enterasys switch configuration guide

Can be no less than the max advertisement interval. The value of weighted fair queuing is in its assurance that no queue is starved for bandwidth. Configuring PoE Procedure 7-3 PoE Configuration for G-Series Devices (continued) Step Task Command(s) 7. Table 9-1 Default VLAN Parameters Parameter Description Default Value garp timers Configures the three GARP timers. Using the viewnames assigned in Step 1, create restricted views for v1/v2c users, and unrestricted views for v3 users. A graft retransmission timer expires before a graft ACK is received. The PVID determines the VLAN to which all untagged frames received on the port will be classified. 4. MSTP and RSTP bridges receiving STP BPDUs will switch to use STP BPDUs when sending on the port connected to the STP bridge. Router 4 is configured as an ASBR connected to a RIP autonomous system. RADIUS looks up the user account for that user based upon the SMAC. Configuring Cisco Discovery Protocol 13-14 Configuring Neighbor Discovery. set snmp community community_name 2. Lead and handle change configuration team of process upon business requirements. Use the passive-interface command in router configuration command mode to configure an interface as passive or to set passive as the default mode of operation for all interfaces. ThiscommanddisplaysIPv6DHCPstatisticsforallinterfaces. Enterasys->show spantree nonforwardingreason port lag.0.2 Port lag.0.2 has been placed in listening or blocking state on SID 0 by the LoopProtect feature. Most of my achievements were completed while working in enterprise, multi-national, and multi-culture corporations such as LinkdotNET, Raya Holding, CSC/DXC Australia, Alphawest/Optus Business Australia, Woodside Energy for Oil and Gas . Syslog Components and Their Use Table 14-1 14-4 Syslog Terms and Definitions (continued) Term Definition Enterays Usage Syslog server A remote server configured to collect and store Syslog messages. Ctrl+B Move cursor back one character. Implementing VLANs building has its own internal network. DHCP Snooping Procedure 26-6 Basic Configuration for DHCP Snooping Step Task Command(s) 1. Configuring OSPF Areas injected into the stub area to enable other stub routers within the stub area to reach any external routes that are no longer inserted into the stub area. show mgmt-auth-notify 2. Figure 16-1 displays an illustration of the policy configuration of a example infrastructure. sFlow sFlow Agent Functionality Packet flow sampling and counter sampling are performed by sFlow Instances associated with individual Data Sources within the sFlow Agent. Quality of Service Overview queue 2 has access to its percentage of time slices, and so on round robin. RSTP is defined in the IEEE 802.1w standard. Refer to page Policy Configuration Overview Identifying and restricting routing to legitimate routing IP addresses to prevent DoS, spoofing, data integrity and other routing related security issues. Thisexampleshowshowtodisplaythelinkflapparameterstable: Tabl e 74providesanexplanationoftheshowlinkflapparameterscommandoutput. set system lockout emergency-access username 5. Procedure 19-3 describes the basic steps to configure DVMRP on fixed switches with advanced routing enabled. Basic OSPF Topology Configuration OSPF Router Types OSPF router type is an attribute of an OSPF process. Paths to Root If the bridge is not elected as root, one or more ports provide a path back to the root bridge. Enterasys Switch: List of Devices # Model Type of Document; 1: Enterasys I3H252: Enterasys Switch I3H252 Hardware installation manual (78 pages) 2: Enterasys I Series: Configuring OSPF Interfaces OSPF is disabled by default and must be enabled on routing interfaces with the ip ospf enable command in interface configuration mode. Table 13-2 LLDP Show Commands Task Command Display LLDP configuration information. To create and enable a port mirroring instance: 1. Router R1 serves as the master and Router R2 serves as the backup. 2. Terms and Definitions 15-38 Configuring Spanning Tree. You need to know the index value associated with a single entity to enable, disable, initialize, or reauthenticate a single entity. How many VLANs will be required? You can use the following commands to review and, if necessary, change the edge port detection status on the device and the edge port status of Spanning Tree ports. Configuring RIP Table 21-1 Routing Protocol Route Preferences Route Source Default Distance Connected 0 Static 1 OSPF (Requires support for advanced routing features on the switch) 110 RIP 120 Also in router configuration mode, you can disable automatic route summarization with the no auto-summary command. Download Configuration manual of Enterasys C2H124-24 Switch for Free or View it Online on All-Guides.com. Configuring Node Aliases 4-28 System Configuration. SNMP Support on Enterasys Switches Terms and Definitions Table 12-2 lists common SNMP terms and defines their use on Enterasys devices. 12-18 Display SNMP traffic counter values. Configuring a Stack of New Switches 1. -1 (request as many octets as possible) capture slice The RMON capture maximum number of octets from each packet to be saved to the buffer. If Spanning Tree is disabled globally all linked ports will be in a forwarding state and the Spanning Tree Protocol will not run. TACACS+ You can also configure TACACS+ to use a single TCP connection for all TACACS+ client requests to a given TACACS+ server. Important Notice Depending on the firmware version used on your Fixed Switch platform, some features described in this document may not be supported. 1. First, the module is verified as present in Slot 2, and the port status is shown as operating as a 1000BASE-SX port. Port Configuration Overview vlan for vlan interfaces lag for IEEE802.3 link aggregation ports Where unit_or_slotnumber can be: 1 - 8 for stackable switches (up to 8 units in a stack) 1 - 3 for I-Series standalone switches (Note that the uplink ports are considered to be slot 3) 1 - 4 for G-Series standalone switches Where port number depends on the device. Meraki MS Switches Features. show tacacs session {authorization | accounting} [state] Displays only the current status for TACACS+ per-command authorization and accounting. Format Examples The following examples illustrate secure log entry formats for different types of events. Understanding and Configuring Loop Protect Valid values are 065535 seconds. VLAN authorization status Enables or disables globally and per port VLAN authorization. You must first associate a receiver/Collector in the sFlow Receivers Table with the poller instance, before configuring the polling interval with the set sflow port poller command. Configuring MSTP Example 2: Configuring MSTP for Maximum Bandwidth Utilization This example illustrates the use of MSTP for maximum bandwidth utilization. TACACS+ Configuring the Source Address You can configure the source IP address used by the TACACS+ application on the switch when generating packets for management purposes. For commands with optional parameters, this section describes how the CLI responds if the user opts to enter only the keywords of the command syntax. When any change is made to the hardware configuration, power supply status, or redundancy mode, the firmware recalculates the power available for PoE. Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. Port Traffic Rate Limiting When a CoS is configured with an inbound rate limiter (IRL), and that IRL CoS is configured as part of a policy profile using the set policy profile command, CoS-based inbound rate limiting will take precedence over port rate limits set with set port ratelimit. Optionally, configure a default distance, or preference, for static IPv6 routes that do not have a preference specified. Initial Configuration Overview Table 4-2 Default Settings for Router Operation (continued) Feature Default Setting Hello interval (OSPF) Set to 10 seconds for broadcast and point-to-point networks. ACL Configuration Overview 2: deny ip 30.0.0.1 0.0.255.255 any 3: deny ip 40.0.0.1 0.0.255.255 any 4: permit ip any any Inserting ACL Rules When you enter an ACL rule, the new rule is appended to the end of the existing rules by default. For example: A4(su)->show boot system Current system image to boot: a4-series_06.61.00.0026 Use the set boot system command to set the firmware image to be loaded at startup. Quality of Service (QoS) configuration on Enterasys switches is usually done via policies. In this way, both upstream and downstream facing ports are protected. | En savoir plus sur l'exprience professionnelle de Nicolas Fluchaire, sa formation, ses relations et plus en . Optionally, modify the LAG port parameters. C5(su)->router# Debug network issues with ping and traceroute Global Configuration Mode Set system-wide router parameters. TACACS+ Procedure 26-4 TACACS+ Configuration (continued) Step Task Command(s) 8. If Router R1 should become unavailable, Router R2 would take over virtual router VRID 1 and its associated IP addresses. Set a new hello time interval: set spantree hello interval Valid interval values are 110. Authentication Configuration Example In an 802.1x configuration, policy is specified in the RADIUS account configuration on the authentication server using the RADIUS Filter-ID. Reset the MultiAuth authentication idle timeout value to its default value for the specified authentication method. show port status [port-string] Display port counter statistics detailing traffic through the device and through all MIB2 network devices. Refer to the CLI Reference for your platform for more information about the commands listed below. Procedure 4-4 DHCP Server Configuration on a Non-Routing System Step Task Command(s) 1. Configuring SNMP Configuring SNMPv1/SNMPv2c Creating a New Configuration Procedure 12-1 shows how to create a new SNMPv1 or SNMPv2c configuration. ThisexampleshowshowtodisplaySNMPcountervalues, Tabl e 86providesanexplanationofthecommandoutput. interface vlan vlan-id 2. set port vlan port-string vlan-id no shutdown ip address ip-addr ip-mask 3. Do you want to continue (y/n) [n]? Basic OSPF Topology Configuration 1. 3. Refer to the CLI Reference for your platform for details about the commands listed below. Neighbor Discovery Overview There are two primary LLDP-MED device types (as shown in Figure 13-2 on page 13-5): 13-4 Network connectivity devices, which are LAN access devices such as LAN switch/routers, bridges, repeaters, wireless access points, or any device that supports the IEEE 802.1AB and MED extensions defined by the standard and can relay IEEE 802 frames via any method. Ultimate Pi-hole configuration guide, SSL . 8 Port Configuration This chapter describes the basic port parameters and how to configure them. Switch Configuration Using CLI Commands Guidelines for Rackmount Installation Attaching Brackets and Installing in Rack About SecureStack Switch Operation in a Stack 44 Recommended Procedures to Install New and Existing Stacks Installing a New Stackable System of Up to Eight Switches Adding a New Switch to an Existing Stack Important Basic OSPF Topology Configuration Router 1(su)->router(Config-if(Vlan 2))#no shutdown Router 1(su)->router(Config-if(Vlan 2))#exit Router 1(su)->router(Config)#interface loopback 0 Router 1(su)->router(Config-if(Lpbk 0))#ip address 10.10.10.10 255.255.255.255 Router 1(su)->router(Config-if(Lpbk 0))#no shutdown Router 1(su)->router(Config-if(Lpbk 0))#exit Router 1(su)->router(Config)#router id 10.10.10. Since MSTP mode is fully compatible and interoperable with legacy STP and RSTP bridges, in most networks, this default should not be changed. set linkflap threshold port-string threshold_value 5. access-list ipv6 name {deny | permit} protocol {srcipv6-addr/ prefix-length | any} [eq port] {dstipv6-addr/prefix-length | any} [eq port] [dscp dscp] [flow-label label-value] [assign-queue queue-id] 4. PIM-SM adopts RPF technology in the join/prune process. Enter router interface configuration command mode for the specified interface from global configuration command mode. Condition Default Value IPv6 DHCP Disabled IPv6 DHCP Relay Agent Information Option 32 IPv6 DHCP Relay Agent Information Remote ID Sub-option 1 IPv6 DHCP Preferred Lifetime 2592000 seconds IPv6 DHCP Valid Lifetime 604800 seconds Configuration Examples Procedure 25-6 describes the tasks to configure a Fixed Switch interface as a DHCPv6 relay agent. Table 3-1 lists some commonly used commands. UsethiscommandtodisplaythecontentsoftheNeighborCache. Configuring PoE Class mode, in which the PoE controller manages power based on the IEEE 802.3af/.3at definition of the class limits advertised by the attached devices, with the exception that for class 0 and class 4 devices, actual power consumption will always be used. 5 seconds transmit delay Specifies the number of seconds it takes to transmit a link state update packet over this interface. Basic PIM-SM configuration includes the following steps: 1. Table 8-3 Link Flap Detection Show Commands Task Command Display whether the port is enabled for generating an SNMP trap message if its link state changes. Procedure 9-2 provides an example of how to create a secure management VLAN. Determine the correct authentication type for each device. SNMP Support on Enterasys Switches Versions Supported Enterasys devices support three versions of SNMP: Version 1 (SNMPv1) This is the initial implementation of SNMP. BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. Using the all parameter will display all default and non-default configuration settings. ipv6 dhcp enable 2. 4. VLAN authorization egress format Determines whether dynamic VLAN tagging will be none, tagged, untagged, or dynamic for an egress frame. Configuring LLDP Table 13-1 13-8 LLDP Configuration Commands (continued) Task Command Enable or disable transmitting and processing received LLDPDUs on a port or range of ports. Refer to Licensing Advanced Features on page 4-8 for more information. Configuring Authentication If VLAN authorization is not enabled, the tunnel attributes are ignored. In router global configuration mode, enable DHCPv6. Stackable Switches Configuration Guide Firmware Version 6.03.xx.xxxx P/N 9034313-07. i Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. Testing Network Connectivity Configuring Static Routes Procedure 20-3 lists the commands to configure a static route. Cisco Nexus 5000 Series NX-OS Software Configuration Guide. set dhcpsnooping trust port port-string enable 4. Using Multicast in Your Network Generation ID gen id: 1331801871 10.5.40.0/255.255.255.0 [2] via neighbor: 10.5.50.1 Uptime: 66704 , expires: 0 version: 3 Generation ID gen id: 1331805217 10.5.50.0/255.255.255.0 [0] via neighbor: direct 10.5.51.0/255.255.255.0 [0] via neighbor: direct direct direct Uptime: 3615 , expires: 0 version: 3 10.5.70.0/255.255.255.0 [3] via neighbor: Uptime: 66716 , expires: 0 version: 3 10.5.60.0/255.255.255. If you clear a license from a member unit in a stack while the master unit has a activated license, the status of the member will change to ConfigMismatch and its ports will be detached from the stack. Configuring ACLs C5(su)->router(Config)#show access-lists ipv6list1 ipv6list1 IPV6 access-list 1: deny icmpv6 2001:DB08:10::1/64 any 2: permit tcp 2001:db08:20::20/64 eq snmp any assign-queue 5 3: permit ipv6 2001:FFFF:30::30/64 any C5(su)->router(Config)#interface vlan 200 C5(su)->router(Config-if(Vlan 200))#ipv6 access-group ipv6list1 in C5(su)->router(Config-if(Vlan 200))#exit Configuring MAC ACLs Procedure 24-3 describes how to configure a MAC ACL. If it finds a match, it forwards the frame out the appropriate port, if and only if, that port is allowed to transmit frames for VLAN 50. Specification Guide (English) Quick Setup Guide (English) User Manual (English) Installation Instruction (English) DFE (PLATINUM) WITH 60 10 100 1000BASE-T 7G4202-60 1. Up to 5 TACACS+ servers can be configured, with the index value of 1 having the highest priority. The traceroute command is available in both switch and routing command modes. Valid sid values are 04094. Router: Calls the readers attention to router-specific commands and information. For an IPv6 ACLs, the following protocols can be specified in a rule: Any IPv6 protocol Transmission Control Protocol (TCP) User Datagram Protocol (UDP) IPv6 Internet Control Message Protocol (ICMPv6) TCP and UDP rules can match specific source and destination ports. show ipv6 status If necessary, enable IPv6 management. set port inlinepower port-string {[admin {off | auto}] [priority {critical | high | low}] [type type]} admin Enables (auto) or disables (off) PoE on a port. MST region An MSTP group of devices configured together to form a logical region. Configuring PIM-SM Basic PIM-SM Configuration By default, PIM-SM is disabled globally on Enterasys fixed switches and attached interfaces. When a faculty member authenticates through the RADIUS server, the name of the faculty policy is returned in the RADIUS Access-Accept response message and that policy is applied by the switch to the faculty user. STP Operation STP Operation Enterasys switch devices support the Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards and described in IEEE 802.1Q: IEEE 802.1D (Spanning Tree Protocol) IEEE 802.1w (Rapid Spanning Tree Protocol) IEEE 802.1s (Multiple Spanning Tree Protocol) IEEE 802.1t (Update to 802. Examples 17-18 Chapter 18: Configuring Network Monitoring Basic Network Monitoring Features .. 18-1 Console/Telnet History Buffer . Chapter 20: IP Configuration Enabling the Switch for Routing . 20-1 Router Configuration Modes 20-1 Entering Router Configuration Modes . 20-2 Example Configuring Area Virtual-Link Authentication . 22-14 Configuring Area Virtual-Link Timers. 22-14 Configuring Route Redistribution 22-14 Configuring Passive Interfaces .. Extended IPv4 ACL Configuration .. 24-12 MAC ACL Configuration .. 24-13 Chapter 25: Configuring and Managing IPv6 Managing IPv6 . Disabling and Enabling Ports .. 26-9 MAC Locking Defaults . 26-9 MAC Locking Configuration .. 26-10 TACACS+ .. 11-3 13-1 13-2 13-3 14-1 15-1 15-2 15-3 15-4 15-5 15-6 15-7 15-8 15-9 15-10 15-11 15-12 15-13 15-14 15-15 15-16 15-17 16-1 17-1 17-2 17-3 17-4 17-5 19-1 19-2 19-3 19-4 19-5 19-6 22-1 22-2 22-3 22-4 22-5 22-6 23-1 23-2 23-3 25-1 Link Aggregation Example.. 11-12 Communication between LLDP-enabled Devices . 13-3 LLDP-MED .. 4-7 4-8 5-1 6-1 7-1 7-2 7-3 8-1 8-2 8-3 8-4 9-1 9-2 9-3 10-1 10-2 10-3 10-4 11-1 11-2 11-3 11-4 11-5 11-6 11-7 12-1 12-2 12-3 12-4 12-5 13-1 13-2 13-3 13-4 13-5 13-6 14-1 14-2 14-3 14-4 15-1 15-2 15-3 15-4 15-5 15-6 15-7 15-8 15-9 15-10 15-11 16-1 16-2 16-3 16-4 16-5 xx Default DHCP Server Parameters . 4-20 Configuring Pool Parameters 16-6 17-1 18-1 18-2 18-3 18-4 18-5 18-6 18-7 18-8 19-1 19-2 19-3 19-4 19-5 19-6 19-7 19-8 19-9 19-10 20-1 20-2 20-3 21-1 21-2 21-3 22-1 22-2 23-1 23-2 24-1 25-1 25-2 25-3 25-4 25-5 25-6 26-1 26-2 26-3 26-4 26-5 26-6 26-7 26-8 26-9 26-10 26-11 26-12 26-13 26-14 Policy Configuration Terms and Definitions 16-18 CoS Configuration Terminology About This Guide This guide provides basic configuration information for the Enterasys Networks Fixed Switch platforms using the Command Line Interface (CLI0, including procedures and code examples. Configuring STP and RSTP Figure 15-10 Example of Multiple Regions and MSTIs Region 1 1 Region 2 2 Region 3 6 8 5 12 3 4 CIST Regional Root 7 10 CIST Root and CIST Regional Root CIST Regional Root Master Port Table 15-5 9 11 Master Port MSTI Characteristics for Figure 15-10 MSTI / Region Characteristics MSTI 1 in Region 1 Root is switching device 4, which is also the CIST regional root MSTI 2 in Region 1 Root is switching device 5 MSTI 1 in Region 2 Root is switching device 7, w. Configuring STP and RSTP Reviewing and Enabling Spanning Tree By default, Spanning Tree is enabled globally on Enterasys switch devices and enabled on all ports. Link Aggregation Overview Single Port Attached State Rules By default, a LAG must contain two or more actor and partner port pairs for the LAG to be initiated by this device. With LACP, if a set of links can aggregate, they will aggregate. Configuring PIM-SM R1(su)->router(Config)#interface vlan 3 R1(su)->router(Config-if(Vlan 3))#ip address 172.1.2.1 255.255.255.0 R1(su)->router(Config-if(Vlan 3))#ip igmp enable R1(su)->router(Config-if(Vlan 3))#ip ospf enable R1(su)->router(Config-if(Vlan 3))#ip pimsm enable R1(su)->router(Config-if(Vlan 3))#no shutdown R1(su)->router(Config-if(Vlan 3))#exit R1(su)->router(Config)#interface vlan 4 R1(su)->router(Config-if(Vlan 4))#ip address 172.1.3.1 255.255.255. Understanding How VLANs Operate Preparing for VLAN Configuration A little forethought and planning is essential to a successful VLAN implementation. Create an SNMPv3 user and specify authentication, encryption, and security credentials. ThisexampleshowshowtodisplaythesystemIPaddressandsubnetmask: Thefollowingtableprovidesanexplanationofthecommandoutput. After authentication succeeds, the user or device gains access to the network based upon the policy information returned by the authentication server in the form of the RADIUS Filter-ID attribute, or the static configuration on the switch. * or ge.1.1-48) assign egress vlan: set vlan egress X ge.1.x untagged Refer to the CLI Reference for your platform for more information about the commands listed below.