Page 1 ™ RackSwitch G8000 Application Guide...
Page 3 ™ RackSwitch G8000 Application Guide...
Page 4 Note: Before using this information and the product it supports, read the general information in the Safety information and Environmental Notices and User Guide documents on the IBM Documentation CD and the Warranty Information document that comes with the product.
Page 5: Table Of Contents
Loading New Software to Your Switch ....45 Loading Software via the IBM N/OS CLI ....46 Loading Software via the ISCLI .
Page 6 Configuring RADIUS on the Switch ....64 RADIUS Authentication Features in IBM N/OS ... 64 Switch User Accounts .
Page 8 Stacking Requirements ....148 Stacking Limitations ..... 149 RackSwitch G8000: Application Guide...
Page 10 IPsec Protocols ......203 Using IPsec with the RackSwitch G8000 ....204 Setting up Authentication .
Page 12 Internal Versus External Routing....260 OSPFv2 Implementation in IBM N/OS ....261 Configurable Parameters .
Page 13 ..... 301 IBM N/OS Extensions to VRRP ....302 Virtual Router Deployment Considerations.
Page 14 Example Configuration ....340 Chapter 30. Port Mirroring ....341 RackSwitch G8000: Application Guide...
Page 15 Hardware service and support ....348 IBM Taiwan product service ....348 Appendix C.
Page 16 RackSwitch G8000: Application Guide...
Page 17: Preface
Preface The IBM N/OS 6.8 Application Guide describes how to configure and use the IBM Networking OS 6.8 software on the RackSwitch G8000 (referred to as G8000 throughout this document). For documentation on installing the switch physically, see the Installation Guide for your G8000.
Page 18 (BGP) concepts and features supported in N/OS. • Chapter 22, “OSPF,” describes key Open Shortest Path First (OSPF) concepts and their implemented in N/OS, and provides examples of how to configure your switch for OSPF support. RackSwitch G8000: Application Guide...
Page 19: Additional References
Additional information about installing and configuring the G8000 is available in the following guides: • RackSwitch G8000 Installation Guide • IBM Networking OS 6.8 Command Reference • IBM Networking OS 6.8 ISCLI Reference Guide • IBM Networking OS 6.8 BBI Quick Guide © Copyright IBM Corp. 2011 Preface...
Page 20: Typographic Conventions
Select only one of the listed options. Do not type the vertical bar. AaBbCc123 This block type depicts menus, Click the Save button. buttons, and other controls that appear in Web browsers and other graphical interfaces. RackSwitch G8000: Application Guide...
Page 21: How To Get Help
Before you call, prepare the following information: • Serial number of the switch unit • Software release version number • Brief description of the problem and the steps you have already taken • Technical support dump information (# show tech-support) © Copyright IBM Corp. 2011 Preface...
Page 22 RackSwitch G8000: Application Guide...
Page 24 RackSwitch G8000: Application Guide...
Page 25: Chapter 1. Switch Administration
Chapter 1. Switch Administration Your RackSwitch G8000 (G8000) is ready to perform basic switching functions right out of the box. Some of the more advanced features, however, require some administrative configuration before they can be used effectively. The extensive IBM Networking OS switching software included in the G8000 provides a variety of options for accessing the switch to perform configuration, and to view switch information and statistics.
Page 26: Browser-Based Interface
To access the switch, the following IP parameters must be configured: 1. Log on to the switch. 2. Enter IP interface mode. RS G8000> enable RS G8000# configure terminal RS G8000(config)# interface ip <IP interface number> RackSwitch G8000: Application Guide...
Page 27: Using Telnet
By default, Telnet access is enabled. Use the following commands (available on the console only) to disable or re-enable Telnet access: RS G8000(config)# [no] access telnet enable © Copyright IBM Corp. 2011 Chapter 1. Switch Administration...
Page 28: Using Secure Shell
• Encryption: 3DES-CBC, DES • User Authentication: Local password authentication, RADIUS, TACACS+ IBM Networking OS implements the SSH version 2.0 standard and is confirmed to work with SSH version 2.0-compliant clients such as the following: • OpenSSH_5.4p1 for Linux •...
Page 29: Using A Web Browser
2. Set the HTTPS server port number (optional). To change the HTTPS Web server port number from the default port 443, use the following command: RS G8000(config)# access https port <x> © Copyright IBM Corp. 2011 Chapter 1. Switch Administration...
Page 30 When a client (such as a web browser) connects to the switch, the client is asked to accept the certificate and verify that the fields match what is expected. Once BBI access is granted to the client, the BBI can be used as described in the IBM Networking OS 6.8 BBI Quick Guide.
Page 31 • Access Control—Configure Access Control Lists to filter IP packets. • Virtualization – Configure VMready. For information on using the BBI, refer to the IBM Networking OS 6.8 BBI Quick Guide. © Copyright IBM Corp. 2011 Chapter 1. Switch Administration...
Page 32: Using Simple Network Management Protocol
N/OS provides Simple Network Management Protocol (SNMP) version 1, version 2, and version 3 support for access through any network management software, such as IBM Director or HP-OpenView. Note: SNMP read and write functions are enabled by default. For best security practices, if SNMP is not needed for your network, it is recommended that you disable these functions prior to connecting the switch to the network.
Page 33: Bootp/Dhcp Client Ip Address Services
Generally, it is best to configure BOOTP for the switch IP interface that is closest to the client, so that the BOOTP server knows from which IPv4 subnet the newly allocated IPv4 address will come. © Copyright IBM Corp. 2011 Chapter 1. Switch Administration...
Page 34: Domain-Specific Bootp Relay Agent Configuration
RS G8000(config)# ip bootp-relay bcast-domain <1-10> server <1-5> address <IPv4 address> RS G8000(config)# ip bootp-relay bcast-domain <1-10> enable As with global relay agent servers, domain-specific BOOTP/DHCP functionality may be assigned on a per-interface basis (see Step 2 page 32). RackSwitch G8000: Application Guide...
Page 35: Switch Login Levels
G8000, including the ability to change both the user and administrator passwords. Note: With the exception of the “admin” user, access to each user level can be disabled by setting the password to an empty value. © Copyright IBM Corp. 2011 Chapter 1. Switch Administration...
Page 36: Setup Vs. The Command Line
Setup (see “Initial Setup” on page 35”), a utility designed to help you through the first-time configuration process. If the switch has already been configured, the command line is displayed instead. RackSwitch G8000: Application Guide...
Page 37: Chapter 2. Initial Setup
Chapter 2. Initial Setup To help with the initial process of configuring your switch, the IBM Networking OS software includes a Setup utility. The Setup utility prompts you step-by-step to enter all the necessary information for basic configuration of the switch.
Page 38: Stopping And Restarting Setup Manually
If you decide not to configure VLANs during this session, you can configure them later using the configuration menus, or by restarting the Setup facility. For more information on configuring VLANs, see the IBM Networking OS Application Guide. Next, the Setup utility prompts you to input basic system information.
Page 39: Setup Part 2: Port Configuration
1. Select whether you will configure VLANs and VLAN tagging for ports: Port Config: Will you configure VLANs and VLAN tagging for ports? [y/n] If you wish to change settings for VLANs, enter y, or enter n to skip VLAN configuration. © Copyright IBM Corp. 2011 Chapter 2. Initial Setup...
Page 40 To keep the current setting, press <Enter>. 6. The system prompts you to configure the next port: Enter port (INT1-14, MGT1-2, EXT1-48): When you are through configuring ports, press <Enter> without specifying any port. Otherwise, repeat the steps in this section. RackSwitch G8000: Application Guide...
Page 41: Setup Part 3: Vlans
The system prompts for IPv4 parameters. Although the switch supports both IPv4 and IPv6 networks, the Setup utility permits only IPv4 configuration. For IPv6 configuration, see “Internet Protocol Version 6” on page 191|. © Copyright IBM Corp. 2011 Chapter 2. Initial Setup...
Page 42: Ip Interfaces
IP interfaces are used for defining the networks to which the switch belongs. Up to 128 IP interfaces can be configured on the RackSwitch G8000 (G8000). The IP address assigned to each IP interface provides the switch with an IP presence on your network.
Page 43: Loopback Interfaces
IP addresses, router IDs for various protocols, and persistent peer IDs for neighbor relationships. In IBM N/OS 6.8, loopback interfaces have been expanded for use with routing protocols such as OSPF and BGP. Loopback interfaces can also be specified as the source IP address for syslog, SNMP, RADIUS, TACACS+, NTP, and router IDs.
Page 44: Default Gateways
This part of the Setup program prompts you to configure the various routing parameters. At the prompt, enable or disable forwarding for IP Routing: Enable IP forwarding? [y/n] Enter y to enable IP forwarding. To disable IP forwarding, enter n. To keep the current setting, press <Enter>. RackSwitch G8000: Application Guide...
Page 45: Setup Part 5: Final Steps
Enter y to discard the changes. Enter n to return to the “Apply the changes?” prompt. Note: After initial configuration is complete, it is recommended that you change the default passwords. © Copyright IBM Corp. 2011 Chapter 2. Initial Setup...
Page 46: Optional Setup For Telnet Support
G8000 through a remote Telnet connection. 1. Telnet is enabled by default. To change the setting, use the following command: >> # /cfg/sys/access/tnet 2. Apply and save the configuration(s). >> System# apply >> System# save RackSwitch G8000: Application Guide...
Page 47: Chapter 3. Switch Software Management
CAUTION: Although the typical upgrade process is all that is necessary in most cases, upgrading from (or reverting to) some versions of IBM Networking OS requires special steps prior to or after the software installation process. Please be sure to follow all applicable instructions in the release notes document for the specific software release to ensure that your switch continues to operate as expected after installing new software.
Page 48: Loading Software Via The Ibm N/Os Cli
The name of the new software image or boot file When the software requirements are met, use one of the following procedures to download the new software to your switch. You can use the IBM N/OS CLI, the ISCLI, or the BBI to download and activate new software.
Page 49: Loading Software Via The Iscli
After you log onto the BBI, perform the following steps to load a software image: 1. Click the Configure context tab in the toolbar. 2. In the Navigation Window, select System > Config/Image Control. © Copyright IBM Corp. 2011 Chapter 3. Switch Software Management...
Page 50: The Boot Management Menu
To change the configuration block, press 2, and follow the screen prompts. • To perform an Xmodem download, press 3 and follow the screen prompts. • To exit the Boot Management menu, press 4. The booting process continues. RackSwitch G8000: Application Guide...
Page 51 ## Switch baudrate to 115200 bps and press ENTER ... 5. Press <Enter> to set the system into download accept mode. When the readiness meter displays (a series of “C” characters), start XModem on your terminal emulator. © Copyright IBM Corp. 2011 Chapter 3. Switch Software Management...
Page 52 9. Select 3 to start a new XModem Download. When you see the following message, change the Serial Port characteristics to 115200 bps: ## Switch baudrate to 115200 bps and press ENTER ... 10. Press <Enter> to continue the download. RackSwitch G8000: Application Guide...
Page 53 ## Switch baudrate to 9600 bps and press ESC ... 14. Press the Escape key (<Esc>) to re-display the Boot Management menu. 15. Select 4 to exit and boot the new image. © Copyright IBM Corp. 2011 Chapter 3. Switch Software Management...
Page 54 RackSwitch G8000: Application Guide...
Page 56 RackSwitch G8000: Application Guide...
Page 57: Chapter 4. Securing Administration
• Encrypting messages between the remote administrator and switch • Secure copy support IBM Networking OS implements the SSH version 2.0 standard and is confirmed to work with SSH version 2.0-compliant clients such as the following: • OpenSSH_5.4p1 for Linux •...
Page 58: Configuring Ssh/Scp Features On The Switch
>> ssh [-4|-6] <switch IP address> -or- >> ssh [-4|-6] <login name>@<switch IP address> Note: The -4 option (the default) specifies that an IPv4 switch address will be used. The -6 option specifies IPv6. Example: >> ssh scpadmin@205.178.15.157 RackSwitch G8000: Application Guide...
Page 59 • The putcfg_apply and putcfg_apply_save commands are provided because extra apply and save commands are usually required after a putcfg; however, an SCP session is not in an interactive mode. © Copyright IBM Corp. 2011 Chapter 4. Securing Administration...
Page 60: Ssh And Scp Encryption Of Management Messages
Thus, an SSH/SCP client will not be able to log in if the switch is performing key generation at that time. Also, key generation will fail if an SSH/SCP client is logging in at that time. RackSwitch G8000: Application Guide...
Page 61: Ssh/Scp Integration With Radius Authentication
SSH user because the switch will recognize him as the SCP-only administrator. The switch will only allow the administrator access to SCP commands. © Copyright IBM Corp. 2011 Chapter 4. Securing Administration...
Page 62: End User Access Control
End User Access Control IBM N/OS allows an administrator to define end user accounts that permit end users to perform operation tasks via the switch CLI commands. Once end user accounts are configured and enabled, the switch requires username/password authentication.
Page 63: User Access Control
- Always Enabled - online 1 session Current User ID table: 1: name jane , ena, cos user , password valid, online 1 session 2: name john , ena, cos user , password valid, online 2 sessions © Copyright IBM Corp. 2011 Chapter 4. Securing Administration...
Page 64: Logging Into An End User Account
Once an end user account is configured and enabled, the user can login to the switch using the username/password combination. The level of switch access is determined by the COS established for the end user account. RackSwitch G8000: Application Guide...
Page 65: Chapter 5. Authentication & Authorization Protocols
“TACACS+ Authentication” on page 66 • “LDAP Authentication and Authorization” on page 69 Note: IBM Networking OS 6.8 does not support IPv6 for RADIUS, TACACS+ or LDAP. RADIUS Authentication and Authorization IBM N/OS supports the RADIUS (Remote Authentication Dial-in User Service)
Page 66: Configuring Radius On The Switch
4. Configure the number retry attempts for contacting the RADIUS server, and the timeout period. RS G8000(config)# radius-server retransmit 3 RS G8000(config)# radius-server timeout 5 RADIUS Authentication Features in IBM N/OS N/OS supports the following RADIUS authentication features: • Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and RFC 2866.
Page 67: Switch User Accounts
RADIUS Attributes for IBM N/OS User Privileges When the user logs in, the switch authenticates his/her level of access by sending the RADIUS access request, that is, the client authentication request, to the RADIUS authentication server.
Page 68: Tacacs+ Authentication
RADIUS dictionary. RADIUS attribute 6 which is built into all RADIUS servers defines the administrator. The file name of the dictionary is RADIUS vendor-dependent. The following RADIUS attributes are defined for G8000 user privileges levels: Table 4. IBM N/OS-proprietary Attributes for RADIUS User Name/Access User-Service-Type Value...
Page 69: Tacacs+ Authentication Features In Ibm N/Os
TACACS+ Authentication Features in IBM N/OS Authentication is the action of determining the identity of a user, and is generally done when the user first attempts to log in to a device or gain access to its services. N/OS supports ASCII inbound login to the device. PAP, CHAP and ARAP login methods, TACACS+ change password requests, and one-time password authentication are not supported.
Page 70: Command Authorization And Logging
Note: You can use a configured loopback address as the source address so the TACACS+ server accepts requests only from the expected loopback address block. Use the following command to specify the loopback interface: RS G8000(config)# ip tacacs source-interface loopback <1-5> RackSwitch G8000: Application Guide...
Page 71: Ldap Authentication And Authorization
The first word of the common name for each user group must be equal to the user group names defined in the G8000, as follows: – admin – oper – user © Copyright IBM Corp. 2011 Chapter 5. Authentication & Authorization Protocols...
Page 72 The well-known port for LDAP is 389. >> # ldap-server port <1-65000> 4. Configure the number of retry attempts for contacting the LDAP server, and the timeout period. >> # ldap-server retransmit 3 >> # ldap-server timeout 10 RackSwitch G8000: Application Guide...
Page 73: Chapter 6. 802.1X Port-Based Network Access Control
LAN port that has point-to-point connection characteristics. It prevents access to ports that fail authentication and authorization. This feature provides security to ports of the RackSwitch G8000 (G8000) that connect to blade servers. The following topics are discussed in this section: •...
Page 74: Extensible Authentication Protocol Over Lan
Extensible Authentication Protocol over LAN IBM Networking OS can provide user-level security for its ports using the IEEE 802.1X protocol, which is a more secure alternative to other methods of port-based network access control. Any device attached to an 802.1X-enabled port that fails authentication is prevented access to the network and denied services offered through that port.
Page 75: Eapol Authentication Process
EAP-Request/Identity frame. The client confirms its identity by sending an EAP-Response/Identity frame to the G8000 authenticator, which forwards the frame encapsulated in a RADIUS packet to the server. © Copyright IBM Corp. 2011 Chapter 6. 802.1X Port-Based Network Access Control...
Page 76 EAPOL-Start frame. When no response is received, the client retransmits the request for a fixed number of times. If no response is received, the client assumes the port is in authorized state, and begins sending frames, even if the port is unauthorized. RackSwitch G8000: Application Guide...
Page 77: Eapol Port States
The port is placed in the guest VLAN. • The Port VLAN ID (PVID) is changed to the Guest VLAN ID. • Port tagging is disabled on the port. © Copyright IBM Corp. 2011 Chapter 6. 802.1X Port-Based Network Access Control...
Page 78: Supported Radius Attributes
VLAN assignment). The attribute must be untagged (the Tag field must be 0). 65 Tunnel-Medium- Only 802 (type 6) is currently Type supported (for 802.1X RADIUS VLAN assignment). The attribute must be untagged (the Tag field must be 0). RackSwitch G8000: Application Guide...
Page 79 Zero or one instance of this attribute MAY be present in a packet. • Exactly one instance of this attribute MUST be present in a packet. • One or more of these attributes MUST be present. © Copyright IBM Corp. 2011 Chapter 6. 802.1X Port-Based Network Access Control...
Page 80: Eapol Configuration Guidelines
Unsupported 802.1X attributes include Service-Type, Session-Timeout, and Termination-Action. • RADIUS accounting service for 802.1X-authenticated devices or users is not currently supported. • Configuration changes performed using SNMP and the standard 802.1X MIB will take effect immediately. RackSwitch G8000: Application Guide...
Page 81: Chapter 7. Access Control Lists
Each filter defines the conditions that must match for inclusion in the filter, and also the actions that are performed when a match is made. IBM Networking OS 6.8 supports the following ACLs: • IPv4 ACLs Up to 512 ACLs are supported for networks that use IPv4 addressing.
Page 82 • IPv6 header options (for IPv6 ACLs only) – Source IPv6 address and prefix length – Destination IPv6 address and prefix length – Next Header value – Flow Label value – Traffic Class value RackSwitch G8000: Application Guide...
Page 83: Summary Of Acl Actions
• Pass or Drop the packet • Re-mark the packet with a new DiffServ Code Point (DSCP) • Re-mark the 802.1p field • Set the COS queue © Copyright IBM Corp. 2011 Chapter 7. Access Control Lists...
Page 84: Assigning Individual Acls To A Port
One ACL match from each precedence group is permitted, meaning that up to four ACL matches may be considered for action: one from precedence group 1, one from precedence group 2, and so on. RackSwitch G8000: Application Guide...
Page 85: Acl Groups
82). All ACLs assigned to the port (whether individually assigned or part of an ACL Group) are considered as individual ACLs for the purposes of determining their order of precedence. © Copyright IBM Corp. 2011 Chapter 7. Access Control Lists...
Page 86: Assigning Acl Groups To A Port
You can configure the ACL to re-mark a packet as follows: • Change the DSCP value of a packet, used to specify the service level that traffic receives. • Change the 802.1p priority of a packet. RackSwitch G8000: Application Guide...
Page 87: Acl Port Mirroring
ACL statistics to check filter performance or to debug the ACL filter configuration. You must enable statistics for each ACL that you wish to monitor: RS G8000(config)# access-control list <ACL number> statistics © Copyright IBM Corp. 2011 Chapter 7. Access Control Lists...
Page 88: Acl Configuration Examples
RS G8000(config)# access-control list6 3 ipv6 source-address 2001:0:0:5:0:0:0:2 128 RS G8000(config)# access-control list6 3 action deny 2. Add ACL 2 to port 2. RS G8000(config)# interface port 2 RS G8000(config-if)# access-control list6 3 RS G8000(config-if)# exit RackSwitch G8000: Application Guide...
Page 89 RS G8000(config)# access-control list 4 egress-port 3 RS G8000(config)# access-control list 4 action deny 2. Add ACL 4 to port 1. RS G8000(config)# interface port 1 RS G8000(config-if)# access-control list 4 RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 7. Access Control Lists...
Page 90: Vlan Maps
VMap is applied for either the switch server ports (serverports) or uplink ports (non-serverports). If omitted, the operation will be applied to all ports in the associated VLAN or VM group. RackSwitch G8000: Application Guide...
Page 91: Using Storm Control Filters
To filter multicast packets on a port, use the following commands: RS G8000(config-if)# multicast-threshold <packet rate> To filter unknown unicast packets on a port, use the following commands: RS G8000(config-if)# dest-lookup-threshold <packet rate> RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 7. Access Control Lists...
Page 92 RackSwitch G8000: Application Guide...
Page 93: Part 3: Switch Basics
This section discusses basic switching functions: • VLANs • Port Trunking • Spanning Tree Protocols (Spanning Tree Groups, Rapid Spanning Tree Protocol, and Multiple Spanning Tree Protocol) • Virtual Link Aggregation Groups • Quality of Service © Copyright IBM Corp. 2011...
Page 94 RackSwitch G8000: Application Guide...
Page 95: Chapter 8. Vlans
VLAN. The RackSwitch G8000 (G8000) supports jumbo frames with a Maximum Transmission Unit (MTU) of 9,216 bytes. Within each frame, 18 bytes are reserved for the Ethernet header and CRC trailer. The remaining space in the frame (up to 9,198 bytes) comprise the packet, which includes the payload of up to 9,000 bytes and any additional overhead, such as 802.1q or VLAN tags.
Page 96: Vlans And Port Vlan Id Numbers
Each port on the switch can belong to one or more VLANs, and each VLAN can have any number of switch ports in its membership. Any port that belongs to multiple VLANs, however, must have VLAN tagging enabled (see “VLAN Tagging” on page 95). RackSwitch G8000: Application Guide...
Page 97: Vlan Tagging
VLAN Tagging IBM Networking OS software supports 802.1Q VLAN tagging, providing standards-based VLAN support for Ethernet systems. Tagging places the VLAN identifier in the frame header of a packet, allowing each port to belong to multiple VLANs. When you add a port to multiple VLANs, you also must enable tagging on that port.
Page 98 Figure 3. Port-based VLAN assignment Port 1 Port 2 Port 3 Tagged member PVID = 2 of VLAN 2 Untagged packet 802.1Q Switch Data Before Port 6 Port 7 Port 8 Untagged member of VLAN 2 RackSwitch G8000: Application Guide...
Page 99 5, which is configured as a tagged member of VLAN 2. However, the tagged packet is stripped (untagged) as it leaves the switch through port 7, which is configured as an untagged member of VLAN 2. © Copyright IBM Corp. 2011 Chapter 8. VLANs...
Page 100 VID = 2 Untagged member CRC* (*Recalculated) of VLAN 2 16 bits 3 bits 1 bit 12 bits Data After Outgoing untagged packet changed (tag removed) Priority - User_priority - Canonical format indicator - VLAN identifier BS45014A RackSwitch G8000: Application Guide...
Page 101: Vlan Topologies And Design Considerations
Figure 7. Multiple VLANs with VLAN-Tagged Gigabit Adapters Enterprise Enterprise Routing Switch Routing Switch Server 1 Server 2 Server 3 Server 4 Server 5 VLAN 1 VLAN 1 VLAN 2 VLAN 3 VLAN 1, 2 © Copyright IBM Corp. 2011 Chapter 8. VLANs...
Page 102 VLAN 3. Tagging on switch ports is enabled. Note: VLAN tagging is required only on ports that are connected to other switches or on ports that connect to tag-capable end-stations, such as servers with VLAN-tagging adapters. RackSwitch G8000: Application Guide...
Page 103: Vlan Configuration Example
RS G8000(config)# vlan 3 RS G8000(config-vlan)# enable RS G8000(config-vlan)# member 4,19,20 RS G8000(config-vlan)# exit By default, all ports are members of VLAN 1, so configure only those ports that belong to other VLANs. © Copyright IBM Corp. 2011 Chapter 8. VLANs...
Page 104: Protocol-Based Vlans
Ethernet type—consists of a 4-digit (16 bit) hex value that defines the Ethernet type. You can use common Ethernet protocol values, or define your own values. Following are examples of common Ethernet protocol values: – IPv4 = 0800 – IPv6 = 86dd – ARP = 0806 RackSwitch G8000: Application Guide...
Page 105: Port-Based Vs. Protocol-Based Vlans
The same port within a port-based VLAN can belong to multiple PVLANs. • An untagged port can be a member of multiple PVLANs. • A port cannot be a member of different VLANs with the same protocol association. © Copyright IBM Corp. 2011 Chapter 8. VLANs...
Page 106: Configuring Pvlan
Status Ports ---- ------------------------ ------ ------------------------- Default VLAN 1-48, XGE1-XGE4 VLAN 2 PVLAN Protocol FrameType EtherType Priority Status Ports ----- -------- ---------- --------- -------- ------- ----------- Ether2 0800 enabled PVLAN PVLAN-Tagged Ports ----- --------------------------- none none RackSwitch G8000: Application Guide...
Page 107: Private Vlans
VLAN ID. • Ports within a secondary VLAN cannot be members of other VLANs. • All VLANs that comprise the Private VLAN must belong to the same Spanning Tree Group. © Copyright IBM Corp. 2011 Chapter 8. VLANs...
Page 108: Configuration Example
RS G8000(config-vlan)# private-vlan type isolated RS G8000(config-vlan)# private-vlan map 100 RS G8000(config-vlan)# private-vlan enable RS G8000(config-vlan)# exit 3. Verify the configuration. RS G8000(config)# show private-vlan Private-VLAN Type Mapped-To Status Ports ------------ --------- ---------- ---------- ----------------- primary isolated RackSwitch G8000: Application Guide...
Page 109: Chapter 9. Ports And Trunking
Chapter 9. Ports and Trunking Trunk groups can provide super-bandwidth, multi-link connections between the RackSwitch G8000 (G8000) and other trunk-capable devices. A trunk group is a group of ports that act together, combining their bandwidth to create a single, larger virtual link.
Page 110: Static Trunks
You cannot configure a trunk member as a monitor port in a port-mirroring configuration. • Trunks cannot be monitored by a monitor port; however, trunk members can be monitored. • All ports in static trunks must be have the same link configuration (speed, duplex, flow control). RackSwitch G8000: Application Guide...
Page 111: Configuring A Static Port Trunk
Prior to configuring each switch in this example, you must connect to the appropriate switches as the administrator. Note: For details about accessing and using any of the commands described in this example, see the RackSwitch G8000 ISCLI Reference. 1. Follow these steps on the G8000: a. Define a trunk group.
Page 112 Up to 8 ports can belong to the same trunk group. • All ports in static trunks must be have the same link configuration (speed, duplex, flow control). ® ® • Trunking from third-party devices must comply with Cisco EtherChannel technology. RackSwitch G8000: Application Guide...
Page 113: Link Aggregation Control Protocol
LACP trunk group fails, traffic is reassigned dynamically to the remaining link(s) of the dynamic trunk group. Note: LACP implementation in the IBM Networking OS does not support the Churn machine, an option used to detect if the port is operable within a bounded time period between the actor and the partner.
Page 114 RS G8000 # show lacp information Note: If you configure LACP on ports with 802.1X network access control, make sure the ports on both sides of the connection are properly configured for both LACP and 802.1X. RackSwitch G8000: Application Guide...
Page 115: Lacp Minimum Links Option
LACP trunk group. RS G8000(config)# interface port 7-8 RS G8000(config-if)# lacp key 100 3. Set the LACP mode. RS G8000(config-if)# lacp mode active RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 9. Ports and Trunking...
Page 116: Configurable Trunk Hash Algorithm
When enabled, Layer 4 port information (TCP, UPD, etc.) is added to the hash if available. The L4port option is ignored when Layer 4 information is not included in the packet (such as for Layer 2 packets). RackSwitch G8000: Application Guide...
Page 117: Chapter 10. Spanning Tree Protocols
When multiple paths exist between two points on a network, Spanning Tree Protocol (STP), or one of its enhanced variants, can prevent broadcast loops and ensure that the RackSwitch G8000 (G8000) uses only the most efficient network path. This chapter covers the following topics: •...
Page 118: Global Stp Control
Port Trunk group or one or more VLANs Trunk group One or more VLANs VLAN (non-default) • PVRST: One VLAN per STG • RSTP: All VLANs are in STG 1 • MSTP: Multiple VLANs per STG RackSwitch G8000: Application Guide...
Page 119: Port States
The lower the value, the higher the bridge priority. Use the following command to configure the bridge priority: <x> bridge priority <0-65535> RS G8000(config)# spanning-tree stp © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 120: Port Priority
RS G8000(config)# interface port <port number> RS G8000(config-if)# spanning-tree stp <STG> path-cost <path cost value> RS G8000(config-if)# exit The port path cost can be a value from 1 to 200000000. Specify 0 for automatic path cost. RackSwitch G8000: Application Guide...
Page 121: Simple Stp Configuration
During operation, if one G8000 experiences an uplink failure, STP will activate the BLADE switch-to-switch link so that server traffic on the affected G8000 may pass through to the active uplink on the other G8000, as shown in Figure © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 122 To configure the port path cost on the switch-to-switch links in this example, use the following commands on each G8000. RS G8000(config)# interface port 10 RS G8000(config-if)# spanning-tree stp 1 path-cost 60000 RS G8000(config-if)# exit RackSwitch G8000: Application Guide...
Page 123: Per-Vlan Spanning Tree Groups
STG 1 is the default STG. Although VLANs can be added to or deleted from default STG 1, the STG itself cannot be deleted from the system. By default, STG 1 is enabled and includes VLAN 1, which by default includes all switch ports. © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 124: Manually Assigning Stgs
When a VLAN is assigned to a new STG, the VLAN is automatically removed from its prior STG. Note: For proper operation with switches that use Cisco PVST+, it is recommended that you create a separate STG for each VLAN. RackSwitch G8000: Application Guide...
Page 125: Guidelines For Creating Vlans
VLAN members, Spanning Tree will be off on all ports belonging to that VLAN. The relationship between port, trunk groups, VLANs, and Spanning Trees is shown Table 13 on page 116. © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 126: The Switch-Centric Model
Switch C receives this BPDU on port 8 and is identified as participating in VLAN 3, STG 2. Since Switch C has no additional ports participating in STG 2, this BPDU is not forwarded to any additional ports and Switch A remains the designated root. RackSwitch G8000: Application Guide...
Page 127: Configuring Multiple Stgs
VLAN 3 is automatically removed from STG 1. By default VLAN 1 remains in STG 1. 5. Switch D does not require any special configuration for multiple Spanning Trees. Switch D uses default STG 1 only. © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 128: Rapid Spanning Tree Protocol
1. Configure port and VLAN membership on the switch. 2. Set the Spanning Tree mode to Rapid Spanning Tree. RS G8000(config)# spanning-tree mode rstp 3. Configure STP Group 1 parameters. RS G8000(config)# spanning-tree stp 1 enable RS G8000(config)# spanning-tree stp 1 vlan 2 RackSwitch G8000: Application Guide...
Page 129: Multiple Spanning Tree Protocol
When MSTP is turned off, the switch moves all VLANs from the CIST to STG 1. • When you enable MSTP, you must configure the Region Name. A default version number of 1 is configured automatically. © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 130: Mstp Configuration Examples
This example shows how multiple Spanning Trees can provide redundancy without wasting any uplink ports. In this example, the server ports are split between two separate VLANs. Both VLANs belong to two different MSTP groups. The Spanning RackSwitch G8000: Application Guide...
Page 131: Port Type And Link Type
(non-edge) port, and participates fully in Spanning Tree. Use the following commands to define or clear a port as an edge port: RS G8000(config)# interface port <port> RS G8000(config-if)# [no] spanning-tree edge RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 10. Spanning Tree Protocols...
Page 132: Link Type
Note: Any STP port in full-duplex mode can be manually configured as a shared port when connected to a non-STP-aware shared device (such as a typical Layer 2 switch) used to interconnect multiple STP-aware devices. RackSwitch G8000: Application Guide...
Page 133: Chapter 11. Quality Of Service
Queue and Egress Ingress Ports Classify Actions Schedule Packets Permit/Deny Queue Filter The basic QoS model works as follows: • Classify traffic: – Read DSCP value. – Read 802.1p priority value. – Match ACL filter parameters. © Copyright IBM Corp. 2011...
Page 134 – Mark DSCP or 802.1p Priority – Set COS queue (with or without re-marking) • Queue and schedule traffic: – Place packets in one of the COS queues. – Schedule transmission based on the COS queue. RackSwitch G8000: Application Guide...
Page 135: Using Acl Filters
IBM Networking OS 6.8 supports up to 512 ACLs. The G8000 allows you to classify packets based on various parameters. For example: •...
Page 136: Acl Metering And Re-Marking
The switch can classify traffic by reading the DiffServ Code Point (DSCP) or IEEE 802.1p priority value, or by using filters to match specific criteria. When network traffic attributes match those specified in a traffic pattern, the policy instructs the RackSwitch G8000: Application Guide...
Page 137: Differentiated Services Concepts
Expedited Forwarding (EF)—This PHB has the highest egress priority and lowest drop precedence level. EF traffic is forwarded ahead of all other traffic. EF PHB is described in RFC 2598. © Copyright IBM Corp. 2011 Chapter 11. Quality of Service...
Page 138: Qos Levels
Default PHB 802.1p Priority Critical Network Control Premium EF, CS5 Platinum AF41, AF42, AF43, CS4 4 Gold AF31, AF32, AF33, CS3 3 Silver AF21, AF22, AF23, CS2 2 Bronze AF11, AF12, AF13, CS1 Standard DF, CS0 RackSwitch G8000: Application Guide...
Page 139: Dscp Re-Marking And Mapping
Then you must enable DSCP re-marking on any port that you wish to perform this function (Interface Port mode). Note: If an ACL meter is configured for DSCP re-marking, the meter function takes precedence over QoS re-marking. © Copyright IBM Corp. 2011 Chapter 11. Quality of Service...
Page 140: Dscp Re-Marking Configuration Examples
RS G8000(config-if)# access-control list 2 RS G8000(config-if)# access-control list 3 RS G8000(config-if)# dscp-marking RS G8000(config-if)# exit 4. Enable DSCP re-marking globally. RS G8000(config)# qos dscp re-marking 5. Assign the DSCP re-mark value. RS G8000(config)# qos dscp dscp-mapping 46 9 RackSwitch G8000: Application Guide...
Page 141 7. Map priority value to COS queue for non-VoIP traffic. RS G8000(config)# qos transmit-queue mapping 1 1 8. Assign weight to the non-VoIP COS queue. RS G8000(config)# qos transmit-queue weight-cos 1 2 © Copyright IBM Corp. 2011 Chapter 11. Quality of Service...
Page 142: Using 802.1P Priority To Provide Qos
COS queue. To configure a port’s default 802.1p priority value, use the following commands. RS G8000(config)# interface port 1 RS G8000(config-if)# dot1p <802.1p value (0-7)> RS G8000(config-if)# exit RackSwitch G8000: Application Guide...
Page 143: Queuing And Scheduling
Note: Use caution when assigning strict scheduling to queues. Heavy traffic in queues assigned with a weight of 0 can starve lower priority queues. © Copyright IBM Corp. 2011 Chapter 11. Quality of Service...
Page 144 RackSwitch G8000: Application Guide...
Page 146 RackSwitch G8000: Application Guide...
Page 147: Chapter 12. Virtualization
Virtualization allows resources to be allocated in a fluid manner based on the logical needs of the data center, rather than on the strict, physical nature of components. The following virtualization features are included in IBM Networking OS 6.8 on the RackSwitch G8000 (G8000): •...
Page 148 RackSwitch G8000: Application Guide...
Page 149: Chapter 13. Stacking
“Configuring a Stack” on page 153 • “Managing a Stack” on page 157 • “Upgrading Software in an Existing Stack” on page 159 • “Replacing or Removing Stacked Switches” on page 161 • “ISCLI Stacking Commands” on page 164 © Copyright IBM Corp. 2011...
Page 150: Stacking Overview
Stacking Overview A stack is a group of up to six RackSwitch G8000 switches with IBM Networking OS that work together as a unified system. A stack has the following properties, regardless of the number of switches included: • The network views the stack as a single entity.
Page 151: Stacking Limitations
Master and pushed to each switch in the stack as necessary. • Member Member switches provide additional port capacity to the stack. Members receive configuration changes, run-time information, and software updates from the Master. © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 152: The Master Switch
If, while the stack is still split, the Backup (acting as Master) is explicitly reconfigured to become a regular Master, then when the split stacks are finally merged, the Master with the lowest MAC address will become the new active Master for the entire stack. RackSwitch G8000: Application Guide...
Page 153: Merging Independent Stacks
Backup and specifies itself (the primary Backup) as the new Backup in case the secondary fails. This prevents the chain of stack control from migrating too far from the original Master and Backup configuration intended by the administrator. © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 154: Master Recovery
It is recommended that asnum 1 and csnum 1 be used for identifying the Master switch. By default, csnum 1 is assigned to the Master. If csnum 1 is not available, the lowest available csnum is assigned to the Master. RackSwitch G8000: Application Guide...
Page 155: Configuring A Stack
By default, each switch is set to Member mode. However, one switch must be set to Master mode. Use the following command on only the designated Master switch: RS G8000(config)# boot stack mode master © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 156 Once the stack trunks are connected, the switches will perform low-level stacking configuration. Note: Although stack link failover/failback is accomplished on a sub-second basis, to maintain the best stacking operation and avoid traffic disruption, it is recommended not to disrupt stack links after the stack is formed. RackSwitch G8000: Application Guide...
Page 157: Additional Master Configuration
If the IPv4 address and VLAN of an external IP interface for the stack is unknown, connect to the Master switch using the IPv4 address assigned by the management system, and execute the following command: RS G8000(config)# show interface ip © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 158: Viewing Stack Connections
RS G8000(config)# no stack switch-number <csnum> Assigning a Stack Backup Switch To define a Member switch as a Backup (optional) which will assume the Master role if the Master switch fails, execute the following command: RS G8000(config)# stack backup <csnum> RackSwitch G8000: Application Guide...
Page 159: Managing A Stack
Table 15. Stacking Boot Management buttons Field Description Reboot Stack Performs a software reboot/reset of all switches in the stack. The software image specified in the Image To Boot drop-down list becomes the active image. © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 160 Master. For example, if the new image is loaded into image 1 on the Master switch, the Master will push the same firmware to image 1 on each Member switch. RackSwitch G8000: Application Guide...
Page 161: Upgrading Software In An Existing Stack
3. Reboot all switches in the stack. Use either the ISCLI or the BBI. – From the BBI, select Configure > System > Config/Image Control. Click Reboot Stack. – From the ISCLI, use the following command: RS G8000(config)# reload © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 162 – From the ISCLI, use the following command: RS G8000(config)# show stack version Switch Firmware Versions: ------------------------------------------------------------ asnum csnum Version Serial # ----- ----- ----------------- ------ ------- ---------- 00:00:00:00:01:00 image1 0.0.0.0 CH49000000 00:11:00:af:ce:00 image1 0.0.0.0 CH49000001 00:22:00:ad:43:00 image1 0.0.0.0 CH49000002 RackSwitch G8000: Application Guide...
Page 163: Replacing Or Removing Stacked Switches
2. Place the new switch in its determined place according to the RackSwitch G8000 Installation Guide. 3. Connect to the ISCLI of the new switch (not the stack interface) 4. Enable stacking: RS G8000(config)# boot stack enable © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 164: Binding The New Switch To The Stack
2. From the stack interface, assign the csnum for the new switch. You can bind Member switches to a stack csnum using either the new switch’s asnum or MAC address : RS G8000(config)# stack switch-number <csnum> mac <MAC address> -or- RS G8000(config)# stack switch-number <csnum> bind <asnum> RackSwitch G8000: Application Guide...
Page 165 3. Apply and save your configuration changes. Note: If replacing the Master switch, the Master will not assume control from the Backup unless the Backup is rebooted or fails. © Copyright IBM Corp. 2011 Chapter 13. Stacking...
Page 166: Iscli Stacking Commands
ISCLI Stacking Commands Stacking-related ISCLI commands are listed here. For details on specific commands, see the RackSwitch G8000 ISCLI Reference. • [no] boot stack enable • boot stack higig-trunk <port list> • boot stack mode master|member • boot stack push-image boot-image|image1|image2 <asnum>...
Page 167: Chapter 14. Vmready
The IBM Networking OS 6.8 VMready feature supports up to 1024 VEs in a virtualized data center environment. The switch automatically discovers the VEs attached to switch ports, and distinguishes between regular VMs, Service Console ®...
Page 168: Defining Server Ports
<profile name> (Add STG to group) stg <Spanning Tree group> (Set VLAN tagging on ports) (Specify the group VLAN) vlan <VLAN number> (Add VM member to group) vm <MAC>|<index>|<UUID>|<IPv4 address>|<name> (Specify VMAP number) vmap <VMAP number> [intports|extports] RackSwitch G8000: Application Guide...
Page 169 Only VEs currently connected to the switch port (local) or pending connection (pre-provisioned) are permitted in local VM groups. Use the no variant of the commands to remove or disable VM group configuration settings: RS G8000(config)# no virt vmgroup <VM group number> [?] © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 170: Distributed Vm Groups
“VM Profiles” on page 168 for details. Once a VM profile is available, a distributed VM group may be initialized using the following configuration command: RS G8000(config)# virt vmgroup <VM group number> profile <VM profile name> RackSwitch G8000: Application Guide...
Page 171: Assigning Members
The VE will be moved to the BNT_Default port group in VLAN 0 (zero). • Traffic shaping will be disabled for the VE. • All other properties will be reset to default values inherited from the virtual switch. © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 172: Virtualization Management Servers
However, you can force an immediate scan of the vCenter by using one of the following ISCLI privileged EXEC commands: (Scan the vCenter) RS G8000# virt vmware scan -or- (Scan vCenter and display result) RS G8000# show virt vm -v -r RackSwitch G8000: Application Guide...
Page 173: Deleting The Vcenter
Add a port group to a host scan Perform a VM Agent scan operation now updpg Update a port group on a host vmacpg Change a vnic's port group Add a vswitch to a host © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 174: Pre-Provisioning Ves
RS G8000(config)# [no] virt vmgroup <VM group number> vm <VE MAC address> For the pre-provisioning of undiscovered VEs, a MAC address is required. Other identifying properties, such as IPv4 address or VM name permitted for known VEs, cannot be used for pre-provisioning. RackSwitch G8000: Application Guide...
Page 175: Vlan Maps
VMAP match a particular packet, both filter actions will be applied as long as there is no conflict. In the event of a conflict, the port ACL will take priority, though switch statistics will count matches for both the ACL and VMAP. © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 176: Vm Policy Bandwidth Control
Bandwidth policies are enforced by the G8000. VE traffic that exceeds configured levels is dropped by the switch upon ingress. Setting txrate uses ACL resources on the switch. Bandwidth shaping and bandwidth policies can be used separately or in concert. RackSwitch G8000: Application Guide...
Page 177: Vmready Information Displays
* indicates VMware ESX Service Console Interface + indicates VMware ESX/ESXi VMKernel or Management Interface Note: The Index numbers shown in the VE information displays can be used to specify a particular VE in configuration commands. © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 178 If a vCenter is available, the following ISCLI privileged EXEC command displays the name and UUID of all VMware hosts, providing an essential overview of the data center: RS G8000# show virt vmware hosts UUID Name(s), IP Address --------------------------------------------------------------- 00a42681-d0e5-5910-a0bf-bd23bd3f7800 172.16.41.30 002e063c-153c-dd11-8b32-a78dd1909a00 172.16.46.10 00f1fe30-143c-dd11-84f2-a8ba2cd7ae00 172.16.44.50 0018938e-143c-dd11-9f7a-d8defa4b8300 172.16.46.20 RackSwitch G8000: Application Guide...
Page 179 RS G8000# show virt vmware vms UUID Name(s), IP Address ---------------------------------------------------------------------- 001cdf1d-863a-fa5e-58c0-d197ed3e3300 30vm1 001c1fba-5483-863f-de04-4953b5caa700 VM90 001c0441-c9ed-184c-7030-d6a6bc9b4d00 VM91 001cc06e-393b-a36b-2da9-c71098d9a700 vm_new 001c6384-f764-983c-83e3-e94fc78f2c00 sturgeon 001c7434-6bf9-52bd-c48c-a410da0c2300 VM70 001cad78-8a3c-9cbe-35f6-59ca5f392500 VM60 001cf762-a577-f42a-c6ea-090216c11800 30VM6 001c41f3-ccd8-94bb-1b94-6b94b03b9200 halibut, localhost.localdomain, 172.16.46.15 001cf17b-5581-ea80-c22c-3236b89ee900 30vm5 001c4312-a145-bf44-7edd-49b7a2fc3800 001caf40-a40a-de6f-7b44-9c496f123b00 30VM7 © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 180: Vmready Configuration Example
When prompted, enter the user password that the switch must use for access to the vCenter. 4. Create the VM profile. RS G8000(config)# virt vmprofile Finance RS G8000(config)# virt vmprofile edit Finance vlan 30 RS G8000(config)# virt vmprofile edit Finance shaping 1000 2000 3000 RackSwitch G8000: Application Guide...
Page 181 Note: If the VM group contains ports that also exist in other VM groups, make sure tagging is enabled in both VM groups. In this example configuration, no ports exist in more than one VM group. 7. Save the configuration. © Copyright IBM Corp. 2011 Chapter 14. VMready...
Page 182 RackSwitch G8000: Application Guide...
Page 183: Part 5: Ip Routing
• Basic Routing • IPv6 Host Management • Routing Information Protocol (RIP) • Internet Group Management Protocol (IGMP) • Border Gateway Protocol (BGP) • Open Shortest Path First (OSPF) © Copyright IBM Corp. 2011...
Page 184 RackSwitch G8000: Application Guide...
Page 185: Chapter 15. Basic Ip Routing
Cross-subnet LAN traffic can now be routed within the switches with wire speed switching performance. This eases the load on the router and saves the network administrators from reconfiguring every end-station with new IP addresses. © Copyright IBM Corp. 2011...
Page 186: Example Of Subnet Routing
With Layer 3 IP routing in place on the switch, routing between different IP subnets can be accomplished entirely within the switch. This leaves the routers free to handle inbound and outbound traffic for this group of subnets. RackSwitch G8000: Application Guide...
Page 187: Using Vlans To Segregate Broadcast Domains
1 and 2 Database servers 3 and 4 Terminal Servers 5 and 6 Note: To perform this configuration, you must be connected to the switch Command Line Interface (CLI) as the administrator. © Copyright IBM Corp. 2011 Chapter 15. Basic IP Routing...
Page 188 RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# exit (Select IP interface 4) RS G8000(config)# interface ip 4 RS G8000(config-ip-if)# ip address 206.30.15.1 RS G8000(config-ip-if)# ip netmask 255.255.255.0 (Add VLAN 4) RS G8000(config-ip-if)# vlan 4 RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# exit RackSwitch G8000: Application Guide...
Page 189: Ecmp Static Routes
You can configure the parameters used to perform ECMP route hashing, as follows: • sip: Source IP address (default) • dipsip: Source IP address and destination IP address The ECMP hash setting applies to all ECMP routes. © Copyright IBM Corp. 2011 Chapter 15. Basic IP Routing...
Page 190: Configuring Ecmp Static Routes
Gateway GW Status --------------- --------------- --------------- ---- ----------- 10.10.1.1 255.255.255.255 100.10.1.1 200.20.2.2 down 10.20.2.2 255.255.255.255 10.233.3.3 10.20.2.2 255.255.255.255 10.234.4.4 10.20.2.2 255.255.255.255 10.235.5.5 ECMP health-check ping interval: 1 ECMP health-check retries number: 3 ECMP Hash Mechanism: sip RackSwitch G8000: Application Guide...
Page 191: Dynamic Host Configuration Protocol
This interface address tells the switch on which VLAN to send the server response to the client. © Copyright IBM Corp. 2011 Chapter 15. Basic IP Routing...
Page 192 RS G8000(config)# ip bootp-relay enable RS G8000(config)# show ip bootp-relay Additionally, DHCP Relay functionality can be assigned on a per interface basis. Use the following commands to enable the Relay functionality: RS G8000(config)# interface ip <Interface number> RS G8000(config-ip-if)# relay RackSwitch G8000: Application Guide...
Page 193: Chapter 16. Internet Protocol Version 6
RFC 4302 • RFC 5095 • RFC 2711 • RFC 3602 • RFC 4303 • RFC 5114 This chapter describes the basic configuration of IPv6 addresses and how to manage the switch via IPv6 host management. © Copyright IBM Corp. 2011...
Page 194: Ipv6 Limitations
Border Gateway Protocol for IPv6 (BGP) • Routing Information Protocol for IPv6 (RIPng) Most other IBM Networking OS 6.8 features permit IP addresses to be configured using either IPv4 or IPv6 address formats. However, the following switch features support IPv4 only: •...
Page 195: Ipv6 Address Format
In most implementations, the interface identifier is derived from the switch's MAC address, using a method called EUI-64. Most IBM N/OS 6.8 features permit IP addresses to be configured using either IPv4 or IPv6 address formats. Throughout this manual, IP address is used in places where either an IPv4 or IPv6 address is allowed.
Page 196: Ipv6 Address Types
When a unicast address is assigned to more than one interface, thus turning it into an anycast address, the nodes to which the address is assigned must be explicitly configured to know that it is an anycast address. RackSwitch G8000: Application Guide...
Page 197: Ipv6 Address Autoconfiguration
Even if no router is present, hosts on the same link can configure themselves with link-local addresses and communicate without manual configuration. © Copyright IBM Corp. 2011 Chapter 16. Internet Protocol Version 6...
Page 198: Ipv6 Interfaces
Use the following commands to configure the IPv6 gateway: RS G8000(config)# ip gateway6 1 address <IPv6 address> RS G8000(config)# ip gateway6 1 enable IPv6 gateway 1 is reserved for IPv6 data interfaces. IPv6 gateway 4 is the default IPv6 management gateway. RackSwitch G8000: Application Guide...
Page 199: Neighbor Discovery
To add or remove entries in the static neighbor cache, use the following command path: RS G8000(config)# [no] ip neighbors ? To manage IPv6 prefix policies, use the following command path: RS G8000(config)# [no] ip prefix-policy ? © Copyright IBM Corp. 2011 Chapter 16. Internet Protocol Version 6...
Page 200 To set an interface to host mode, use the following command: RS G8000(config)# interface ip <interface number> RS G8000(config-ip-if)# ip6host RS G8000(config-ip-if)# exit The G8000 supports up to 1156 IPv6 routes. RackSwitch G8000: Application Guide...
Page 201: Supported Applications
The TFTP commands support both IPv4 and IPv6 addresses. Link-local addresses are not supported. • The FTP commands support both IPv4 and IPv6 addresses. Link-local addresses are not supported. © Copyright IBM Corp. 2011 Chapter 16. Internet Protocol Version 6...
Page 202 IPv6 address. If no AAAA record is found for that hostname (no IPv6 address for that hostname) an A query is sent to resolve the hostname with an IPv4 address. RackSwitch G8000: Application Guide...
Page 203: Configuration Guidelines
CPU must be fragmented by the remote node. The switch can re-assemble fragmented packets up to 9k. It can also fragment and transmit jumbo packets received from higher layers. © Copyright IBM Corp. 2011 Chapter 16. Internet Protocol Version 6...
Page 204: Ipv6 Configuration Examples
RS G8000(config)# ip gateway6 1 address 2001:BA98:7654:BA98:FEDC:1234:ABCD:5412 RS G8000(config)# ip gateway6 1 enable 3. Configure Neighbor Discovery advertisements for the interface (optional) RS G8000(config)# interface ip 3 RS G8000(config-ip-if)# no ipv6 nd suppress-ra 4. Verify the configuration. RS G8000(config-ip-if)# show layer3 RackSwitch G8000: Application Guide...
Page 205: Chapter 17. Ipsec With Ipv6
The following topics are discussed in this chapter: • “IPsec Protocols” on page 203 • “Using IPsec with the RackSwitch G8000” on page 204 IPsec Protocols The IBM N/OS implementation of IPsec supports the following protocols: • Authentication Header (AH) AHs provide connectionless integrity outand data origin authentication for IP packets, and provide protection against replay attacks.
Page 206: Using Ipsec With The Rackswitch G8000
IPsec supports the fragmentation and reassembly of IP packets that occurs when data goes to and comes from an external device. The RackSwitch G8000 acts as an end node that processes any fragmentation and reassembly of packets but does not forward the IPsec traffic.
Page 207: Creating An Ikev2 Proposal
3. Import the host certificate file. RS G8000(config)# copy tftp host-cert address <hostname or IPv4 address> Source file name: <path and filename of host certificate file> Confirm download operation [y/n]: y © Copyright IBM Corp. 2011 Chapter 17. IPsec with IPv6...
Page 208: Generating An Ikev2 Digital Certificate
RS G8000(config)# ikev2 identity local address (use an IPv6 address) RS G8000(config)# ikev2 identity local email <email address> domain name < > RS G8000(config)# ikev2 identity local fqdn To disable IKEv2 RSA-signature authentication method and enable preshared key authentication, enter: RS G8000(config)# access https disable RackSwitch G8000: Application Guide...
Page 209: Setting Up A Key Policy
Traffic that does not match the policy bypasses IPsec and passes through clear (unencrypted). 4. Choose whether to use a manual or a dynamic policy. © Copyright IBM Corp. 2011 Chapter 17. IPsec with IPv6...
Page 210: Using A Manual Key Policy
A number from 256-4294967295 – outbound ESP cipher key The outbound ESP key code, in hexadecimal – outbound ESP SPI A number from 256-4294967295 – The outbound ESP authenticator key code, in outbound ESP authenticator key hexadecimal RackSwitch G8000: Application Guide...
Page 211: Using A Dynamic Key Policy
To accomplish this, enter: RS G8000(config-ip)#interface ip <IP interface number, 1-128> RS G8000(config-ip-if)#address <IPv6 address> RS G8000(config-ip-if)#ipsec dynamic-policy <policy index, 1-10> RS G8000(config-ip-if)#enable (enable the IP interface) RS G8000#write (save the current configuration) © Copyright IBM Corp. 2011 Chapter 17. IPsec with IPv6...
Page 212 RackSwitch G8000: Application Guide...
Page 213: Chapter 18. Routing Information Protocol
In a routed environment, routers communicate with one another to keep track of available routes. Routers can learn about available routes dynamically using the Routing Information Protocol (RIP). IBM Networking OS software supports RIP version 1 (RIPv1) and RIP version 2 (RIPv2) for exchanging TCP/IPv4 route information with other routers.
Page 214: Ripv1
Triggered updates are an attempt to speed up convergence. When Triggered Updates is enabled, whenever a router changes the metric for a route, it sends update messages almost immediately, without waiting for the regular update interval. It is recommended to enable Triggered Updates. RackSwitch G8000: Application Guide...
Page 215 RIPv2 messages are discarded. For maximum security, RIPv1 messages are ignored when authentication is enabled; otherwise, the routing information from authenticated messages is propagated by RIPv1 routers in an unauthenticated manner. © Copyright IBM Corp. 2011 Chapter 18. Routing Information Protocol...
Page 216: Rip Configuration Example
For those RIP routes learned within the garbage collection period, that are routes phasing out of the routing table with metric 16, use the following command: >> # show ip rip Locally configured static routes do not appear in the RIP Routes table. RackSwitch G8000: Application Guide...
Page 217: Chapter 19. Internet Group Management Protocol
Leave: A message sent by the host when it wants to leave a multicast group. • FastLeave: A process by which the switch stops forwarding multicast traffic to a port as soon as it receives a Leave message. © Copyright IBM Corp. 2011...
Page 218: How Igmp Works
Mrouters are learned on a switch. To enable or disable IGMP flood, use the following command: # vlan <vlan ID> RS G8000(config) # [no] flood RS G8000(config-vlan) RackSwitch G8000: Application Guide...
Page 219: Igmp Capacity And Default Values
IGMPv3 number of sources 8 (The switch processes only the first eight sources listed in the IGMPv3 group record.) Valid range: 1 - 64 IGMPv3 - allow v1v2 Snooping Enabled © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 220: Igmp Snooping
This indicates that the host wants to receive traffic only from sources that are not part of the Exclude list. To disable snooping on EXCLUDE mode reports, use the following command: RS G8000(config) # no ip igmp snoop igmpv3 exclude RackSwitch G8000: Application Guide...
Page 221: Igmp Snooping Configuration Guidelines
IGMP groups table. The switch then proxies the IGMP Leave messages to the Mrouter. © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 222: Igmp Snooping Configuration Example
RS G8000# show ip igmp mrouter VLAN Port Version Expires Max Query Resp. Time QQIC ------ ------- -------- -------- -------------------- ---- static 4:09 These commands display information about IGMP Groups and Mrouters learned by the switch. RackSwitch G8000: Application Guide...
Page 223: Advanced Configuration Example: Igmp Snooping
– IGMPv2 Report, VLAN 3, Group: 230.0.2.1, Source: * – IGMPv3 IS_INCLUDE Report, VLAN 2, Group: 225.10.0.13, Source: 22.10.0.13 – IGMPv3 IS_INCLUDE Report, VLAN 3, Group: 230.0.2.3, Source: 22.10.0.3 © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 224: Prerequisites
STP root in STG 2 and 3. RS G8000(config)# spanning-tree mode pvrst RS G8000(config)# spanning-tree stp 2 vlan 2 RS G8000(config)# spanning-tree stp 2 bridge priority 4096 RS G8000(config)# spanning-tree stp 3 vlan 3 RS G8000(config)# spanning-tree stp 3 bridge priority 4096 RackSwitch G8000: Application Guide...
Page 225 RS G8000(config)# spanning-tree stp 2 vlan 2 RS G8000(config)# spanning-tree stp 3 vlan 3 RS G8000(config)# interface port 5,6 RS G8000(config-if)# spanning-tree edge RS G8000(config-if)# shutdown RS G8000(config-if)# no shutdown RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 226 RS G8000(config-vlan)# no member 1-6 RS G8000(config-vlan)# exit 2. Configure an IP interface with IPv4 address, and assign a VLAN. RS G8000(config)# interface ip 1 RS G8000(config-ip-if)# ip address 10.10.10.3 enable RS G8000(config-ip-if)# vlan 2 RS G8000(config-ip-if)# exit RackSwitch G8000: Application Guide...
Page 227 RS G8000(config)# ip igmp snoop igmpv3 sources 64 RS G8000(config)# ip igmp snoop enable RS G8000(config)# vlan 2 RS G8000(config-vlan)# no flood RS G8000(config-vlan)# exit RS G8000(config)# vlan 3 RS G8000(config-vlan)# no flood RS G8000(config-vlan)# exit © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 228: Troubleshooting
RS G8000# show ip igmp groups If some of the groups are not displayed, ensure the multicast application is running on the host device and the generated IGMP Reports are correct. RackSwitch G8000: Application Guide...
Page 229 A host receives multicast traffic from the incorrect VLAN • Check port VLAN membership. • Check IGMP Reports sent by the host. • Check multicast data sent by the server. © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 230: Igmp Relay
IGMP Snooping. You can configure up to two Mrouters to use with IGMP Relay. One Mrouter acts as the primary Mrouter, and one is the backup Mrouter. The G8000 uses health checks to select the primary Mrouter. RackSwitch G8000: Application Guide...
Page 231: Configuration Guidelines
3. Enable IGMP Relay and add VLANs to the downstream network. RS G8000(config)# ip igmp relay enable RS G8000(config)# ip igmp relay vlan 2 RS G8000(config)# ip igmp relay vlan 3 © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 232: Advanced Configuration Example: Igmp Relay
– Host 1: 225.10.0.11 – 225.10.0.12, VLAN 3 – Host 2: 225.10.0.12 – 225.10.0.13, VLAN 2; 225.10.0.14 – 225.10.0.15, VLAN 3 – Host 3: 225.10.0.13 – 225.10.0.14, VLAN 2 • The Mrouter receives all the multicast traffic. RackSwitch G8000: Application Guide...
Page 233: Prerequisites
RS G8000(config)# interface port 1,2 RS G8000(config-if)# lacp key 100 RS G8000(config-if)# lacp mode active RS G8000(config-if)# exit RS G8000(config)# interface port 3,4 RS G8000(config-if)# lacp key 200 RS G8000(config-if)# lacp mode active © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 234 4. Configure an LACP dynamic trunk group (portchannel). RS G8000(config)# interface port 1,2 RS G8000(config-if)# lacp key 300 RS G8000(config-if)# lacp mode active RS G8000(config-if)# exit 5. Configure a static trunk group (portchannel). RS G8000(config)# portchannel 1 port 3,4 enable RackSwitch G8000: Application Guide...
Page 235: Configure Vlans
RS G8000(config)# spanning-tree stp 2 vlan 2 RS G8000(config)# spanning-tree stp 5 vlan 5 RS G8000(config)# interface port 5,6,7 RS G8000(config-if)# spanning-tree edge RS G8000(config-if)# shutdown RS G8000(config-if)# no shutdown RS G8000(config-if)# exit © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 236: Troubleshooting
Mrouter are connected must be used only for VLAN 2, VLAN 3, or VLAN 5. RS G8000(config)# show vlan Note: To avoid such a scenario, disable IPMC flooding for all VLANs enabled on the switches (if this is an acceptable configuration). RackSwitch G8000: Application Guide...
Page 237 RS G8000(config)# show ip igmp mrouter • Ensure the host’s multicast application is started and is sending correct IGMP Reports/Leaves. RS G8000(config)# show ip igmp groups RS G8000(config)# show ip igmp counters © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 238: Additional Igmp Features
If access to a multicast group is denied, IGMP Membership Reports from the port are dropped, and the port is not allowed to receive IPv4 multicast traffic from that group. If access to the multicast group is allowed, Membership Reports from the port are forwarded for normal processing. RackSwitch G8000: Application Guide...
Page 239 1 enable 3. Assign the IGMP filter to a port. RS G8000(config) interface port 3 RS G8000(config-if)# ip igmp profile 1 RS G8000(config-if)# ip igmp filtering © Copyright IBM Corp. 2011 Chapter 19. Internet Group Management Protocol...
Page 240: Static Multicast Router
1. For each Mrouter, configure a port, VLAN, and IGMP version. RS G8000(config)# ip igmp mrouter 5 1 2 The IGMP version is set for each VLAN, and cannot be configured separately for each Mrouter. 2. Verify the configuration. RS G8000(config)# show ip igmp mrouter RackSwitch G8000: Application Guide...
Page 241: Chapter 20. Multicast Listener Discovery
The following topics are discussed in this chapter: • “MLD Terms” on page 240 • “How MLD Works” on page 241 • “MLD Capacity and Default Values” on page 243 • “Configuring MLD” on page 244 © Copyright IBM Corp. 2011...
Page 242: Mld Terms
This message is sent to the link-scope all-routers IPv6 destination address of FF02::2. When an Mrouter receives a Multicast Listener Done message from the last member of the multicast address on a link, it stops forwarding traffic to this multicast address. RackSwitch G8000: Application Guide...
Page 243: How Mld Works
G8000 supports MLD versions 1 and 2. Note: MLDv2 operates in version 1 compatibility mode when, in a specific network, not all hosts are configured with MLDv2. © Copyright IBM Corp. 2011 Chapter 20. Multicast Listener Discovery...
Page 244: Flooding
When the other querier present timer expires, it regains the Querier state and starts sending general queries. Note: When MLD Querier is enabled on a VLAN, the switch performs the role of an MLD Querier only if it meets the MLD Querier election criteria. RackSwitch G8000: Application Guide...
Page 245: Dynamic Mrouters
Last Listener Query Time [LLQT] 2 seconds [derived: LLQI * LLQT] Older Version Querier Present Timeout: 260 seconds [derived: RV*QI+ QRI] [OVQPT] Older Version Host Present Interval 260 seconds [derived: RV* QI+QRI] [OVHPT] © Copyright IBM Corp. 2011 Chapter 20. Multicast Listener Discovery...
Page 246: Configuring Mld
MLD query interval, and last listener query interval. RS G8000(config-ip-if)# ipv6 mld version <1-2>(MLD version) RS G8000(config-ip-if)# ipv6 mld robust <2-10>(Robustness) RS G8000(config-ip-if)# ipv6 mld qri <1-256>(In seconds) RS G8000(config-ip-if)# ipv6 mld qintrval <1-608>(In seconds) RS G8000(config-ip-if)# ipv6 mld llistnr <1-32>(In seconds) RackSwitch G8000: Application Guide...
Page 247: Chapter 21. Border Gateway Protocol
BGP and take BGP feeds from as many as 16 BGP router peers. This allows more resilience and flexibility in balancing traffic from the Internet. Note: IBM Networking OS 6.8 does not support IPv6 for BGP. The following topics are discussed in this section: •...
Page 248: Forming Bgp Peer Routers
22), the top router would not learn the route to AS 50, and the bottom router would not learn the route to AS 11, even though the two AS 20 routers are connected via the RackSwitch G8000. Figure 22. iBGP and eBGP...
Page 249: Loopback Interfaces
253. IBM N/OS allows you to configure 32 route maps. Each route map can have up to eight access lists. Each access list consists of a network filter. A network filter defines an IPv4 address and subnet mask of the network that you want to include in the filter.
Page 250: Incoming And Outgoing Route Maps
RS G8000(config)# route-map <map number>(Select a route map) precedence <1-255> (Specify a precedence) RS G8000(config-route-map)# RS G8000(config-route-map)# exit The smaller the value the higher the precedence. If two route maps have the same precedence value, the smaller number has higher precedence. RackSwitch G8000: Application Guide...
Page 251: Configuration Overview
– Specify the metric [Multi Exit Discriminator (MED)] for the matched route. RS G8000(config-route-map)# as-path-preference <AS number> RS G8000(config-route-map)# local-preference <local preference number> RS G8000(config-route-map)# metric <metric value> 5. Enable the route map. RS G8000(config-route-map)# enable RS G8000(config-route-map)# exit © Copyright IBM Corp. 2011 Chapter 21. Border Gateway Protocol...
Page 252 Select the peer router and then add the route map to the incoming route map list, RS G8000(config-router-bgp)# neighbor 1 route-map in <1-32> or to the outgoing route map list. RS G8000(config-router-bgp)# neighbor 1 route-map out <1-32> 8. Exit Router BGP mode. RS G8000(config-router-bgp)# exit RackSwitch G8000: Application Guide...
Page 253: Aggregating Routes
100). Unlike the weight attribute, which is only relevant to the local router, the local preference attribute is part of the routing update and is exchanged among routers in the same AS. © Copyright IBM Corp. 2011 Chapter 21. Border Gateway Protocol...
Page 254: Selecting Route Paths In Bgp
7. If all routes are from eBGP, the route with the lower router ID is selected. When the path is selected, BGP puts the selected path in its routing table and propagates the path to its neighbors. RackSwitch G8000: Application Guide...
Page 255: Bgp Failover Configuration
For simplicity, both default gateways are configured in the same VLAN in this example. The gateways could be in the same VLAN or different VLANs >> # vlan 1 >> (config-vlan)# member <port number> © Copyright IBM Corp. 2011 Chapter 21. Border Gateway Protocol...
Page 256: Default Redistribution And Route Aggregation Example
Configure the G8000 to redistribute the default routes from AS 200 to AS 135. At the same time, configure for route aggregation to allow you to condense the number of routes traversing from AS 135 to AS 200. RackSwitch G8000: Application Guide...
Page 257 >> (config-router-bgp)# neighbor 1 redistribute fixed 5. Configure aggregation policy control. Configure the IPv4 routes that you want aggregated. >> (config-router-bgp)# aggregate-address 1 135.0.0.0 255.0.0.0 >> (config-router-bgp)# aggregate-address 1 enable © Copyright IBM Corp. 2011 Chapter 21. Border Gateway Protocol...
Page 258 RackSwitch G8000: Application Guide...
Page 259: Chapter 22. Ospf
Chapter 22. OSPF IBM Networking OS supports the Open Shortest Path First (OSPF) routing protocol. The IBM N/OS implementation conforms to the OSPF version 2 specifications detailed in Internet RFC 1583, and OSPF version 3 specifications in RFC 2740. The following sections discuss OSPF support for the RackSwitch G8000: •...
Page 260: Types Of Ospf Routing Devices
OSPF domain and non-OSPF domains, such as RIP, BGP, and static routes. Figure 27. OSPF Domain and an Autonomous System OSPF Autonomous System Backbone Area 3 Area 0 Inter-Area Routes External (Summary Routes) ASBR Routes Internal ASBR Router Area 1 Area 2 RackSwitch G8000: Application Guide...
Page 261: Neighbors And Adjacencies
For each route removed from the route table, if the route has already been sent to an adjacency, an update message containing the route to withdraw is sent. © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 262: The Shortest Path First Tree
For example, if the routing device advertises 192.204.4.0/24, it is declaring that if another router sends data destined for any address in the 192.204.4.0/24 range, it will carry that data to its destination. RackSwitch G8000: Application Guide...
Page 263: Ospfv2 Implementation In Ibm N/Os
OSPFv2 Implementation in IBM N/OS N/OS supports a single instance of OSPF and up to 4K routes on the network. The following sections describe OSPF implementation in N/OS: • “Configurable Parameters” on page 261 • “Defining Areas” on page 262 •...
Page 264: Defining Areas
Area index set to an arbitrary value (Use index 1 to set area 0 in ID octet area 1 area-id 0.0.0.0 format) (Use index 2 to set area 1 in ID octet area 2 area-id 0.0.0.1 format) RackSwitch G8000: Application Guide...
Page 265: Using The Area Id To Assign The Ospf Area Number
RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# ip ospf area 1 RS G8000(config-ip-if)# ip ospf enable Note: OSPFv2 supports IPv4 only. IPv6 is supported in OSPFv3 (see “OSPFv3 Implementation in IBM N/OS” on page 279). © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 266: Interface Cost
<range number> is a number 1 to 16, <IP address> is the base IP address for the range, and <mask> is the IP address mask for the range. For a detailed configuration example, see “Example 3: Summarizing Routes” on page 277. RackSwitch G8000: Application Guide...
Page 267: Default Routes
ID 0.0.0.0 is propagated throughout the OSPF routing domain. This LSA is sent with the configured metric value and metric type. The OSPF default route configuration can be removed with the command: RS G8000(config-router-ospf)# no default-information © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 268: Virtual Links
To modify the router ID from static to dynamic, set the router ID to 0.0.0.0, save the configuration, and reboot the G8000. • To view the router ID, use the following command: RS G8000(config-router-ospf)# show ip ospf RackSwitch G8000: Application Guide...
Page 269: Authentication
RS G8000(config-ip-if)# exit RS G8000(config)# interface ip 2 RS G8000(config-ip-if)# ip ospf key test RS G8000(config-ip-if)# exit RS G8000(config)# interface ip 3 RS G8000(config-ip-if)# ip ospf key test RS G8000(config-ip-if)# exit © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 270: Configuring Md5 Authentication
4. Enable OSPF MD5 authentication for Area 2 on switch 4. RS G8000(config)# router ospf RS G8000(config-router-ospf)# area 1 authentication-type md5 5. Configure MD5 key for the virtual link between Area 2 and Area 0 on switches 2 and 4. RS G8000(config-router-ospf)# message-digest-key 2 md5-key test RackSwitch G8000: Application Guide...
Page 271: Host Routes For Load Balancing
Loopback interfaces can be advertised into the OSPF domain by specifying an OSPF host route with the loopback interface IP address. Note: Loopback interfaces are not advertised via the OPSF route redistribution of fixed routes. © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 272: Ospf Features Not Supported In This Release
4. Define the OSPF areas. 5. Configure OSPF interface parameters. IP interfaces are used for attaching networks to the various areas. 6. (Optional) Configure route summarization between OSPF areas. 7. (Optional) Configure virtual links. 8. (Optional) Configure host routes. RackSwitch G8000: Application Guide...
Page 273: Example 1: Simple Ospf Domain
RS G8000(config-ip-if)# ip netmask 255.255.255.0 RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# exit Note: OSPFv2 supports IPv4 only. IPv6 is supported in OSPFv3 (see “OSPFv3 Implementation in IBM N/OS” on page 279). 2. Enable OSPF. RS G8000(config)# router ospf RS G8000(config-router-ospf)# enable 3.
Page 274 RS G8000(config-ip-if)# ip ospf enable RS G8000(config-ip-if)# exit 6. Attach the network interface to the stub area. RS G8000(config)# interface ip 2 RS G8000(config-ip-if)# ip ospf area 1 RS G8000(config-ip-if)# ip ospf enable RS G8000(config-ip-if)# exit RackSwitch G8000: Application Guide...
Page 275: Example 2: Virtual Links
Switch 2 Note: OSPFv2 supports IPv4 only. IPv6 is supported in OSPFv3 (see “OSPFv3 Implementation in IBM N/OS” on page 279). Configuring OSPF for a Virtual Link on Switch #1 1. Configure IP interfaces on each network that will be attached to the switch.
Page 276 RS G8000(config-ip-if)# ip address 10.10.12.2 RS G8000(config-ip-if)# ip netmask 255.255.255.0 RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# exit RS G8000(config)# interface ip 2 RS G8000(config-ip-if)# ip address 10.10.24.1 RS G8000(config-ip-if)# ip netmask 255.255.255.0 RS G8000(config-ip-if)# enable RS G8000(config-ip-if)# exit RackSwitch G8000: Application Guide...
Page 277 RS G8000(config-ip-if)# ip ospf enable RS G8000(config-ip-if)# exit 8. Attach the network interface to the transit area. RS G8000(config)# interface ip 2 RS G8000(config-ip-if)# ip ospf area 2 RS G8000(config-ip-if)# ip ospf enable RS G8000(config-ip-if)# exit © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 278 You can use redundant paths by configuring multiple virtual links. • Only the endpoints of the virtual link are configured. The virtual link path may traverse multiple routers in an area as long as there is a routable path between the endpoints. RackSwitch G8000: Application Guide...
Page 279: Example 3: Summarizing Routes
36.128.200.0 through 36.128.200.255. Note: OSPFv2 supports IPv4 only. IPv6 is supported in OSPFv3 (see “OSPFv3 Implementation in IBM N/OS” on page 279). Figure 32. Summarizing Routes Note: You can specify a range of addresses to prevent advertising by using the hide option.
Page 280: Verifying Ospf Configuration
Use the following commands to verify the OSPF configuration on your switch: • show ip ospf • show ip ospf neighbor • show ip ospf database database-summary • show ip ospf routes Refer to the IBM Networking OS Command Reference for information on the preceding commands. RackSwitch G8000: Application Guide...
Page 281: Ospfv3 Implementation In Ibm N/Os
OSPFv3 Implementation in IBM N/OS OSPF version 3 is based on OSPF version 2, but has been modified to support IPv6 addressing. In most other ways, OSPFv3 is similar to OSPFv2: They both have the same packet types and interfaces, and both use the same mechanisms for neighbor discovery, adjacency formation, LSA flooding, aging, and so on.
Page 282: Ospfv3 Identifies Neighbors By Router Id
36::0/32 Summary Route (- 36::0/8) 10::0/56 36::0/56 Network Network Note: You can specify a range of addresses to prevent advertising by using the hide option. In this example, routes in the 36::0/8 range are kept private. RackSwitch G8000: Application Guide...
Page 283 RS G8000(config)# interface ip 4 RS G8000(config-ip-if)# ipv6 ospf area 1 RS G8000(config-ip-if)# ipv6 ospf enable RS G8000(config-ip-if)# exit The ipv6 command path is used instead of the OSPFv2 ip command path © Copyright IBM Corp. 2011 Chapter 22. OSPF...
Page 284 RS G8000(config-router-ospf)# area-range 2 area 0 RS G8000(config-router-ospf)# area-range 2 hide RS G8000(config-router-ospf)# exit This differs from OSPFv2 only in that the OSPFv3 command path is used, and the address and prefix are specified in IPv6 format. RackSwitch G8000: Application Guide...
Page 285: Part 6: High Availability Fundamentals
Internet traffic consists of myriad services and applications which use the Internet Protocol (IP) for data delivery. However, IP is not optimized for all the various applications. High Availability goes beyond IP and makes intelligent switching decisions to provide redundant network configurations. © Copyright IBM Corp. 2011...
Page 286 RackSwitch G8000: Application Guide...
Page 287: Chapter 23. Basic Redundancy
Chapter 23. Basic Redundancy IBM Networking OS 6.8 includes various features for providing basic link or device redundancy: • “Trunking for Link Redundancy” on page 285 • “Virtual Link Aggregation” on page 285 • “Hot Links” on page 286 •...
Page 288: Hot Links
Backup interface. A port that is a member of one Hot Links trigger cannot be a member of another Hot Links trigger. • An individual port that is configured as a Hot Link interface cannot be a member of a trunk. RackSwitch G8000: Application Guide...
Page 289: Configuring Hot Links
RS G8000(config)# hotlinks trigger 1 master port 1 (Add port to Master interface) RS G8000(config)# hotlinks trigger 1 backup port 2 (Add port to Backup interface) (Turn on Hot Links) RS G8000(config)# hotlinks enable © Copyright IBM Corp. 2011 Chapter 23. Basic Redundancy...
Page 290: Active Multipath Protocol
Note: For proper AMP operation, all access switches must be configured with a higher priority value (lower precedence) than the aggregators. Otherwise, some AMP control packets may be sent to access switches, even when their AMP groups are disabled. RackSwitch G8000: Application Guide...
Page 291: Health Checks
AMP ports cannot be used as monitoring ports in a port-mirroring configuration. • Do not configure AMP ports as Layer 2 Failover control ports. • Layer 3 routing protocols are not supported on AMP-configured switches. © Copyright IBM Corp. 2011 Chapter 23. Basic Redundancy...
Page 292: Configuration Example
2. Turn AMP on. >> # active-multipath enable 3. Define the AMP group links, and enable the AMP group. >> # active-multipath group 1 port 3 >> # active-multipath group 1 port2 4 >> # active-multipath group 1 enable RackSwitch G8000: Application Guide...
Page 293: Stacking For High Availability Topologies
Verify that the AMP topology is UP, and that each link state is set to forwarding. Stacking for High Availability Topologies A stack is a group of up to six RackSwitch G8000 devices that work together as a unified system. Because the multiple members of a stack acts as a single switch entity with distributed resources, high-availability topologies can be more easily achieved.
Page 294 RackSwitch G8000: Application Guide...
Page 296: Manually Monitoring Port Links
LACP trunks to a failover trigger using automatic monitoring. When you add an admin key to a trigger, any LACP trunk with that admin key becomes a member of the trigger. RackSwitch G8000: Application Guide...
Page 297: Spanning Tree Protocol
>> # failover trigger 1 mmon control member 6-10 3. Configure general Failover parameters. >> # failover enable >> # failover trigger 1 enable >> # failover trigger 1 limit 2 © Copyright IBM Corp. 2011 Chapter 24. Layer 2 Failover...
Page 298 RackSwitch G8000: Application Guide...
Page 299: Chapter 25. Virtual Router Redundancy Protocol
The BNT RackSwitch G8000 (G8000) supports IPv4 high-availability network topologies through an enhanced implementation of the Virtual Router Redundancy Protocol (VRRP). Note: IBM Networking OS 6.8 does not support IPv6 for VRRP. The following topics are discussed in this chapter: •...
Page 300: Vrrp Overview
There is no requirement for any VRRP router to be the IPv4 address owner. Most VRRP installations choose not to implement an IPv4 address owner. For the purposes of this chapter, VRRP routers that are not the IPv4 address owner are called renters. RackSwitch G8000: Application Guide...
Page 301: Vrrp Operation
ICMP ping requests. The backup does not forward any traffic, nor does it respond to ARP requests. If the master is not available, the backup becomes the master and takes over responsibility for packet forwarding and responding to ARP requests. © Copyright IBM Corp. 2011 Chapter 25. Virtual Router Redundancy Protocol...
Page 302: Selecting The Master Vrrp Router
With service availability becoming a major concern on the Internet, service providers are increasingly deploying Internet traffic control devices, such as application switches, in redundant configurations. N/OS high availability configurations are based on VRRP. The N/OS implementation of VRRP includes proprietary extensions. RackSwitch G8000: Application Guide...
Page 303: Active-Active Redundancy
Master to Standby. Each VRRP advertisement can include up to 128 addresses. All virtual routers are advertised within the same packet, conserving processing and buffering resources. © Copyright IBM Corp. 2011 Chapter 25. Virtual Router Redundancy Protocol...
Page 304: Ibm N/Os Extensions To Vrrp
IBM N/OS Extensions to VRRP This section describes VRRP enhancements that are implemented in N/OS. N/OS supports a tracking function that dynamically modifies the priority of a VRRP router, based on its current state. The objective of tracking is to have, whenever possible, the master bidding processes for various virtual routers in a LAN converge on the same switch.
Page 305: Virtual Router Deployment Considerations
Note: There is no shortcut to setting tracking parameters. The goals must first be set and the outcomes of various configurations and scenarios analyzed to find settings that meet the goals. © Copyright IBM Corp. 2011 Chapter 25. Virtual Router Redundancy Protocol...
Page 306: High Availability Configurations
Master because it has a higher priority. Traffic is forwarded to G8000 2, which forwards it to G8000 1 through port 4. Return traffic uses default gateway 2 (192.168.2.1), and is forwarded through the Layer 2 switch at the bottom of the drawing. RackSwitch G8000: Application Guide...
Page 307 4. Enable tracking on ports. Set the priority of Virtual Router 1 to 101, so that it becomes the Master. RS G8000(config-vrrp)# virtual-router 1 track ports RS G8000(config-vrrp)# virtual-router 1 priority 101 RS G8000(config-vrrp)# virtual-router 2 track ports RS G8000(config-vrrp)# exit © Copyright IBM Corp. 2011 Chapter 25. Virtual Router Redundancy Protocol...
Page 308: Configure Ports
RS G8000(config-vrrp)# virtual-router 1 interface 1 RS G8000(config-vrrp)# virtual-router 1 address 192.168.1.200 RS G8000(config-vrrp)# virtual-router 1 enable RS G8000(config-vrrp)# virtual-router 2 virtual-router-id 2 RS G8000(config-vrrp)# virtual-router 2 interface 2 RS G8000(config-vrrp)# virtual-router 2 address 192.168.2.200 RS G8000(config-vrrp)# virtual-router 2 enable RackSwitch G8000: Application Guide...
Page 309: Vrrp High-Availability Using Vlags
VLAG 3 Server 3 Layer 3 VRRP Backup 10.0.1.3 Router VLAG Peer 2 ISL: 1.1.1.11/24 Network 10.0.1.0/24 VIR: 10.0.1.100 “VLAGs with VRRP” on page 165 for a detailed configuration example. © Copyright IBM Corp. 2011 Chapter 25. Virtual Router Redundancy Protocol...
Page 310 RackSwitch G8000: Application Guide...
Page 312 RackSwitch G8000: Application Guide...
Page 313: Chapter 26. Link Layer Discovery Protocol
Chapter 26. Link Layer Discovery Protocol The IBM Networking OS software support Link Layer Discovery Protocol (LLDP). This chapter discusses the use and configuration of LLDP on the switch: • “LLDP Overview” on page 311 • “Enabling or Disabling LLDP” on page 311 •...
Page 314: Transmit And Receive Control
LLDP packets in rapid succession when port status is in flux, a transmit delay timer can be configured. The transmit delay timer represents the minimum time permitted between successive LLDP transmissions on a port. Any interval-driven or change-driven updates will be consolidated until the configured transmit delay expires. RackSwitch G8000: Application Guide...
Page 315: Time-To-Live For Transmitted Information
RS G8000(config)# lldp trap-notification-interval <interval> where interval is the minimum number of seconds permitted between successive LLDP transmissions on any port. The range is 1 to 3600. The default is 5 seconds. © Copyright IBM Corp. 2011 Chapter 26. Link Layer Discovery Protocol...
Page 316: Changing The Lldp Transmit State
LLDP information option from Table Table 24. LLDP Optional Information Types Type Description Port Description portdesc System Name sysname System Description sysdescr System Capabilities syscap Management Address mgmtaddr IEEE 802.1 Port VLAN ID portvid RackSwitch G8000: Application Guide...
Page 317: Lldp Receive Features
Using a centrally-connected LLDP analysis server • Using an SNMP agent to examine the G8000 MIB • Using the G8000 Browser-Based Interface (BBI) • Using CLI or isCLI commands on the G8000 © Copyright IBM Corp. 2011 Chapter 26. Link Layer Discovery Protocol...
Page 318 Interface Number : 128 Object Identifier Note: Received LLDP information can change very quickly. When using show commands, it is possible that flags for some expected events may be too short-lived to be observed in the output. RackSwitch G8000: Application Guide...
Page 319: Time-To-Live For Received Information
RS G8000(config)# logging log lldp 5. Verify the configuration settings: RS G8000(config)# show lldp 6. View remote device information as needed. RS G8000(config)# show lldp remote-device RS G8000(config)# show lldp remote-device <index number> © Copyright IBM Corp. 2011 Chapter 26. Link Layer Discovery Protocol...
Page 320 RackSwitch G8000: Application Guide...
Page 321: Chapter 27. Simple Network Management Protocol
SNMPv3 configuration is managed using the following command path menu: RS G8000(config)# snmp-server ? For more information on SNMP MIBs and the commands used to configure SNMP on the switch, see the IBM Networking OS 6.8 Command Reference. © Copyright IBM Corp. 2011...
Page 322: Default Configuration
Default Configuration IBM N/OS has two SNMPv3 users by default. Both of the following users have access to all the MIBs supported by the switch: • User 1 name is adminmd5 (password adminmd5). Authentication used is MD5. • User 2 name is adminsha (password adminsha). Authentication used is SHA.
Page 323 3. Assign the user to the user group. Use the group table to link the user to a particular access group. RS G8000(config)# snmp-server group 5 user-name admin RS G8000(config)# snmp-server group 5 group-name admingrp © Copyright IBM Corp. 2011 Chapter 27. Simple Network Management Protocol...
Page 324: Configuring Snmp Trap Hosts
Note: N/OS 6.8 supports only IPv4 addresses for SNMP trap hosts. 5. Use the community table to specify which community string is used in the trap. (Define the community string) /c/sys/ssnmp/snmpv3/comm 10 index v1trap name public uname v1trap RackSwitch G8000: Application Guide...
Page 325 RS G8000(config)# snmp-server target-parameters 10 security snmpv2 RS G8000(config)# snmp-server community 10 index v2trap RS G8000(config)# snmp-server community 10 user-name v2trap Note: N/OS 6.8 supports only IPv4 addresses for SNMP trap hosts. © Copyright IBM Corp. 2011 Chapter 27. Simple Network Management Protocol...
Page 326: Snmp Mibs
GET operation and “private” for SNMP SET operation. The community string can be modified only through the Command Line Interface (CLI). Detailed SNMP MIBs and trap definitions of the N/OS SNMP agent are contained in the N/OS enterprise MIB document. RackSwitch G8000: Application Guide...
Page 327 The SNMP agent also supports two Spanning Tree traps as defined in RFC 1493: • NewRoot • TopologyChange The following are the enterprise SNMP traps supported in N/OS: Table 25. IBM N/OS-Supported Enterprise SNMP Traps Trap Name Description Signifies that the default gateway is alive. altSwDefGwUp Signifies that the default gateway is down.
Page 328 Table 25. IBM N/OS-Supported Enterprise SNMP Traps (continued) Trap Name Description Indicates that the sending agent has altSwVrrpNewBackup transitioned to “Backup” state. Signifies that a packet has been received from altSwVrrpAuthFailure a router whose authentication key or authentication type conflicts with this router's authentication key or authentication type.
Page 329: Switch Images And Configuration Files
• Load a previously saved switch configuration from a FTP/TFTP server • Save the switch configuration to a FTP/TFTP server • Save a switch dump to a FTP/TFTP server © Copyright IBM Corp. 2011 Chapter 27. Simple Network Management Protocol...
Page 330: Loading A New Switch Image
FTP/TFTP server at IPv4 address 192.168.10.10, though IPv6 is also supported. 1. Set the FTP/TFTP server address where the configuration file is saved: Set agTransferServer.0 "192.168.10.10" 2. Set the name of the configuration file: Set agTransferCfgFileName.0 "MyRunningConfig.cfg" RackSwitch G8000: Application Guide...
Page 331: Saving A Switch Dump
Set agTransferUserName.0 "MyName" 4. If you are using an FTP server, enter a password: Set agTransferPassword.0 "MyPassword" 5. Initiate the transfer. To save a dump file, enter 5: Set agTransferAction.0 "5" © Copyright IBM Corp. 2011 Chapter 27. Simple Network Management Protocol...
Page 332 RackSwitch G8000: Application Guide...
Page 333: Part 8: Monitoring
The ability to monitor traffic passing through the G8000 can be invaluable for troubleshooting some types of networking problems. This sections cover the following monitoring features: • Remote Monitoring (RMON) • sFlow • Port Mirroring © Copyright IBM Corp. 2011...
Page 334 RackSwitch G8000: Application Guide...
Page 335: Chapter 28. Remote Monitoring
RMON statistics are sampled every second, and new data overwrites any old data on a given port. Note: RMON port statistics must be enabled for the port before you can view RMON statistics. © Copyright IBM Corp. 2011...
Page 336: Rmon Group 2-History
The type of data that can be sampled must be of an ifIndex object type, as described in RFC 1213 and RFC 1573. The most common data type for the History sample is as follows: 1.3.6.1.2.1.2.2.1.1.<x> The last digit (x) represents the number of the port to monitor. RackSwitch G8000: Application Guide...
Page 337: Configuring Rmon History
3. View RMON history for the port. RS G8000(config)# show rmon history RMON History group configuration: Index IFOID Interval Rbnum Gbnum ----- ----------------------- -------- ----- ----- 1.3.6.1.2.1.2.2.1.1.1 Index Owner ----- ---------------------------------------------- rmon port 1 history © Copyright IBM Corp. 2011 Chapter 28. Remote Monitoring...
Page 338: Rmon Group 3-Alarms
RS G8000(config)# rmon alarm 1 owner "Alarm for ifInOctets" This configuration creates an RMON alarm that checks ifInOctets on port 1 once every hour. If the statistic exceeds two billion, an alarm is generated that triggers event index 100. RackSwitch G8000: Application Guide...
Page 339 This configuration creates an RMON alarm that checks icmpInEchos on the switch once every minute. If the statistic exceeds 200 within a 60 second interval, an alarm is generated that triggers event index 110. © Copyright IBM Corp. 2011 Chapter 28. Remote Monitoring...
Page 340: Rmon Group 9-Events
RS G8000(config)# rmon event 110 type log RS G8000(config)# rmon event 110 description "SYSLOG_this_alarm" RS G8000(config)# rmon event 110 owner "log icmpInEchos alarm" This configuration creates an RMON event that sends a syslog message each time it is triggered by an alarm. RackSwitch G8000: Application Guide...
Page 341: Chapter 29. Sflow
The switch is responsible only for forwarding sFlow information. A separate sFlow analyzer is required elsewhere on the network to interpret sFlow data. Note: IBM Networking OS 6.8 does not support IPv6 for sFlow. sFlow Statistical Counters The G8000 can be configured to send network statistics to an sFlow analyzer at regular intervals.
Page 342: Sflow Example Configuration
(Data sampling rate) RS G8000(config-if)# sflow sampling <sampling rate> Specify a sampling rate between 256 and 65536 packets, or 0 to disable. By default, the sampling rate is 0 (disabled) for each port. 4. Save the configuration. RackSwitch G8000: Application Guide...
Page 343: Chapter 30. Port Mirroring
Each monitor port can receive mirrored traffic from any number of target ports. IBM N/OS does not support “one to many” or “many to many” mirroring models where traffic from a specific port traffic is copied to multiple monitor ports. For example, port 1 traffic cannot be monitored by both port 3 and 4 at the same time, nor can port 2 ingress traffic be monitored by a different port than its egress traffic.
Page 344 3. View the current configuration. RS G8000# show port-mirroring Port Monitoring : Enabled Monitoring Ports Mirrored Ports none none (1, in) (2, both) none none none none none none none RackSwitch G8000: Application Guide...
Page 346 RackSwitch G8000: Application Guide...
Page 347: Appendix A. Glossary
All IP interfaces on the G8000s must be in a VLAN. If there is more than one VLAN defined on the Web switch, then the VRRP broadcasts will only be sent out on the VLAN of which the associated IP interface is a member. © Copyright IBM Corp. 2011...
Page 348 If the backup switch didn't do the Gratuitous ARP the Layer 2 devices attached to the switch would not know that the MAC address had moved in the network. For a more detailed description, refer to RFC 2338. RackSwitch G8000: Application Guide...
Page 349: Appendix B. Getting Help And Technical Assistance
If you need help, service, or technical assistance or just want more information about IBM products, you will find a wide variety of sources available from IBM to assist you. This section contains information about where to go for additional information about IBM and IBM products, what to do if you experience a problem with your system, and whom to call for service, if it is necessary.
Page 350: Software Service And Support
You can find service information for IBM systems and optional devices at http://www.ibm.com/systems/support/. Software service and support Through IBM Support Line, you can get telephone assistance, for a fee, with usage, configuration, and software problems with System x and x Series servers, BladeCenter products, IntelliStation workstations, and appliances. For information about which products are supported by Support Line in your country or region, see http://www.ibm.com/services/sl/products/.
Page 351: Appendix C. Notices
The materials at those websites are not part of the materials for this IBM product, and use of those websites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Page 352: Important Notes
IBM makes no representations or warranties with respect to non-IBM products. Support (if any) for the non-IBM products is provided by the third party, not IBM. Some software might differ from its retail version (if available) and might not include user manuals or all program functionality.
Page 353: Particulate Contamination
If IBM determines that the levels of particulates or gases in your environment have caused damage to the device, IBM may condition provision of repair or replacement of devices or parts on implementation of appropriate remedial measures to mitigate such environmental contamination.
Page 354: Electronic Emission Notices
In the request, be sure to include the publication part number and title. When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believes appropriate without incurring any obligation to you.
Page 355: Germany Class A Statement
Klasse A ein. Um dieses sicherzustellen, sind die Geräte wie in den Handbüchern beschrieben zu installieren und zu betreiben. Des Weiteren dürfen auch nur von der IBM empfohlene Kabel angeschlossen werden. IBM übernimmt keine Verantwortung für die Einhaltung der Schutzanforderungen, wenn das Produkt ohne Zustimmung der IBM verändert bzw.
Page 356: Japan Vcci Class A Statement
Der verantwortliche Ansprechpartner des Herstellers in der EU ist: IBM Deutschland Technical Regulations, Department M456 IBM-Allee 1, 71137 Ehningen, Germany Telephone: +49 7032 15-2937 E-mail: tjahn@de.ibm.com Generelle Informationen: Das Gerät erfüllt die Schutzanforderungen nach EN 55024 und EN 55022 Klasse A.
Page 358 RackSwitch G8000: Application Guide...
Page 359: Index
252 Bridge Protocol Data Unit (BPDU) 117 broadcast domains 93 factory default configuration 34 broadcast storm control 89 failover 293 Browser-Based Interface 23 overview 300 FCC Class A notice 352 Final Steps 43 © Copyright IBM Corp. 2011 Index...
Page 360 IP interface 40 routing example 185 Neighbor Discovery, IPv6 197 IP configuration via setup 39 network management 23 IP interfaces 40 notes, important 350 example configuration 185 notices 349 notices, electronic emission 352 notices, FCC Class A 352 RackSwitch G8000: Application Guide...
Page 361 341 RADIUS authentication 63 QoS 131 TACACS+ 66 Quality of Service 131 VLANs 93 Querier (IGMP) 242 security association (SA) 203 segmentation. See IP subnets. segments. See IP subnets. server ports 166 © Copyright IBM Corp. 2011 Index...
Page 362 95 untagged member 95 VLAN identifier (VID) 95 website, publication ordering 347 telephone assistance 348 website, support 348 telephone numbers 348 website, telephone support numbers 348 Telnet support optional setup for Telnet support 44 RackSwitch G8000: Application Guide...

IBM RackSwitch G8000 Application Manual

Preface

Part 1: Getting Started

Chapter 1. Switch Administration

Chapter 2. Initial Setup

Chapter 3. Switch Software Management

Part 2: Securing the Switch

Chapter 4. Securing Administration

Chapter 5. Authentication & Authorization Protocols

Chapter 6. 802.1X Port-Based Network Access Control

Chapter 7. Access Control Lists

Part 3: Switch Basics

Chapter 8. Vlans

Chapter 9. Ports and Trunking

Chapter 10. Spanning Tree Protocols

Chapter 11. Quality of Service

Part 4: Advanced Switching Features

Chapter 12. Virtualization

Chapter 13. Stacking

Chapter 14. Vmready

Part 5: IP Routing

Chapter 15. Basic IP Routing

Chapter 16. Internet Protocol Version 6

Chapter 17. Ipsec with Ipv6

Chapter 18. Routing Information Protocol

Chapter 19. Internet Group Management Protocol

Chapter 20. Multicast Listener Discovery

Quick Links

Troubleshooting

Related Manuals for IBM RackSwitch G8000

Summary of Contents for IBM RackSwitch G8000