Ethernet Routing Switches Stackable Version 2.0.0 Last updated: Mar 2011.

  • Published on
    14-Dec-2015

  • View
    215

  • Download
    3

Transcript

  • Slide 1

Ethernet Routing Switches Stackable Version 2.0.0 Last updated: Mar 2011 Slide 2 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Objectives At the end of the training, you should be able to Understand the difference between the ERS families Understand basic setup for ERS Switches Know your way around Device Manager (EDM) and a little CLI Build a small converged network solution and have some fun! Slide 3 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Agenda Getting started Which ERS Which ERS Standalone or Stack Standalone or Stack Management EDM and CLI EDM and CLI Configuring Management Configuring Management Layer 2 VLANs Creating VLANS Creating VLANS Access or TAG Access or TAG Layer 3 Routing IP interfaces IP interfaces DHCP Relay DHCP Relay QoS Roles Roles Typical settings Typical settings Energy Saver Slide 4 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy.4 Getting Started Ideal as: Access Switch for Large Enterprises: high-performance Gigabit-to-the- Desktop Aggregation (Distribution) Switch Core Switching solution for small Enterprises Top-of-Rack/Horizontal Stacking for the Data Centre Where 10GbE is required today Ideal as: Access Switch for mid-to-large Enterprise Environments with either FE or GbE connectivity at the Edge, or both Where 10GbE Uplinks will become important Ideal as: Access Switch for Branch Office or smaller Enterprise Campus: when Fast Ethernet-only is appropriate Low-intensity convergence deployments Standard offering for the Small to Medium Enterprise ERS 5000 ERS 4500 ERS 2500 Slide 5 2010 Avaya, Inc. All rights reserved.5 Ethernet Routing Switch 2500 Series Workhorse solution to empower Convergence 10/100 to the Desktop Power-over-Ethernet & QoS high speed local switching & Layer 3 Routing entry-level FAST 32 Integrated Access Control 802.1X with Extensions 802.1AB auto discovery for network & devices Delivers flexibility to the Network Edge Enable the Converged Branch Highly-available local Stacking & connections to the Core Scalable, pay-as-you-grow Comprehensive QoS & access control capabilities Slide 6 2010 Avaya, Inc. All rights reserved.6 Features of the ERS 2500 Series 4 Switch options 2526T & 2526T-PWR 24 10/100 Desktop ports, plus 2 active Uplinks, PoE option 2550T& 2550T-PWR 48 10/100 Desktop ports, plus 2 active Uplinks, PoE option Uplink options of SFP, 1000T, or 10/100/1000T PoE available on 50% of Desktop ports Green..! 32Gbps Stacking architecture Up to 384 10/100 ports Wire-speed local switching & integrated Stacking 802.3af-compliant PoE Auto-sensing 10/100 Auto-discovery of PoE devices Dynamic power management Endpoint access control 802.1X SHSA, Guest VLAN, RADIUS Authentication DiffServ & 802.1p Prioritisation Traffic Marking & Re-Marking Port Mirroring & Rate Limiting 802.3ad Link Aggregation (6 links) Slide 7 2010 Avaya, Inc. All rights reserved.7 Hardware 50-port Switches 2550T 2550T-PWR 26-port Switches 2526T 2526T-PWR Slide 8 2010 Avaya, Inc. All rights reserved.8 Flexible Advanced Stacking Architecture Class-leading Stacking the ERS 2500 Series implements FAST 32 4Gbps of Stacking capacity per Switch & up to 32Gbps for a Stack of 8 Scales up to 384 Ports of 10/100 Desktop plus up to 16 Ports for 10/100/1000 Combo Uplinks Auto Unit Replacement software & configuration control Virtual Hot Swap Consolidated Management via a single IP Address Low-cost Stack cabling Pre-enabled or field-upgradeable Up to 8 Switches & 400 Ports Uses low-cost Cat 5E UTP for Stacking 4Gbps Stacking per Switch & up to 32Gbps ERS 2500 Series with FAST 32 Slide 9 9 The ERS 2500 delivers 3 flexible options to meet customer needs Flexible option to move to stacking Standalone Stacked No need to purchase additional hardware Stacking is enabled via a software license Grow your network when/if YOU want to Units with stacking pre-enabled are available Ready to stack immediately No need for a stacking license Stack Enabled Scalability from Day 1 Use ERS 2500s as single units Standalone Ideal for smaller sites Budget-friendly option Getting Started Standalone or Stacking Slide 10 10 ERS 2500s use the rear 1000BaseTX ports as stacking ports Rear ports offer the flexibility to be used as either normal Gigabit ports or as stacking ports. Gigabit grade (Cat5E/Cat6) RJ-45 cabling is used to create the stacking ring Stack up to 8 units high for 384 10/100 user ports and 16 Gigabit ports Ethernet Routing Switch 2500 Series Stacking Implementation Slide 11 11 Stacking Mode must be configured on the rear ports before switches are connected together in a stack (there is no auto-detection). The Base unit must have Unit Select switch set to ON (one switch only) Each ERS2500 switch ships with a 46cm (1.5 foot) stack cable (black Cat5E cable). Additional cables of 1.5m (5) and 3m (10) are also be available for separate purchase from Avaya and are like stack return cables. Customers are permitted to use their own cables and longer lengths up to 100m (at customers risk, not officially supported by GNTS). Ethernet Routing Switch 2500 Series Stacking Functionality and Rear Ports Slide 12 12 Ethernet Routing Switch 4500 Series Scalable solution to empower Convergence 10/100 or 10/100/1000 to the Desktop, Fixed 100FX & SFP options Power-over-Ethernet & QoS fail-safe FAST 320 high-speed local switching & Layer 3 Routing Integrated Access Control 802.1X with extensions Delivers 99.999% reliability to the Network Edge Enable the Converged Desktop Comprehensive access control options High-availability locally & to the Core Scalable, pay-as-you-grow Can mix FE and GE Switches in a stack 10/100/1000 & 10G Switches 10/100 Switches Slide 13 13 Features of the ERS 4500 Series 11 Switch options 4526FX 4526T & 4526T-PWR 4550T & 4550T-PWR 4524GT & 4524GT-PWR 4526GTX & 4526GTX-PWR 4548GT & 4548GT-PWR High density solution: 400/384 ports of 10/100 or 10/100/1000 with PoE & 10GbE options SFP & FX options 184Gbps of local switching & 40Gbps Stacking throughput per Switch 802.3af-compliant PoE Auto-sensing 10/100/1000 Auto-discovery of PoE devices Dynamic power management End-point access control 802.1X plus extensions (SHMA, MHMA, Guest VLAN, etc) Automatic Unit Replacement Traffic Policing, DiffServ & 802.1p Prioritisation IP Filtering, Policies, & Offset Redundant Power option Slide 14 14 Hardware Gigabit Ethernet Switches 4524GT & 4524GT-PWR 4526GTX & 4526GTX-PWR 4548GT & 4548GT-PWR Fast Ethernet Switches 4526FX 4526T & 4526T-PWR 4550T & 4550T-PWR Slide 15 15 Evolution of redundant self-healing stacking first introduced in 1998 Support for up to 8 units in a stack Can mix any ERS4500 switch in the stack Maximum 400 10/100 ports in a stack Maximum 384 10/100/1000 ports in a stack Up to 32 SFP GBICs in a stack for uplinks Built-in Hi-Stack stacking ports come standard on the switch Stacking cable (46cm / 18) included with each switch Loopback stacking cable for resilient stacking must be purchased separately True resilient stack IP Management Load-balancing and fail-over protection with Distributed MLT and 802.3ad Automatic Unit Replacement Functionality to automatically reconfigure any replaced unit Grow as you Stack from 1 to 8 units as one reliable managed entity Flexible Advanced Stacking Technology Return Cable creates resilient configuration Slide 16 16 Agenda Getting Started Management EDM and CLI Configuring management L2- VLANs L3 - Routing QOS Energy Saver Slide 17 17 Enterprise Device Manager - EDM Feature Overview EDM is a new embedded web based management system. EDM uses Web2.0 and J2EE framework more up to date Improved workflows, selections and GUI configuration completeness EDM REPLACES both JDM and WebUI graphical configuration and element interfaces. Integrated into the agent code of the switch, no longer requiring the right version of JDM to support chosen platforms. HTTP and HTTPS browser support Tested and supported by: IE 7.0 and FireFox 3.0 and above. New on ERS 2500 4.3 / 4500 v5.4 / 5x00 v6.2 Slide 18 18 Enterprise Device Manager - EDM Main Screens EDM Landing Page Switch Summary Navigation Tree Configuration folder already open with sub folders Slide 19 19 Enterprise Device Manager - EDM Main Screens - II EDM Device Physical View tab can launch pull-down menu off ports Slide 20 20 Enterprise Device Manager - EDM Main Screens - III EDM Edit > Chassis > Chassis General switch system information Slide 21 21 Enterprise Device Manager - EDM Main Screens - IV EDM Configuration > VLAN > VLANs VLAN creation white cells can be edited Slide 22 22 Enterprise Device Manager - EDM Main Screens -V EDM QoS > QoS Devices NOTE: EDM opens new selections in new Tabs in the main view Slide 23 23 Enterprise Device Manager - EDM EDM Help Files The help files for EDM are not integrated into the switch agent code and are downloaded to the switch when required by the agent. Help file must be located on TFTP server or USB drive. EDM Help file configuration in CLI CLI commands: edm help-file-path [tftp address ] show edm help-file-path Set Help file path (config) (config)# edm help-file-path /help tftp address 10.16.5.222 Show Help file path (config)# show edm help-file-path TFTP Server Address 10.16.5.222 /help Slide 24 24 Enterprise Device Manager - EDM EDM Help file configuration - EDM EDM Help File location configuration EDM uses TFTP to access Help File documents Install the help files one directory below the root on the TFTP server Setup the help files location on TFTP server Slide 25 25 Enterprise Device Manager - EDM HELP Screens EDM MultiLink Trunks Help (example) NOTE: when you click on Help the related documentation is TFTPd to the switch. Help Sub-menu on setting up MLTs Slide 26 26 Command Line Interface (CLI) Feature overview Serial Console 9600 No parity No flow control Straight cable Ctrl Y to start Telnet SSH Requires secure agent image i.e. 2500_431025s.img Slide 27 27 Show running-config Enhancements Show and Copy commands - CLI The default behavior of the show running-config command has changed: it is now displaying only the CLI commands with non- default parameters. The new CLI syntax for show running-module is: # show running-config [verbose][module {[802.1ab] [aaur] [adac] [arp-inspection] [aur] [banner] [core] [dhcp-relay] [dhcp-snooping] [eap] [interface] [ip] [ip-source-guard] [ipmgr] [ipv6] [l3] [l3-protocols] [lacp] [logging] [mac-security] [mlt] [poe] [port-mirroring] [qos] [rate-limit] [rmon] [rtc] [snmp] [ssh] [ssl] [stack] [stkmon] [stp] [vlacp] [vlan]}] The new CLI syntax for copy running-config is: # copy running-config tftp [verbose] [module {[802.1ab] [aaur] [adac] [arp-inspection] [aur] [banner] [core] [dhcp-relay] [dhcp-snooping] [eap] [interface] [ip] [ip-source-guard] [ipmgr] [ipv6] [l3] [l3-protocols] [lacp] [logging] [mac-security] [mlt] [poe] [port-mirroring] [qos] [rate-limit] [rmon] [rtc] [snmp] [ssh] [ssl] [stack] [stkmon] [stp] [vlacp] [vlan]}] [address ] filename Note: optional parameters shown in RED Slide 28 28 Show running-config Enhancements Usage examples - CLI Display the non-verbose configuration of a switch/stack: # show running-config ! Embedded ASCII Configuration Generator Script ! Model = Ethernet Routing Switch 2526T (Stack Enabled) ! Software version = v4.3.0.073 ! ! Displaying only parameters different to default !================================================ enable configure terminal ! ! *** CORE *** ! ! *** SNMP *** ! ! *** IP *** ! ! ! *** STACK MONITOR *** ! NOTE: the output above is for a switch/stack reset to default Copy the non-verbose configuration of a switch/stack to a TFTP server: # copy running-config tftp address 10.100.100.1 filename stack.cfg Slide 29 29 Show running-config Enhancements Usage examples CLI (cont) Display the non-verbose configuration for the specified applications: #show running-config module mlt stp vlan ! Embedded ASCII Configuration Generator Script ! Model = Ethernet Routing Switch 2526T (Stack Enabled) ! Software version = v4.3.0.073 ! ! Displaying only parameters different to default !================================================ enable configure terminal ! ! *** STP (Phase 1) *** ! ! *** VLAN *** ! ! *** MLT (Phase 1) *** ! ! *** STP (Phase 2) *** ! ! *** VLAN Phase 2*** ! ! *** MLT (Phase 2) *** ! NOTE: the output above is for a switch/stack reset to default Copy non-verbose configuration for the specified applications to a TFTP server: #copy running-config tftp module mlt stp vlan address 10.100.100.1 filename mlt_stp_vlan.cfg Slide 30 30 Display the verbose configuration of a switch/stack: # show running-config verbose ! Embedded ASCII Configuration Generator Script ! Model = Ethernet Routing Switch 2526T (Stack Enabled) ! Software version = v4.3.0.073 ! ! Displaying all switch parameters !==================================================== enable configure terminal ! ! *** CORE *** ! autosave enable mac-address-table aging-time 300 autotopology sntp server primary address 0.0.0.0 sntp server secondary address 0.0.0.0 ! ! *** STACK MONITOR *** ! no stack-monitor enable stack-monitor stack-size 2 stack-monitor trap-interval 60 Copy the verbose configuration of a switch/stack to a TFTP server: # copy running-config tftp verbose address 10.100.100.1 filename stack_ver.cfg Show running-config Enhancements Usage examples CLI (cont) Slide 31 31 Display the verbose configuration for the specified applications: # show running-config verbose module mlt stp vlan ! Embedded ASCII Configuration Generator Script ! Model = Ethernet Routing Switch 2526T (Stack Enabled) ! Software version = v4.3.0.073 ! ! Displaying all switch parameters !==================================================== enable configure terminal ! ! *** STP (Phase 1) *** ! spanning-tree cost-calc-mode dot1d spanning-tree port-mode auto spanning-tree priority 8000 spanning-tree hello-time 2 spanning-tree forward-time 15 max-age 20 no spanning-tree 802dot1d-port-compliance enable ! ! *** VLAN *** ! vlan ports 1/1-26,2/1-26 tagging unTagAll filter-untagged-frame disable filter- unregistered-frames enable priority 0 vlan configcontrol flexible vlan members 1 1/1-26,2/1-26 vlan ports 1/1-26,2/1-26 pvid 1 vlan igmp unknown-mcast-no-flood disable vlan igmp 1 snooping disable Show running-config Enhancements Usage examples CLI (cont) Slide 32 32 vlan igmp 1 proxy disable robust-value 2 query-interval 125 vlan configcontrol strict auto-pvid ! ! *** MLT (Phase 1) *** ! no mlt mlt 1 name "Trunk #1" disable member NONE mlt 1 learning normal mlt 1 loadbalance basic mlt 2 name "Trunk #2" disable member NONE mlt 2 learning normal mlt 2 loadbalance basic mlt 3 name "Trunk #3" disable member NONE mlt 3 learning normal mlt 3 loadbalance basic mlt 4 name "Trunk #4" disable member NONE mlt 4 learning normal mlt 4 loadbalance basic mlt 5 name "Trunk #5" disable member NONE mlt 5 learning normal mlt 5 loadbalance basic mlt 6 name "Trunk #6" disable member NONE mlt 6 learning normal mlt 6 loadbalance basic ! Show running-config Enhancements Usage examples CLI (cont) Slide 33 33 ! *** STP (Phase 2) *** ! spanning-tree port-mode normal interface FastEthernet ALL spanning-tree port 1/1-26 learning normal spanning-tree port 2/1-26 learning normal spanning-tree port 1/1-24 cost 10 priority 80 spanning-tree port 1/25-26 cost 1 priority 80 spanning-tree port 2/1-24 cost 10 priority 80 spanning-tree port 2/25-26 cost 1 priority 80 spanning-tree bpdu-filtering port 1/1-26 timeout 120 no spanning-tree bpdu-filtering port 1/1-26 enable spanning-tree bpdu-filtering port 2/1-26 timeout 120 no spanning-tree bpdu-filtering port 2/1-26 enable exit ! ! *** VLAN Phase 2*** ! vlan mgmt 1 ! ! *** MLT (Phase 2) *** ! Copy the verbose configuration for the specified applications to a TFTP server #copy running-config tftp verbose module mlt stp vlan address 10.100.100.1 filename mlt_stp_vlan_ver.cfg Show running-config Enhancements Usage examples CLI (cont) Slide 34 34 Agenda Getting Started Management EDM and CLI Configuring management L2- VLANs L3 - Routing QOS Energy Saver Slide 35 Initial Switch/Stack Setup Quick Start ERS2500> enable ERS2500# install Welcome to the 2550T-PWR setup utility. You will be requested for information to initially configure for the switch. When finished the information will be applied and stored in the switch NVRAM. Once the basic parameters are configured, additional configuration can proceed using other management interfaces. Press ^C to abort at any time. ############################################################################### Please provide the in-band IP Address[10.16.5.4]: Please provide the in-band sub-net mask[255.255.255.0]: Please provide the Default Gateway[10.16.5.254]: Please provide the Read-Only Community String[**********]: Please provide the Read-Write Community String[**********]: Please provide the Quick Start VLAN [5]: Please provide the in-band IPV6 Address/Prefix_length[::/0]: Please provide the in-band IPV6 Default Gateway[::]: ############################################################################### Basic switch parameters have now been configured and saved. ############################################################################### 35 Slide 36 Initial Switch/Stack Setup Manual via CLI ERS2500-Rack3# show running-config ! Embedded ASCII Configuration Generator Script ! Model = Ethernet Routing Switch 2550T-PWR ! Software version = v4.3.1.025 ! ! Displaying all switch parameters !==================================================== enable configure terminal ! ! *** IP *** ! ip default-gateway 10.16.5.254 ip address stack 0.0.0.0 ip address switch 10.16.5.4 ip address netmask 255.255.255.0 ! ! *** VLAN *** ! vlan mgmt 5 36 Slide 37 37 Extended IP Manager Feature Overview IP Manager enables administrators to restrict access to network services such as web, snmp and telnet (for IPv4 & IPv6). The IP Manager function which controls management connectivity to the switch has been extended to support IPv6 and SSH in ERS2500 release v4.3. Example section of IP Manager in ACG: ! *** IP Manager *** ! telnet-access enable snmp-server enable web-server enable ssh-server enable ipmgr telnet ipmgr snmp ipmgr web ipmgr ssh ipmgr source-ip 1 0.0.0.0 mask 0.0.0.0 ipmgr source-ip 2 255.255.255.255 mask 255.255.255.255 ipmgr source-ip 51 ::/0 ipmgr source-ip 52 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 NOTE: new options are in RED (s agent image must be loaded to support ssl) Slide 38 38 Agenda Getting Started Management L2- VLANs Creating Vlans Access or Tag L3 - Routing QOS Energy Saver Slide 39 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. VLAN Configuration Control* VLAN Config Control AutomaticAutoPVIDFlexibleStrict (default) OperationsAs you change the vlan the PVID changes accordingly As you add a Vlan the PVID changes to the new vlan As you add a Vlan the PVID remains set to the first vlan To change Vlan the port has to be removed from the previous vlan VLAN - PVID Set to the Vlan ID Set to the Last Vlan ID Set to the First Vlan ID Set to the Vlan ID # of VLANs /Access port One onlyMultiple One Only *Note: Applies to Untag All and Tag PVID Only ports Slide 40 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Vlan Configuration Control Automatic :- VLAN Membership: Automatically adds an untagged port to a new VLAN and automatically removes it from any previous VLAN membership. PVID of the port: is automatically changed to the VID of the VLAN it joins. AutoPVID :- When an untagged port is added to a new VLAN, the port is added to the new VLAN and the PVID is assigned to the new VID without removing it from any previous VLAN memberships. Using this option, an untagged port can have membership in multiple VLANs Slide 41 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Vlan Configuration Control Flexible:- Similar to AutoPVID. When this option is used, an untagged port can belong to an unlimited number of VLANs. Any new additions of an untagged port to a new VLAN does not change the PVID of that port Strict:- The factory default, this selection restricts the addition of an untagged port to a VLAN if it is already a member of another VLAN. To add an untagged port to a new VLAN, a port must be remove from all other VLANs of which it is a member before adding it to the new VLAN. The PVID of the port is changed to the new VID to which it was added. Slide 42 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Ethernet Ports modes Port Mode# VlanTagging AccessDepends on Config Ctrl No Tagging Tag All (Trunk)MultipleTag all Vlans Untag PVIDMultipleTag all Vlans except the PVID (Default vlan) Tag PVIDMultipleTag only the PVID no other Slide 43 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. L2 - VLANs Changing VlanConfigControl 43 Slide 44 L2 - VLANs Create VLAN 44 Slide 45 L2 - VLANs Create VLAN 45 Slide 46 L2 - VLANs Create VLAN 46 Slide 47 L2 - VLANs Removing Ports 47 Slide 48 L2 - VLANs Adding Ports 48 Slide 49 L2 - VLANs Adding Ports 49 Slide 50 L2 - VLANs Apply Changes 50 Slide 51 L2 - VLANs Support for Voice and Data on one port 51 Select and Right Click Port 18-24, Select Edit Slide 52 L2 - VLANs Support for Voice and Data on one port 52 Slide 53 53 Agenda Getting Started Management L2- VLANs L3 Routing IP Interfaces DHCP Relay QOS Energy Saver Slide 54 54 IP Local and Static Routing Feature Overview Support up to 256 locally configured routing instances. Provides static route support Supports IP blocking (for different stack failures) Allows the switch to be managed through any IP address that has been assigned to any VLAN interface (not just the management VLAN). When IP routing is enabled, the existing Switch / Stack IP address is assigned to the management VLAN interface. Slide 55 L3 Routing Enable IP forwarding 55 Slide 56 L3 Routing Adding an IP interface to a VLAN 56 Slide 57 L3 Routing Adding an IP interface to a VLAN 57 Slide 58 L3 Routing Adding an IP interface to a VLAN 58 Slide 59 L3 Routing Adding an IP interface to a VLAN 59 Slide 60 L3 Routing Adding an IP interface to a VLAN 60 Slide 61 L3 Routing Adding an IP interface to a VLAN 61 Slide 62 L3 Routing Adding an IP interface to a VLAN 62 Slide 63 63 Managing global IP config to enable / disable IP routing (config)# ip routing Enables IP routing globally (config)# no ip routing Disables IP routing globally Managing VLAN IP routing: (config)# interface vlan 7 (config-if)# ip address [ ] Enables/disables IP routing on a VLAN Example: (config-if)# ip address 172.16.7.1 255.255.255.0 7 (config-if)# no ip address 172.16.7.1 255.255.255.0 L3 Routing IP Local and static Routing Slide 64 64 Creating a static route: (config)# ip route [ | ] enable Example: (config)# ip route 0.0.0.0 0.0.0.0 172.16.1.1 ena Change the weight (or cost) of a static route: Example: (config)# ip route 0.0.0.0 0.0.0.0 172.16.1.1 weight 40 Enable / disable / delete a static route: Examples: (config)# ip route 0.0.0.0 0.0.0.0 172.16.1.1 enable (config)# ip route 0.0.0.0 0.0.0.0 172.16.1.1 disable (config)# no ip route 0.0.0.0 0.0.0.0 172.16.1.1 NOTE: In order for a static route to become active, the configured next-hop IP address must be reachable. Slide 65 65 # show ip routing IP Routing is enabled IP ARP life time is 21600 seconds # show vlan ip ============================================================================== Vid ifIndex Address Mask MacAddress Offset Routing ============================================================================== Primary Interfaces ------------------------------------------------------------------------------ 1 10001 172.16.1.50 255.255.255.0 00:1D:42:36:EC:40 1 Enabled 3 10003 172.16.3.1 255.255.255.0 00:1D:42:36:EC:42 3 Enabled 4 10004 172.16.4.1 255.255.255.0 00:1D:42:36:EC:43 4 Enabled 5 10005 172.16.5.1 255.255.255.0 00:1D:42:36:EC:44 5 Enabled 6 10006 172.16.6.1 255.255.255.0 00:1D:42:36:EC:45 6 Enabled 7 10007 172.16.7.1 255.255.255.0 00:1D:42:36:EC:46 7 Enabled ------------------------------------------------------------------------------ % Total of Primary Interfaces: 6 L3 Routing IP Local and Static Routing Slide 66 66 # show ip route =============================================================================== Ip Route =============================================================================== DST MASK NEXT COST VLAN PORT PROT TYPE PRF ------------------------------------------------------------------------------- 0.0.0.0 0.0.0.0 172.16.1.1 40 1 1/1 S IB 5 10.0.0.0 255.0.0.0 172.16.1.1 10 1 1/1 S IB 5 172.16.1.0 255.255.255.0 172.16.1.50 1 1 ---- C DB 0 172.16.3.0 255.255.255.0 172.16.3.1 1 3 ---- C DB 0 172.16.4.0 255.255.255.0 172.16.4.1 1 4 ---- C DB 0 172.16.5.0 255.255.255.0 172.16.5.1 1 5 ---- C DB 0 172.16.6.0 255.255.255.0 172.16.6.1 1 6 ---- C DB 0 172.16.7.0 255.255.255.0 172.16.7.1 1 7 ---- C DB 0 Total Routes: 8 ------------------------------------------------------------------------------- TYPE Legend: I=Indirect Route, D=Direct Route, A=Alternative Route, B=Best Route, U=Unresolv ed Route, N=Not in HW L3 Routing Local and Static Routing Slide 67 67 L3 Routing IP Routing ARP Management > Create / remove a static ARP entry: (config)# ip arp [vid ] > Example: (config)# ip arp 172.16.3.10 00:13:60:c2:62:ee 1/3 vid 3 (config)# no ip arp 172.16.3.10 00:13:60:c2:62:ee 1/3 vid 3 > Enable / Disable ARP response per VLAN: > Example: (config-if)# ip arp response (config-if)# no ip arp response > Configuring the ARP Aging time: > Example: (config)# ip arp timeout 720 Slide 68 68 L3 Routing IP Routing ARP Management # show ip arp (or show arp) =============================================================================== IP ARP =============================================================================== IP Address Age (min) MAC Address VLAN-Unit/Port/Trunk Flags ------------------------------------------------------------------------------- 172.16.3.255 0 ff:ff:ff:ff:ff:ff VLAN#3 LB 172.16.4.255 0 ff:ff:ff:ff:ff:ff VLAN#4 LB 172.16.5.255 0 ff:ff:ff:ff:ff:ff VLAN#5 LB 172.16.6.255 0 ff:ff:ff:ff:ff:ff VLAN#6 LB 172.16.7.255 0 ff:ff:ff:ff:ff:ff VLAN#7 LB 172.16.1.255 0 ff:ff:ff:ff:ff:ff VLAN#1 LB 172.16.1.14 65 00:15:60:c2:62:4d VLAN#1-1/1 D 172.16.1.50 0 00:1d:42:36:ec:40 VLAN#1 L 172.16.3.10 0 00:13:60:c2:62:ee VLAN#3-1/3 S 172.16.3.1 0 00:1d:42:36:ec:42 VLAN#3 L 172.16.4.1 0 00:1d:42:36:ec:43 VLAN#4 L 172.16.5.1 0 00:1d:42:36:ec:44 VLAN#5 L 172.16.6.1 0 00:1d:42:36:ec:45 VLAN#6 L 172.16.7.1 0 00:1d:42:36:ec:46 VLAN#7 L 172.16.1.1 60 00:13:49:4b:04:74 VLAN#1-1/1 D 172.16.3.0 0 ff:ff:ff:ff:ff:ff VLAN#3 LB 172.16.4.0 0 ff:ff:ff:ff:ff:ff VLAN#4 LB 172.16.5.0 0 ff:ff:ff:ff:ff:ff VLAN#5 LB 172.16.6.0 0 ff:ff:ff:ff:ff:ff VLAN#6 LB 172.16.7.0 0 ff:ff:ff:ff:ff:ff VLAN#7 LB 172.16.1.0 0 ff:ff:ff:ff:ff:ff VLAN#1 LB Total ARP entries : 21 ------------------------------------------------------------------------------- Flags Legend: S=Static, D=Dynamic, L=Local, B=Broadcast Slide 69 69 Agenda Getting Started Management L2- VLANs L3 Routing IP Interfaces DHCP Relay QOS Energy Saver Slide 70 70 L3 Routing BootP/DHCP Relay In order to obtain an IP address a BootP or DHCP client will broadcast the request on the local subnet. When routing is enabled on the VLAN, these broadcasts are not forwarded by the router. This is where the Bootp/DHCP relay is applicable. The relay agent intercepts these Bootp/DHCP requests and forwards then to the specified host or broadcast address on another routed VLAN. Up to 10 DHCP/BootP servers may be identified as destinations to the relay. Slide 71 L3 Routing DHCP Relay 71 Slide 72 L3 Routing DHCP Relay 72 Slide 73 L3 Routing DHCP Relay 73 Slide 74 74 L3 Routing DHCP Relay config commands Enable / disable DHCP relay globally (config)# ip dhcp-relay fwd-path Example: (config)# ip dhcp-relay fwd-path 172.16.6.1 172.16.4.2 enable (config)# ip dhcp-relay fwd-path 172.16.6.1 172.16.4.2 disable Add / remove a bootp/DHCP server (config)# ip dhcp-relay fwd-path [mode ] Example: (config-if)# ip dhcp-relay fwd-path 172.16.6.1 172.16.4.2 mode bootp (config-if)# no ip dhcp-relay fwd-path 172.16.6.1 172.16.4.2 mode bootp IP VLAN DHCP-relay configuration options Examples: (config)#interface vlan 4 (config-if)#ip dhcp-relay ? broadcast enable DHCP relay broadcast on this vlan clear-counters Clear dhcp-relay counters min-sec configure the backup dhcp server minimum wait time mode dhcp mode Slide 75 75 L3 Routing DHCP Relay show commands (config)# show ip dhcp-relay DHCP relay is enabled (config)# show ip dhcp-relay fwd-path ============================================================= DHCP ============================================================= INTERFACE SERVER ENABLE MODE ------------------------------------------------------------- 172.16.3.1 172.16.4.255 TRUE DHCP & BOOTP 172.16.6.1 172.16.4.2 FALSE DHCP & BOOTP (config)# show ip dhcp-relay counters INTERFACE REQUESTS REPLIES ------------------------------------------- 172.16.1.50 0 0 172.16.7.1 0 0 172.16.6.1 0 0 172.16.5.1 0 0 172.16.4.1 0 0 172.16.3.1 16 4 Slide 76 76 Agenda Getting Started Management L2- VLANs L3 Routing QOS IP Interfaces DHCP Relay Energy Saver Slide 77 77 Avaya Ethernet Routing Switch 2500/4500 Intelligent Flexibility DiffServ Code Point (DSCP) classification and prioritization Prioritizes, marks, remarks, filters and classifies DSCP markings within the IP packet to ensure different applications are prioritized within the switch and the network 802.1p Prioritization Provides basic traffic prioritization with 8 802.1p priorities Changing the rules with intelligent flexibility Incoming Traffic 1 3 5 Low Priority Normal Priority Medium Priority High Priority Priorities 7 6 4 2 0 Hardware Queues 1 2 3 4 Outgoing Traffic Slide 78 78 Advanced QoS Feature Overview QoS functions supported include: L2-L4 traffic classification, filtering (forward/drop), marking/remarking of DSCP, Policing/metering and egress Shaping. QoS configuration fully supported in CLI and EDM (GUI). Advanced QoS support across all current stackable switching families. Slide 79 79 DiffServ and 802.1p are the underlying technology for all QoS configurations. The ERS Series supports the following QoS classes: Critical and Network classes have the highest priority over all other traffic. Premium class is an end-to-end service functioning similarly to a virtual leased line. Traffic in this service class is normally guaranteed an agreed- upon peak bandwidth. Traffic requiring this service must be shaped at the network boundary in order to undergo a negligible delay and delay variance. This service class is suitable for real-time applications, such as video and voice over IP. The recommended PHB for this service is the Expedited Forwarding (EF) PHB. Platinum, Gold, Silver, and Bronze classes use the Assured Forwarding (AF) PHB. These classes are used for real-time, delay-tolerant traffic and non-real-time, mission-critical traffic. Standard class is the best-effort IP service with an additional, optional use of traffic classification that is used at the network boundary to request a better effort treatment for packets that are in-profile (packets that do not break the service agreements between the user & the service provider). Advanced QoS QoS Concepts Slide 80 80 Port-based Quality of Service: policies are applied directly to individual ports. A port-based Quality of Service environment allows for the more direct application of Quality of Service policies and eliminates the need to group ports together when assigning policies. Role-based Quality of Service: individual ports are first assigned to a role and that role was assigned a policy. A role is a collection of ports defined within the same interface group. They share settings. For example, all ports are defined as untrusted. Port-based and role-based policies can be applied to same port; however the switch administrator is responsible for the proper division of resources across the individual policies. At factory default, ports are assigned to the default interface group (role combination), which is named allQoSPolicyIfcs. Advanced QoS QoS Concepts cont Slide 81 81 Interface groups are used in the creation of role-based policies. Role-based policies differ from port-based policies in the fact that role- based policies group ports together to apply a common set of rules to them. Each port can belong to only one interface group. When you move a port to another interface group (role combination), the classification elements associated with the previous interface group are removed and the classifications elements associated with the new interface group are installed on the port. At factory default, ports are assigned to the default interface group (role combination), which is named allQoSPolicyIfcs. All ports must be removed from an interface group before it is deleted. An interface group cannot be deleted when it is referenced by a policy. Advanced QoS Interface Groups Slide 82 82 The classifications of trusted, untrusted, and unrestricted actually apply to groups of ports (interface groups). Trusted interfaces IPv4 traffic received on trusted interfaces is re- marked at the layer 2 level, that is, the 802.1p user priority value is updated based on the DSCP value in the packet at ingress and the installed DSCP-to-CoS mapping data. The DSCP value is not updated. Untrusted interfaces IPv4 traffic received on untrusted interfaces is re-marked at the layer 3 levelthat is, the DSCP value is updated. Unrestricted interfaces Does not change DSCP or 802.1p setting. Advanced QoS Interface Types Slide 83 83 Advanced QoS QoS Components IP Element IP address type IP flow identifier IP source address/mask IP destination address/mask IP protocol type/IPv6 next-header IP DSCP value IP L4 source port IP L4 dest port Classifier Blocks Classifier L2 Element Source MAC Destination MAC VLAN ID number VLAN tag EtherType IEEE 802.1p System Element Fully customized classifiers can be created to match non-IP-based traffic, as well as to identify IP-based traffic using non-typical fields in Layers 2, 3, 4, and beyond. Policy Slide 84 84 Advanced QoS Configuration examples - CLI Single Identification IP Elements - Traffic identification Rules & Classifiers (for Naming rules) Destination Layer 4 Port DNS # qos ip-element 1 protocol 6 dst-port-min 53 dst-port-max 53 # qos classifier 1 set-id 1 name DNS_DST element-type IP element-id 1 IPSEC with UDP Wrapper Destination # qos ip-element 3 protocol 17 dst-port-min 10001 dst-port-max 10001 # qos classifier 3 set-id 3 name IPSEC_UDP_DST element-type IP element-id 3 Source Layer 4 Port SSL # qos ip-element 2 protocol 6 src-port-min 443 src-port-max 443 # qos classifier 2 set-id 2 name SSL_SRC element-type IP element-id 2 Destination IP Address Specific server # qos ip-element 11 dst-ip 47.153.226.20/32 # qos classifier 11 set-id 11 name HTTP&IP element-type IP element-id 11 Slide 85 85 Advanced QoS Configuration examples - CLI Multiple Identification IP Elements - Traffic identification Rules & Classifiers (for Naming rules) Destination IP Address & Layer 4 Port Web Traffic to specific server # qos ip-element 11 dst-ip 47.153.226.20/32 protocol 6 dst-port-min 80 dst-port-max 80 # qos classifier 11 set-id 11 name HTTP&IP element-type IP element-id 11 Source IP Address & Layer 4 Port SSL Traffic from specific server # qos ip-element 12 src-ip 47.153.226.20/32 protocol 6 src-port-min 443 src-port-max 443 # qos classifier 12 set-id 12 name SSL&IP element-type IP element-id 12 Important note on layer 4 port ranges: Port range specifications are limited due to the way bit masking operates on the switches. Example: min port range set first then becomes the bit boundary for the max range. If you start the min at port 80 (1010000 binary), the next max range can be 81 (1010001), or 83 (1010011), or 87 (1010111), or finally - 95 (1011111). IE: bit mask/wildcards are added by column weight upto the first 1 set in the minimum range value. Slide 86 86 Advanced QoS Configuration examples - CLI Grouping like Classifiers and QoS marking per classifier Destination Layer 4 Port Block # qos classifier-block 11 block-number 10 name L4_DST set-id 11 in-profile- action 6 # qos classifier-block 12 block-number 10 name L4_DST set-id 12 in-profile- action 4 # qos classifier-block 13 block-number 10 name L4_DST set-id 13 in-profile- action 3 Destination IP Address and Layer 4 port Block # qos classifier-block 11 block-number 10 name L3&L4_DST set-id 11 in- profile-action 6 # qos classifier-block 12 block-number 10 name L3&L4_DST set-id 12 in- profile-action 4 # qos classifier-block 13 block-number 10 name L3&L4_DST set-id 13 in- profile-action 3 Slide 87 87 Advanced QoS Configuration examples - CLI Applying Classifiers to Interface groups InBound Destination IP Address and Layer 4 Port Block # qos policy 10 name IN_L3&L4_DST if-group SGS clfr-type block clfr-name L3&L4_DST precedence 10 OutBound Source IP Address and Layer 4 Port Block # qos policy 11 name OUT_L3&L4_SRC if-group SGS clfr-type block clfr-name L3&L4_SRC precedence 11 Slide 88 88 Advanced QoS Additional Commands - CLI Removing Rules - Remove in reverse order # no qos policy 17 # no qos classifier-block 17 # no qos classifier 17 # no qos ip-element 17 Showing QoS information # show qos ip-element # show qos classifier # show qos classifier-blocks # show qos policy Slide 89 89 Advanced QoS QoS Configuration EDM EDM QoS Devices Screen Queues, Interface groups / IDs, 802.1p & DSCP Mapping, Meters and Shapers. Slide 90 90 Advanced QoS QoS Configuration EDM EDM QoS Rules Screen IP, L2 & System Classifier Elements, Classifiers and Classifier Blocks. Click Insert to add a L2 Classifier Element Slide 91 91 Advanced QoS QoS Configuration EDM EDM QoS Screen Actions, Meters, Shapers and Policies. Pre-defined QoS Actions and service classes Slide 92 92 Agenda Getting Started Management L2- VLANs L3 Routing QOS Energy Saver Slide 93 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Energy Saver POE Access Ports Slide 94 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Energy Saver POE Access Ports Slide 95 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Energy Saver Energy Saver Access Ports Slide 96 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Energy Saver Energy Saver Access Ports Slide 97 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Energy Saver Energy Saver Access Ports Slide 98 98 Q & A Slide 99 Avaya Proprietary. Use pursuant to your signed agreement or Avaya policy. Thank you 99

Recommended

View more >