Switch with 10G Uplink
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
2/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
List of Contents 1 BASIC CONFIGURATION GUIDE
.................................................... 16
1.1 Configuring System
Management..............................................................16
1.1.1 Overview
.........................................................................................16
1.1.2 Configuring a Message-of-the-Day Login Banner
...................................16 1.1.3 Configuring a Login
Banner
................................................................16
1.1.4 Configuring an Exec Banner
...............................................................17
1.1.5 Validation Commands
........................................................................17
1.3 Configuring FTP
......................................................................................19
1.3.1 Overview
.........................................................................................19
1.3.2 IPv4 Configurations
...........................................................................19
1.3.3 IPv6 Configurations
...........................................................................21
2.1.1 Overview
.........................................................................................26
2.1.2 Configuration
...................................................................................26
2.1.3 Validation
........................................................................................27
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
3/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
2.5.4 Configuring Temperature
...................................................................44
2.5.5 Configuring Fan
................................................................................44
2.5.6 Configuring Power
.............................................................................45
2.5.7 Configuring Transceiver
.....................................................................45
2.5.8 Upgrade bootrom
..............................................................................47
2.5.9 Upgrade EPLD
..................................................................................47
3.1.1 Overview
.........................................................................................55
3.1.2 Configuring Interface State
................................................................55
3.1.3 Configuring Interface Speed
...............................................................55
3.1.4 Configuring Interface Duplex
..............................................................56
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
4/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
3.6.2 Configurations
..................................................................................72
3.6.3 Validation
........................................................................................73
3.12 Configuring Layer 2 Protocols Tunneling
....................................................96 3.12.1
Overview
.........................................................................................96
3.12.2 Tunnel Designed Layer2 Protocol Packets
.............................................96 3.12.3 Tunnel
Configured Layer2 Protocol Packets
..........................................99
3.13 Configuring MSTP
.................................................................................
101 3.13.1 Overview
.......................................................................................
101 3.13.2 Topology
.......................................................................................
102 3.13.3 Configurations
................................................................................
102 3.13.4 Validation
......................................................................................
104
3.14 Configuring MLAG
.................................................................................
108 3.14.1 Overview
.......................................................................................
108 3.14.2 Topology
.......................................................................................
108 3.14.3 Configuration MLAG
........................................................................
108 3.14.4 Validation
......................................................................................
110
4 IP ROUTING CONFIGURATION GUIDE
........................................ 113 4.1 Configuring IP
Unicast-Routing
...............................................................
113
4.1.1 Overview
.......................................................................................
113 4.1.2 Topology
.......................................................................................
113 4.1.3 Configuration
.................................................................................
113 4.1.4 Validation
......................................................................................
115
4.2 Configuring RIP
....................................................................................
116 4.2.1 Overview
.......................................................................................
116 4.2.2 Enabling RIP
..................................................................................
117 4.2.3 Configuring The RIP Version
............................................................. 120
4.2.4 Configuring Metric Parameters
.......................................................... 122
4.2.5 Configuring the Administrative Distance
............................................ 124 4.2.6 Configuring
Redistribution
................................................................
127 4.2.7 Configuring Split-horizon Parameters
................................................ 130
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
5/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
4.2.8 Configuring Timers
..........................................................................
131 4.2.9 Configuring RIP Route Distribute Filters
............................................. 132 4.2.10
Configuring RIPv2 authentication (single key)
.................................... 134 4.2.11 Configuring RIPv2
MD5 authentication (multiple keys) .........................
136
4.3 Configuring OSPF
..................................................................................
139 4.3.1 Overview
.......................................................................................
139 4.3.2 References
.....................................................................................
140 4.3.3 Basic OSPF Parameters Configuration
................................................ 140 4.3.4 Enabling
OSPF on an Interface
......................................................... 141 4.3.5
Configuring Priority
.........................................................................
142 4.3.6 Configuring OSPF Area Parameters
................................................... 144 4.3.7
Redistributing Routes into OSPF
........................................................ 148 4.3.8
OSPF Cost
......................................................................................
153 4.3.9 OSPF Authentication
........................................................................
157 4.3.10 Monitoring OSPF
.............................................................................
162
4.4 Configuring Prefix-list
............................................................................
163 4.4.1 Overview
.......................................................................................
163 4.4.2 Basic Configuration
.........................................................................
163 4.4.3 Used by rip
....................................................................................
164 4.4.4 Used by Route-map
........................................................................
164
4.5 Configuring Ipv6 Prefix-list
....................................................................
166 4.5.1 Overview
.......................................................................................
166 4.5.2 Basic Configuration
.........................................................................
166 4.5.3 Used by RIPng
................................................................................
167 4.5.4 Used by Route-map
........................................................................
168
4.6 Configuring Route Map
..........................................................................
169 4.6.1 Overview
.......................................................................................
169 4.6.2 Configuring Route-map To OSPF
....................................................... 169 4.6.3
Configuring Route-map And Applying To BGP
..................................... 170
4.7 Configure Policy-Based Routing
.............................................................. 172
4.7.1 Overview
.......................................................................................
172 4.7.2 Topology
.......................................................................................
172 4.7.3 Configuration
.................................................................................
172 4.7.4 Validation
......................................................................................
173
5 IP SERVICE CONFIGURATION GUIDE
......................................... 174 5.1 Configuring ARP
...................................................................................
174
5.1.1 Overview
.......................................................................................
174 5.1.2 Configuring ARP
..............................................................................
174 5.1.3 Validation commands
......................................................................
175
5.2 Configuring Proxy ARP
...........................................................................
176 5.2.1 Overview
.......................................................................................
176 5.2.2 Configuring ARP Proxy
.....................................................................
177 5.2.3 Configuring Local ARP Proxy
.............................................................
180
5.3 Configuring DHCP Client
........................................................................
183 5.3.1 Overview
.......................................................................................
183 5.3.2 Topology
.......................................................................................
184 5.3.3 Configuration
.................................................................................
184 5.3.4 Validation
......................................................................................
184
5.4 Configuring DHCP
Relay.........................................................................
185 5.4.1 Overview
.......................................................................................
185 5.4.2 Topology
.......................................................................................
185 5.4.3 Configuration
.................................................................................
186 5.4.4 Validation
......................................................................................
187
5.5 Configuring DNS
...................................................................................
188
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
6/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
5.5.1 Overview
.......................................................................................
188 5.5.2 Topology
.......................................................................................
188 5.5.3 Configurations
................................................................................
188 5.5.4 Validation
......................................................................................
189
6 NETWORK MANAGEMENT CONFIGURATION GUIDE .................... 190
6.1 Configuring Network Diagnosis
...............................................................
190
6.1.1 Overview
.......................................................................................
190 6.1.2 Configurations
................................................................................
190 6.1.3 Validation
......................................................................................
191
6.2 Configuring
NTP....................................................................................
191 6.2.1 Overview
.......................................................................................
191 6.2.2 Topology
.......................................................................................
192 6.2.3 Configurations
................................................................................
192 6.2.4 Validation
......................................................................................
194
6.3 Configuring Phy Loopback
......................................................................
195 6.3.1 Overview
.......................................................................................
195 6.3.2 Configuring external phy loopback
.................................................... 195 6.3.3
Configuring internal phy loopback
..................................................... 196 6.3.4
Configuring port level loopback
......................................................... 196 6.3.5
Validation
......................................................................................
197 6.3.6 Configure L2 ping
...........................................................................
197
6.4 Configuring RMON1
...............................................................................
198 6.4.1 Overview
.......................................................................................
198 6.4.2 Topology
.......................................................................................
199 6.4.3 Configuration
.................................................................................
199 6.4.4 Validation
......................................................................................
199
6.5 Configuring SNMP
.................................................................................
200 6.5.1 Overview
.......................................................................................
200 6.5.2 References
.....................................................................................
201 6.5.3 Terminology
...................................................................................
201 6.5.4 Topology
.......................................................................................
201 6.5.5 Configuring Enable SNMP
.................................................................
202 6.5.6 Configuring community string
........................................................... 202
6.5.7 Configuring SNMPv3 Groups, Users and Accesses
............................... 203 6.5.8 Configuring SNMPv1 and
SNMPv2 notifications ................................... 203 6.5.9
Configuring SNMPv3 notifications
...................................................... 204
6.6 Configuring SFLOW
...............................................................................
205 6.6.1 Overview
.......................................................................................
205 6.6.2 Terminology
...................................................................................
205 6.6.3 Topology
.......................................................................................
205 6.6.4 Configurations
................................................................................
205 6.6.5 Validation
......................................................................................
206
6.7 Configuring LLDP
..................................................................................
207 6.7.1 Overview
.......................................................................................
207 6.7.2 Terminology
...................................................................................
207 6.7.3 Topology
.......................................................................................
207 6.7.4 Configurations
................................................................................
207 6.7.5 Validation
......................................................................................
208
7 SECURITY CONFIGURATION GUIDE
............................................ 210 7.1 Configuring
Port Security
.......................................................................
210
7.1.1 Overview
.......................................................................................
210 7.1.2 Topology
.......................................................................................
210 7.1.3 Configurations
................................................................................
210 7.1.4 Validation
......................................................................................
211
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
7/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
7.2 Configuring Vlan Security
......................................................................
211 7.2.1 Overview
.......................................................................................
211 7.2.2 Configuring vlan mac-limit
............................................................... 212
7.2.3 Configuring vlan mac learning
.......................................................... 212
7.2.4 Validation
......................................................................................
213
7.3 Configuring Time Range
........................................................................
213 7.3.1 Overview
.......................................................................................
213 7.3.2 Configuration
.................................................................................
213 7.3.3 Validation
......................................................................................
213
7.4 Configuring ACL
....................................................................................
214 7.4.1 Overview
.......................................................................................
214 7.4.2 Terminology
...................................................................................
214 7.4.3 Limitation
......................................................................................
214 7.4.4 Configuration
.................................................................................
214 7.4.5 Validation
......................................................................................
216
7.5 Configuring Extend ACL
.........................................................................
217 7.5.1 Overview
.......................................................................................
217 7.5.2 Terminology
...................................................................................
217 7.5.3 Topology
.......................................................................................
218 7.5.4 Configuration
.................................................................................
218 7.5.5 Validation
......................................................................................
219
7.6 Configuring Dot1x
.................................................................................
220 7.6.1 Overview
.......................................................................................
220 7.6.2 Topology
.......................................................................................
221 7.6.3 Configuration
.................................................................................
221 7.6.4 Validation
......................................................................................
226
7.7 Configuring Guest VLAN
........................................................................
227 7.7.1 Overview
.......................................................................................
227 7.7.2 Topology
.......................................................................................
228 7.7.3 Configuration
.................................................................................
229 7.7.4 Validation
......................................................................................
230
7.8 Configuring Arp Inspection
.....................................................................
233 7.8.1 Overview
.......................................................................................
233 7.8.2 Terminology
...................................................................................
234 7.8.3 Topology
.......................................................................................
234 7.8.4 Configurations
................................................................................
235 7.8.5 Validation
......................................................................................
236
7.9 Configuring DHCP Snooping
...................................................................
237 7.9.1 Overview
.......................................................................................
237 7.9.2 Topology
.......................................................................................
238 7.9.3 Configuration
.................................................................................
238 7.9.4 Validation
......................................................................................
239
7.10 Configuring IP Source Guard
..................................................................
240 7.10.1 Overview
.......................................................................................
240 7.10.2 Terminology
...................................................................................
241 7.10.3 Topology
.......................................................................................
241 7.10.4 Configuration
.................................................................................
241 7.10.5 Validation
......................................................................................
243
7.11 Configuring RADIUS Authentication
......................................................... 243
7.11.1 Overview
.......................................................................................
243 7.11.2 Topology
.......................................................................................
243 7.11.3 Configuration
.................................................................................
243 7.11.4 Validation
......................................................................................
246 7.11.5 Display Results
...............................................................................
247
7.12 Configuring Tacacs+
.............................................................................
247
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
8/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
7.12.1 Overview
.......................................................................................
247 7.12.2 Topology
.......................................................................................
247 7.12.3 Configuration Steps
.........................................................................
248 7.12.4 Configuration TACACS+ Server
......................................................... 248
7.12.5 Validation
......................................................................................
249 7.12.6 Display Results
...............................................................................
250
7.13 Configuring Port Isolate
.........................................................................
250 7.13.1 Overview
.......................................................................................
250 7.13.2 Topology
.......................................................................................
250 7.13.3 Configuration
.................................................................................
250 7.13.4 Validation
......................................................................................
251
7.14 Configuring DDOS
.................................................................................
252 7.14.1 Overview
.......................................................................................
252 7.14.2 Topology
.......................................................................................
252 7.14.3 Configuration
.................................................................................
252 7.14.4 Validation
......................................................................................
254
7.15 Configuring Key Chain
...........................................................................
255 7.15.1 Overview
.......................................................................................
255 7.15.2 Configurations
................................................................................
255 7.15.3 Validation
......................................................................................
256
8 TRAFFIC MANAGEMANT CONFIGURATION GUIDE .......................
257 8.1 Configuring QoS
...................................................................................
257
8.1.1 Overview
.......................................................................................
257 8.1.2 Terminology
...................................................................................
257 8.1.3 Configuration Guidelines
..................................................................
262 8.1.4 Topology
.......................................................................................
262 8.1.5 Configurations
................................................................................
262 8.1.6 Enable QoS
....................................................................................
262 8.1.7 Configure egress queue
...................................................................
263 8.1.8 Configure shaping
...........................................................................
270 8.1.9 Configure Policy
..............................................................................
274 8.1.10 Configure QoS Mapping tables
..........................................................
280
9 MULTICAST CONFIGURATION GUIDE
......................................... 301 9.1 Configuring IP
Multicast-Routing
.............................................................
301
9.1.1 Overview
.......................................................................................
301 9.1.2 Configuration
.................................................................................
301 9.1.3 Validation
......................................................................................
301
9.2 Configuring IGMP
..................................................................................
302 9.2.1 Overview
.......................................................................................
302 9.2.2 References
.....................................................................................
302 9.2.3 Configuration
.................................................................................
302 9.2.4 Validation
......................................................................................
304
9.3 Configuring PIM-SM
..............................................................................
305 9.3.1 Overview
.......................................................................................
305 9.3.2 References
.....................................................................................
305 9.3.3 Terminology
...................................................................................
305 9.3.4 Configuring General PIM Sparse-mode
.............................................. 309 9.3.5
Configuring RP dynamically
.............................................................. 312
9.3.6 Configuring Boostrap Router
............................................................ 315
9.3.7 Configuring PIM-SSM
feature............................................................
317
9.4 Configuring IGMP Snooping
....................................................................
318 9.4.1 Overview
.......................................................................................
318 9.4.2 Enable Globally Or Per Vlan
.............................................................. 318
9.4.3 Configuring Fast Leave
....................................................................
319
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
9/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
9.4.4 Configuring Querior Parameters
........................................................ 320 9.4.5
Configuring Mrouter Port
..................................................................
321 9.4.6 Configuring Querier Tcn
...................................................................
322 9.4.7 Configuring Report Suppression
........................................................ 323 9.4.8
Configuring Static group
..................................................................
323 9.4.9 Limitations And Configuration Guidelines
........................................... 324
9.5 Configuring MVR
...................................................................................
324 9.5.1 Overview
.......................................................................................
324 9.5.2 Terminology
...................................................................................
325 9.5.3 Topology
.......................................................................................
325 9.5.4 Configurations
................................................................................
325 9.5.5 Validation
......................................................................................
327
10 IPV6 MULTICAST CONFIGURATION GUIDE
................................. 329 10.1 Configuring IPv6
Multicast-Routing
......................................................... 329
10.1.1 Overview
.......................................................................................
329 10.1.2 Configuration
.................................................................................
329 10.1.3 Validation
......................................................................................
329
10.2 Configuring MLD
...................................................................................
330 10.2.1 Overview
.......................................................................................
330 10.2.2 References
.....................................................................................
330 10.2.3 Configuration
.................................................................................
330 10.2.4 Validation
......................................................................................
332
10.3 Configuring PIMv6
................................................................................
333 10.3.1 Overview
.......................................................................................
333 10.3.2 References
.....................................................................................
333 10.3.3 Terminology
...................................................................................
333 10.3.4 Configuring General PIMv6 Sparse-mode
........................................... 337 10.3.5 Configuring
RP dynamically
.............................................................. 340
10.3.6 Configuring Boostrap Router
............................................................ 343
10.3.7 Configuring PIMv6-SSM feature
........................................................ 345
10.4 Configuring MLD Snooping
.....................................................................
346 10.4.1 Overview
.......................................................................................
346 10.4.2 Enable Globally Or Per Vlan
.............................................................. 346
10.4.3 Configuring Fast Leave
....................................................................
347 10.4.4 Configuring Querior Parameters
........................................................ 348 10.4.5
Configuring Mrouter Port
..................................................................
349 10.4.6 Configuring Querier Tcn
...................................................................
350 10.4.7 Configuring Report Suppression
........................................................ 351 10.4.8
Configuring Static group
..................................................................
351 10.4.9 Limitations And Configuration Guidelines
........................................... 352
10.5 Configuring MVR6
.................................................................................
352 10.5.1 Overview
.......................................................................................
352 10.5.2 Terminology
...................................................................................
353 10.5.3 Topology
.......................................................................................
353 10.5.4 Configurations
................................................................................
353 10.5.5 Validation
......................................................................................
355
11 IPV6 ROUTING CONFIGURATION GUIDE
.................................... 357 11.1 Configuring IPv6
Unicast-Routing
............................................................
357
11.1.1 Overview
.......................................................................................
357 11.1.2 Topology
.......................................................................................
357 11.1.3 Validation Commands
......................................................................
359
11.2 Configuring OSPFv3
..............................................................................
360 11.2.1 Overview
.......................................................................................
360 11.2.2 References
.....................................................................................
360
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
10/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
11.2.3 Basic OSPFv3 Parameters Configuration
............................................ 361 11.2.4 Enabling
OSPFv3 on an Interface
...................................................... 361 11.2.5
Configuring Priority
.........................................................................
364 11.2.6 Configuring OSPFv3 Area Parameters
................................................ 367 11.2.7
Redistributing Routes into OSPFv3
.................................................... 375 11.2.8
OSPFv3 Cost
..................................................................................
382 11.2.9 Monitoring OSPFv3
..........................................................................
388
11.3 Configuring RIPng
.................................................................................
388 11.3.1 Overview
.......................................................................................
388 11.3.2 References
.....................................................................................
389 11.3.3 Enabling RIPng
...............................................................................
389 11.3.4 Configuring Metric Parameters
.......................................................... 393
11.3.5 Configuring the Administrative Distance
............................................ 394 11.3.6 Configuring
Redistribution
................................................................
396 11.3.7 Configuring Split-horizon Parameters
................................................ 398 11.3.8
Configuring Timers
..........................................................................
400 11.3.9 Configuring RIPng Route Distribute Filters
.......................................... 400
12 IPV6 SECURITY CONFIGURATION GUIDE
................................... 403 12.1 Configuring DHCPv6
Snooping
................................................................
403
12.1.1 Overview
.......................................................................................
403 12.1.2 Topology
.......................................................................................
403 12.1.3 Configuration
.................................................................................
403 12.1.4 Validation
......................................................................................
404
12.2 Configuring ACLv6
................................................................................
405 12.2.1 Overview
.......................................................................................
405 12.2.2 Terminology
...................................................................................
405 12.2.3 Limitation
......................................................................................
406 12.2.4 Topology
.......................................................................................
406 12.2.5 Configuration
.................................................................................
406 12.2.6 Validation
......................................................................................
408
13 IPV6 SERVICE CONFIGURATION GUIDE
..................................... 409 13.1 Configuring IPv6
over IPv4 Tunnel
..........................................................
409
13.1.1 Overview
.......................................................................................
409 13.1.2 Configure Manual Tunnel
.................................................................
412 13.1.3 Configure 6to4 Tunnel
.....................................................................
416 13.1.4 Configure 6to4 relay
.......................................................................
420 13.1.5 Configure ISATAP Tunnel
.................................................................
424
13.2 Configuring NDP
...................................................................................
427 13.2.1 Overview
.......................................................................................
427 13.2.2 Topology
.......................................................................................
428 13.2.3 Configuring NDP
.............................................................................
428 13.2.4 Validation commands
......................................................................
428
13.3 Configuring DHCPv6 Relay
.....................................................................
429 13.3.1 Overview
.......................................................................................
429 13.3.2 Topology
.......................................................................................
429 13.3.3 Configuration
.................................................................................
429 13.3.4 Validation
......................................................................................
430
14 RELIABILITY CONFIGURATION GUIDE
....................................... 432 14.1 Configuring BHM
...................................................................................
432
14.1.1 Overview
.......................................................................................
432 14.1.2 Terminology
...................................................................................
432 14.1.3 Configuration
.................................................................................
432 14.1.4 Validation
......................................................................................
432
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
11/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
14.2 Configuring CPU Traffic Limit
..................................................................
432 14.2.1 Overview
.......................................................................................
432 14.2.2 Terminology
...................................................................................
434 14.2.3 Default Configuration
......................................................................
434 14.2.4 Limitations
.....................................................................................
434 14.2.5 Configuration
.................................................................................
434 14.2.6 Validation Commands
......................................................................
435
14.3 Configuring UDLD
.................................................................................
436 14.3.1 Overview
.......................................................................................
436 14.3.2 Topology
.......................................................................................
436 14.3.3 Configuration
.................................................................................
436 14.3.4 Validation
......................................................................................
437
14.4 Configuring ERPS
..................................................................................
437 14.4.1 Overview
.......................................................................................
437 14.4.2 References
.....................................................................................
438 14.4.3 Configuring ERPS for a Single-Ring Topology
...................................... 438 14.4.4 Configuring a
Intersecting-Ring Topology
........................................... 445
14.5 Configuring Smart Link
..........................................................................
456 14.5.1 Overview
.......................................................................................
456 14.5.2 Topology
.......................................................................................
456 14.5.3 Configuration
.................................................................................
457 14.5.4 Validation
......................................................................................
461
14.6 Configuring Monitor Link
........................................................................
462 14.6.1 Overview
.......................................................................................
462 14.6.2 Topology
.......................................................................................
462 14.6.3 Configuration
.................................................................................
463 14.6.4 Validation
......................................................................................
463
14.7 Configuring VRRP
..................................................................................
463 14.7.1 Overview
.......................................................................................
463 14.7.2 References
.....................................................................................
464 14.7.3 Terminology
...................................................................................
464 14.7.4 VRRP Process
.................................................................................
464 14.7.5 Limitations
.....................................................................................
465 14.7.6 Configuring VRRP (One Virtual Router)
.............................................. 465 14.7.7
Configuring VRRP (Two Virtual Router)
.............................................. 467 14.7.8 VRRP
Circuit Failover
.......................................................................
471
14.8 Configuring VRRP Remote Tracking
......................................................... 474
14.8.1 Configuring IP SLA
..........................................................................
474 14.8.2 Configuring TRACK
..........................................................................
480 14.8.3 Configuring VRRP TRACK
.................................................................
485
14.9 Configuring VARP
..................................................................................
486 14.9.1 Overview
.......................................................................................
486 14.9.2 Topology
.......................................................................................
487 14.9.3 Configuring
....................................................................................
487 14.9.4 Validation
......................................................................................
488
15 VPN CONFIGURATION GUIDE
..................................................... 489 15.1
Configuring VRF
....................................................................................
489
15.1.1 Overview
.......................................................................................
489 15.1.2 Configuration
.................................................................................
489 15.1.3 Validation
......................................................................................
490
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
12/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
List of Figures Figure 2-1 NTP server-client with authentication
topology ..................................... 29 Figure 2-2 Log
information on syslog Servers
...................................................... 31 Figure
2-3 Mirror
..............................................................................................
34 Figure 2-4 Remote Mirror
..................................................................................
37 Figure 2-5 Mac Escape
......................................................................................
41 Figure 2-6 SmartConfig Topology
.......................................................................
53 Figure 3-1 Address Aging Time
..........................................................................
63 Figure 3-2 Static Unicast Address
.......................................................................
64 Figure 3-3 Static Multicast Address
.....................................................................
65 Figure 3-4 MAC
filter.........................................................................................
66 Figure 3-5 VLAN Tagged Frame
..........................................................................
67 Figure 3-6 Trunk Link
.......................................................................................
67 Figure 3-7 Access Link
......................................................................................
68 Figure 3-8 Access Port
......................................................................................
68 Figure 3-9 Trunk Port
.......................................................................................
69 Figure 3-10 VLAN classification Topology
.............................................................. 74
Figure 3-11 VLAN translation
...............................................................................
77 Figure 3-12 802.1Q tunnel
..................................................................................
79 Figure 3-13 Basic 802.1Q tunneling
......................................................................
80 Figure 3-14 Adding one tag
.................................................................................
81 Figure 3-15 Adding two tags
................................................................................
83 Figure 3-16 LACP
...............................................................................................
86 Figure 3-17 LACP
...............................................................................................
89 Figure 3-18 Flow Control Configuration Topology
................................................... 92 Figure 3-19
Percentage Storm Control
..................................................................
94 Figure 3-20 PPS Storm Control
............................................................................
95 Figure 3-21 Layer 2 Tunnel Topology
....................................................................
97 Figure 3-22 Layer 2 Tunnel Topology
....................................................................
99 Figure 3-23 MSTP Topology
...............................................................................
102 Figure 3-24 MLAG Configuration Topology
........................................................... 108
Figure 4-1 Static Routing
................................................................................
113 Figure 4-2 RIP Topology
..................................................................................
117 Figure 4-3 RIP Topology II
..............................................................................
120 Figure 4-4 RIP Topology III
.............................................................................
123 Figure 4-5 RIP Topology III
.............................................................................
125 Figure 4-6 RIP Topology III
.............................................................................
127 Figure 4-7 RIP Topology III
.............................................................................
130 Figure 4-8 RIP Topology III
.............................................................................
133 Figure 4-9 RIPv2
............................................................................................
135 Figure 4-10 RIPv2 MD5 authentication
................................................................
136 Figure 4-11 OSPF AS
........................................................................................
141 Figure 4-12 OSPF Priority
..................................................................................
143 Figure 4-13 OSPF Area
.....................................................................................
145 Figure 4-14 OSPF Routes Redistributing
.............................................................. 149
Figure 4-15 OSPF Cost
......................................................................................
153 Figure 4-16 OSPF Authentication
........................................................................
158 Figure 4-17 Policy-Based Routing Typical Topology
.............................................. 172 Figure 5-1 ARP
Topology
.................................................................................
174 Figure 5-2 ARP Proxy topology
.........................................................................
177 Figure 5-3 Local ARP Proxy topology
.................................................................
180 Figure 5-4 DHCP Client Topology
......................................................................
184 Figure 5-5 DHCP Relay Topology
......................................................................
186
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
13/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Figure 5-6 DNS Topology
................................................................................
188 Figure 6-1 NTP server-client with authentication topology
................................... 192 Figure 6-2 External phy
topo
...........................................................................
195 Figure 6-3 Internal phy topo
............................................................................
196 Figure 6-4 Port level loopback
topo...................................................................
196 Figure 6-5 L2 pinging a switch
port...................................................................
197 Figure 6-6 Rmon1 topo
...................................................................................
199 Figure 6-7 SNMP
Network................................................................................
201 Figure 6-8 Sflow
topology................................................................................
205 Figure 6-9 LLDP topology
...............................................................................
207 Figure 7-1 Port Security topology
.....................................................................
210 Figure 7-2 ACL
...............................................................................................
215 Figure 7-3 Extend ACL
....................................................................................
218 Figure 7-4 Dot1x Basic topology
.......................................................................
221 Figure 7-5 Dot1x Basic topology for mac based
.................................................. 221 Figure 7-6
Select "Settings" -> "System"
.......................................................... 225
Figure 7-7 Configure the shared-key, authorization port and account
port ............. 226 Figure 7-8 Add user name and password on the
server ....................................... 226 Figure 7-9
supplicant is not 802.1x capable
....................................................... 228 Figure
7-10 supplicant is 802.1x capable and authenticated
.................................. 229 Figure 7-11 ARP Inspection
Topology..................................................................
235 Figure 7-12 DHCP Snooping Topology
.................................................................
238 Figure 7-13 IP Source Guard
.............................................................................
241 Figure 7-14 RADIUS authentication application
.................................................... 243 Figure
7-15 Configure IP address
.......................................................................
244 Figure 7-16 Ping test
........................................................................................
245 Figure 7-17 Open software on server
..................................................................
245 Figure 7-18 Set
system.....................................................................................
245 Figure 7-19 Add user
........................................................................................
246 Figure 7-20 Ping test
........................................................................................
246 Figure 7-21 Telnet test
.....................................................................................
247 Figure 7-22 TACACS+ authentication application
.................................................. 247 Figure 7-23
Ping result
.....................................................................................
249 Figure 7-24 Telnet result
...................................................................................
250 Figure 7-25 Basic topology for port-isolate
.......................................................... 250
Figure 7-26 DDos prevent topology
....................................................................
252 Figure 8-1 Bridge 1
........................................................................................
262 Figure 9-1 Configuring RP statically
..................................................................
309 Figure 9-2 BSR Topology
.................................................................................
316 Figure 9-3 MVR Topology
................................................................................
325 Figure 10-1 Configuring RP statically
..................................................................
337 Figure 10-2 BSR Topology
.................................................................................
344 Figure 10-3 MVR6 Topology
...............................................................................
353 Figure 11-1 IPv6 Static Routing Topology Configuration
........................................ 357 Figure 11-2 OSPF AS
........................................................................................
361 Figure 11-3 OSPFv3 Priority
..............................................................................
365 Figure 11-4 OSPFv3 Area
..................................................................................
368 Figure 11-5 OSPFv3 Routes Redistributing
.......................................................... 375
Figure 11-6 OSPFv3 Cost
..................................................................................
382 Figure 12-1 DHCPv6 Snooping Topology
............................................................. 403
Figure 13-1 IPv6 over IPv4 Tunnel
.....................................................................
409 Figure 13-2 6to4 tunnel
....................................................................................
411 Figure 13-3 ISATAP tunnel
................................................................................
412 Figure 13-4 configure manual tunnel
..................................................................
412 Figure 13-5 configure 6to4 tunnel
......................................................................
416
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
14/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Figure 13-6 Configure 6to4 relay
.......................................................................
420 Figure 13-7 Configure ISATAP tunnel
..................................................................
424 Figure 13-8 NDP Topology
.................................................................................
428 Figure 13-9 DHCPv6 Relay Topology
...................................................................
429 Figure 14-1 Typical topology of UDLD
.................................................................
436 Figure 14-2 ERPS Topology
...............................................................................
439 Figure 14-3 Single-Domain Intersecting-Ring Topology
......................................... 447 Figure 14-4
Smart-Link Typical Topology
............................................................ 457
Figure 14-5 Configure monitor link
.....................................................................
463 Figure 14-6 VRRP Process
.................................................................................
465 Figure 14-7 VRRP Protocol
................................................................................
465 Figure 14-8 One VRRP Router
............................................................................
466 Figure 14-9 Two Virtual Router
..........................................................................
468 Figure 14-10 VRRP track topology
...................................................................
480 Figure 14-11 Track rtr reachability
..................................................................
481 Figure 14-12 Track rtr state
...........................................................................
483 Figure 14-13 VRRP TRACK
..............................................................................
485 Figure 14-14 VARP Configuration
....................................................................
487
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
15/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
List of Tables Table 2-1 System Message Log Facility Types
......................................................... 28 Table
2-2 Severity Level Definitions
.......................................................................
29 Table 8-1 Enable QoS
........................................................................................
262 Table 8-2 Configure egress queue for tail drop
...................................................... 263 Table
8-3 Configure egress queue for WRED
......................................................... 265 Table
8-4 Configure egress queue for schedule
..................................................... 267 Table 8-5
Configure port policing
........................................................................
269 Table 8-6 Configure port shaping
........................................................................
271 Table 8-7 Configure queue shaping
.....................................................................
273 Table 8-8 Configure IP ACL
................................................................................
275 Table 8-9 Configure class map
............................................................................
276 Table 8-10 Configure policy map
.......................................................................
277 Table 8-11 Configure aggregate policing
............................................................ 279
Table 8-12 Configure CoS to Priority-Color mapping table
.................................... 280 Table 8-13 Configure
IP-Precedence to Priority-Color mapping table
...................... 282 Table 8-14 Configure DSCP to
Priority-Color mapping table .................................. 286
Table 8-15 Configure Priority-Color to Queue-Threshold mapping
table.................. 289 Table 8-16 Configure Priority-Color to
CoS mapping table .................................... 292 Table
8-17 Configure Priority-Color to DSCP mapping table
.................................. 296 Table 11-1 Switch1
configuration
......................................................................
357 Table 11-2 Switch2 configuration
......................................................................
358 Table 11-3 Switch3 configuration
......................................................................
358
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
16/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
1 Basic Configuration Guide
1.1 Configuring System Management
1.1.1 Overview
You can configure a message-of-the-day (MOTD) and a login banner.
The MOTD banner displays on all connected terminals at login and is
useful for sending
messages that affect all network users (such as impending system
shutdowns).
The login banner also displays on all connected terminals. It
appears after the MOTD banner and before the login prompts.
1.1.2 Configuring a Message-of-the-Day Login Banner
You can create a single or multiline message banner that appears on
the screen when someone logs in to the switch.
To enable message logging, follow these steps:
Switch# configure terminal Enter global configuration mode
Switch(config)# banner motd c message c
Specify the message of the day. For c, enter the delimiting
character of your choice, for example, a
pound sign (#), and press the Return key. The delimiting character
signifies the beginning and end of the banner text. Characters
after the ending
delimiter are discarded. For message, enter a banner message up to
255 characters. You cannot
use the delimiting character in the message
Switch(config)# exit Exit the Configure mode
1.1.3 Configuring a Login Banner
You can configure a login banner to be displayed on all connected
terminals. This banner appears after the MOTD banner and before the
login prompt.
Beginning in privileged EXEC mode, follow these steps to configure
a login banner:
Switch# configure terminal Enter global configuration mode
Switch(config)# banner
Specify the login message. For c, enter the
delimiting character of your choice, for example, a pound sign (#),
and press the Return key. The delimiting character signifies the
beginning and
end of the banner text. Characters after the ending delimiter are
discarded. For message, enter a login
message up to 255 characters. You cannot use the delimiting
character in the message
Switch(config)# exit Exit the Configure mode
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
17/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
1.1.4 Configuring an Exec Banner
You can configure an exec banner to be displayed on all connected
terminals. This
banner appears when terminal in privileged EXEC mode.
Beginning in privileged EXEC mode, follow these steps to configure
a exec banner:
Switch# configure terminal Enter global configuration mode
Switch(config)# banner exec c message c
Specify the login message. For c, enter the delimiting character of
your choice, for example, a pound sign (#), and press the Return
key. The
delimiting character signifies the beginning and end of the banner
text. Characters after the ending
delimiter are discarded. For message, enter a login message up to
255 characters. You cannot use the delimiting character in the
message
Switch(config)# exit Exit the Configure mode
1.1.5 Validation Commands
All current banner configurations can be displayed. To display,
follow these steps:
Switch# show running Show the current system configuration
1.2 Configuring User Management
1.2.1 Overview
User management increases the security of the system by keeping
the
unauthorized users from guessing the password. The user is limited
to a specific number of attempts to successfully log in to the
switch.
There are three load modes in the switch. In “no login” mode,
anyone can load the switch without authentication. In “login” mode,
there is only one default user. In
“login local” mode, if you want to load the switch you need to have
a user account.
Local user authentication uses local user accounts and passwords
that you create to validate the login attempts of local users. Each
switch has a maximum of 32
local user accounts. Before you can enable local user
authentication, you must define at least one local user
account.
You can set up local user accounts by creating a unique username
and password combination for each local user. Each username must be
fewer than 32 characters.
You can configure each local user account with a privilege level;
the valid privilege
levels are 1 or 4. Once a local user is logged in, only the
commands those are available for that privilege level can be
displayed.
Privilege1: In this level user only can use basic show command
like, “ls”, “dir”, “enable”.
Privilege2: In this level user can use all show command in Exec
mode.
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
18/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Privilege3: In this level user can use command including “all PM
configuration commands” in CONFIG mode.
Privilege4: In this level user can use all command including
commands that can change one user’s privilege”, “SNMP security
commands”, “radius, ssh which
related to security commands” and file management command in Exec
mode.
If login type is login local, the privilege is form the privilege
in user, other the privilege is form line vty.
1.2.2 Configuring the user management in login local mode
Configurations
Switch# configure terminal Enter global configuration mode
Switch(config)# line vty 0 7 Enter line configuration mode, use
line console 0 if you want to set console
port access
switch
Switch(config)#username testname
Switch(config)# exit Exit the global configure mode
Validation Command
After the above setting, login the switch will need a username and
password, and user can login with the username and password created
before. This is a sample output of the login prompt.
Username: testname
The login mode requires the line password without a username.
Configurations
Switch(config)# line vty 0 7 Enter line configuration mode,
use
line console 0 if you want to set console port access
Switch(config-line)# login Enable login authentication on the
switch
Switch(config-line)# line-password abc Set login password of
abc
Switch(config-line)# end Enter the Exec mode
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
19/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Validation Command
After the above setting, login the switch will need the line
password, and user can
login with the password created before. This is a sample output of
the login prompt.
Password:
Configurations
If the password is forgotten unfortunately, it can be recovered by
following steps.
Step 1 Power on the system. Boot loader will start to run. The
follow information will be printed on Console.
CPU: MPC8247 (HiP7 Rev 14, Mask 1.0 1K50M) at 350 MHz
Board: 8247 (PCI Agent Mode)
I2C: ready
Press ctrl+b to stop autoboot: 3
Step 2 Press ctrl+b. stop autoboot.
Step 3 Under boot loader interface, use the following
instructions.
Bootrom# boot_flash_nopass Load the device without start-config
file under the boot loader mode through Console
Bootrom# Do you want to revert to the default config file ?
[Y|N|E]:
Then system will reboot without loading startup-configuration. No
password will be required.
1.3 Configuring FTP
1.3.1 Overview
You can download a switch configuration file from an FTP server or
upload the file
from the switch to an FTP server.You download a switch
configuration file from a server to upgrade the switch
configuration. You can overwrite the current startup
configuration file with the new one. You upload a switch
configuration file to a server for backup purposes. You can use
this uploaded configuration for future downloads to the switch or
another switch of the same type.
1.3.2 IPv4 Configurations
Preparing to download or upload a configuration file by using
FTP
You can copy configurations files to or from an FTP server.
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
20/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
The FTP protocol requires a client to send a remote username and
password on each FTP request to a server.
Before you begin downloading or uploading a configuration file by
using FTP, do these tasks:
Ensure that the switch has a route to the FTP server. The switch
and the FTP server must be in the same network if you do not have a
router to route traffic between subnets. Check connectivity to the
FTP server by using the ping
command.
If you are accessing the switch through the console or a Telnet
session and you
do not have a valid username, make sure that the current FTP
username is the one that you want to use for the FTP
download.
When you upload a configuration file to the FTP server, it must be
properly configured to accept the write request from the user on
the switch.
For more information, see the documentation for your FTP
server.
Downloading a configuration file by using FTP
You can download a new configuration file and overwrite the current
configuration or keep the current configuration.
Switch# configure terminal Enter global configuration mode
Switch(config)# ftp username test (Optional) Create a user
“test”
Switch(config)# ftp password test (Optional) Create a password
“test”
Switch(config)# end Return to privileged EXEC mode
Switch#copy mgmt-if
Get a startup configuration file from
remote FTP server. User’s name is “test”; the password is
“test”
Switch# show startup-config Verify your entries
Uploading a configuration file by using FTP
You can upload a configuration file from the switch to an FTP
server. You can later
download this configuration to the same switch or to another switch
of the same type.
Beginning in privileged EXEC mode, follow these steps to upload a
configuration file
to an FTP server:
mode
“test”
Switch(config)# end Return to privileged EXEC
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
21/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
mode
Upload a startup configuration file to remote
FTP server User’s name is “test”; the password is “test”
1.3.3 IPv6 Configurations
Switch1
Get a startup configuration file from
remote FTP server. User’s name is “root”; the password is
“root”
Switch# show startup-config Verify your entries
Uploading a configuration file by using FTP
Switch1
Upload a startup configuration file to
remote FTP server User’s name is “root”; the password is
“root”
1.4 Configuring TFTP
1.4.1 Overview
You can download a switch configuration file from a TFTP server or
upload the file from the switch to a TFTP server. You download a
switch configuration file from a server to upgrade the switch
configuration. You can overwrite the current file with
the new one. You upload a switch configuration file to a server for
backup purposes; this uploaded file can be used for future
downloads to the same or another switch
of the same type.
1.4.2 Configurations
Preparing to download or upload a configuration file by using
TFTP
Before you begin downloading or uploading a configuration file by
using TFTP, do
these tasks:
Ensure that the workstation acting as the TFTP server is properly
configured.
Ensure that the switch has a route to the TFTP server. The switch
and the TFTP server must be in the same network if you do not have
a router to route traffic between subnets. Check connectivity to
the TFTP server by using the ping
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
22/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Ensure that the configuration to be downloaded is in the correct
directory on the TFTP server.
For download operations, ensure that the permissions on the file
are set correctly.
During upload operations, if you are overwriting an existing file
(including an empty file, if you had to create one) on the server,
ensure that the permissions
on the file are set correctly.
Downloading a configuration file by using TFTP
You can download a new configuration file and replace the current
file or keep the
current file.
Switch# copy mgmt-if tftp://2001:1000::2/startup-config.conf
Switch# show startup-config Verify your entries
Uploading a configuration file by using TFTP
You can upload a configuration file from the switch to a TFTP
server. You can later download this file to the switch or to
another switch of the same type.
Beginning in privileged EXEC mode, follow these steps to upload a
configuration file to a TFTP server.
Switch# copy flash:/startup-config.conf mgmt-if
Switch# copy flash:/startup-config.conf
remote TFTP server
1.5 Configuring Telnet
1.5.1 Overview
Telnet is a network protocol used on the Internet or local area
networks to provide a bidirectional interactive text-oriented
communications facility using a virtual terminal connection. User
data is interspersed in-band with Telnet control
information in an 8-bit byte oriented data connection over the
Transmission Control Protocol (TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC
854, and standardized as Internet Engineering Task Force (IETF)
Internet Standard STD 8,
one of the first Internet standards.
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
23/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Historically, Telnet provided access to a command-line interface
(usually, of an operating system) on a remote host. Most network
equipment and operating
systems with a TCP/IP stack support a Telnet service for remote
configuration (including systems based on Windows NT). Because of
security issues with Telnet,
its use for this purpose has waned in favor of SSH.
1.5.2 Configurations
Switch# telnet 10.10.29.247 Telnet switch 10.10.29.247 with inner
port
Switch# telnet 2001:1000::71 Telnet switch 2001:1000::71 with
inner
port
Switch# telnet mgmt-if
Switch# configure terminal Enter the Configure mode
Switch(config)# service telnet enable
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
24/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
1.6 Configuring SSH
1.6.1 Overview
The Secure Shell (SSH) is a protocol that provides a secure, remote
connection to a device. SSH provides more security for remote
connections than Telnet does by providing strong encryption when a
device is authenticated. SSH supports the Data
Encryption Standard (DES) encryption algorithm, the Triple DES
(3DES) encryption algorithm, and password-based user
authentication. The SSH feature has an SSH
server and an SSH integrated client, which are applications that
run on the switch. You can use an SSH client to connect to a switch
running the SSH server. The SSH server works with the SSH client
supported in this release and with SSH clients. The
SSH client also works with the SSH server supported in this release
and with SSH servers.
1.6.2 Topology
1.6.3 Configurations
Switch(config)# rsa key a generate Create a key name a
Switch(config)# rsa key a export url flash:/a.pri private
ssh2
Create a private key named a.pri with key a and save it to
flash
public ssh2
a.pub with key a and save it to flash
Import the key
Import the key a.pub we created as
importKey
Create a user with name aaa.
Switch(config)# username aaa assign rsa key importKey
Assign the key to use aaa
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
25/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
1.6.4 Validation commands
On SSH client:
[email protected]'s password:
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
26/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
2 Device Management Configuration Guide
2.1 Configuring STM
2.1.1 Overview
Switch Table Management (STM) is used to configure system resources
in the switch to optimize support for specific features, depending
on how the switch is
used in the network.
You can select a profile to provide maximum system usage for some
functions; for example, use the default profile to balance
resources and use vlan profile to obtain
max MAC entries.
To allocate ternary content addressable memory (TCAM) resources for
different
usages, the switch STM profile prioritize system resources to
optimize support for certain features. You can select STM templates
to optimize these features:
ipv4—The routing template maximizes system resources for unicast
routing, typically required for a router or aggregator in the
center of a network.
vlan—The VLAN template supports the maximum number of unicast MAC
addresses. It would typically be selected for a Layer 2
switch.
default—The default template gives balance to all functions.
ipv6- The dual IPv4 and IPv6 templates allow the switch to be used
in dual
stack environments (supporting both IPv4 and IPv6). Using the dual
stack templates results in less TCAM capacity allowed for each
resource. Do not use them if you plan to forward only IPv4 traffic.
This template includes 2 sub
profile: ipv6 default and ipv6 route. IPv6 default balances IPv6
and IPv4 featues, and IPv6 route template supporting more IPv6
routing entry numbers.
When users configured a profile mode which is not exist in
the
next reboot image, then default hardware configure will be used
when system up with the next image. The hardware configure
may be different from the default profile.
2.1.2 Configuration
Follow these guidelines when selecting and configuring STM
profiles.
You must reload the switch for the configuration to take
effect.
Use the stm prefer vlan global configuration command only on
switches intended for Layer 2 switching with no routing.
Do not use the ipv4 profile if you do not have routing enabled on
your switch. The stm prefer ipv4 global configuration command
prevents other features
from using the memory allocated to IPv4 unicast routing in the
routing profile.
Switch# configure terminal Enter configuration mode
Switch(config)# stm prefer ipv4 Select ipv4 profile for best
supporting
IP unicast routing
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
27/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Switch(config)# end Return to the EXEC mode
Switch# reload Reload system
2.1.3 Validation
This is an example of an output display for default template.
Switch# show stm prefer
Current profile is :default
the switch to make balance entry number among
route, mac, related tables.
number of Ethernet features:
G.8031 groups : 64
G.8032 rings : 32
IPv4 host routes : 3072
Indirect IPv4 routes : 3032
IPv4 ECMP routes : 128
IPv4 Mcast routes : 508
number of Security features:
The profile stored for use after the next reload
is the ipv4 profile.
number of Ethernet features:
IPv4 host routes : 6144
Indirect IPv4 routes : 8152
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
28/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
IPv4 ECMP routes : 256
IPv4 Mcast routes : 1020
number of Security features:
2.2 Configuring Syslog
This document is intended to give a usage example for system log
feature.
2.2.1 Overview
The system message logging software can save messages in a log file
or direct the
messages to other devices. The system message logging facility has
these features:
Provides you with logging information for monitoring and
troubleshooting.
Allows you to select the types of logging information that is
captured.
Allows you to select the destination of the captured logging
information.
By default, the switch logs normal but significant system messages
to its internal buffer and sends these messages to the system
console. You can specify which system messages should be saved
based on the type of the severity level. The
messages are time-stamped to enhance real-time debugging and
management.
You can access the logged system messages using the switch
command-line
interface (CLI) or by saving them to a properly configured log
server. The switch software saves the log messages in an internal
buffer that can store up to 1000 messages. You can monitor the
system messages remotely by accessing the switch
through Telnet or the console port, or by viewing the logs on a log
server.
2.2.2 Terminology
Facility Name Definition
kern kernel messages
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
29/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Facility Name Definition
auth security/authorization messages
lpr line printer subsystem
news network news subsystem
Severity Level Definition
critical critical conditions
error error conditions
warning warning conditions
information Informational
Configurations
Switch(config)# logging server enable Enable the logging state for
a
Telnet session
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
30/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
Switch(config)# logging server address
log servers
log servers
server messages
Switch(config)# logging server facility mail Set the facility for
log server
messages
Validation
And you can check the result by using show logging command:
Switch# show logging
Current logging configuration:
2.2.4 Configuring Logging Buffer Size
By default, the number of messages to log to the logging buffer is
500. If desired,
you can set the number between 10 and 1000.
Configurations
Switch(config)# logging buffer 700
Set the number of messages to log to the logging buffer
Validation
And you can check the result by using show logging command.
Switch# show logging
Current logging configuration:
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
31/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
logging buffer 700
logging timestamp bsd
logging file enable
You can use command to check showing Logging
Information.When configuring the syslog Servers, make sure the
cables is linked correctly and two computers can ping each
other.Before you can send the system log messages to a log
server, you must configure Syslog Software, at the end you can see
the log from your software.
Figure 2-2 Log information on syslog Servers
2.3 Configuring Mirror
2.3.1 Overview
You can analyze network traffic passing through ports or vlans by
using mirror function to send a copy of the traffic to another port
on the switch that has been
Configuration Guide 48 Port Gigabit Ethernet Routing Switch Page
32/491
©2017 MICROSENS GmbH & Co. KG, Kueferstr. 16, 59067
Hamm/Germany, www.microsens.com
connected to a Switch Probe device or other Remote Monitoring
(RMON) probe or security device. Mirrors received or sent (or both)
traffic on a source port and
received traffic on one or more source ports or source vlans, to a
destination port for analysis.
Only traffic that enters or leaves source ports or traffic that
enters source vlans can be monitored by using mirror; traffic that
gets routed to ingress source ports or source vlans cannot be
monitored. For example, if incoming traffic is being
monitored, traffic that gets routed from another vlans to the
source vlans is not monitored; however, traffic that is received on
the source vlan and routed to
another vlan is monitored.
Mirror does not affect the switching of network traffic on source
ports or source vlans; a copy of the packets received or sent by
the source interfaces are sent to
the destination interface.
Mirror Session
A mirror session is an association of a destination port with
source ports and source VLANs. You configure mirror sessions by
using parameters that specify the source of network traffic to
monitor. Both switched and routed ports can be configured as
mirror sources and destinations. You can configure up to 3 mirror
sessions.
Mirror sessions do not interfere with the normal operation of the
switch. However,
an oversubscribed mirror destination, for example, a 10-Mbps port
monitoring a 100-Mbps port, results in dropped or lost
packets.
You can configure mirror sessio