Benutzerhandbuch für Cabletron Systems 9032578-05

Inhaltsverzeichnis

• Notices

  3
• Contents

  13
• About This Manual

  27
  • Related Documentation

    27
  • Document Conventions

    27
• Introduction

  29
  • Configuration Files

    29
  • Using the Command Line Interface

    30
    • Command Modes

      30
      • User Mode

        30
      • Enable Mode

        30
      • Configure Mode

        31
      • Boot PROM Mode

        31
    • Getting Help with CLI Commands

      31
    • Line Editing Commands

      33
  • Displaying and Changing Configuration Information

    35
  • Port Names

    37
• Hot Swapping Line Cards and Control Modules

  39
  • Hot Swapping Overview

    39
  • Hot Swapping Line Cards

    40
    • Deactivating the Line Card

      40
    • Removing the Line Card

      41
    • Installing a New Line Card

      41
    • Hot Swapping One Type of Line Card With Another

      41
  • Hot Swapping a Secondary Control Module

    42
    • Deactivating the Control Module

      42
    • Removing the Control Module

      43
    • Installing a Control Module

      43
  • Hot Swapping a Switching Fabric Module (SSR 8600 only)

    44
    • Removing the Switching Fabric Module

      45
    • Installing a Switching Fabric Module

      45
• Bridging Configuration Guide

  47
  • Bridging Overview

    47
    • Spanning Tree (IEEE 802.1d)

      47
    • Bridging Modes (Flow-Based and Address-Based)

      48
  • VLAN Overview

    48
    • Port-based VLANs

      49
    • MAC-address-based VLANs

      49
    • Protocol-based VLANs

      49
    • Subnet-based VLANs

      49
    • Multicast-based VLANs

      50
    • Policy-based VLANs

      50
    • SSR VLAN Support

      50
      • VLANs and the SSR

        50
      • Ports, VLANs, and L3 Interfaces

        51
      • Access Ports and Trunk Ports (802.1Q support)

        51
      • Explicit and Implicit VLANs

        52
  • Configuring SSR Bridging Functions

    52
    • Configuring Address-based or Flow-based Bridging

      52
    • Configuring Spanning Tree

      54
    • Adjusting Spanning-Tree Parameters

      54
      • Setting the Bridge Priority

        55
      • Setting a Port Priority

        55
      • Assigning Port Costs

        55
      • Adjusting Bridge Protocol Data Unit (BPDU) Intervals

        56
    • Configuring a Port- or Protocol-Based VLAN

      57
      • Creating a Port or Protocol Based VLAN

        57
      • Adding Ports to a VLAN

        57
    • Configuring VLAN Trunk Ports

      57
    • Configuring VLANs for Bridging

      58
    • Configuring Layer-2 Filters

      58
  • Monitoring Bridging

    59
  • Configuration Examples

    59
    • Creating an IP or IPX VLAN

      59
    • Creating a non-IP/non-IPX VLAN

      60
• SmartTRUNK Configuration Guide

  61
  • Overview

    61
  • Configuring SmartTRUNKs

    62
    • Creating a SmartTRUNK

      62
    • Add Physical Ports to the SmartTRUNK

      62
    • Specify Traffic Distribution Policy (Optional)

      63
  • Monitoring SmartTRUNKs

    63
  • Example Configurations

    64
• ATM Configuration Guide

  67
  • ATM Overview

    67
  • Virtual Channels

    67
    • Creating a Virtual Channel

      68
  • Service Class Definition

    68
    • Creating a Service Class Definition

      69
    • Applying a Service Class Definition

      70
  • Cell Scrambling

    71
    • Enabling Cell Scrambling

      71
  • Cell Mapping

    72
    • Selecting the Cell Mapping Format

      72
  • Creating a Non-Zero VPI

    73
    • Setting the Bit Allocation for VPI

      73
  • Displaying ATM Port Information

    74
  • ATM Sample Configuration 1

    78
    • Configuring an Interface on an Ethernet Port

      79
    • Creating a Virtual Channel

      79
    • Defining an ATM Service Class

      79
    • Applying an ATM Service Class

      80
    • Configuring an Interface on an ATM Port

      80
    • Configuring an IP Route

      80
• Packet-over-SONET Configuration Guide

  83
  • Overview

    83
    • Configuring IP Interfaces for PoS Links

      84
  • Configuring Packet-over-SONET Links

    84
  • Configuring Automatic Protection Switching

    85
    • Configuring Working and Protecting Ports

      86
  • Specifying Bit Error Rate Thresholds

    87
  • Monitoring PoS Ports

    88
  • Example Configurations

    89
    • APS PoS Links Between SSRs

      89
    • PoS Link Between the SSR and a Cisco Router

      90
    • Bridging and Routing Traffic Over a PoS Link

      91
• DHCP Configuration Guide

  93
  • DHCP Overview

    93
  • Configuring DHCP

    94
    • Configuring an IP Address Pool

      94
    • Configuring Client Parameters

      94
    • Configuring a Static IP Address

      95
    • Grouping Scopes with a Common Interface

      95
    • Configuring DHCP Server Parameters

      96
  • Updating the Lease Database

    96
  • Monitoring the DHCP Server

    96
  • DHCP Configuration Examples

    97
    • Configuring Secondary Subnets

      98
    • Secondary Subnets and Directly-Connected Clients

      99
    • Interacting with Relay Agents

      100
• IP Routing Configuration Guide

  103
  • IP Routing Protocols

    103
    • Unicast Routing Protocols

      103
    • Multicast Routing Protocols

      104
  • Configuring IP Interfaces and Parameters

    104
    • Configuring IP Interfaces to Ports

      105
    • Configuring IP Interfaces for a VLAN

      105
    • Specifying Ethernet Encapsulation Method

      105
    • Configuring Jumbo Frames

      106
    • Configuring Address Resolution Protocol (ARP)

      107
      • Configuring ARP Cache Entries

        107
      • Unresolved MAC Addresses for ARP Entries

        107
      • Configuring Proxy ARP

        108
    • Configuring Reverse Address Resolution Protocol (RARP)

      108
      • Specifying IP Interfaces for RARP

        109
      • Defining MAC-to-IP Address Mappings

        109
      • Monitoring RARP

        110
    • Configuring DNS Parameters

      110
    • Configuring IP Services (ICMP)

      110
    • Configuring IP Helper

      110
    • Configuring Direct Broadcast

      111
    • Configuring Denial of Service (DOS)

      112
    • Monitoring IP Parameters

      112
  • Configuring Router Discovery

    113
  • Configuration Examples

    116
    • Assigning IP/IPX Interfaces

      116
• VRRP Configuration Guide

  117
  • VRRP Overview

    117
  • Configuring VRRP

    117
    • Basic VRRP Configuration

      118
      • Configuration of Router R1

        118
      • Configuration for Router R2

        119
    • Symmetrical Configuration

      119
      • Configuration of Router R1

        120
      • Configuration of Router R2

        121
    • Multi-Backup Configuration

      121
      • Configuration of Router R1

        123
      • Configuration of Router R2

        124
      • Configuration of Router R3

        125
    • Additional Configuration

      125
      • Setting the Backup Priority

        126
      • Setting the Advertisement Interval

        126
      • Setting Pre-empt Mode

        126
      • Setting an Authentication Key

        127
  • Monitoring VRRP

    127
    • ip-redundancy trace

      127
    • ip-redundancy show

      128
  • VRRP Configuration Notes

    129
• RIP Configuration Guide

  131
  • RIP Overview

    131
  • Configuring RIP

    131
    • Enabling and Disabling RIP

      132
    • Configuring RIP Interfaces

      132
    • Configuring RIP Parameters

      132
    • Configuring RIP Route Preference

      134
    • Configuring RIP Route Default-Metric

      134
  • Monitoring RIP

    134
  • Configuration Example

    135
• OSPF Configuration Guide

  137
  • OSPF Overview

    137
    • OSPF Multipath

      138
  • Configuring OSPF

    138
    • Enabling OSPF

      139
    • Configuring OSPF Interface Parameters

      139
    • Default Cost of an OSPF Interface

      140
    • Configuring an OSPF Area

      141
    • Configuring OSPF Area Parameters

      142
    • Creating Virtual Links

      142
    • Configuring Autonomous System External (ASE) Link Advertisements

      143
    • Configuring OSPF for Different Types of Interfaces

      143
  • Monitoring OSPF

    144
  • OSPF Configuration Examples

    146
• BGP Configuration Guide

  151
  • BGP Overview

    151
    • The SSR BGP Implementation

      152
  • Basic BGP Tasks

    152
    • Setting the Autonomous System Number

      153
    • Setting the Router ID

      153
    • Configuring a BGP Peer Group

      153
    • Adding and Removing a BGP Peer

      155
    • Starting BGP

      155
    • Using AS-Path Regular Expressions

      155
      • AS-Path Regular Expression Examples

        157
    • Using the AS Path Prepend Feature

      157
      • Notes on Using the AS Path Prepend Feature

        158
  • BGP Configuration Examples

    158
    • BGP Peering Session Example

      159
    • IBGP Configuration Example

      161
      • IBGP Routing Group Example

        162
      • IBGP Internal Group Example

        165
    • EBGP Multihop Configuration Example

      168
    • Community Attribute Example

      171
      • Notes on Using Communities

        178
    • Local Preference Examples

      178
      • Using the local-pref Option

        180
      • Using the set-pref Option

        180
    • Multi-Exit Discriminator Attribute Example

      181
    • EBGP Aggregation Example

      182
    • Route Reflection Example

      183
      • Notes on Using Route Reflection

        186
• Routing Policy Configuration Guide

  187
  • Route Import and Export Policy Overview

    187
    • Preference

      188
    • Import Policies

      189
      • Import-Source

        189
      • Route-Filter

        190
    • Export Policies

      190
      • Export-Destination

        190
      • Export-Source

        190
      • Route-Filter

        191
    • Specifying a Route Filter

      191
    • Aggregates and Generates

      192
      • Aggregate-Destination

        193
      • Aggregate-Source

        193
      • Route-Filter

        194
    • Authentication

      194
      • Authentication Methods

        194
      • Authentication Keys and Key Management

        195
  • Configuring Simple Routing Policies

    195
    • Redistributing Static Routes

      196
    • Redistributing Directly Attached Networks

      196
    • Redistributing RIP into RIP

      197
    • Redistributing RIP into OSPF

      197
    • Redistributing OSPF to RIP

      197
    • Redistributing Aggregate Routes

      197
    • Simple Route Redistribution Examples

      198
      • Example 1: Redistribution into RIP

        198
      • Example 2: Redistribution into OSPF

        199
  • Configuring Advanced Routing Policies

    201
    • Export Policies

      201
    • Creating an Export Destination

      203
    • Creating an Export Source

      203
    • Import Policies

      203
    • Creating an Import Source

      204
    • Creating a Route Filter

      204
    • Creating an Aggregate Route

      205
    • Creating an Aggregate Destination

      206
    • Creating an Aggregate Source

      206
    • Examples of Import Policies

      206
      • Example 1: Importing from RIP

        206
      • Example 2: Importing from OSPF

        210
    • Examples of Export Policies

      213
      • Example 1: Exporting to RIP

        213
      • Example 2: Exporting to OSPF

        218
• Multicast Routing Configuration Guide

  223
  • IP Multicast Overview

    223
    • IGMP Overview

      223
    • DVMRP Overview

      224
  • Configuring IGMP

    225
    • Configuring IGMP on an IP Interface

      225
    • Configuring IGMP Query Interval

      225
    • Configuring IGMP Response Wait Time

      225
    • Configuring Per-Interface Control of IGMP Membership

      226
    • Configuring Static IGMP Groups

      226
  • Configuring DVMRP

    226
    • Starting and Stopping DVMRP

      227
    • Configuring DVMRP on an Interface

      227
    • Configuring DVMRP Parameters

      227
    • Configuring the DVMRP Routing Metric

      228
    • Configuring DVMRP TTL & Scope

      228
    • Configuring a DVMRP Tunnel

      229
  • Monitoring IGMP & DVMRP

    229
  • Configuration Examples

    230
• IP Policy-Based Forwarding Configuration Guide

  233
  • Overview

    233
  • Configuring IP Policies

    234
    • Defining an ACL Profile

      234
    • Associating the Profile with an IP Policy

      234
      • Creating Multi-Statement IP Policies

        235
      • Setting the IP Policy Action

        235
      • Setting Load Distribution for Next-Hop Gateways

        236
    • Applying an IP Policy to an Interface

      236
      • Applying an IP Policy to Locally Generated Packets

        236
  • IP Policy Configuration Examples

    237
    • Routing Traffic to Different ISPs

      237
    • Prioritizing Service to Customers

      238
    • Authenticating Users through a Firewall

      239
    • Firewall Load Balancing

      240
  • Monitoring IP Policies

    241
• Network Address Translation Configuration Guide

  245
  • Overview

    245
  • Configuring NAT

    246
    • Setting Inside and Outside Interfaces

      246
    • Setting NAT Rules

      247
      • Static

        247
      • Dynamic

        247
  • Forcing Flows through NAT

    247
  • Managing Dynamic Bindings

    248
  • NAT and DNS

    248
  • NAT and ICMP Packets

    249
  • NAT and FTP

    249
  • Monitoring NAT

    250
  • Configuration Examples

    250
    • Static Configuration

      250
      • Using Static NAT

        251
    • Dynamic Configuration

      251
      • Using Dynamic NAT

        252
    • Dynamic NAT with IP Overload (PAT) Configuration

      253
      • Using Dynamic NAT with IP Overload

        253
    • Dynamic NAT with DNS

      254
      • Using Dynamic NAT with DNS

        255
    • Dynamic NAT with Outside Interface Redundancy

      255
      • Using Dynamic NAT with Matching Interface Redundancy

        256
• Web Hosting Configuration Guide

  257
  • Overview

    257
  • Load Balancing

    258
    • Configuring Load Balancing

      258
      • Creating the Server Group

        258
      • Adding Servers to the Load Balancing Group

        258
    • Session Persistence

      259
    • Optional Group or Server Operating Parameters

      261
      • Specifying Load Balancing Policy

        261
      • Specifying a Connection Threshold

        261
      • Verifying Servers and Applications

        262
      • Verifying Extended Content

        263
    • Setting Server Status

      263
    • Load Balancing and FTP

      264
    • Allowing Access to Load Balancing Servers

      264
    • Setting Timeouts for Load Balancing Mappings

      264
    • Displaying Load Balancing Information

      265
    • Configuration Examples

      265
      • Web Hosting with One Virtual Group and Multiple Destination Servers

        266
      • Web Hosting with Multiple Virtual Groups and Multiple Destination Servers

        267
      • Virtual IP Address Ranges

        268
      • Session and Netmask Persistence

        269
  • Web Caching

    270
    • Configuring Web Caching

      270
      • Creating the Cache Group

        270
      • Specifying the Client(s) for the Cache Group (Optional)

        271
      • Redirecting HTTP Traffic on an Interface

        271
    • Configuration Example

      272
    • Other Configurations

      272
      • Bypassing Cache Servers

        272
      • Proxy Server Redundancy

        273
      • Distributing Frequently-Accessed Sites Across Cache Servers

        273
    • Monitoring Web-Caching

      273
• IPX Routing Configuration Guide

  275
  • IPX Routing Overview

    275
    • RIP (Routing Information Protocol)

      275
    • SAP (Service Advertising Protocol)

      276
  • Configuring IPX RIP & SAP

    277
    • IPX RIP

      277
    • IPX SAP

      277
    • Creating IPX Interfaces

      277
    • IPX Addresses

      277
  • Configuring IPX Interfaces and Parameters

    278
    • Configuring IPX Addresses to Ports

      278
    • Configuring Secondary Addresses on an IPX Interface

      278
    • Configuring IPX Interfaces for a VLAN

      278
    • Specifying IPX Encapsulation Method

      279
  • Configuring IPX Routing

    279
    • Enabling IPX RIP

      279
    • Enabling SAP

      279
    • Configuring Static Routes

      280
    • Configuring Static SAP Table Entries

      280
    • Controlling Access to IPX Networks

      280
      • Creating an IPX Access Control List

        280
      • Creating an IPX Type 20 Access Control List

        281
      • Creating an IPX SAP Access Control List

        281
      • Creating an IPX GNS Access Control List

        282
      • Creating an IPX RIP Access Control List

        282
  • Monitoring an IPX Network

    283
  • Configuration Examples

    283
• Access Control List Configuration Guide

  285
  • ACL Basics

    286
    • Defining Selection Criteria in ACL Rules

      286
    • How ACL Rules are Evaluated

      288
    • Implicit Deny Rule

      288
    • Allowing External Responses to Established TCP Connections

      289
  • Creating and Modifying ACLs

    290
    • Editing ACLs Offline

      290
    • Maintaining ACLs Using the ACL Editor

      291
  • Using ACLs

    292
    • Applying ACLs to Interfaces

      292
    • Applying ACLs to Services

      293
    • Applying ACLs to Layer-4 Bridging Ports

      293
    • Using ACLs as Profiles

      294
      • Using Profile ACLs with the IP Policy Facility

        295
      • Using Profile ACLs with the Traffic Rate Limiting Facility

        295
      • Using Profile ACLs with Dynamic NAT

        296
      • Using Profile ACLs with the Port Mirroring Facility

        297
      • Using Profile ACLs with the Web Caching Facility

        297
  • Enabling ACL Logging

    299
  • Monitoring ACLs

    300
• Security Configuration Guide

  301
  • Security Overview

    301
  • Configuring SSR Access Security

    302
    • Configuring RADIUS

      302
      • Monitoring RADIUS

        303
    • Configuring TACACS

      303
      • Monitoring TACACS

        303
    • Configuring TACACS Plus

      304
      • Monitoring TACACS Plus

        305
    • Configuring Passwords

      305
  • Layer-2 Security Filters

    305
    • Configuring Layer-2 Address Filters

      306
    • Configuring Layer-2 Port-to-Address Lock Filters

      307
    • Configuring Layer-2 Static Entry Filters

      307
    • Configuring Layer-2 Secure Port Filters

      308
    • Monitoring Layer-2 Security Filters

      309
    • Layer-2 Filter Examples

      309
      • Example 1: Address Filters

        309
      • Example 2 : Secure Ports

        311
  • Layer-3 Access Control Lists (ACLs)

    311
  • Layer-4 Bridging and Filtering

    312
    • Creating a Port-Based VLAN for Layer-4 Bridging

      313
    • Placing the Ports on the Same VLAN

      313
    • Enabling Layer-4 Bridging on the VLAN

      313
    • Creating ACLs to Specify Selection Criteria for Layer-4 Bridging

      313
    • Applying a Layer-4 Bridging ACL to a Port

      314
    • Notes

      314
• QoS Configuration Guide

  317
  • QoS & Layer-2/Layer-3/Layer-4 Flow Overview

    317
    • Layer-2 and Layer-3 & Layer-4 Flow Specification

      318
    • Precedence for Layer-3 Flows

      319
    • SSR Queuing Policies

      319
  • Traffic Prioritization for Layer-2 Flows

    319
    • Configuring Layer-2 QoS

      320
    • 802.1p Priority Mapping

      320
      • Creating and Applying a New Priority Map

        321
      • Removing or Disabling Per-Port Priority Map

        321
      • Displaying Priority Map Information

        322
  • Traffic Prioritization for Layer-3 & Layer-4 Flows

    322
    • Configuring IP QoS Policies

      322
      • Setting an IP QoS Policy

        323
      • Specifying Precedence for an IP QoS Policy

        323
    • Configuring IPX QoS Policies

      323
      • Setting an IPX QoS Policy

        323
      • Specifying Precedence for an IPX QoS Policy

        324
  • Configuring SSR Queueing Policy

    324
    • Allocating Bandwidth for a Weighted-Fair Queuing Policy

      324
  • Weighted Random Early Detection (WRED)

    325
  • ToS Rewrite

    325
    • Configuring ToS Rewrite for IP Packets

      326
  • Monitoring QoS

    328
  • Limiting Traffic Rate

    329
    • Rate Limiting Modes

      329
    • Per-Flow Rate Limiting

      330
    • Port Rate Limiting

      330
    • Aggregate Rate Limiting

      331
    • Example Configurations

      332
      • Per-Flow Rate Limiting

        332
      • Aggregate Rate Limiting

        333
    • Displaying Rate Limit Information

      334
• Performance Monitoring Guide

  335
  • Performance Monitoring Overview

    335
  • Configuring the SSR for Port Mirroring

    337
  • Monitoring Broadcast Traffic

    337
• RMON Configuration Guide

  339
  • RMON Overview

    339
  • Configuring and Enabling RMON

    340
    • Example of RMON Configuration Commands

      340
    • RMON Groups

      341
      • Lite RMON Groups

        341
      • Standard RMON Groups

        342
      • Professional RMON Groups

        342
    • Control Tables

      343
  • Using RMON

    344
  • Configuring RMON Groups

    345
    • Configuration Examples

      347
  • Displaying RMON Information

    348
    • RMON CLI Filters

      349
      • Creating RMON CLI Filters

        351
      • Using RMON CLI Filters

        351
  • Troubleshooting RMON

    351
  • Allocating Memory to RMON

    353
• LFAP Configuration Guide

  355
  • Overview

    355
  • Cabletron’s Traffic Accounting Services

    356
  • Configuring the LFAP Agent on the SSR

    356
  • Monitoring the LFAP Agent on the SSR

    358
• WAN Configuration Guide

  359
  • WAN Overview

    359
    • High-Speed Serial Interface (HSSI) and Standard Serial Interfaces

      359
    • Configuring WAN Interfaces

      360
    • Primary and Secondary Addresses

      360
    • Static, Mapped, and Dynamic Peer IP/IPX Addresses

      360
      • Static Addresses

        360
      • Mapped Addresses

        361
      • Dynamic Addresses

        361
    • Forcing Bridged Encapsulation

      362
    • Packet Compression

      362
      • Average Packet Size

        363
      • Nature of the Data

        363
      • Link Integrity

        363
      • Latency Requirements

        363
      • Example Configurations

        363
    • Packet Encryption

      364
    • WAN Quality of Service

      364
      • Source Filtering and ACLs

        365
      • Weighted-Fair Queueing

        365
      • Congestion Management

        365
  • Frame Relay Overview

    366
    • Virtual Circuits

      366
      • Permanent Virtual Circuits (PVCs)

        367
  • Configuring Frame Relay Interfaces for the SSR

    367
    • Defining the Type and Location of a Frame Relay and VC Interface

      367
    • Setting up a Frame Relay Service Profile

      368
    • Applying a Service Profile to an Active Frame Relay WAN Port

      368
  • Monitoring Frame Relay WAN Ports

    369
  • Frame Relay Port Configuration

    369
  • Point-to-Point Protocol (PPP) Overview

    371
    • Use of LCP Magic Numbers

      371
  • Configuring PPP Interfaces

    371
    • Defining the Type and Location of a PPP Interface

      372
    • Setting up a PPP Service Profile

      372
    • Applying a Service Profile to an Active PPP Port

      373
    • Configuring Multilink PPP Bundles

      373
      • Compression on MLP Bundles or Links

        373
  • Monitoring PPP WAN Ports

    374
  • PPP Port Configuration

    374
  • WAN Configuration Examples

    376
    • Simple Configuration File

      376
    • Multi-Router WAN Configuration

      377
      • Router R1 Configuration File

        378
      • Router R2 Configuration File

        378
      • Router R3 Configuration File

        379
      • Router R4 Configuration File

        379
      • Router R5 Configuration File

        380
      • Router R6 Configuration File

        380
• New Features Supported on Line Cards

  383
  • Introduction

    383
  • SSR 8000/8600 Line Cards

    383
    • Line Cards Available Prior to the 3.0 Firmware Release

      383
    • Line Cards Introduced at the 3.0 Firmware Release (-AA Revision)

      384
    • Line Cards Introduced at the 3.1 Firmware Release (T-Series)

      385
  • SSR 2000 Line Cards

    387
  • New Features that Require Specific Line Cards

    388
    • Network Address Translation

      388
    • Load Balancing (LSNAT)

      390
    • Layer 4 Bridging

      391
    • Per-Protocol VLAN

      392
    • QoS Rate Limiting

      393
      • Per-Flow Rate Limiting

        393
      • Aggregate Rate Limiting

        393
      • Port Rate Limiting

        393
    • ToS Rewrite

      394
    • Established Bit ACL

      394
    • Multiple IPX Encapsulation

      394
    • Weighted Random Early Detection (WRED)

      395
    • Jumbo Frames

      395
  • Summary

    395
  • Identifying a Line Card

    396
    • Example 1:

      396
    • Example 2:

      397
    • Example 3:

      397