R) Root port (D) Designated port (B) Backup port LAN 1 LAN 2 LAN 3 LAN 4 (D) (D) (D) (D) Root Bridge Designated bridge for LANs 1, 2, and 4 Designated bridge for LAN 3 (R) (B) (R) â€Ē Bridges āđƒāļŠāđ‰ algorithm āđƒāļ™āļāļēāļĢāđ€āļĨāļ·āļ­āļāļ§āđˆāļēāļˆāļ°āđƒāļŦāđ‰ single bridge āđ€āļ›āļĨāļĩāđˆāļĒāļ™āđ€āļ›āđ‡āļ™ root bridge â€Ē Bridges āļˆāļ°āļ„āļēāļ™āļ§āļ“āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļ”āļĩāļ—āļĩāđˆāļŠāļļāļ”āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļ­āļļāļ›āļāļĢāļ“āđŒ āļ—āļąāđ‰āļ‡āļŦāļĄāļ”āđāļĨāļ° root bridge â€Ē Bridge āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļĨāļ·āļ­āļ designated bridge āđƒāļ™ āđāļ•āđˆāļĨāļ°āļ§āļ‡āđāļĨāļ™āđƒāļ™bridge āđ‚āļ”āļĒāļˆāļ°āđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļĄāļĩāļ„āđˆāļēāļ™āđ‰āļ­āļĒāļ—āļĩāđˆ āļ•āđˆāļ­āđ„āļ›āļĒāļąāļ‡ root bridge – āđ‚āļ”āļĒ port āļ—āļĩāđˆāļ•āđˆāļ­āđ„āļ›āļĒāļąāļ‡ designated bridge āļ‚āļ­āļ‡āđāļ•āļĨāļ°āļ§āđˆāļ‡āđāļĨāļ™āļˆāļ°āļ–āļđāļāđ€āļĨāļ·āļ­āļāđ€āļ›āđ‡āļ™designated port â€Ē Bridges āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļĨāļ·āļ­āļāļ§āđˆāļē ports āđƒāļ”āļšāđ‰āļēāļ‡āļ—āļĩāđˆāļˆāļ°āļ­āļĒāļđāđˆāđƒāļ™ STP topology āļšāđ‰āļēāļ‡ – āđ‚āļ”āļĒāļ”āļđāļˆāļēāļāļ‚āđ‰āļ­āļĄāļđāļĨ traffic āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āļˆāļēāļ ports āđāļĨāđ‰āļ§āļ–āļķāļ‡āļˆāļ°āđ€āļĨāļ·āļ­āļāļ§āđˆāļēāļˆāļ°āđ€āļ›āđ‡āļ™ STP topology āļŦāļĢāļ·āļ­āđ„āļĄāđˆ āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ STP Root , Designated Bridges āđāļĨāļ° Ports
  • 86. 87 MSTP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Implements the Multiple Spanning Tree Protocol (MSTP) āļāļēāļŦāļ™āļ”āđ‚āļ”āļĒ IEEE 802.1s āļ‹āļķāđˆāļ‡ MSTP āđ€āļ›āđ‡āļ™āļāļēāļĢāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļŠāļēāļĄāļēāļĢāļ–āđƒāļ™āļāļēāļĢāļ—āļēāļ‡āļēāļ™ STP āđāļĨāļ°āļ„āļĨāļ­āļšāļ„āļĨāļļāļĄāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ—āļąāđ‰āļ‡ STP āđāļĨāļ° RSTP āļ—āļĩāđˆāļāļēāļŦāļ™āļ”āļ•āļēāļĄāļĄāļēāļ•āļĢāļāļēāļ™ IEEE 802.1w āđ‚āļ”āļĒāļŠāļ§āļīāļ•āļŠāđŒāļ—āļĩāđˆāļ—āļē MSTP āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļ­āļ‡āļĢāļąāļšāļ—āļąāđ‰āļ‡ STP āđāļĨāļ° RSTP packets āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļ™āļēāļ—āļąāđ‰āļ‡āļŦāļĄāļ”āļĄāļēāļ„āļēāļ™āļ§āļ“āđāļšāļš spanning tree āđ‚āļ”āļĒāļžāļ·āđ‰āļ™āļāļēāļ™āļāļēāļĢāļ—āļē MSTP functions āļ•āļąāļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļžāļīāđˆāļĄāļāļēāļĢāļĢāļ­āļ‡āļĢāļąāļš MSTP features āļ‹āļķāđˆāļ‡āļˆāļ°āļĄāļĩāļāļēāļĢāđ€āļžāļīāđˆāļĄ root bridge hold, secondary root bridge, root protection āđāļĨāļ° BPDU protection āđƒāļ™āļŠāđˆāļ§āļ™āļ™āļĩāđ‰āļˆāļ°āļĄāļēāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļŠāļēāļĄāļēāļĢāļ–āļ‚āļ­āļ‡ STP āļ—āļĩāđˆāđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļ—āļē āđƒāļŦāđ‰ network āļ—āļĩāđˆāļĄāļĩāļ„āļ§āļēāļĄāļĢāļ§āļ”āđ€āļĢāđ‡āļ§āļĄāļĩāđ€āļŠāļ–āļĩāļĒāļĢāļ āļēāļžāđ„āļ”āđ‰ āļ—āļąāđ‰āļ‡āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āđāļšāļšpoint-to-point āļŦāļĢāļ·āļ­āđāļšāļšedge port āđ‚āļ”āļĒ MSTP āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āđ€āļžāļīāđˆāļĄāļŠāđˆāļ§āļ‡āđ€āļ§āļĨāļēāđƒāļ™āļāļēāļĢāļŠāđˆāļ‡packet āđāļšāļšāļ—āļ§āļĩāļ„āļđāļ“āļāđˆāļ­āļ™āļ—āļĩāđˆāļˆāļ°āļ—āļēāđƒāļŦāđ‰ network āļĄāļĩāļ›āļąāļāļŦāļēāļ‹āļķāđˆāļ‡āļŠāļēāļĄāļēāļĢāļ–āļ—āļēāđ„āļ”āđ‰āļ­āļĒāđˆāļēāļ‡ āļĢāļ§āļ”āđ€āļĢāđ‡āļ§āđāļĨāļ°āļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāļŠāđˆāļ‡āļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡ VLANs āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āđƒāļ™āđāļ•āđˆāļĨāļ°āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ”āļąāļ‡āļ™āļąāđ‰āļ™āļāļēāļĢāļ—āļē MSTPāļˆāļķāļ‡āđ€āļ›āđ‡āļ™āļĢāļđāļ›āđāļšāļšāļ—āļĩāđˆāļ”āļĩāļ‚āļ­āļ‡āļāļĨāđ„āļāļāļēāļĢāļ—āļē load-balance mechanism āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ—āļē redundant links
  • 88. 89 Operation Command Enable MSTP on a device. stp enable Disable MSTP on a device. stp disable Enable MSTP on a port. stp interface interface-list enable | disable Setup MSTP mode configuration STP mode [MSTP | STP ] Show the configuration information about the current port and the switch. display stp instance instance-id [ interface interface-list ] [ brief ] Clear the MSTP statistics information. reset stp [ interface interface-list ] Enable/Disable MSTP (packet receiving/transmitting, event, error) debugging on the port. [ undo ] debugging stp [ interface interface-list ] { packet | event } āļāļēāļĢāđƒāļŠāđ‰āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” STP
  • 89. 90 1.Configuration on Switch A a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 90. 91 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch A as the root bridge of MST instance 1. [3Com] stp instance 1 root primary d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 91. 92 2.Configuration on Switch B a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch B as the root bridge of MST instance 3. [3Com] stp instance 3 root primary āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 92. 93 d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 93. 94 3.Configuration on Switch C a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration c.Define Switch C as the root bridge of MST instance 4. [3Com] stp instance 4 root primary āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 94. 95 d.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 95. 96 4.Configuration on Switch D a.Configure an MST region. <3Com> system-view [3Com] stp region-configuration [3Com-mst-region] region-name example [3Com-mst-region] instance 1 vlan 10 [3Com-mst-region] instance 3 vlan 30 [3Com-mst-region] instance 4 vlan 40 [3Com-mst-region] revision-level 0 b.Activate MST region configuration manually. [3Com-mst-region] active region-configuration āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 96. 97 c.View the MST region configuration information that has taken effect. [3Com] display stp region-configuration Oper configuration Format selector :0 Region name :example Revision level :0 Instance Vlans Mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” MSTP
  • 97. 98 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan 1
  • 98. 99 Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2
  • 100. 101 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™ Operation Command Configure the port as an access port port link-type access Configure the port as a hybrid port port link-type hybrid Configure the port as a trunk port port link-type trunk Restore the default link type, that is, access port undo port link-type Add the current trunk port to specified VLANs Remove the current trunk port from specified VLANs port trunk permit vlan { vlan_id_list | all } undo port trunk permit vlan { vlan_id_list | all } Add the current hybrid port to specified VLANs port hybrid vlan vlan_id_list { tagged | untagged } āļāļēāļĢāļāļēāļŦāļ™āļ” Link Type āļŠāļēāļŦāļĢāļąāļš Ethernet Port āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ Ethernet port āļŠāļēāļĄāļēāļĢāļ–āđāļšāđˆāļ‡āđ„āļ”āđ‰āđ€āļ›āđ‡āļ™ 4 āđāļšāļš link types āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āļ„āļ·āļ­ access, hybrid, trunk āđāļĨāļ° stack āđ‚āļ”āļĒ access port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ‚āļ­āļ‡ VLAN āđ€āļžāļĩāļĒāļ‡ VLAN āđ€āļ”āļĩāļĒāļ§āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļšāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āļŠāđˆāļ§āļ™ trunk port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāđ„āļ”āđ‰āļĄāļēāļāļāļ§āđˆāļēāļŦāļ™āļķāđˆāļ‡ VLAN āđāļĨāļ°āļĢāļąāļšāļŠāđˆāļ‡ packetsāđ„āļ”āđ‰āļŦāļĨāļēāļĒāđ† VLANs āļžāļĢāđ‰āļ­āļĄāļāļąāļ™ āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™ āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļŠāļ§āļīāļ•āļ‹āđŒ āļŠāđˆāļ§āļ™ hybrid port āļˆāļ°āļŠāđˆāļ‡āļœāđˆāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨāđ„āļ”āđ‰āļĄāļēāļāļāļ§āđˆāļēāļŦāļ™āļķāđˆāļ‡ VLAN āđāļĨāļ°āļĢāļąāļšāļŠāđˆāļ‡ packetsāđ„āļ”āđ‰āļŦāļĨāļēāļĒāđ† VLANs āļžāļĢāđ‰āļ­āļĄāļāļąāļ™ āđƒāļŠāđ‰āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™āļĢāļ°āļŦāļ§āđˆāļēāļ‡āļŠāļ§āļīāļ•āļ‹āđŒ āđāļĨāļ°āļŠāļēāļŦāļĢāļąāļšāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļšāļ„āļ­āļĄāļžāļīāļ§āđ€āļ•āļ­āļĢāđŒāļ”āđ‰āļ§āļĒ āļ‚āđ‰āļ­āđāļ•āļāļ•āđˆāļēāļ‡āļĢāļ°āļŦāļ§āđˆāļēāļ‡ hybrid port āđāļĨāļ° trunk port āļ„āļ·āļ­ hybrid port āļŠāļēāļĄāļēāļĢāļ–āļĒāļ­āļĄāđƒāļŦāđ‰āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āļˆāļēāļāļŦāļĨāļēāļĒāđ† VLANs āđ‚āļ”āļĒāļŠāđˆāļ‡āđāļšāļšāđ„āļĄāđˆāđƒāļŠāđˆ tags āđ„āļ›āļ”āđ‰āļ§āļĒāļžāļĢāđ‰āļ­āļĄāđ†āļāļąāļ™āđāļ•āđˆ trunk port āļĒāļ­āļĄāđƒāļŦāđ‰āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āļˆāļēāļ default VLAN āđ‚āļ”āļĒāļŠāđˆāļ‡āđāļšāļšāđ„āļĄāđˆāđƒāļŠāđˆ tags āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™
  • 102. 103 Configuration Procedure Switch A: 1. Enter the GigabitEthernet interface view: [Sysname] interface Gigabit3/1/23 2. Configure the port as a trunk port [Sysname] port link-type trunk 3. Add the current trunk port to specified VLANs [Sysname] port trunk permit vlan all Switch B: 1. Enter the GigabitEthernet interface view: [Sysname] interface Gigabit3/1/23 2. Configure the port as a trunk port [Sysname] port link-type trunk 3. Add the current trunk port to specified VLANs [Sysname] port trunk permit vlan all āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđ€āļžāļ·āđˆāļ­āđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļŠāļ§āļīāļŠāļŠāđŒāļ•āļąāļ§āļ­āļ·āđˆāļ™
  • 103. 104 Hybrid-Port-Based VLAN ■ āļāļēāļĢāļāļēāļŦāļ™āļ” Trunk port āđƒāļŦāđ‰āđ„āļ›āđ€āļ›āđ‡āļ™Hybrid port (āļŦāļĢāļ·āļ­āđƒāļ™āļ—āļēāļ‡āļāļĨāļąāļšāļāļąāļ™) āļˆāļ°āļ•āđ‰āļ­āļ‡āļ„āļēāļŠāļąāđˆāļ‡ Access port āđ€āļ›āđ‡āļ™āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđ€āļŠāđˆāļ™ Trunk port āļˆāļ°āļ•āđ‰āļ­āļ‡āļāļēāļŦāļ™āļ”āđ„āļ›āđ€āļ›āđ‡āļ™ Access port āļāđˆāļ­āļ™ āđāļĨāđ‰āļ§āļ„āđˆāļ­āļĒāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ Hybrid port ■ āļ”āļąāļ‡āļ™āļąāđ‰āļ™āļˆāļ°āļ•āđ‰āļ­āļ‡āđāļ™āđˆāđƒāļˆāļ§āđˆāļēāļĄāļĩāļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āļ­āļĒāļđāđˆāļāđˆāļ­āļ™āđāļĨāđ‰āļ§ āļ–āļķāļ‡āļˆāļ°āļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ”āđ€āļ›āđ‡āļ™ Hybrid port. ■ āđ‚āļ”āļĒ default VLAN IDs āļ‚āļ­āļ‡Hybrid ports āļˆāļ°āļ­āļĒāļđāđˆāļšāļ™ local āđāļĨāļ°āļˆāļ°āļ•āđ‰āļ­āļ‡āļ­āļĒāļđāđˆāļšāļ™āļ­āļļāļ›āļāļĢāļ“āđŒāļ•āļąāļ§ āđ€āļ”āļĩāļĒāļ§āļāļąāļ™āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āđ„āļĄāđˆāđ€āļŠāđˆāļ™āļ™āļąāđ‰āļ™āļˆāļ°āđ„āļĄāđˆāļŠāļēāļĄāļēāļĢāļ–āļŠāđˆāļ‡āļœāđˆāļēāļ™ packets āđ„āļ”āđ‰
  • 104. 105 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” VLANs āđāļšāļš Hybrid â€Ē Hybrid port āļˆāļ°āđ€āļ›āđ‡āļ™āļŠāđˆāļ§āļ™āļŦāļ™āļķāđˆāļ‡āļ‚āļ­āļ‡āļŦāļĨāļēāļĒāđ† VLANs āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āđ„āļ”āđ‰āđƒāļ™ Ethernet port view āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ Operation Command Configure the port link type as Hybrid. port link-type hybrid Allow the specified VLANs to pass through the current Hybrid port. port hybrid vlan vlan-id-list { tagged | untagged } Configure the default VLAN of the Hybrid port. port hybrid pvid vlan vlan-id Display the hybrid or trunk Ports. display port { hybrid | trunk }
  • 105. 106 Vlan 1 Vlan 2 Vlan 1 Vlan 2 Vlan 1 Vlan trunk 1,2
  • 107. 108 â€Ē āļŠāļĢāļļāļ›āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ LACP IEEE802.3ad-based Link Aggregation control protocol (LACP) āļˆāļ°āđƒāļŠāđ‰āļāļēāļĢāđāļĨāļāđ€āļ›āļĨāļĩāđˆāļĒāļ™ āļ‚āđ‰āļ­āļĄāļđāļĨāļœāđˆāļēāļ™ LACP data unit (LACPADU)āđ€āļžāļ·āđˆāļ­āļ•āļĢāļ§āļˆāļŠāļ­āļšāļ§āđˆāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđƒāļ”āđ€āļ›āđ‡āļ™ link aggregation āļ‹āļķāđˆāļ‡āđ€āļĄāļ·āđˆāļ­āļĄāļĩāļāļēāļĢ enable LACP āļŠāļ§āļīāļŠāļŠāđŒāļˆāļ°āļĄāļĩāļāļēāļĢāđāļˆāđ‰āļ‡āđ„āļ›āļ—āļĩāđˆ port āđ‚āļ”āļĒāļāļēāļĢāļŠāđˆāļ‡ LACPDU āđ„āļ›āļ•āļĢāļ§āļˆāļŠāļ­āļšāļ„āđˆāļēāļ‚āļ­āļ‡ system priority, system MAC, port priority, port number āđāļĨāļ° operation key āđāļĨāđ‰āļ§āļ™āļēāļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™ āđ€āļžāļ·āđˆāļ­āļ„āļēāļ™āļ§āļ“āļ§āđˆāļē ports āđ„āļŦāļ™āđ€āļ›āđ‡āļ™ aggregated āļšāđ‰āļēāļ‡ āđāļĨāđ‰āļ§āļˆāļķāļ‡āļˆāļ°āđ„āļ›āļĢāļ°āļšāļļāļ§āđˆāļēāđ€āļ›āđ‡āļ™ dynamic aggregation group āđ„āļŦāļ™āļ•āļēāļĄāļĨāļēāļ”āļąāļš â€Ē āļāļēāļĢāļ—āļē Link aggregation āļŦāļĄāļēāļĒāļ–āļķāļ‡āļāļēāļĢāļĢāļ§āļĄāļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ ports āđ€āļ‚āđ‰āļēāļ”āđ‰āļ§āļĒāļāļąāļ™āļ•āļēāļĄāļˆāļēāļ™āļ§āļ™āļ‚āļ­āļ‡ ports āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļĢāļąāļš/āļŠāđˆāļ‡ āļ‚āđ‰āļ­āļĄāļđāļĨāļāļąāļ™āđ€āļžāļ·āđˆāļ­āļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļžāļĢāđ‰āļ­āļĄāļāļąāļ™āđāļĨāļ°āđ€āļ›āđ‡āļ™āļāļēāļĢāđ€āļžāļīāđˆāļĄāļ„āļ§āļēāļĄāļ™āđˆāļēāđ€āļŠāļ·āđˆāļ­āļ–āļ·āļ­āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļ™ āļ‹āļķāđˆāļ‡āļāļēāļĢāļ—āļē Link aggregation āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļāļēāļĢāļ—āļēāđāļšāļš manual aggregation, dynamic LACP aggregation, āđāļĨāļ° static LACP aggregation āđƒāļ™āļĢāļđāļ›āđāļšāļšāļ‚āļ­āļ‡ load sharing āļāļēāļĢāļ—āļē link aggregation āļšāļēāļ‡āļ„āļĢāļąāđ‰āļ‡āļˆāļ°āđ€āļ›āđ‡āļ™āđāļšāļš load sharing aggregation āđāļĨāļ° non-load sharing aggregation āļ āļēāļžāļĢāļ§āļĄ LACP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ
  • 108. 109 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation Operation Command Enable LACP at the port Disable LACP at the port lacp enable Undo lacp enable Create an aggregation group Disable an aggregation group link-aggregation group agg-id mode { manual | static } Undo link-aggregation group agg-id Configure port priority Restore the default port priority lacp port-priority port_priority_value undo lacp port-priority Disable an Ethernet port Shutdown You cannot enable LACP at a â€Ē stack port â€Ē mirrored port â€Ē port with a static MAC address configured â€Ē port with static ARP configured â€Ē port with 802.1x enabled â€Ē port in a manual aggregation group
  • 109. 110 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation 1. Manual link aggregation a. Create manual aggregation group 1. [Sysname] link-aggregation group 1 mode manual b. Add Ethernet ports Ethernet1/0/1 to Ethernet1/0/3 into aggregation group 1. [Sysname] interface ethernet1/0/1 [Sysname-Ethernet1/0/1] port link-aggregation group 1 [Sysname-Ethernet1/0/1] interface ethernet1/0/2 [Sysname-Ethernet1/0/2] port link-aggregation group 1 [Sysname-Ethernet1/0/2] interface ethernet1/0/3 [Sysname-Ethernet1/0/3] port link-aggregation group 1
  • 110. 111 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Link Aggregation 2. Static LACP aggregation a. Create static LACP aggregation group 1. [Sysname]link-aggregation group 1 mode static b. Add Ethernet ports Ethernet1/0/1 to Ethernet1/0/3 into aggregation group 1. [Sysname]interface ethernet1/0/1 [Sysname-Ethernet1/0/1]port link-aggregation group 1 [Sysname-Ethernet1/0/1]interface ethernet1/0/2 [Sysname-Ethernet1/0/2]port link-aggregation group 1 [Sysname-Ethernet1/0/2]interface ethernet1/0/3 [Sysname-Ethernet1/0/3]port link-aggregation group 1 3. Dynamic LACP aggregation a.Enable LACP at Ethernet ports Ethernet1/0/1 to Ethernet1/0/3. [Sysname]interface ethernet1/0/1 [Sysname-Ethernet1/0/1]lacp enable [Sysname-Ethernet1/0/1]interface ethernet1/0/2 [Sysname-Ethernet1/0/2]lacp enable [Sysname-Ethernet1/0/2]interface ethernet1/0/3 [Sysname-Ethernet1/0/3]lacp enable
  • 111. 112 Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2 Vlan 4Vlan 3 Vlan trunk 1,2
  • 113. 114 IP Routing Protocol āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Routers āļŠāļēāļĄāļēāļĢāļ–āļĢāļ°āļšāļļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ‚āđ‰āļēāļĄ network āđƒāļŦāđ‰āļŠāđˆāļ‡ IP packet āđ„āļ›āļ–āļķāļ‡āļˆāļļāļ”āļŦāļĄāļēāļĒāļ›āļĨāļēāļĒāļ—āļēāļ‡āđ„āļ”āđ‰ āđ‚āļ”āļĒāđāļ•āđˆāļĨāļ° āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ‚āļ­āļ‡ router āļ—āļĩāđˆāļĢāļąāļš packet āđāļĨāļ°āļŠāđˆāļ‡āđ„āļ›āļĒāļąāļ‡ router āļ•āļąāļ§āļ•āđˆāļ­āđ„āļ› āļ‹āļķāđˆāļ‡ router āļ•āļąāļ§āļŠāļļāļ”āļ—āđ‰āļēāļĒāļˆāļ°āļŠāđˆāļ‡ packet āđ„āļ› āļāļĨāļąāļšāđ„āļ›āļĒāļąāļ‡ host āļ›āļĨāļēāļĒāļ—āļēāļ‡
  • 114. 115 āļāļēāļĢāđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļœāđˆāļēāļ™ Routing Table āļāļēāļĢāđ€āļĨāļ·āļ­āļāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļœāđˆāļēāļ™ Routing table āļˆāļ°āļ›āļĢāļ°āļāļ­āļšāļ”āđ‰āļ§āļĒāļ‚āđ‰āļ­āļĄāļđāļĨāļ•āđˆāļēāļ‡āđ†āļ”āļąāļ‡āļ™āļĩāđ‰ ■ Destination address āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļdestination IP address āļŦāļĢāļ·āļ­ destination network āļ‚āļ­āļ‡ IP packet āđ‚āļ”āļĒāļĄāļĩāļ‚āļ™āļēāļ”āļ„āļ§āļēāļĄāļĒāļēāļ§ 32 bits ■ Network mask āđ€āļ›āđ‡āļ™āļ•āļąāļ§āđ€āļĨāļ‚āļĄāļĩāļ„āļ§āļēāļĄāļĒāļēāļ§ 32 āļšāļīāļ• āđāļšāđˆāļ‡āļ­āļ­āļāđ€āļ›āđ‡āļ™āļŠāļĩāđˆāļŠāļļāļ”āđ€āļŠāđˆāļ™āđ€āļ”āļĩāļĒāļ§āļāļąāļš ip āđāļ•āđˆāļ„āđˆāļēāļ‚āļ­āļ‡ subnet mask āļˆāļ° āļ‚āļķāđ‰āļ™āļ­āļĒāļđāđˆāļāļąāļšāļ„āļ§āļēāļĄāļ•āđ‰āļ­āļ‡āļāļēāļĢāđƒāļ™āļāļēāļĢāđāļšāđˆāļ‡ subnet āļ§āđˆāļēāļ•āđ‰āļ­āļ‡āļāļēāļĢāļˆāļēāļ™āļ§āļ™ subnet āđ€āļ—āđˆāļēāđƒāļ”āđāļĨāļ°āļĄāļĩāļˆāļēāļ™āļ§āļ™āđ‚āļŪāļŠāđ€āļ—āđˆāļēāđƒāļ” āļŦāļēāļāļ™āļē subnet mask āļĄāļēāđ€āļ‚āļĩāļĒāļ™āđ€āļ›āđ‡āļ™āđ€āļĨāļ‚āļāļēāļ™āļŠāļ­āļ‡ āļˆāļ°āļĄāļĩāļĨāļąāļāļĐāļ“āļ°āļžāļīāđ€āļĻāļĐāļ„āļ·āļ­ āļ‚āļķāđ‰āļ™āļ•āđ‰āļ™āļ”āđ‰āļ§āļĒāđ€āļĨāļ‚ 1 āļĄāļĩāļˆāļēāļ™āļ§āļ™āļāļĩāđˆāļ•āļąāļ§āļāđ‡āđ„āļ”āđ‰ āļ•āļēāļĄāđāļ•āđˆāļ„āļ§āļēāļĄāļ•āđ‰āļ­āļ‡āļāļēāļĢāđƒāļ™āļāļēāļĢāđāļšāđˆāļ‡ subnet āđāļĨāļ°āļ•āļēāđāļŦāļ™āđˆāļ‡āļ—āļĩāđˆāđ€āļŦāļĨāļ·āļ­āļˆāļ°āļĄāļĩāļ„āđˆāļēāđ€āļ›āđ‡āļ™ 0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđ€āļŠāđˆāļ™ āļ–āđ‰āļēāļĄāļĩ destination address āđ€āļ›āđ‡āļ™129.102.8.10 āļˆāļ°āļĄāļĩ address āļ‚āļ­āļ‡ network āļ—āļĩāđˆāļˆāļ°āđāļšāđˆāļ‡ host āļŦāļĢāļ·āļ­ router āļ—āļĩāđˆāđƒāļŠāđ‰ maskāđ€āļ›āđ‡āļ™ 255.255.0.0 āļāđ‡āļˆāļ°āļĢāļ°āļšāļļāđ„āļ”āđ‰āđ€āļ›āđ‡āļ™ 129.102.0.0. ■Output interface āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļ interface āļ—āļĩāđˆāđƒāļŠāđ‰āđƒāļ™āļāļēāļĢāļŠāđˆāļ‡IP packet ■Next hop address āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļ router āļ•āļąāļ§āļ–āļąāļ”āđ„āļ›āļ—āļĩāđˆāļĄāļĩāļāļēāļĢāļŠāđˆāļ‡āļœāđˆāļēāļ™ IP packet ■āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļ‚āļ­āļ‡ IPāđƒāļ™ routing table āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļ„āđ‰āļ™āļŦāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡ āđ€āļ›āđ‡āļ™āļ‚āđ‰āļ­āļĄāļđāļĨāļ—āļĩāđˆāļĢāļ°āļšāļļāļŠāļ™āļīāļ”āļ‚āļ­āļ‡āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļāļēāļŦāļ™āļ” āļ‹āļķāđˆāļ‡ āļšāļēāļ‡āļ—āļĩāļ­āļēāļˆāļĄāļĩāļŦāļĨāļēāļĒāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āđ‚āļ”āļĒāļĄāļēāļˆāļēāļ next hops āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™āđ„āļ›āļĒāļąāļ‡āļˆāļļāļ”āļŦāļĄāļēāļĒāļ›āļĨāļēāļĒāļ—āļēāļ‡āđ€āļ”āļĩāļĒāļ§āļāļąāļ™ āđƒāļ™āļāļēāļĢāļ„āđ‰āļ™āļŦāļēāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ™āļĩāđ‰āļŠāļēāļĄāļēāļĢāļ– āļ•āļĢāļ§āļˆāļŠāļ­āļšāđ„āļ”āđ‰āļˆāļēāļrouting protocols āļ—āļĩāđˆāđāļ•āļāļ•āđˆāļēāļ‡āļāļąāļ™ āļŦāļĢāļ·āļ­āļŠāļēāļĄāļēāļĢāļ–āļĢāļ°āļšāļļāđ€āļ›āđ‡āļ™ static routes āļ—āļĩāđˆāđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āđāļšāļš manual āđ‚āļ”āļĒāđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāļĄāļĩāļ„āđˆāļēāļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļĄāļēāļāļˆāļ°āļ–āļđāļāđ€āļĨāļ·āļ­āļāđƒāļŦāđ‰āđ€āļ›āđ‡āļ™āđ€āļŠāđ‰āļ™āļ—āļēāļ‡āļ—āļĩāđˆāđƒāļŠāđ‰āļ‡āļēāļ™
  • 116. 117 Configuration Procedure 1. If the VLAN does not currently exist, then create it. This example uses VLAN ID 3. [Sysname]vlan 3 [Sysname-vlan3]quit 2. Enter the VLAN interface view: [Sysname]interface vlan-interface 3 3. Provide the IP address and subnet mask: [Sysname-Vlan-interface3]ip address 192.168.1.5 255.255.255.0 [Sysname-Vlan-interface3]quit āļāļēāļĢāļāļēāļŦāļ™āļ” IP Address āļšāļ™ VLAN interface āđ€āļžāļ·āđˆāļ­ route āļ‚āđ‰āļēāļĄ VLAN
  • 117. 118 Operation Command Add a static route ip route-static ip_address { mask | mask_length } { interface_type interface_number | gateway_address } [ preference value ] [ reject | blackhole ] Delete a static route undo ip route-static ip_address { mask | mask_length } [ interface_type interface_number | gateway_address ] [ preference value ] [ reject | blackhole ] Delete all static routes delete static-routes all āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Static Route āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” Default Route Operation Command Configure a default route ip route-static 0.0.0.0 { 0.0.0.0 | 0 } { interface_type interface_number | gateway_address } [ preference value ] [ reject | blackhole ] Delete a default route undo ip route-static 0.0.0.0 { 0.0.0.0 | 0 } [ interface_type interface_number | gateway_address ] [ preference value ] [ reject | blackhole ]
  • 119. 120 Configuration procedure 1. Configure the static route for Ethernet Switch A [Switch A]ip route-static 1.1.3.0 255.255.255.0 1.1.2.2 [Switch A]ip route-static 1.1.4.0 255.255.255.0 1.1.2.2 [Switch A]ip route-static 1.1.5.0 255.255.255.0 1.1.2.2 2. Configure the static route for Ethernet Switch B [Switch B]ip route-static 1.1.2.0 255.255.255.0 1.1.3.1 [Switch B]ip route-static 1.1.5.0 255.255.255.0 1.1.3.1 [Switch B]ip route-static 1.1.1.0 255.255.255.0 1.1.3.1 3. Configure the static route for Ethernet Switch C [Switch C]ip route-static 1.1.1.0 255.255.255.0 1.1.2.1 [Switch C]ip route-static 1.1.4.0 255.255.255.0 1.1.3.2 4. Configure the default gateway of the Host A to be 1.1.5.2 5. Configure the default gateway of the Host B to be 1.1.4.1 6. Configure the default gateway of the Host C to be 1.1.1.2 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āđƒāļ™āļāļēāļĢāļ—āļē Typical Static Route
  • 120. 121 Enabling RIP and Entering the RIP View Operation Command Enable RIP and enter RIP view Disable RIP RIP undo rip Enable RIP on the specified network Disable RIP on the specified network network network_address undo network network_address Configure unicast RIP message Cancel unicast RIP message peer ip_address undo peer ip_address Specify the interface version as RIP-1 or 2 Restore the default RIP version running on the interface rip version 1|2 undo rip ver Enable the interface to run RIP rip work Enable the interface to receive RIP update packets rip input Enable the interface to send RIP update packets rip output â€ĒNote that peer should be restricted using the following commands: rip work, rip output, rip input and network. And rip2 default multicast address 224.0.0.9
  • 122. 123 1. Configure RIP on Switch A [Switch A] rip [Switch A-rip]network 110.11.2.0 [Switch A-rip]network 155.10.1.0 2. Configure RIP on Switch B [Switch B] rip [Switch B-rip]network 196.38.165.0 [Switch B-rip]network 110.11.2.0 3. Configure RIP on Switch C [Switch C] rip [Switch C-rip]network 117.102.0.0 [Switch C-rip]network 110.11.2.0 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļ—āļē RIP
  • 124. 125 DHCP āļ„āļ·āļ­āļ­āļ°āđ„āļĢ Dynamic Host Configuration Protocol (DHCP) āđ€āļ›āđ‡āļ™āļāļēāļĢāļāļēāļŦāļ™āļ” IP address āđāļšāļš dynamic āļ—āļĩāđˆāļ—āļēāļ‡āļēāļ™āđƒāļ™āđāļšāļš Client-Server mode āļŠāļēāļŦāļĢāļąāļš protocol āļ™āļĩāđ‰āđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ DHCP Client āļˆāļ°āļĄāļĩāļāļēāļĢāļĢāđ‰āļ­āļ‡āļ‚āļ­āļ‚āđ‰āļ­āļĄāļđāļĨ āđāļšāļš dynamic āđ„āļ›āđāļĨāļ°DHCP server āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āļ‚āđ‰āļ­āļĄāļđāļĨāđƒāļŦāđ‰āļāļąāļš Client āļ­āļĩāļāļ„āļĢāļąāđ‰āļ‡āļŦāļ™āļķāđˆāļ‡ DHCP relay āļ—āļēāļŦāļ™āđ‰āļēāļ—āļĩāđˆāđ€āļŠāļĄāļ·āļ­āļ™āļĢāļēāļ‡āļ™āđ‰āļēāļ—āļĩāđˆāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļĢāļ°āļŦāļ§āđˆāļēāļ‡ DHCP Client āđāļĨāļ°server āļ—āļĩāđˆāļ­āļĒāļđāđˆ āļ•āđˆāļēāļ‡ subnets āļāļąāļ™āđ‚āļ”āļĒ DHCP āļˆāļ°āļŠāđˆāļ‡packets āļĢāļĩāđ€āļĨāļĒāđŒāļˆāļēāļāļ•āđ‰āļ™āļ—āļēāļ‡āđ„āļ›āļĒāļąāļ‡āļ›āļĨāļēāļĒāļ—āļēāļ‡āļ—āļĩāđˆāđ€āļ›āđ‡āļ™ DHCP server āļŦāļĢāļ·āļ­ Client āđ‚āļ”āļĒāļŠāļēāļĄāļēāļĢāļ–āļ‚āđ‰āļēāļĄ Network āđ„āļ”āđ‰ āļ•āļąāļ§ DHCP client āļ—āļĩāđˆāļ­āļĒāļđāđˆāļ•āđˆāļēāļ‡ Network āļāļąāļ™ āļŠāļēāļĄāļēāļĢāļ–āđƒāļŠāđ‰ DHCP server āļ•āļąāļ§āđ€āļ”āļĩāļĒāļ§āļāļąāļ™āđ„āļ”āđ‰ āļ‹āļķāđˆāļ‡āļˆāļ°āļŠāđˆāļ§āļĒāđƒāļŦāđ‰āđ€āļāļīāļ”āļāļēāļĢāļ›āļĢāļ°āļŦāļĒāļąāļ” āļŠāļ°āļ”āļ§āļ āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļˆāļąāļ”āļāļēāļĢāļˆāļēāļāļˆāļļāļ”āļĻāļđāļ™āļĒāđŒāļāļĨāļēāļ‡
  • 125. 126 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡ DHCP Server āđāļĨāļ° DHCP Relay DHCP Server DHCP Relay
  • 126. 127 â€Ē UDP Helper is required to support the forwarding of BootP/DHCP/DNS requests across a routed network VLAN1 10.x.x.x L3 VLAN2 20.x.x.x VLAN3 30.x.x.x DHCP Server (IP address=20.1.1.1) (Multiple DHCP scopes) BootP / DHCP / DNS Clients (IP address=? ) IP UDP BootP request IP Bcast: 255.255.255.255 1 Layer 3 Switch UDP Helper: 20.1.1.1 2 3 4 DHCP/UDP Helper
  • 127. 128 Operation Command Configure IP address for DHCP server Delete all DHCP server IP addresses dhcp-server groupNo ip ipaddress1 [ ipaddress2 ] undo dhcp-server groupNo Configure DHCP server group corresponding to VLAN interfaces Delete DHCP server group dhcp-server groupNo undo dhcp-server Configure user address entry for DHCP server group Delete the user address entry in the DHCP server group dhcp-security static ip_address mac_address undo dhcp-security { ip_address | all | dynamic | static } Enable DHCP security feature on VLAN interface Disable DHCP security feature on VLAN interface address-check enable address-check disable Display configuration information of DHCP server group display dhcp-server groupNo Display configuration information about the DHCP Server group corresponding to the VLAN interface display dhcp-server interface vlan- interface vlan_id āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” DHCP & DHCP Relay
  • 128. 129 āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āļāļēāļĢ Debugging DHCP Operation Command Display address allocation information of DHCP client display dhcp client [ verbose ] Enable/disable DHCP client debugging [ undo ] debugging dhcp client { all | error | event | packet } Enable/disable DHCP Client hot backup debugging [ undo ] debugging dhcp xrn xha Enable/disable DHCP relay debugging [ undo ] debugging dhcp-relay
  • 129. 130 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ” DHCP Relay Configuration Procedure 1.Create a DHCP server group that will use two DHCP servers (a master and an optional backup) and assign it the IP addresses of the two DHCP servers (the first IP address is the master). [Sysname]dhcp-server 0 ip 192.168.1.1 192.168.2.12 Configure the Switch so all clients use DHCP server group '0'. [Sysname]interface vlan-interface 1 [Sysname-Vlan-interface1] dhcp-server 0 [Sysname-Vlan-interface1] quit [Sysname] interface vlan-interface 10 [Sysname-Vlan-interface10] dhcp-server 0 [Sysname-Vlan-interface10] quit
  • 131. 132 ACL Overview The Access Control List (ACL) āđ€āļ›āđ‡āļ™āļāļēāļĢāđāļĒāļāļ›āļĢāļ°āđ€āļ āļ—āļ‚āļ­āļ‡ data packets āđ‚āļ”āļĒāļĢāļ°āļšāļļāđƒāļŦāđ‰āļ•āļĢāļ‡āļāļąāļš rules āļ—āļĩāđˆāļĄāļĩāļāļēāļĢ āļāļēāļŦāļ™āļ” source address, destination address āđāļĨāļ° port number āļ•āļąāļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļš data packets āļ§āđˆāļēāļ•āļĢāļ‡āļāļąāļš rules āđƒāļ™ ACLāļŦāļĢāļ·āļ­āđ„āļĄāđˆ āđāļĨāļ°āļˆāļķāļ‡āļĄāļēāđ€āļĨāļ·āļ­āļāļāļēāļĢāļŠāđˆāļ‡ āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āļ§āļēāļĄāļŠāļēāļ„āļąāļāļŦāļĢāļ·āļ­āļāļēāļĢāđ„āļĄāđˆāļŠāđˆāļ‡ packet āđƒāļ™āļāļēāļĢāļĢāļ°āļšāļļāđƒāļŦāđ‰āļ•āļĢāļ‡āļāļąāļš rules āļ‚āļ­āļ‡ network devices āļ—āļĩāđˆāļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļš packets āļ™āļąāđ‰āļ™āļŦāļĨāļąāļ‡āļˆāļēāļāļ•āļĢāļ§āļˆāļŠāļ­āļšāđāļĨāđ‰āļ§āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĒāļ­āļĄāļĢāļąāļšāļŦāļĢāļ·āļ­āđ„āļĄāđˆ āļĒāļ­āļĄāļĢāļąāļšāđƒāļŦāđ‰āļĄāļĩāļŠāđˆāļ‡āļœāđˆāļēāļ™āļ™āļąāđ‰āļ™āļˆāļ°āļ•āļĢāļ§āļˆāļŠāļ­āļšāļœāđˆāļēāļ™āļĢāļđāļ›āđāļšāļšāļ‚āļ­āļ‡ policy āļāļēāļĢāļ—āļēāļ‡āļēāļ™āļ‚āļ­āļ‡ ACL āļˆāļ°āđƒāļŠāđ‰āđ€āļ„āļĢāļ·āđˆāļ­āļ‡āļĄāļ·āļ­āđƒāļ™āļāļēāļĢāļ•āļĢāļ§āļˆāļŠāļ­āļšāļ•āļēāļĄāļĢāļđāļ›āđāļšāļš āļ™āļĩāđ‰ āļ‹āļĩāđˆāļ‡ data packet āļ—āļĩāđˆāļ•āļĢāļ‡āļāļąāļš rulesāļ–āļķāļ‡āļˆāļ°āđ„āļ›āļ•āļĢāļ§āļˆāļŠāļ­āļšāļāļąāļš ACLāđ„āļ”āđ‰ āļŠāđˆāļ§āļ™āļ–āđ‰āļēāļĄāļĩāļāļēāļĢāđƒāļŠāđ‰āđƒāļ™āļĢāļđāļ›āđāļšāļšāļ­āļ·āđˆāļ™āļˆāļ°āđ€āļ›āđ‡āļ™āđƒāļ™āļŠāđˆāļ§āļ™ traffic classification āđ€āļŠāđˆāļ™āļāļēāļĢāļ—āļē traffic classification āļ‚āļ­āļ‡ QoS.
  • 132. 133 â€Ē āļŠāļēāļŦāļĢāļąāļš basic ACL statementsāļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļˆāļēāļ source address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™ āļ–āđ‰āļē wildcards āļ•āļĢāļ‡āļāļąāļ™ āļ–āļķāļ‡āļˆāļ°āļ—āļēāļāļēāļĢāļāļēāļŦāļ™āļ”āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āđƒāļ™āļĨāļēāļ”āļąāļšāļ•āđˆāļ­āđ„āļ› â€Ē āļŠāļēāļŦāļĢāļąāļš ACL based āđƒāļ™āļāļēāļĢāļ—āļē interface filter āļˆāļ°āļ—āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ rule āļ—āļĩāđˆāļˆāļ°āļāļēāļŦāļ™āļ”āđƒāļ™āļŠāđˆāļ§āļ™āļ—āđ‰āļēāļĒāļ‚āļ­āļ‡āļĢāļēāļĒāļāļēāļĢ āļ‚āļ“āļ°āļ—āļĩāđˆ āđƒāļ™āļŠāđˆāļ§āļ™āļ­āļ·āđˆāļ™āļāđ‡āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļ•āļēāļĄāļĨāļēāļ”āļąāļš â€Ē āļŠāļēāļŦāļĢāļąāļš advanced ACL āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāļˆāļēāļ source address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāđ€āļ›āđ‡āļ™āļ­āļąāļ™āļ”āļąāļšāđāļĢāļ āļ‹āļķāđˆāļ‡āļ–āđ‰āļē āļ•āļĢāļ‡āļāļąāļ™āļˆāļ°āđ„āļ›āļžāļīāļˆāļēāļĢāļ“āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ destination address wildcards āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļ­āļĩāļāļ„āļĢāļąāđ‰āļ‡ āļŠāļēāļŦāļĢāļąāļš destination address wildcards āļ—āļĩāđˆāļ•āļĢāļ‡āļāļąāļ™āļāđ‡āļˆāļ°āļžāļīāļˆāļēāļĢāļ“āļēāđƒāļ™āļŠāđˆāļ§āļ™āļ‚āļ­āļ‡ ranges of port numbers āļĄāļēāđ€āļ›āļĢāļĩāļĒāļšāđ€āļ—āļĩāļĒāļšāļāļąāļ™āđƒāļ™āļĢāļēāļĒāļāļēāļĢāļ‹āļķāđˆāļ‡ āļ–āđ‰āļē port numbers āļ•āļĢāļ‡āļāļąāļ™āđƒāļ™ range āļāđ‡āļˆāļ°āļĄāļĩāļāļēāļĢāļžāļīāļˆāļēāļĢāļ“āļēāļ•āļĢāļ§āļˆāļŠāļ­āļšāļ•āđˆāļ­āđ„āļ› The specific 3Com ACL
  • 133. 134 With L2 ACL configuration, during the time range from 8:00 to 18:00 everyday the switch filters the packets with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303 (configuring at the port GigabitEthernet2/1/1 to the switch.) MAC 00e0-fc01-0303 MAC 00e0-fc01-0101 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” L2 ACL
  • 134. 135 1. Define the time range from 8:00 to 18:00. [Sysname]time-range 3com 8:00 to 18:00 daily 2. Define the traffic with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303.Create a name-based L2 ACL “4000" and enter it. [Sysname]acl number 4000 Define ACL rule for the traffic with source MAC 00e0-fc01-0101 and destination MAC 00e0-fc01-0303. [Sysname-acl-link-traffic-of-link]rule 1 deny source 00e0-fc01-0101 0-0-0 destination 00e0-fc01-0303 0-0-0 time-range 3com 3. Activate the ACL "traffic-of-host". [Sysname-GigabitEthernet2/1/1]packet-filter inbound link-group 4000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” L2 ACL
  • 135. 136 1. Define the time range from 8:00 to 18:00. [Sysname]time-range 3com 8:00 to 18:00 working-day 2. Define inbound traffic to the wage server. Create a name-based advanced ACL "traffic-of-payserver" and enter it. [Sysname]acl number 3000 Define ACL rule for other departments. [Sysname-acl-adv-traffic-of-payserver]rule 1 deny ip source any destination 129.110.1.2 0.0.0.0 time-range 3com Define an ACL rule for CEO's office. [Sysname-acl-adv-traffic-of-payserver]rule 2 permit ip source 129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0 3. Activate the ACL "traffic-of-payserver". [Sysname-GigabitEthernet2/1/1]packet-filter inbound ip- group 3000 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” advanced ACL
  • 136. 137 āļŠāļ§āļīāļ•āļŠāđŒāļĢāļ­āļ‡āļĢāļąāļšāļĢāļđāļ›āđāļšāļšāđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļ„āđˆāļē āđ„āļ”āđ‰ 3 āļĢāļđāļ›āđāļšāļšāļ„āļ·āļ­ SNMP (Simple Network Management Protocol) access, Telnet access āđāļĨāļ° HTTP (Hypertext Transfer Protocol) access āļŠāđˆāļ§āļ™āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄāļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāļˆāļ°āđāļšāđˆāļ‡āđ€āļ›āđ‡āļ™ 2 levels: Connection request control āļˆāļ°āđ€āļ›āđ‡āļ™levelāđāļĢāļ āđƒāļ™āļāļēāļĢāļ„āļ§āļĄāļ„āļļāļĄāđāļĨāļ°āļāļēāļĢāļāļēāļŦāļ™āļ” ACL configuration āđ€āļžāļ·āđˆāļ­āđƒāļŦāđ‰āđāļ™āđˆāđƒāļˆāļ§āđˆāļē users āļ—āļĩāđˆāļŠāļēāļĄāļēāļĢāļ–āđ€āļ‚āđ‰āļēāļĄāļēāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļ•āļŠāđŒāđ„āļ”āđ‰ āļŠāđˆāļ§āļ™āļāļēāļĢāļ—āļē Password authentication āļˆāļ°āđ€āļ›āđ‡āļ™level āļ—āļĩāđˆ 2 āđāļĨāļ°āđƒāļŠāđ‰āđ€āļ‰āļžāļēāļ°āđƒāļ™āļāļēāļĢāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āđ€āļ—āđˆāļēāļ™āļąāđ‰āļ™ āļ‹āļķāđˆāļ‡āļ–āđ‰āļēāđ€āļ›āđ‡āļ™ passwordsāļ—āļĩāđˆāļ–āļđāļāļ•āđ‰āļ­āļ‡āļāđ‡āļˆāļ°āļŠāļēāļĄāļēāļĢāļ– log on āđ€āļ‚āđ‰āļēāđ„āļ›āļāļēāļŦāļ™āļ”āļŠāļ§āļīāļ•āļŠāđŒāđ„āļ”āđ‰ ACL Control switch support
  • 137. 138 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš Telnet Users Operation Command Enter basic ACL (System View) acl number acl_number match-order { config | auto } Define a sub-rule (Basic ACL View) Delete a sub-rule (Basic ACL View) rule [ rule-id ] { permit | deny } [ source { source_addr wildcard | any } | fragment | logging | time-range name ]* undo rule rule_id [ source | fragment | logging | time- range ]* Delete an ACL or all ACLs (System View) undo acl { number acl_number | all } Enter user interface view (System View) user-interface [ type ] first_number [ last_number ] Import the ACL (User Interface View) acl acl_number { inbound | outbound } Currently only number-based ACLs can be imported, with the number ranging from 2000 to 3999.
  • 138. 139 Only the Telnet users from 10.110.100.52 and 10.110.100.46 can access the Switch. Configuration Procedure 1. Define a basic ACL. [Sysname]acl number 2000 match-order config [Sysname-acl-basic-2000]rule 1 permit source 10.110.100.52 0 [Sysname-acl-basic-2000]rule 2 permit source 10.110.100.46 0 [Sysname-acl-basic-2000]quit 2. Import the ACL. [Sysname]user-interface vty 0 4 [Sysname-ui-vty0-4]acl 2000 inbound āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢ Telnet
  • 139. 140 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš SNMP Users Operation Command Import the defined ACL into the commands with SNMP community configured snmp-agent community { read | write } community_name [ [ mib-view view_name ] | [ acl acl_number ] ]* Import the defined ACL into the commands with SNMP group name configured snmp-agent group { v1 | v2c } group_name [ read-view read_view ] [ write-view write_view ] [ notify-view notify_view ] [ acl acl-number ] snmp-agent group v3 group_name [ authentication | privacy ] [ read-view read_view ] [ write-view write_view ] [ notify-view notify_view ] [ acl acl_number ] Import the defined ACL into the commands with SNMP username configured snmp-agent usm-user { v1 | v2c } user_name group_name [ acl acl_number ] snmp-agent usm-user v3 user_name group_name [ authentication-mode { md5 | sha } auth_password ] [ privacy-mode des56 priv_password ] [ acl acl_number ] â€Ē SNMP community is one of the features of SNMP v1 and SNMP v2, so you import the ACL into the commands with SNMP community configured, for the SNMP V1 and SNMP V2. â€Ē SNMP username or group name is one of the features of SNMP V2 and above, therefore you import the ACL into the commands with SNMP username or group name configured, for the SNMP V2 and above. If you import the ACL into both features, the Switch will filter both features for the users.
  • 140. 141 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” ACL āļŠāļēāļŦāļĢāļąāļš SNMP Users Only SNMP server from 10.110.100.52 can access the Switch. Configuration Procedure 1. Define a basic ACL. [Sysname]acl number 2000 match-order config [Sysname-acl-baisc-2000]rule 1 permit source 10.110.100.52 0 [Sysname-acl-baisc-2000]quit 2. Import the ACL. [Sysname]snmp-agent community read 3Com acl 2000 [Sysname]snmp-agent group v2c 3Comgroup acl 2000 [Sysname]snmp-agent usm-user v2c 3Comuser 3Comgroup acl 2000 snmp_server 10.110.100.52
  • 141. 142 āļāļēāļĢāļāļēāļŦāļ™āļ” ACL Control āļ‚āļ­āļ‡ HTTP Users â€ĒāļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļĢāļ­āļ‡āļĢāļąāļšāļāļēāļĢāļ—āļē remote management āļœāđˆāļēāļ™ Web interface āđ‚āļ”āļĒ users āļŠāļēāļĄāļēāļĢāļ–āđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ āļœāđˆāļēāļ™ HTTP āļ‹āļķāđˆāļ‡āļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ” ACL āļĄāļēāļŠāđˆāļ§āļĒāđƒāļ™āļāļēāļĢāļāļĢāļ­āļ‡ users āđāļĨāļ°āļ›āđ‰āļ­āļ‡āļāļąāļ™āļāļēāļĢāđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ āļŦāļĨāļąāļ‡āļˆāļēāļ āļāļēāļŦāļ™āļ”āļāļēāļĢāļ„āļ§āļšāļ„āļļāļĄ users āļœāđˆāļēāļ™ ACL āļŠāļ§āļīāļ•āļŠāđŒāļˆāļ°āļāļēāļŦāļ™āļ”āđƒāļŦāđ‰āļĄāļĩāļāļēāļĢāđƒāļŠāđ‰ Web user āđāļ„āđˆāļ„āļĢāļąāđ‰āļ‡āđ€āļ”āļĩāļĒāļ§āđƒāļ™āļāļēāļĢāđ€āļ‚āđ‰āļēāļ–āļķāļ‡āļŠāļ§āļīāļ•āļŠāđŒ Operation Command Call an ACL to control the WEB NM users. ip http acl acl_number Cancel the ACL control function. undo ip http acl
  • 142. 143 Only permit Web NM user from 10.110.100.46 access Switch. Configuration Procedure 1. Define the basic ACL. [Sysname]acl number 2030 match-order config [Sysname-acl-basic-2030]rule 1 permit source 10.110.100.46 0 [Sysname-acl-basic-2030]quit 2. Call the basic ACL. [Sysname]ip http acl 2030 10.110.100.46 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļāļēāļĢāļāļēāļŦāļ™āļ” ACL Control āļ‚āļ­āļ‡ HTTP Users
  • 143. 144 Cluster Vlan 1 Vlan 2 Vlan 1 Vlan 1 Vlan 2 Vlan trunk 1,2 Vlan 4Vlan 3 Vlan trunk 1,2
  • 145. 146 Stacking and clustering are industry terms that are often used interchangeably but which technically are distinct. Here is how 3Com defines these terms: Stacking is a technology allowing multiple discrete units to be grouped together with the broad benefits of simplified administration, scalable and economical growth, and high resiliency for the collection of units in the stack. Clustering is a simplified variation of stacking which focuses on the benefit of simplified administration. As with stacking, there is grouping of discrete units, but as compared with true stacking, there are fewer capabilities that extend across units. As a result, there are limited scalability and resiliency benefits. About Stacking and Clustering
  • 146. 147 Clustering and Stacking with 3Com Products 3Com Clustering 3Com Traditional Stacking 3Com XRN Stacking Devices 4210, 4200G, 4500,.4500G, 5500,5500G 4400, 5500-SI, 4500, 3870 5500-EI, 5500G-EI Dedicated bandwidth No Yes Yes Layer 2 Yes Yes Yes Layer 3 No No Yes Stack/Cluster Resiliency No Yes Yes Mix of families Yes No No One mgmt point of contact Yes Yes Yes Single IP Yes Yes Yes Link Aggregation across units No Yes Yes
  • 147. 148 Configuration Procedure 1. Configure the management device. Enable the cluster function. [3Com] cluster enable Enter cluster view. [3Com] cluster [3Com-cluster] Configure an IP address pool for the cluster. The IP address pool contains six IP addresses, starting from 172.16.0.1. [3Com-cluster] ip-pool 172.16.0.1 255.255.255.248 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” Cluster management
  • 148. 149 Specify a name for the cluster and create the cluster. [3Com-cluster] build aaa [aaa_0.3Com-cluster] Configure the holdtime of the member device information to be 100 seconds. [aaa_0.3Com-cluster] holdtime 100 Configure the interval to send handshake packets to be 10 seconds. [aaa_0.3Com-cluster] timer 10 2. Configure the member devices Enable the cluster function. [3Com] cluster enable Upon the completion of the above configurations, you c cluster switch-to { member-num | mac-address H-H-H } command on the management device to switch to member device view to maintain and manage a member device. You can then execute the cluster switch-to administrator command to resume the management device view. āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļēāļŦāļĢāļąāļšāļāļēāļĢāļāļēāļŦāļ™āļ” Cluster management
  • 150. 151 Operation Command Display the information about directoriesor files dir [ / all ] [ file-url ] Copy a file copy fileurl-source fileurl-dest Delete a file from the recycle bin permanently reset recycle-bin file-url Delete a file Undelete a file delete [ /unreserved ] file-url undelete file-url Format the storage device format filesystem Display the saved-configuration information of the Switch display saved-configuration Display the current-configuration information of the Switch display current-configuration [ controller | interface interface-type [ interface-number ] | configuration [ configuration ] ] [ | { begin | exclude | include } regular-expression ] Save the current-configuration save [ file-name | safely ] Erase configuration files from Flash Memory reset saved-configuration Move a file move fileurl-source fileurl-dest āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡ File Operation
  • 151. 152 FTP Overview FTP āđ€āļ›āđ‡āļ™āļ§āļīāļ˜āļĩāđƒāļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļšāļ™ Internet āđāļĨāļ° IP network āļ‹āļķāđˆāļ‡āļāđˆāļ­āļ™āļ—āļĩāđˆāļˆāļ°āļĄāļĩāļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™ World Wide Web (WWW) āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļ—āļēāđ„āļ”āđ‰āđƒāļ™ command line mode āđāļĨāļ° FTP āļāđ‡āđ€āļ›āđ‡āļ™āļ§āļīāļ˜āļĩāļāļēāļĢāļ—āļĩāđˆāļ™āļīāļĒāļĄāđƒāļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāđƒāļ™āļ‚āļ“āļ°āļ™āļąāđ‰āļ™ āļˆāļ™āļāļĢāļ°āļ—āļąāđˆāļ‡āļ›āļąāļˆāļˆāļļāļšāļąāļ™āļˆāļ°āđ€āļ›āļĨāļĩāļĒāļ™āđ€āļ›āđ‡āļ™āļāļēāļĢāļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāļœāđˆāļēāļ™ email āđāļĨāļ° Web āđāļ—āļ™ āļŠāļ§āļīāļ•āļŠāđŒāļŠāļēāļĄāļēāļĢāļ–āļāļēāļŦāļ™āļ”āļāļēāļĢāļ—āļē FTP services āđ„āļ”āđ‰: - FTP server: āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļ™āđ‚āļ›āļĢāđāļāļĢāļĄ FTP client āđƒāļ™āļāļēāļĢlog in āđ„āļ›āļ—āļĩāđˆ server āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒ āđ„āļ”āđ‰ - FTP client: āļŦāļĨāļąāļ‡āļˆāļēāļāđ€āļŠāļ·āđˆāļ­āļĄāļ•āđˆāļ­āļāļąāļš serverāļœāđˆāļēāļ™āļāļēāļĢāļĢāļąāļ™āđ‚āļ›āļĢāđāļāļĢāļĄ terminal emulator āļŦāļĢāļ·āļ­ Telnet āļˆāļ°āļŠāļēāļĄāļēāļĢāļ–āļĢāļąāļšāļŠāđˆāļ‡āđ„āļŸāļĨāđŒāđ‚āļ”āļĒāđƒāļŠāđ‰ FTP command. ftp protocol
  • 152. 153 Operation Command Enable the FTP server Disable the FTP server ftp server enable undo ftp server Create new local user and enter local User View (System View) local-user username Delete local user (System View) undo local-user [ username | all [ service-type ftp ] ] Configure password for local user (Local User View) password [ cipher | simple ] password Configure service type for local user (Local User View) service-type ftp ftp-directory directory Configure FTP server connection timeouts ftp timeout minute By default, the FTP server connection timeout is 30 minutes. Display FTP server Display the connected FTP users. display ftp-server display ftp-user āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server
  • 153. 154 āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server FTP Server Configuration Example â€ĒThe Switch serves as FTP server and the remote PC as FTP client. The configuration on FTP server: Configure a FTP user named as Switch, with password hello and with read and write authority over the flash root directory on the PC. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 1.1.1.2. The Switch and PC are reachable. â€ĒThe Switch application switch.app is stored on the PC. Using FTP, the PC can upload the switch.app from the remote FTP server and download the config.cfg from the FTP server for backup purpose. ftp client 1.1.1.2 ftp server 1.1.1.1
  • 154. 155 1. Configure the Switch Log into the Switch (locally through the Console port or remotely using Telnet). <Sysname> 2. Start FTP function and set username, password and file directory. [Sysname]ftp server enable [Sysname]local-user switch [Sysname-luser-switch]service-type ftp ftp-directory flash: [Sysname-luser-switch]password simple hello 3. Run FTP client on the PC and establish FTP connection. Upload the switch.app to the Switch under the Flash directory and download the config.cfg from the Switch. FTP client is not shipped with the Switch, so you need to buy it separately. 4. When the uploading is completed, initiate the file upgrade on the Switch. <Sysname> Use the boot boot-loader command to specify the downloaded program as the application at the next login and reboot the Switch. <Sysname> boot boot-loader switch.app <Sysname> reboot āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Server
  • 155. 156 āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Client â€Ē on the PC. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 1.1.1.2. The Switch and PC are reachable. â€Ē The Switch application switch.app is stored on the PC. Using FTP, the Switch can downloadthe switch.app from the remote FTP server and upload the config.cfg to the FTP server under the Switch directory for backup purpose. Configuration Procedure 1. Configure the FTP server parameters on the PC: a user named as Switch, password hello, read and write authority over the Switch directory on the PC. 2. Configure the Switch Log into the Switch (locally through the Console port or remotely using Telnet). <Sysname> <Sysname> ftp 2.2.2.2 Trying ... Press CTRL+K to abort Connected. 220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user User(none):switch 331 Give me your password, please Password:***** 230 Logged in successfully [ftp]
  • 156. 157 3. Type in the authorized directory of the FTP server. [ftp]cd switch 4. Use the put command to upload the config.cfg to the FTP server. [ftp]put config.cfg 5. Use the get command to download the switch.app from the FTP server to the flash directory on the FTP server. [ftp]get switch.app 6. Use the quit command to release FTP connection and return to User View. [ftp]quit <Sysname> 7. Use the boot boot-loader command to specify the downloaded program as the application at the next login and reboot the Switch. <Sysname> boot boot-loader switch.app <Sysname> reboot āļ•āļąāļ§āļ­āļĒāđˆāļēāļ‡āļŠāļļāļ”āļ„āļēāļŠāļąāđˆāļ‡āđƒāļ™āļāļēāļĢāļāļēāļŦāļ™āļ”āļŠāļ§āļīāļŠāļŠāđŒāđ€āļ›āđ‡āļ™ FTP Client
  • 157. 158 TFTP Client Configuration Example â€ĒThe Switch serves as TFTP client and the remote PC as TFTP server. Authorized TFTP directory is set on the TFTP server. The IP address of a VLAN interface on the Switch is 1.1.1.1, and that of the PC is 2.2.2.2. The interface on the Switch connecting the PC belong to the same VLAN. Run TFTP server IP 1.1.1.2 â€ĒThe Switch application switch.app is stored on the PC. Using TFTP, the Switch can download the switch.app from the remote TFTP server and upload the config.cfg to the TFTP server under the Switch directory for backup purpose. IP 1.1.1.1 āļāļēāļĢ Download Files āđ‚āļ”āļĒāđƒāļŠāđ‰ TFTP