3Com ® Switch 5500 Family Configuration Guide Switch 5500-SI Switch 5500-EI Switch 5500G-EI PDF

Preview

Summary

3Com® Switch 5500 Family Configuration Guide Switch 5500-SI Switch 5500-EI Switch 5500G-EI www.3Com.com Part Number: 10014922 Rev. AC Published: December 2006 3Com Corporation Copyright © 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or 350 ...

Description

3Com® Switch 5500 Family Configuration Guide Switch 5500-SI Switch 5500-EI Switch 5500G-EI

www.3Com.com Part Number: 10014922 Rev. AC Published: December 2006

3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064

Copyright © 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation. 3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time. If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you. UNITED STATES GOVERNMENT LEGEND If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following: All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide. Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries. 3Com and the 3Com logo are registered trademarks of 3Com Corporation. Cisco is a registered trademark of Cisco Systems, Inc. Funk RADIUS is a registered trademark of Funk Software, Inc. Aegis is a registered trademark of Aegis Group PLC. Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Novell and NetWare are registered trademarks of Novell, Inc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. IEEE and 802 are registered trademarks of the Institute of Electrical and Electronics Engineers, Inc. All other company and product names may be trademarks of the respective companies with which they are associated. ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to: Establishing environmental performance standards that comply with national legislation and regulations. Conserving energy, materials and natural resources in all operations. Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental standards. Maximizing the recyclable and reusable content of all products. Ensuring that all products can be recycled, reused and disposed of safely. Ensuring that all products are labelled according to recognized environmental standards. Improving our environmental record on a continual basis. End of Life Statement 3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components. Regulated Materials Statement 3Com products do not contain any hazardous or ozone-depleting material. Environmental Statement about the Documentation The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.

3

CONTENTS

CONTENTS ABOUT THIS GUIDE Organization of the Manual Intended Readership 22 Conventions 22 Related Manuals 23

1

21

GETTING STARTED Product Overview 25 XRN Overview 26 Major Technologies 26 Typical Networking Topology 26 Product Features 27 Logging in to the Switch 29 Setting up Configuration Environment through the Console Port Setting up Configuration Environment through Telnet 31 Setting up Configuration Environment through a Dial-up Modem Command Line Interface 37 Command Line View 37 Features and Functions of Command Line 40 User Interface Configuration 42 User Interface Configuration 43 Displaying and Debugging User Interface 49

2

29 33

ADDRESS MANAGEMENT CONFIGURATION Introduction to Address Management 51 Configuring Address Management 51 Configuring a Port-Based Address Management IP Address Pool 51 Binding the MAC Address and IP Address of a Legal User to the Specified Port Address Management Configuration Example 52 Port-Based Address Management IP Address Pool Configuration Example 52 Configuration Example of Binding the MAC Address and IP Address of a Legal User 53

3

PORT OPERATION Ethernet Port Configuration Introduction 55 Ethernet Port Configuration 55 EthernetPort Security Features 62 Displaying and Debugging Ethernet Port 66

51

4

CHAPTER : CONTENTS

Displaying Port Configuration Information in Brief 67 Ethernet Port Configuration Example 67 Ethernet Port Troubleshooting 68 Link Aggregation Configuration 68 Link Aggregation Configuration 71 Displaying and Debugging Link Aggregation 74 Link Aggregation Configuration Example 75 Global Broadcast Suppression Feature 76 Configuring Global Broadcast Suppression 76 Global Broadcast Suppression Configuration Example 76 Configuration procedure 76 Displaying Information About a Specified Optical Port 77

4

XRN CONFIGURATION Introduction to XRN 79 Configuring an XRN Fabric 79 Specifying the Stacking VLAN of the Switch 80 Setting Unit IDs for Switches 80 Saving the Unit ID of Each Unit in the Fabric 81 Specifying the Fabric Port of the Switch 81 Setting Unit Names for Switches 81 Setting a Fabric Name for Switches 81 Setting an XRN Authentication Mode for Switches 82 Displaying and Debugging a Fabric 82 Fabric Configuration Example 82 RMON on XRN 83 Configuration Commands for RMON on XRN 84 Clustering on XRN 84 Peer Fabric Port Detection 84 Work Flow of the Peer Fabric Port Detection Function 84 Prompt Information and Solution 85 Multiple Fabric Port Candidates 86

5

DLDP CONFIGURATION DLDP Overview 89 DLDP Fundamentals 90 Precautions During DLDP Configuration DLDP Configuration 93 Resetting DLDP Status 94 DLDP Configuration Example 94

6

VLAN OPERATION VLAN Configuration 97 VLAN Overview 97 Configuring a VLAN 97 Displaying and Debugging VLAN 99 VLAN Configuration Example One 99 VLAN Configuration Example Two 100

93

5

Protocol-Based VLAN Configuration 100 Configuring Protocol-Based VLANs 100 Displaying the Information about Protocol-Based VLANs Voice VLAN Configuration 102 Voice VLAN Configuration 102 Displaying and Debugging of Voice VLAN 106 Voice VLAN Configuration Example 106 Creating VLANs in Batches 107 Voice VLAN Configuration 107 Configuring the Voice VLAN Function 108 Voice VLAN Displaying and Debugging 109 Voice VLAN Configuration Example 109

7

101

GVRP CONFIGURATION Introduction to GVRP 111 GVRP Working Scheme 111 GVRP Packet Format 113 Protocol Specifications 113 GVRP Configuration 114 Configuration Prerequisite 114 Configuration Procedure 114 Configuration Example 115 Displaying GVRP 116

8

VLAN-VPN CONFIGURATION VLAN-VPN Overview 117 Implementation of VLAN-VPN 117 Adjusting the TPID Values of VLAN-VPN Packet VLAN-VPN Configuration 118 Configuration Prerequisites 118 Configuration procedure 118 Inner VLAN Tag Priority Replication Configuration Configuration Prerequisites 119 Configuration procedure 119 TPID Adjusting Configuration 119 Configuration Prerequisites 119 Configuration Procedure 119 VLAN-VPN Configuration Example 120 Network requirements 120 Network diagram 120 Configuration Procedure 121

9

118

119

DHCP OVERVIEW Introduction to DHCP 123 DHCP IP Address Assignment 124 IP Address Assignment Policy 124 DHCP IP Address Preferences 124 Sending Device Information through DHCP Option60

124

6

CHAPTER : CONTENTS

10

DHCP SERVER CONFIGURATION Introduction to DHCP Server 125 Usage of DHCP Server 125 DHCP Fundamentals 125 DHCP Packet Processing Modes 127 DHCP Address Pool 127 Global Address Pool-Based DHCP Server Configuration 128 Configuration Overview 128 Enabling DHCP 128 Configuring Global Address Pool Mode on Interface(s) 129 Configuring How to Assign IP Addresses in a Global Address Pool 129 Configuring DNS Services for DHCP Clients 130 Configuring NetBIOS Services for DHCP Clients 131 Customizing DHCP Service 132 Configuring Gateway Addresses for DHCP Clients 132 Interface Address Pool-based DHCP Server Configuration 132 Configuration Overview 132 Enabling DHCP 133 Configuring to Assign the IP addresses of Local Interface-based address pools to DHCP Clients 133 Configuring to Assign IP Addresses of Interface-based Address Pools to DHCP Clients 133 Configuring DNS Services for DHCP Clients 135 Configuring NetBIOS Services for DHCP Clients 136 Customizing DHCP Service 137 DHCP Security Configuration 137 Prerequisites 137 Configuring Private DHCP Server Detecting 137 Configuring IP Address Detecting 137 Option 184 Supporting Configuration 138 Prerequisites 139 Configuring the Option 184 Supporting Function 139 Configuration Example 142 DHCP Server Displaying and Debugging 144 DHCP Server Configuration Example 144 Troubleshooting DHCP Server 146

11

DHCP RELAY CONFIGURATION Introduction to DHCP Relay 147 Usage of DHCP Relay 147 DHCP Relay Fundamentals 147 DHCP Relay Configuration 148 DHCP Relay Configuration Tasks 148 Enabling DHCP 148 Configuring an Interface to Operate in DHCP Relay Mode DHCP Relay Displaying 149 DHCP Relay Configuration Example 149 Troubleshooting DHCP Relay 150

148

7

12

VRRP CONFIGURATION VRRP Overview 151 Virtual Router Overview 152 Introduction to Backup Group 153 VRRP Configuration 155 Configuring a Virtual Router IP address 155 Configuring Backup Group-Related Parameters 156 Displaying and Clearing VRRP Information 157 VRRP Configuration Example 157 Single-VRRP Backup Group Configuration Example 157 VRRP Tracking Interface Example 158 Multiple-VRRP Backup Group Configuration Example 160 Troubleshooting VRRP 162

13

MSTP CONFIGURATION MSTP Overview 163 MSTP Protocol Data Unit 163 Basic MSTP Terminologies 164 Fundamentals of MSTP 166 MSTP Implementation on Switches 168 Root Bridge Configuration 168 Configuring an MST Region 169 Setting the Switch as the Root/Secondary Root Bridge 170 Setting the Bridge Priority of a Switch 171 Configuring MSTP Operation Mode 172 Configuring the Maximum Hop Count of an MST Region 172 Configuring the Diameter of a Switched Network 173 Configuring MSTP Time Parameters 173 Configuring the Timeout Time Factor 175 Configuring the Maximum Transmission Speed of a Port 175 Setting a Port as an Edge Port 176 Specifying whether a Port Connect to Point-to-Point Link 177 Enabling MSTP 179 Leaf Node Configuration 180 Prerequisites 180 Configuring an MST Region 180 Configuring MSTP Operation Mode 181 Configuring the Timeout Time Factor 181 Configuring the Maximum Transmission Speed of a Port 181 Setting a Port as an Edge Port 181 Configuring the Path Cost of a Port 181 Configuring the Priority of a Port 183 Configuring a Port to Connect to Point-to-Point Link 184 Enabling MSTP 184 mCheck Configuration 184 Prerequisites 184 Configuration Procedure 185 Configuration Example 185 Protection Functions Configuration 185

8

CHAPTER : CONTENTS

Introduction to the Protection Functions Prerequisites 186 Configuring BPDU Protection 187 Configuring Root Protection 187 Configuring Loop Prevention 188 Configuring TC-BPDU Attack Prevention BPDU Tunnel Configuration 188 Introduction to BPDU Tunnel 188 Configuring BPDU Tunnel 189 Displaying and Debugging MSTP 190 MSTP Configuration Example 190 BPDU Tunnel Configuration Example 192

14

185

188

CENTRALIZED MAC ADDRESS AUTHENTICATION CONFIGURATION Introduction to Centralized MAC Address Authentication 195 Centralized MAC Address Authentication Configuration 196 Enabling Global/Port-based Centralized MAC Address Authentication 196 Configuring an ISP Domain for MAC Address Authentication Users 196 Setting Centralized MAC Address Authentication Timers 196 Displaying and Debugging Centralized MAC Address Authentication 197 Centralized MAC Address Authentication Configuration Example 197

15

SSH TERMINAL SERVICES SSH Terminal Services 199 Introduction to SSH 199 SSH Server Configuration 201 SSH Client Configuration 205 Displaying SSH Configuration 205 SSH Server Configuration Example 206 SSH Client Configuration Example 207 SSH Keygen Program 209 SFTP Service 210 SFTP Overview 210 SFTP Server Configuration 210 SFTP Client Configuration 211 SFTP Configuration Example 213

16

IP ROUTING PROTOCOL OPERATION IP Routing Protocol Overview 217 Selecting Routes Through the Routing Table Routing Management Policy 219 Static Routes 220 Configuring Static Routes 221 Example: Typical Static Route Configuration Troubleshooting Static Routes 224 RIP 224 Configuring RIP 225 Traffic Sharing Across RIP Interfaces 233

218

223

9

Displaying and Debugging RIP 233 Example: Typical RIP Configuration 233 Troubleshooting RIP 234 OSPF Configuration 235 Calculating OSPF Routes 235 Basic Concepts Related to OSPF 236 Configuring OSPF 237 Displaying and Debugging OSPF 253 254 Example: Configuring DR Election Based on OSPF Priority Example: Configuring OSPF Virtual Link 256 Troubleshooting OSPF 257 IP Routing Policy 258 Configuring an IP Routing Policy 259 Forwarding Layer 3 Broadcast Packets 263 Displaying and Debugging the Routing Policy 264 Typical IP Routing Policy Configuration Example 264 Troubleshooting Routing Protocols 265 Route Capacity Configuration 265 Limiting Route Capacity 266 Route Capacity Configuration 266 Displaying and Debugging Route Capacity 267

17

254

NETWORK PROTOCOL OPERATION IP Address Configuration 269 IP Address Overview 269 Configuring IP Address 271 Displaying and Debugging IP Address 272 IP Address Configuration Example 273 Troubleshooting IP Address Configuration 273 ARP Configuration 273 Configuring ARP 274 Introduction to Gratuitous ARP 275 Gratuitous ARP Packet Learning Configuration 276 Resilient ARP Configuration 277 277 Displaying and Debugging Resilient ARP Configuration Resilient ARP Configuration Example 278 BOOTP Client Configuration 279 Overview of BOOTP Client 279 BOOTP Client Configuration 280 Debugging BOOTP Client 280 DHCP Configuration 280 Overview of DHCP 280 Option 82 supporting 283 DHCP Client Configuration 285 DHCP Relay Configuration 286 Enabling DHCP 286 Configuring DHCP Relay Security 287

278

10

CHAPTER : CONTENTS

Option 82 Supporting Configuration 288 Prerequisites 288 Enabling Option 82 Supporting on a DHCP Relay 288 Option 82 Supporting Configuration Example 289 Introduction to DHCP Snooping 290 DHCP Snooping Configuration 291 Configuration Example 292 Introduction to DHCP Accounting 292 Structure of the DHCP Accounting Packets 292 DHCP Accounting Fundamentals 294 DHCP Accounting Configuration 294 Displaying and Debugging DHCP Configuration 296 DHCP Relay Configuration Example One 297 DHCP Relay Configuration Example Two 298 Troubleshooting DHCP Relay Configuration 299 Access Management Configuration 299 Access Management Overview 299 Configuring Access Management 299 Displaying and Debugging Access Management 301 Access Management Configuration Example 302 Access Management using the Web 302 UDP Helper Configuration 303 Overview of UDP Helper 303 UDP Helper Configuration 303 Displaying and Debugging UDP Helper Configuration 305 UDP Helper Configuration Example 305 IP Performance Configuration 305 Displaying and debugging IP Performance 306 Troubleshooting IP Performance 307

18

MULTICAST PROTOCOL IP Multicast Overview 309 Multicast Addresses 310 IP Multicast Protocols 312 Forwarding IP Multicast Packets 313 Applying Multicast 314 IGMP Snooping 314 Configuring IGMP Snooping 317 Enabling IGMP Fast Leave Processing 318 Configuring IGMP Snooping Filter ACL 319 Configuring the Maximum Number of Multicast Groups on a Port Configuring Multicast VLAN 320 Displaying and Debugging IGMP Snooping 321 Configuration Example—Enable IGMP Snooping 322 IGMP Snooping Fault Diagnosis and Troubleshooting 322 Common Multicast Configuration 323 Enabling Multicast 323 Configuring the Number Limit of Multicast Routing Entries 323 Multicast MAC Address Entry Configuration 324

319

11

Displaying Multicast MAC Address Configuration 324 Multicast Source Deny Configuration 325 Clearing MFC Forwarding Entries or Statistics Information 325 Clearing Route Entries From The Core Multicast Routing Table 325 Displaying and Debugging Common Multicast Configuration 326 Internet Group Management Protocol (IGMP) 326 Configuring IGMP 328 Displaying and debugging IGMP 333 PIM-DM Overview 333 Configuring PIM-DM 335 Displaying and Debugging PIM-DM 338 PIM-DM Configuration Example 338 PIM-SM Overview 339 PIM-SM Operating Principle 340 Preparations before Configuring PIM-SM 341 Configuring PIM-SM 341 Displaying and Debugging PIM-SM 346 PIM-SM Configuration Example 346 349

19

ACL CONFIGURATION Brief Introduction to ACL 351 ACL Supported by the Switch 352 Configuring ACL 352 Defining ACL 353 Activating ACL 355 Displaying and Debugging ACL 356 Advanced ACL Configuration Example 356 Basic ACL Configuration Example 357 Link ACL Configuration Example 358 QoS Configuration 359 QoS Configuration 361 Setting Port Priority 361 Configuring the Priority for Protocol Packets 361 Setting Port Mirroring 362 Configuring Traffic Mirroring 362 Setting Traffic Limit 364 Setting Line Limit 365 Relabeling Priority Level 365 Configuring Traffic Statistics 365 Configuring WRED Operation 366 Configuring Control Over Telnet 366 Displaying and Debugging QoS Configuration 369 QoS Configuration Example 369 Port Mirroring Configuration Example 370 Priority Relabeling Configuration Example 371 QoS Profile Configuration 372 Configuring QoS Profile 372 Configuring Profile Application Mode 373

12

CHAPTER : CONTENTS

Applying QoS Profile to the Port 374 QoS Profile Configuration Example 374 ACL Control Configuration 376 Configuring ACL for Telnet Users 376 Defining ACL 376 Importing ACL 377 Configuration Example 377 Configuring ACL for SNMP Users 377 Configuration Example 379 Configuring ACL Control over the HTTP Users Defining ACL 379 Calling ACL to Control HTTP Users 379 Configuration Example 380

20

379

CONFIGURATION FOR QOS FEATURES RSPAN Features 381 Configuration Prerequisite 382 Config...