Manual De UsuarioTabla de contenidosContents3Preface17Who Should Use This Guide17What You’ll Find in This Guide17Part 1: Getting Started17Part 2: Securing the Switch18Part 3: Switch Basics18Part 4: Advanced Switching Features18Part 5: IP Routing19Part 6: High Availability Fundamentals19Part 7: Network Management19Part 8: Monitoring20Part 9: Appendices20Additional References20Typographic Conventions21How to Get Help22Part 1: Getting Started23Switch Administration25Administration Interfaces25Command Line Interface26Browser-Based Interface26Establishing a Connection27Using the Switch Management Ports27Using the Switch Data Ports29Using Telnet30Using Secure Shell31Using SSH to Access the Switch31Using a Web Browser32Configuring HTTP Access to the BBI32Configuring HTTPS Access to the BBI32BBI Summary34Using Simple Network Management Protocol35BOOTP/DHCP Client IP Address Services36Global BOOTP Relay Agent Configuration37Domain-Specific BOOTP Relay Agent Configuration37Switch Login Levels38Setup vs. the Command Line39Initial Setup41Information Needed for Setup41Default Setup Options42Stopping and Restarting Setup Manually42Stopping Setup42Restarting Setup42Setup Part 1: Basic System Configuration43Setup Part 2: Port Configuration44Setup Part 3: VLANs46Setup Part 4: IP Configuration47IP Interfaces47Default Gateways49IP Routing49Setup Part 5: Final Steps50Optional Setup for Telnet Support51Part 2: Securing the Switch53Securing Administration55Secure Shell and Secure Copy55Configuring SSH/SCP Features on the Switch56To Enable or Disable the SSH Feature56To Enable or Disable SCP Apply and Save56Configuring the SCP Administrator Password57Using SSH and SCP Client Commands57To Log In to the Switch57To Copy the Switch Configuration File to the SCP Host57To Load a Switch Configuration File from the SCP Host58To Apply and Save the Configuration58To Copy the Switch Image and Boot Files to the SCP Host59To Load Switch Configuration Files from the SCP Host59SSH and SCP Encryption of Management Messages59Generating RSA Host and Server Keys for SSH Access60SSH/SCP Integration with Radius Authentication60SSH/SCP Integration with TACACS+ Authentication61SecurID Support61Using SecurID with SSH61Using SecurID with SCP61End User Access Control62Considerations for Configuring End User Accounts62Strong Passwords62User Access Control63Setting up User IDs63Defining a User’s Access Level63Validating a User’s Configuration63Enabling or Disabling a User63Listing Current Users64Logging into an End User Account64Authentication & Authorization Protocols65RADIUS Authentication and Authorization65How RADIUS Authentication Works66Configuring RADIUS on the Switch66RADIUS Authentication Features in BLADEOS67Switch User Accounts68RADIUS Attributes for BLADEOS User Privileges68TACACS+ Authentication69How TACACS+ Authentication Works69TACACS+ Authentication Features in BLADEOS70Authorization70Accounting71Command Authorization and Logging71Configuring TACACS+ Authentication on the Switch72LDAP Authentication and Authorization73Configuring the LDAP Server73Configuring LDAP Authentication on the Switch74Access Control Lists75Summary of Packet Classifiers76Summary of ACL Actions78Assigning Individual ACLs to a Port78ACL Order of Precedence78ACL Metering and Re-Marking79Metering79Re-Marking79ACL Port Mirroring80Viewing ACL Statistics80ACL Configuration Examples81ACL Example 181ACL Example 281ACL Example 382VLAN Maps82Using Storm Control Filters84Broadcast Storms84Configuring Storm Control84Part 3: Switch Basics85VLANs87VLANs Overview88VLANs and Port VLAN ID Numbers88VLAN Numbers88PVID Numbers89VLAN Tagging90VLAN Topologies and Design Considerations94VLAN Configuration Rules94Multiple VLANs with Tagging Adapters95VLAN Configuration Example97Private VLANs98Private VLAN Ports98Configuration Guidelines99Configuration Example99Ports and Trunking101Trunking Overview102Before You Configure Static Trunks103Trunk Group Configuration Rules104Port Trunking Example104Configurable Trunk Hash Algorithm106Link Aggregation Control Protocol107Configuring LACP108Spanning Tree Protocols109Spanning Tree Protocol Modes109Global STP Control110STP/PVST+ Mode111Port States111Bridge Protocol Data Units112Bridge Protocol Data Units Overview112Determining the Path for Forwarding BPDUs112Bridge Priority112Port Priority113Port Path Cost113Fast Uplink Convergence113Fast Uplink Configuration Guidelines114Configuring Fast Uplink Convergence114Port Fast Forwarding114Simple STP Configuration115Per-VLAN Spanning Tree Groups117Using Multiple STGs to Eliminate False Loops117STP/PVST+ Defaults and Guidelines118Adding a VLAN to a Spanning Tree Group118Creating a VLAN119Rules for VLAN Tagged Ports119Adding and Removing Ports from STGs120Switch-Centric Configuration121Configuring Multiple STGs122Rapid Spanning Tree Protocol124Port State Changes124RSTP Configuration Guidelines125RSTP Configuration Example125Per-VLAN Rapid Spanning Tree Groups126Configuring PVRST126Multiple Spanning Tree Protocol127MSTP Region127Common Internal Spanning Tree127MSTP Configuration Guidelines128MSTP Configuration Example 1128MSTP Configuration Example 2129Port Type and Link Type131Edge Port131Link Type131Quality of Service133QoS Overview133Using ACL Filters135Summary of ACL Actions135ACL Metering and Re-Marking136Metering136Re-Marking136Using DSCP Values to Provide QoS137Differentiated Services Concepts137Per Hop Behavior138QoS Levels139DSCP Re-Marking and Mapping140DSCP Re-Marking Configuration Example141Using 802.1p Priority to Provide QoS142Queuing and Scheduling143Part 4: Advanced Switching Features145Deployment Profiles147Available Profiles147Selecting Profiles149Automatic Configuration Changes149Virtualization151Virtual NICs153Defining Server Ports154Enabling the vNIC Feature154vNIC IDs155vNIC IDs on the Switch155vNIC Interface Names on the Server155vNIC Bandwidth Metering156vNIC Groups157vNIC Teaming Failover159vNIC Configuration Example161vNICs for iSCSI on Emulex Eraptor 2164VMready165VE Capacity166Defining Server Ports166VM Group Types166Local VM Groups167Configuring a Local VM Group167Distributed VM Groups169VM Profiles169Initializing a Distributed VM Group170Assigning Members170Synchronizing the Configuration171Removing Member VEs171Virtualization Management Servers172Assigning a vCenter172vCenter Scans173Deleting the vCenter173Exporting Profiles174VMware Operational Commands174Pre-Provisioning VEs175VLAN Maps176VM Policy Bandwidth Control178VM Policy Bandwidth Control Commands178Bandwidth Policies vs. Bandwidth Shaping179VMready Information Displays180Local VE Information180vCenter Hypervisor Hosts182vCenter VEs183vCenter VE Details183VMready Configuration Example184FCoE and CEE187Fibre Channel over Ethernet189The FCoE Topology189FCoE Requirements191Converged Enhanced Ethernet192Turning CEE On or Off192Effects on Link Layer Discovery Protocol192Effects on 802.1p Quality of Service193Effects on Flow Control194FCoE Initialization Protocol Snooping195Global FIP Snooping Settings195FIP Snooping for Specific Ports195Port FCF and ENode Detection196FCoE Connection Timeout196FCoE ACL Rules197FCoE VLANs197Viewing FIP Snooping Information198Operational Commands198FIP Snooping Configuration199Priority-Based Flow Control200Global Configuration201PFC Configuration Example202Enhanced Transmission Selection204802.1p Priority Values204Priority Groups206PGID206Assigning Priority Values to a Priority Group207Deleting a Priority Group207Allocating Bandwidth208Allocated Bandwidth for PGID 0 Through 7208Unlimited Bandwidth for PGID 15208Configuring ETS209Data Center Bridging Capability Exchange211DCBX Settings211Enabling and Disabling DCBX212Peer Configuration Negotiation212Configuring DCBX214Part 5: IP Routing217Basic IP Routing219IP Routing Benefits219Routing Between IP Subnets219Example of Subnet Routing221Using VLANs to Segregate Broadcast Domains222Configuration Example222ECMP Static Routes225OSPF Integration225ECMP Route Hashing225Configuring ECMP Static Routes226Dynamic Host Configuration Protocol227DHCP Relay Agent227Internet Protocol Version 6229IPv6 Limitations230IPv6 Address Format231IPv6 Address Types232Unicast Address232Multicast232Anycast233IPv6 Address Autoconfiguration233IPv6 Interfaces234Neighbor Discovery235Neighbor Discovery Overview235Host vs. Router236Supported Applications237Configuration Guidelines239IPv6 Configuration Examples240IPv6 Example 1240IPv6 Example 2240Routing Information Protocol243Distance Vector Protocol243Stability243Routing Updates244RIPv1244RIPv2244RIPv2 in RIPv1 Compatibility Mode245RIP Features245Poison245Triggered Updates245Multicast245Default246Metric246Authentication246RIP Configuration Example247Internet Group Management Protocol249IGMP Snooping250IGMP Groups251FastLeave251IGMPv3 Snooping251IGMP Snooping Configuration Example253Static Multicast Router254Configure a Static Multicast Router254IGMP Querier255IGMP Filtering256Configuring the Range256Configuring the Action256Configure IGMP Filtering257Border Gateway Protocol259Internal Routing Versus External Routing260Forming BGP Peer Routers261What is a Route Map?261Incoming and Outgoing Route Maps262Precedence263Configuration Overview263Aggregating Routes265Redistributing Routes265BGP Attributes266Local Preference Attribute266Metric (Multi-Exit Discriminator) Attribute266Selecting Route Paths in BGP267BGP Failover Configuration268Default Redistribution and Route Aggregation Example270OSPF273OSPFv2 Overview273Types of OSPF Areas274Types of OSPF Routing Devices275Neighbors and Adjacencies276The Link-State Database276The Shortest Path First Tree277Internal Versus External Routing277OSPFv2 Implementation in BLADEOS278Configurable Parameters278Defining Areas279Assigning the Area Index279Using the Area ID to Assign the OSPF Area Number280Attaching an Area to a Network280Interface Cost281Electing the Designated Router and Backup281Summarizing Routes281Default Routes282Virtual Links283Router ID283Authentication284Configuring Plain Text OSPF Passwords285Configuring MD5 Authentication286Host Routes for Load Balancing287OSPF Features Not Supported in This Release287OSPFv2 Configuration Examples288Example 1: Simple OSPF Domain289Example 2: Virtual Links291Configuring OSPF for a Virtual Link on Switch #1291Configuring OSPF for a Virtual Link on Switch #2293Other Virtual Link Options294Example 3: Summarizing Routes295Verifying OSPF Configuration297OSPFv3 Implementation in BLADEOS298OSPFv3 Differences from OSPFv2298OSPFv3 Requires IPv6 Interfaces298OSPFv3 Uses Independent Command Paths299OSPFv3 Identifies Neighbors by Router ID299Other Internal Improvements299OSPFv3 Limitations300OSPFv3 Configuration Example300Protocol Independent Multicast303PIM Overview303Supported PIM Modes and Features304Basic PIM Settings305Globally Enabling or Disabling the PIM Feature305Defining a PIM Network Component306Defining an IP Interface for PIM Use306PIM Neighbor Filters307Additional Sparse Mode Settings308Specifying the Rendezvous Point308Influencing the Designated Router Selection309Specifying a Bootstrap Router309Using PIM with Other Features310PIM with ACLs or VMAPs310PIM with IGMP310PIM Configuration Examples311Example 1: PIM-SM with Dynamic RP311Example 2: PIM-SM with Static RP312Example 3: PIM-DM312Part 6: High Availability Fundamentals315Basic Redundancy317Trunking for Link Redundancy317Hot Links318Forward Delay318Preemption318FDB Update318Configuration Guidelines319Configuring Hot Links319Active MultiPath Protocol320Health Checks321FDB Flush321Configuration Guidelines321Configuration Example322Configuring an Aggregator Switch322Configuring an Access Switch323Verifying AMP Operation323Layer 2 Failover325Monitoring Trunk Links325Setting the Failover Limit326Manually Monitoring Port Links327Monitor Port State327Control Port State327L2 Failover with Other Features328LACP328Spanning Tree Protocol328Configuration Guidelines328Configuring Layer 2 Failover329Virtual Router Redundancy Protocol331VRRP Overview332VRRP Components332Virtual Router332Virtual Router MAC Address332Owners and Renters332Master and Backup Virtual Router333Virtual Interface Router333VRRP Operation333Selecting the Master VRRP Router334Failover Methods334Active-Active Redundancy335Virtual Router Group335BLADEOS Extensions to VRRP336Virtual Router Deployment Considerations337Assigning VRRP Virtual Router ID337Configuring the Switch for Tracking337High Availability Configurations338Task 1: Configure G8124 1339Task 2: Configure G8124 2341Part 7: Network Management343Link Layer Discovery Protocol345LLDP Overview345Enabling or Disabling LLDP346Global LLDP Setting346Transmit and Receive Control346LLDP Transmit Features347Scheduled Interval347Minimum Interval347Time-to-Live for Transmitted Information348Trap Notifications348Changing the LLDP Transmit State349Types of Information Transmitted349LLDP Receive Features351Types of Information Received351Viewing Remote Device Information351Time-to-Live for Received Information352LLDP Example Configuration353Simple Network Management Protocol355SNMP Version 1355SNMP Version 3356Default Configuration356Up to 16 SNMP users can be configured on the switch. To modify an SNMP user, enter the following commands:356User Configuration Example357Configuring SNMP Trap Hosts358SNMPv1 Trap Host358SNMPv2 Trap Host Configuration359SNMPv3 Trap Host Configuration360SNMP MIBs361Switch Images and Configuration Files364Loading a New Switch Image365Loading a Saved Switch Configuration365Saving the Switch Configuration366Saving a Switch Dump366Part 8: Monitoring367Remote Monitoring369RMON Overview369RMON Group 1-Statistics370Example Configuration370RMON Group 2-History371History MIB Object ID371Configuring RMON History372RMON Group 3-Alarms373Alarm MIB objects373Configuring RMON Alarms373RMON Group 9-Events374sFLOW375sFlow Statistical Counters375sFlow Network Sampling375sFlow Example Configuration376Port Mirroring377Configuring Port Mirroring378Part 9: Appendices379Glossary381Index383Tamaño: 3 MBPáginas: 388Language: EnglishManuales abiertas