Manual Nortel Networks 42C4911

260 pages 2.68 mb

Download

Go to site of 260

Prev Next

Summary

Nortel Networks 42C4911 - page 1

2350 Mission College Blvd. Suite 600 Santa Clara, CA 95054 ww w .bladenetwork.net Alteon OS Applica tion Guide Nor tel 10Gb Ethernet Switch Module f or IBM BladeCente r ® V ersion 1.0 TM P ar t Number: 42C4911, Januar y 2007 ...
Nortel Networks 42C4911 - page 2

Alteon OS Application Guide 2 42C4911, January 2007 Copyright © 2007 Blade Network T echnologies, Inc., 2350 Mission College Blv d., Suite 600, Santa Clara, California, 95054, USA. All rights reserved. Part Number: 42C491 1. This document is protected by c opyright and distributed under licen se s restricting it s use, copying, distribution, and d ...
Nortel Networks 42C4911 - page 3

42C4911, January 2007 3 Co n t e n t s Preface 15 Who Should Use This Guide 15 What You’ll Find in This Guide 16 Typographic Conventions 18 How to Get Help 19 Part 1: Basic Switching 21 Chapter 1: Accessing the Switch 23 Management module setup 24 Factory-Default vs. MM as signed IP Addresses 24 Default Gateway 25 Configuring management mo dule f ...
Nortel Networks 42C4911 - page 4

Alteon OS Application Guide 4 42C4911, January 2007 LDAP Authentication and Authorization 53 Secure Shell and Secure Copy 55 End User Access Control 61 Chapter 2: Port-based Network Access Control 67 Extensible Authentication Prot ocol over LAN 68 802.1x Authentication Process 69 802.1x Port States 71 Supported RADIUS Attributes 72 Configu ration G ...
Nortel Networks 42C4911 - page 5

Alteon OS Application Guide 5 42C4911, January 2007 Chapter 5: Spanning Tree Group 105 Overview 106 Bridge Protocol Data Units (BPDU s) 107 Determining the Path fo r Forwardi ng BPDUs 107 Spanning Tree Group configuration guidelines 108 Multiple Spanning Trees 110 Default Spanning Tree configuration 110 Why Do We Need Multiple Spanning Trees? 111 S ...
Nortel Networks 42C4911 - page 6

Alteon OS Application Guide 6 42C4911, January 2007 Viewing ACL Statistics 131 ACL Configuration Examples 132 Using DSCP Values to Provide QoS 134 Differentiated Services Concepts 134 Using 802.1p Priorities to Provide QoS 139 802.1p Configuration Example 140 Queuing and Scheduling 140 Part 2: IP Routing 141 Chapter 8: Basic IP Routing 143 IP Routi ...
Nortel Networks 42C4911 - page 7

Alteon OS Application Guide 7 42C4911, January 2007 Chapter 11: Bord er Gateway Prot ocol 171 Internal Routing Versus External Routing 172 Forming BGP Peer Routers 173 What is a Route Map? 174 Incoming and Outgoing Route Maps 175 Precedence 176 Configuration Overview 176 Aggregating Routes 178 Redistributing Routes 179 BGP Attributes 180 Local Pref ...
Nortel Networks 42C4911 - page 8

Alteon OS Application Guide 8 42C4911, January 2007 OSPF Configuration Examples 204 Example 1: Simple OSPF Domain 205 Example 2: Virtual Links 207 Example 3: Summarizing Routes 211 Verifying OSPF Configuration 213 Part 3: High Availability Fundamentals 215 Chapter 13: High Availability 217 Layer 2 Failover 218 VLAN Monitor 218 Setting the Failover ...
Nortel Networks 42C4911 - page 9

Alteon OS Application Guide 9 42C4911, January 2007 Part 4: Appendices 243 Appendix A: Troubleshooting 245 Monitoring Ports 246 Port Mirroring behavior 247 Configuring Port Mirroring 251 Appendix B: RADIUS Server Configuration Notes 253 Glossary 255 Index 257 ...
Nortel Networks 42C4911 - page 10

Alteon OS Application Guide 10 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 11

42C4911, January 2007 11 Fi g u r e s Figure 1-1:Switch manage ment on the BladeCe nter management mo du le 26 Figure 1-2:BOOTP Relay Agent Configura tion 30 Figure 1-3:DHCP Relay Agent Configura tion 31 Figure 2-1:Authenticating a Port Using EAPoL 69 Figure 3-1:Default VLAN settings 81 Figure 3-2:Port-based VLAN assignment 82 Figure 3-3:802.1Q tag ...
Nortel Networks 42C4911 - page 12

Alteon OS Application Guide 12 42C4911, January 2007 Figure 13-3:Two trunks, one Failover Trigge r 222 Figure 13-4:A Non-VRRP, Hot-Standby Config ura tion 227 Figure 13-5:Active-Active Redundancy 228 Figure 13-6:Hot-Standby Redundan cy 229 Figure 13-7:Active-Active High- Availability Configuration 233 Figure 13-8:Hot-Standby Configuratio n 239 ...
Nortel Networks 42C4911 - page 13

42C4911, January 2007 13 Ta b l e s Table 1-1: GbESM IP addresses, based on switch-module ba y numbers 24 Table 1-2: Use r Acces s Levels 47 Table 1-3: Alteon OS-proprieta ry Attributes for RADIUS 47 Table 1-4: Default TACACS+ Authorization Levels 49 Table 1-5: Alternate TACACS+ Authorization Levels 49 Table 4-1: Actor vs. Partner LACP configuratio ...
Nortel Networks 42C4911 - page 14

Alteon OS Application Guide 14 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 15

42C4911, January 2007 15 Pref a ce The Alteon OS Applica tion Guid e describes how to co nfigure and use the A lteon OS software on the 10Gb Ethernet Switch Module for IBM Bl adeCenter . For documentation on installing the switch physically , see the Installation Guide for your GbE Swit ch M odul e (GbESM). Who Should U se T his Guide This Applicat ...
Nortel Networks 42C4911 - page 16

Alteon OS Application Guide 16  Preface 42C4911, January 2007 What Y ou’ll Find i n Th is G u i de This guide will help you plan, implement, and admin ister Alteon OS software. Where possible, each section provides feature overviews, usage examples, and configuration instructions. P art 1: Basic Switching  Chapter 1, “Accessing the Switch ...
Nortel Networks 42C4911 - page 17

Alteon OS Application Guide Preface  17 42C4911, January 2007  Chapter 1 1, “Border Gateway Protocol,” describes BGP concepts and BGP features sup- ported in Alteon O S.  Chapter 12, “OSPF,” describes OSPF concepts, how OSPF i s implemented in Alteon OS, and examples of how to configure your switch for OSPF support. P art 3: High A ...
Nortel Networks 42C4911 - page 18

Alteon OS Application Guide 18  Preface 42C4911, January 2007 T ypographic C onv entions The following table describes th e typog raphic styles used in this book. T able 1 T ypographic Conventions Ty p e f a c e o r Sym b ol Meaning Example AaBbCc123 This type is used for names of commands, files, and directories used within the te xt. Vi e w t ...
Nortel Networks 42C4911 - page 19

Alteon OS Application Guide Preface  19 42C4911, January 2007 How to Get Help If you need help, service, or technical assistance, see the "Getting help and technical assistance" appendix in the No rtel 10Gb Ethernet Switch Module for IBM BladeCenter Installation Guid e . ...
Nortel Networks 42C4911 - page 20

Alteon OS Application Guide 20  Preface 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 21

42C4911, January 2007 P ar t 1: Basic S witching This section discusses basic switching function s. This includes how to access and manage the switch:  Accessing the switch  Port-Based Network Ac cess Cont rol  VLANs  Port Trunking  Spanning Tree Protocol  Rapid Spanning T ree and Protocol and Multiple Spannin g T ree Protocol  ...
Nortel Networks 42C4911 - page 22

Alteon OS Application Guide 22 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 23

42C4911, January 2007 23 C HAPTER 1 A c ce ssing the S witch The Alteon OS software provides means for accessing, configuring, an d viewing information and statistics about the GbE Switch Module. This chapter discusses different methods of accessing the switch and ways to secure the switch for remote administrators:  “Management module setup? ...
Nortel Networks 42C4911 - page 24

Alteon OS Application Guide 24  Chapter 1: Accessing the Switch 42C4911, January 2007 Management module setup The BladeCenter GbE Switch Module is an inte gral subsystem within the overall BladeCenter system. The BladeCenter chassis includes a ma nagement module as th e central element for overall chassis management and control . Y ou can use th ...
Nortel Networks 42C4911 - page 25

Alteon OS Application Guide Chapter 1: Accessing the Switch  25 42 C4911, Januar y 2007 N OTE – Before you install the GbESM in Bay 8 or Bay 10, confirm that your blade I/O Expansion adapter supports communicatio n to these I/O bays. Default Gatew ay The default Gateway IP address determines wher e packets with a destin ation address outside t ...
Nortel Networks 42C4911 - page 26

Alteon OS Application Guide 26  Chapter 1: Accessing the Switch 42C4911, January 2007 Figure 1- 1 Switch management on the BladeCenter managemen t mo dule 4. Y ou can use the default IP addr esses pr ovided by the management module, or you can assign a new IP address to the switch modu le through the management mod u le. Y ou can assign this IP ...
Nortel Networks 42C4911 - page 27

Alteon OS Application Guide Chapter 1: Accessing the Switch  27 42 C4911, Januar y 2007 The default value is Disabled for both features. If these f eatures are not already enabled, change the value to Enabled , then Save . N OTE – In Advanced Configuration > Adv an ced Set up , enable “Preserve new IP configura- tion on all switch resets, ...
Nortel Networks 42C4911 - page 28

Alteon OS Application Guide 28  Chapter 1: Accessing the Switch 42C4911, January 2007 External management por t setup In addition to the internal management ports (MG T 1 and MG T2), th e 10Gb Ethernet Switch Module (GbESM) also has an extern al management port (EXT7) to support out-of-band management traffic. Port EXT7 allows you to perform dat ...
Nortel Networks 42C4911 - page 29

Alteon OS Application Guide Chapter 1: Accessing the Switch  29 42 C4911, Januar y 2007 Us i n g T e l n et Use the management module to access the Gb E Switch Module through T elnet. Choose I/O Module T asks > Configuration from the navigation pane on the left. Select a bay number and click Advanced Configuration > S tart T elnet /W eb Se ...
Nortel Networks 42C4911 - page 30

Alteon OS Application Guide 30  Chapter 1: Accessing the Switch 42C4911, January 2007 Figure 1-2 shows a basic BOOTP network example. Figure 1-2 BOOTP Relay Agent Configuration The use of two servers provide failover redundancy . The client req uest is forwarded to both BOOTP servers configured on the switch. However, no health checking is suppo ...
Nortel Networks 42C4911 - page 31

Alteon OS Application Guide Chapter 1: Accessing the Switch  31 42 C4911, Januar y 2007 DHCP Relay A gent DHCP is described in RFC 2131, and the DHCP relay agent supp orted on the GbESM is described in RFC 1542. DHCP uses UDP as its tr ansport protocol. The clien t sends messages to the server on port 67 an d the server sends messages to the cli ...
Nortel Networks 42C4911 - page 32

Alteon OS Application Guide 32  Chapter 1: Accessing the Switch 42C4911, January 2007 In GbESM implementation, there is no need for primary or s econdary servers. The client request is forwarded to the BO OTP servers configured on the switch. The use of t wo servers provide failover redundancy . However, no health checking is supported . Use the ...
Nortel Networks 42C4911 - page 33

Alteon OS Application Guide Chapter 1: Accessing the Switch  33 42 C4911, Januar y 2007 U sing the Brow ser-Based Inter fac e Use the management module to access the GbE Switch Module through a W eb session. Choose I/O Module T asks > Configuration from the navigation pane on the left. Select a bay number and click Advanced Configuration > ...
Nortel Networks 42C4911 - page 34

Alteon OS Application Guide 34  Chapter 1: Accessing the Switch 42C4911, January 2007 Accessing the BBI via HTTPS requires that you ge nerate a certificate to be used during the key exchange. A default certificate is created the fi rst time HTTPS is enabled, but you can creat e a new certificate defining the information yo u want to be used in t ...
Nortel Networks 42C4911 - page 35

Alteon OS Application Guide Chapter 1: Accessing the Switch  35 42 C4911, Januar y 2007  Switch Ports – configu re each of the physical ports on the switch.  Port-Based Port Mirroring – configure port mirroring and mirror port.  Layer 2 – Configure Quality of Service (QoS) features for the switch.  802.1x  FDB  Vi r t u a ...
Nortel Networks 42C4911 - page 36

Alteon OS Application Guide 36  Chapter 1: Accessing the Switch 42C4911, January 2007 U sing SNMP Alteon OS provides SNMP v 1.0 and SNMP v3.0 support for access through any network man- agement software, such as IB M Director or HP-OpenV iew . SNMP v1.0 T o access the SNMP agent on the GbESM, the read and write community strings on the SNMP mana ...
Nortel Networks 42C4911 - page 37

Alteon OS Application Guide Chapter 1: Accessing the Switch  37 42 C4911, Januar y 2007 For more information on SNMP MIBs and the commands used to configu re SN MP on the switch, see the Alteon OS Comma nd Refer ence . Default configuration Alteon OS has two SNMP v3 users by default. Both of the foll owing users have access to all the MIBs suppo ...
Nortel Networks 42C4911 - page 38

Alteon OS Application Guide 38  Chapter 1: Accessing the Switch 42C4911, January 2007 3. Assign the user to the user group. Use the gr oup table to link the user to a particular access group. If you want to allow user access only to certa in MIBs, see the 'V iew based Configuration' sec- tion. View based C onfigurations CLI User equiva ...
Nortel Networks 42C4911 - page 39

Alteon OS Application Guide Chapter 1: Accessing the Switch  39 42 C4911, Januar y 2007 CLI oper equiva lent C onfiguring SNMP T rap Hosts SNMPv1 trap host 1. Configure a user wit h no authentication and password. 2. Configure an access gr oup an d group table entries for the user . Use the following com- mand to specify which traps can be recei ...
Nortel Networks 42C4911 - page 40

Alteon OS Application Guide 40  Chapter 1: Accessing the Switch 42C4911, January 2007 In the example below the user will r eceive the traps sent by the switch . 3. Configure an entry in the notify table. 4. Specify the IP address and other trap para meters in the targetAddr and targetParam tables. Use the following command to specify the user na ...
Nortel Networks 42C4911 - page 41

Alteon OS Application Guide Chapter 1: Accessing the Switch  41 42 C4911, Januar y 2007 SNMPv2 trap host configuration The SNMPv2 trap host configuration is simi lar to the SNMPv1 trap host configuration . Wherever you specify the model, use snmpv2 instead of snmpv1 . SNMPv3 trap host configuration T o configure a user for SNMPv3 tr aps, you can ...
Nortel Networks 42C4911 - page 42

Alteon OS Application Guide 42  Chapter 1: Accessing the Switch 42C4911, January 2007 The following example shows how to configu re a SNMPv3 user v3trap with authentication only: /c/sys/ssnmp/snmpv3/usm 11 (Configur e user named “v3trap”) name "v3trap" auth md5 authpw v3trap /c/sys/ssnmp/snmpv3/access 11 (Define access gr oup to vi ...
Nortel Networks 42C4911 - page 43

Alteon OS Application Guide Chapter 1: Accessing the Switch  43 42 C4911, Januar y 2007 Securing Ac c ess to the S witch Secure switch managem ent is needed for environm ents that perfo rm significant manag ement functions across the Internet. Th e follow ing are some of the functions for secured manage- ment:  Authentication an d authorizati ...
Nortel Networks 42C4911 - page 44

Alteon OS Application Guide 44  Chapter 1: Accessing the Switch 42C4911, January 2007 RADIUS Authentica tion and A uthorization Alteon OS supports the RADIUS (Remote Authentication Dial -in User Service) method to authenticate and authorize remo te administrators for managing the switch. This method is based on a client/server model. The Remote ...
Nortel Networks 42C4911 - page 45

Alteon OS Application Guide Chapter 1: Accessing the Switch  45 42 C4911, Januar y 2007 1. T urn RADIUS authentication on, then configure the Pr imary and Secondary RADIUS servers. 2. Configure the RADIUS secr et. 3. If desired, you may change the default UDP port nu m ber used to list en to RADIUS. The well-known port for RADIUS is 1645. 4. Con ...
Nortel Networks 42C4911 - page 46

Alteon OS Application Guide 46  Chapter 1: Accessing the Switch 42C4911, January 2007 RADIUS Authentication F eat ures in Alteo n OS Alteon OS supports the following RADIU S aut henti catio n features:  Supports RADIUS client on the switch, ba sed on the protocol definitions in RFC 2138 and RFC 2866.  Allows RADIUS secret password up to 32 ...
Nortel Networks 42C4911 - page 47

Alteon OS Application Guide Chapter 1: Accessing the Switch  47 42 C4911, Januar y 2007 Switch User Acco unt s The user accounts listed in T able 1 -2 can be defined in the RADIUS server dictionary file. RADIUS Attributes for Al teon OS User P r ivileges When the user logs in, the sw itch authenticates his/her level of access by sending the RADI ...
Nortel Networks 42C4911 - page 48

Alteon OS Application Guide 48  Chapter 1: Accessing the Switch 42C4911, January 2007 T ACA CS+ Authen tication Alteon OS supports authentication and authorization wi th netw orks using the Cisco Systems T ACACS+ protocol. The GbE Switch Module func tions as the Network Access Server (NAS) by interacting wi th the remote client and initiating au ...
Nortel Networks 42C4911 - page 49

Alteon OS Application Guide Chapter 1: Accessing the Switch  49 42 C4911, Januar y 2007 Authorization Authorization is the action of determ inin g a user ’ s privileges on the devi ce, and usual ly tak es place after authentication. The default mapping between T ACACS+ authorization levels and Alteon OS management access levels is shown in T a ...
Nortel Networks 42C4911 - page 50

Alteon OS Application Guide 50  Chapter 1: Accessing the Switch 42C4911, January 2007 Acc ounting Accounting is the action of recording a user's act ivities on the device for the purposes of billing and/or security . It follows th e authentication and au thorization actions. If the authentication and authorization is not performed via T A C ...
Nortel Networks 42C4911 - page 51

Alteon OS Application Guide Chapter 1: Accessing the Switch  51 42 C4911, Januar y 2007 The following rules apply to T ACA CS+ command authorization and logg ing :  Only commands from a Console, T elnet, or SSH connectio n are sent for au thorization and logging. SNMP , BBI, or file-co py com mands (f or example, TFTP or sync) are not sent. ? ...
Nortel Networks 42C4911 - page 52

Alteon OS Application Guide 52  Chapter 1: Accessing the Switch 42C4911, January 2007 Configuring T ACACS+ A uthen tication on the Switch 1. T urn T ACACS+ authentication on, then configure the Primary and Secondary T ACACS+ servers. 2. Configure the T ACACS+ secr et and second secr et. 3. If desired, you may change the default TC P port number ...
Nortel Networks 42C4911 - page 53

Alteon OS Application Guide Chapter 1: Accessing the Switch  53 42 C4911, Januar y 2007 LDAP A uthentica tion and A uthorization Alteon OS supports the LDAP (Lightweig ht Directory Access Protocol) method to authenti- cate and authorize remote admini strators to manage the sw itch. LDAP is based on a client/ server model. The switch acts as a cl ...
Nortel Networks 42C4911 - page 54

Alteon OS Application Guide 54  Chapter 1: Accessing the Switch 42C4911, January 2007 Configuring LD AP Authentication on the S witch 1. T urn LDAP authentication on, then configure the Primary an d Secondary LDAP servers. 2. Configure the domain name. 3. If desired, you may change the default TCP port number used to listen to LDAP . The well-kn ...
Nortel Networks 42C4911 - page 55

Alteon OS Application Guide Chapter 1: Accessing the Switch  55 42 C4911, Januar y 2007 Secure Shell and Secure C opy Secure Shell (SSH) and Secure Copy (SCP) use secure tunnels to encrypt and secure messages between a remote administrator and the switch. T elnet does not provide thi s level of security . The T elnet method of ma naging a GbE Sw ...
Nortel Networks 42C4911 - page 56

Alteon OS Application Guide 56  Chapter 1: Accessing the Switch 42C4911, January 2007 Configuring SSH/SCP f eatures on the switch Before you can use SSH comman ds, use the follo wing commands to turn on SSH/SCP . SSH and SCP are disabled by default. T o enable or disable the SSH feature: Begin a T elnet session from the console port and enter th ...
Nortel Networks 42C4911 - page 57

Alteon OS Application Guide Chapter 1: Accessing the Switch  57 42 C4911, Januar y 2007 Configuring the SCP A dministrator P assword T o configure the scpadm (SCP Administrator) password, fi rst connect to the switch via the serial console port. For security reasons, the scpadm password may only be confi gured when connected through the console ...
Nortel Networks 42C4911 - page 58

Alteon OS Application Guide 58  Chapter 1: Accessing the Switch 42C4911, January 2007 T o upload the configuration to the switch: Syntax: Example: T o apply and save the configuration The ap ply and save commands are still needed a fter the last command, or use the following commands:  The diff command is automatically executed at the end of ...
Nortel Networks 42C4911 - page 59

Alteon OS Application Guide Chapter 1: Accessing the Switch  59 42 C4911, Januar y 2007 Generating RSA Host and Ser ver Keys for SSH Acc ess T o supp ort the SSH server feature, tw o sets of RSA keys (host and server keys) are required. The host key is 1024 bits and is used to identify the GbE Switch Module. The server key is 768 bits and is use ...
Nortel Networks 42C4911 - page 60

Alteon OS Application Guide 60  Chapter 1: Accessing the Switch 42C4911, January 2007 SSH/SCP Integration with Radius Authentication SSH/SCP is integrated wi th RA DIUS authentication . After the RADIUS server is enabled on the switch, all subsequent SSH authentication requests will be redirected to the specified RADIUS servers for authentica ti ...
Nortel Networks 42C4911 - page 61

Alteon OS Application Guide Chapter 1: Accessing the Switch  61 42 C4911, Januar y 2007 An SCP-only administrator ’ s password is typi cally used when SecurI D is used. For exam- ple, it can be used in an automation program (in which the tokens of SecurID are not avail- able) to back up (download) the switch configur ations each day . N OTE ? ...
Nortel Networks 42C4911 - page 62

Alteon OS Application Guide 62  Chapter 1: Accessing the Switch 42C4911, January 2007 Strong P asswords The administrator can require use of Strong Pa sswords for users to access the G bESM. Strong Passwords enhance security because they make password guessing more dif ficult. The following rules apply when Strong Passwords are enabled:  Each ...
Nortel Networks 42C4911 - page 63

Alteon OS Application Guide Chapter 1: Accessing the Switch  63 42 C4911, Januar y 2007 Defining User Names and Passwords Use the User ID menu to define user names and passwords. Defining a User ’ s Ac cess L evel The end user is by default assigned to the user access level (also known as class of s ervice, or CoS). CoS for all user accounts h ...
Nortel Networks 42C4911 - page 64

Alteon OS Application Guide 64  Chapter 1: Accessing the Switch 42C4911, January 2007 Listing Curr ent Users The cur command displays defined user accounts an d whether or not each user is currently logged into the switch. Logg ing into an End User A ccount Once an end user account is confi gured and enabled, the user can login to the switch use ...
Nortel Networks 42C4911 - page 65

Alteon OS Application Guide Chapter 1: Accessing the Switch  65 42 C4911, Januar y 2007 ...
Nortel Networks 42C4911 - page 66

Alteon OS Application Guide 66  Chapter 1: Accessing the Switch 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 67

42C4911, January 2007 67 C HAPTER 2 P or t-based Netw ork A cc ess C ontrol Port-Based Network Access cont rol provides a means of authenticating and authorizing devices attached to a LAN port that has point-to-point connectio n characteristics. It prevents access to ports that fail authentica tion and authoriza tion. This feat ure provides securit ...
Nortel Networks 42C4911 - page 68

Alteon OS Application Guide 68  Chapter 2: Port-based Networ k Access Control 42C4911, January 2007 Extensible Authentication P rot ocol o v er LAN Alteon OS can provide user-level security for its ports using the IEEE 802.1x protocol, which is a more secure alternative to other method s of port-based network access control. Any device attached ...
Nortel Networks 42C4911 - page 69

Alteon OS Application Guide Chapter 2: Port-based Network Access Control  69 42C4911, January 2007 802.1x Authentica tion Process The clients and authenticators communicate using Extensible Authen tication Protocol (EA P), which was originally designed to run over PP P , and for which the IEEE 802.1x Standard has defined an encapsulation method ...
Nortel Networks 42C4911 - page 70

Alteon OS Application Guide 70  Chapter 2: Port-based Networ k Access Control 42C4911, January 2007 EAP oL Message Exchange During authentication, EAPOL messages are exchanged be tween the client and the GbESM authenticator , while RADIUS-EAP messages are exchanged between the GbESM authentica- tor and the RADIUS server . Authentication is initi ...
Nortel Networks 42C4911 - page 71

Alteon OS Application Guide Chapter 2: Port-based Network Access Control  71 42C4911, January 2007 802.1x P or t States The state of the port determines whether the client is granted access to the network, as follows:  Unauthorized While in this state the port discards all ingress and egress traf fic except EAP packets.  Authorized When th ...
Nortel Networks 42C4911 - page 72

Alteon OS Application Guide 72  Chapter 2: Port-based Networ k Access Control 42C4911, January 2007 Suppor ted RA DIUS A ttributes The Alteon 802.1x Authenticat or rel ies on external RADIUS servers for authentication with EAP . Ta b l e 2 lists the RADIUS attributes that are supported as part of RADIUS-EAP authentication based on the guide line ...
Nortel Networks 42C4911 - page 73

Alteon OS Application Guide Chapter 2: Port-based Network Access Control  73 42C4911, January 2007 C onfiguration Guidelines When configuring EAPoL, consid er the following guidelines:  The 802.1x port-based authenticatio n is curren tly supported only in point -to -po int config- urations, that is, with a single suppl icant connected to an 8 ...
Nortel Networks 42C4911 - page 74

Alteon OS Application Guide 74  Chapter 2: Port-based Networ k Access Control 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 75

42C4911, January 2007 75 C HAPTER 3 VLANs This chapter describes network design and topol o gy considerations for using V i r tu al L o ca l A re a Ne tw or k s (V L AN s) . VLANs are commonly used to split up groups of network users into man- ageable broadcast domains, to create logical segm entation of workgroups, and to enforce security policies ...
Nortel Networks 42C4911 - page 76

Alteon OS Application Guide 76  Chapter 3: VLANs 42C4911, January 2007 Ov ervie w Setting up virt ual LANs (VLANs) i s a way to segment n etworks to increase ne twork flexibility without changing the physical network topology . W ith network segmentation, each switch port connects to a segment that is a single broadcast domain. When a switch por ...
Nortel Networks 42C4911 - page 77

Alteon OS Application Guide Chapter 3: VLANs  77 42C4911, January 2007 VLANs and P or t VL AN ID Numb ers VLAN Numbers Alteon OS supports up to 1024 VLANs per switch. Even though th e maximum number of VLANs supported at any gi ven time is 1024, each can be identified with any number between 1 and 4095. VLAN 1 is the default VLAN for the ext ern ...
Nortel Networks 42C4911 - page 78

Alteon OS Application Guide 78  Chapter 3: VLANs 42C4911, January 2007 Viewing and C onfiguring PVIDs Use the following CLI commands to view PVIDs:  Port info rmation: N OTE – The sample screens that appear in this document mi ght differ slightly from t he screens displayed by your system. Screen co ntent varies based on the type of Bl adeC ...
Nortel Networks 42C4911 - page 79

Alteon OS Application Guide Chapter 3: VLANs  79 42C4911, January 2007 Each port on the switch can belong to one or more VLANs, and each VLAN can have any number of switch ports in its me mbership. Any po rt that belongs to multiple VLANs, however, must have VLAN tagging enabled (see “VLAN T aggin g” on page 80 ). ...
Nortel Networks 42C4911 - page 80

Alteon OS Application Guide 80  Chapter 3: VLANs 42C4911, January 2007 VLAN T aggi ng Alteon OS software supports 802.1 Q VLAN tagging, providin g standards-based VLAN sup- port for Ethernet systems. T agging places the VLAN identifi er in the frame header of a packet, allowing each port to belong to multiple VLANs. When you add a port to mu lti ...
Nortel Networks 42C4911 - page 81

Alteon OS Application Guide Chapter 3: VLANs  81 42C4911, January 2007 Figure 3-1 Default VLAN settings N OTE – The port numbers specified in these illustrations may not directly correspond to th e physical port configuration of your switch model. When a VLAN is configured, por ts are added as members of the VLAN, and the ports are defined as ...
Nortel Networks 42C4911 - page 82

Alteon OS Application Guide 82  Chapter 3: VLANs 42C4911, January 2007 N OTE – The port assignments in the following figures are not meant to match the GbE Switch Module. Figure 3-2 Port-based VL AN assignment As shown in Figure 3-3 , the untagged packet is marked (tagge d) as it leaves the switch through port 5, which is config ured as a tagg ...
Nortel Networks 42C4911 - page 83

Alteon OS Application Guide Chapter 3: VLANs  83 42C4911, January 2007 In Figure 3-4 , tagged incoming packets are assigned di rectly to VLAN 2 because of the tag assignment in the packet. Po rt 5 is configured as a tagged member of VLAN 2, and port 7 is configured as an untagged member of VLAN 2. Figure 3-4 802.1Q tag assig nment As shown in Fi ...
Nortel Networks 42C4911 - page 84

Alteon OS Application Guide 84  Chapter 3: VLANs 42C4911, January 2007 VLAN T opologies and Design C onsiderat ions  By default, the Alteon OS software is configured so that tagging is disabled on all external ports and all internal ports.  By default, the Alteon OS software is configur ed so that all internal ports are members of VLAN 1. ...
Nortel Networks 42C4911 - page 85

Alteon OS Application Guide Chapter 3: VLANs  85 42C4911, January 2007 Example 1: Multiple VLANs with T agging Adapters Figure 3-6 Example 1: Multiple VLANs with VL AN-T agged Gigabit Adapters The features of this VLAN are described bel o w: Component Description GbE Switch Module This switch is configured for three VLANs that represent three di ...
Nortel Networks 42C4911 - page 86

Alteon OS Application Guide 86  Chapter 3: VLANs 42C4911, January 2007 N OTE – VLAN tagging is required only on ports that are connected to other GbE Switch Modules or on ports that conn ect to tag-capable end-stations , such as servers with VLAN- tagging adapters. PCs #1 and #2 These PCs are attached to a shared media hub that is then connect ...
Nortel Networks 42C4911 - page 87

Alteon OS Application Guide Chapter 3: VLANs  87 42C4911, January 2007 Pr otoc ol-based VLANs Protocol-based VLANs (PVLANs) allow you to segment network traf fic according to the net- work protocols in use. T raffic generated by supported network protocols can be confined to a particular port-based VLAN. Y ou can give different priority leve ls ...
Nortel Networks 42C4911 - page 88

Alteon OS Application Guide 88  Chapter 3: VLANs 42C4911, January 2007 P ort-based vs. P rot ocol-based VLANs Each VLAN supports both port-based and pro t ocol-based association , as follows:  The default VLAN configu ration is port-ba se d. All data ports are members of VLAN 1, with no PVLAN association.  When you add ports to a PVLAN, th ...
Nortel Networks 42C4911 - page 89

Alteon OS Application Guide Chapter 3: VLANs  89 42C4911, January 2007 PVLAN C onfigura tion Guidelines Consider the following guidelin es when you con fig ure proto col-based VLANs:  Each port can support up to 16 VLA N protocols.  The GbESM can support up to 16 protocols simultaneously .  Each PVLAN must have at least one port assigne ...
Nortel Networks 42C4911 - page 90

Alteon OS Application Guide 90  Chapter 3: VLANs 42C4911, January 2007 3. Add member ports for this PVLAN. 4. Configure VLAN tagging for ports. 5. Enable the PVLAN. >> VLAN 2 Protocol 1# add int1 Port INT1 is an UNTAGGED port and it s current PVID is 1. Confirm changing PVID from 1 to 2 [y /n]: y Current ports for VLAN 2: empty Current por ...
Nortel Networks 42C4911 - page 91

Alteon OS Application Guide Chapter 3: VLANs  91 42C4911, January 2007 6. V erify PVLAN operation. >> /info/l2/vlan (V iew VLAN informati on) VLAN Name Stat us Ports ---- ------------------------ ---- -- ------------------------- 1 Default VLAN ena INT1-INT14 EXT2-EXT6 2 VLAN 2 ena INT1 EXT1 4094 EXT-Mgmt VLAN ena EXT7 4095 Mgmt VLAN ena M ...
Nortel Networks 42C4911 - page 92

Alteon OS Application Guide 92  Chapter 3: VLANs 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 93

42C4911, January 2007 93 C HAPTER 4 Po r t s a n d T r u n k i n g T runk groups can provide super-bandwidth, multi-link connecti ons between GbE Switch Mod- ules or other trunk-capable devices. A t runk group is a group of ports th at act together , combin- ing their bandwidth to create a si ngle, larger virtual link. Thi s chap te r provides conf ...
Nortel Networks 42C4911 - page 94

Alteon OS Application Guide 94  Chapter 4: Ports and Trunking 42C4911, January 2007 Ov ervie w When using port trunk gro ups between two switches, as shown in Figure 4-1 , you can create a virtual link between the switches, operating up to 60Gb p er second, depend ing on how man y physical ports are combined. Each GbESM sup ports up to 13 trunk ...
Nortel Networks 42C4911 - page 95

Alteon OS Application Guide Chapter 4: Ports and Trunking  95 42C4911, January 2007 Statistical L oad Distribution Network traffic is statistically d istributed between the p orts in a trun k group. The Alteon OS- powered switch uses the Layer 2 MAC address information present in each transmitted frame for determining load dist ribution. Each pa ...
Nortel Networks 42C4911 - page 96

Alteon OS Application Guide 96  Chapter 4: Ports and Trunking 42C4911, January 2007 T runk group configur ation rules The trunking feature operates acco rding to specific configuration rules. When creating trunks, consider the following rules th at determin e how a trunk group reacts in any network topology:  All trunks must originate from on ...
Nortel Networks 42C4911 - page 97

Alteon OS Application Guide Chapter 4: Ports and Trunking  97 42C4911, January 2007 Po r t T r u n k i n g E x a m p l e In the example below , three ports ar e trunked between two switches. Figure 4-2 Port T runk Group Configuration Example Prior to configuring each switch in the above ex ample, you must connect to the appropriate switch’ s C ...
Nortel Networks 42C4911 - page 98

Alteon OS Application Guide 98  Chapter 4: Ports and Trunking 42C4911, January 2007 1. Connect the switch port s that will be members in the tru nk group. 2. Follow these steps on the GbESM: (a) Define a trunk group. (b)Apply and ver ify the configur ation. Examine the resultin g in formation. If an y sett ings are incorrect, make appropriate ch ...
Nortel Networks 42C4911 - page 99

Alteon OS Application Guide Chapter 4: Ports and Trunking  99 42C4911, January 2007 4. Examine the trunking inf o rmation on each switch. Information about each port in each configured tru nk group is displayed. Make sure that tru nk groups consist of the expected ports and th at each port is in the expected state. The following restrictions app ...
Nortel Networks 42C4911 - page 100

Alteon OS Application Guide 100  Chapter 4: Ports and Trunking 42C4911, January 2007 C onfigurable T runk Hash Algorithm This feature allows you to co nfigure the particular parameters for the GbESM Trunk Hash algorithm instead of havi ng to utilize the d efaults. Y ou can configure new default behavio r for Layer 2 traffic and Layer 3 traffic u ...
Nortel Networks 42C4911 - page 101

Alteon OS Application Guide Chapter 4: Ports and Trunking  101 42C4911, January 2007 Link Aggr egation C ontrol P rotoc ol Link Aggregation Control Protocol (LACP) is an IEEE 802.3ad st andard for gro uping several physical ports into one logical port (kn own as a dynamic trunk group or Link Aggregation group) with any device that supp orts the ...
Nortel Networks 42C4911 - page 102

Alteon OS Application Guide 102  Chapter 4: Ports and Trunking 42C4911, January 2007 LACP automatically determi nes which member lin ks can be aggregated and then aggregates them. It provides for the co ntrolled addition and rem oval of physical links for t he link aggrega- tion. Each port in the GbESM can have one of the following LACP modes. ? ...
Nortel Networks 42C4911 - page 103

Alteon OS Application Guide Chapter 4: Ports and Trunking  103 42C4911, January 2007 C onfiguring LACP Use the following procedure to configure LACP fo r port EXT1 and port EXT2 to participate in link aggregation. 1. Set the LACP mode on port EXT1. 2. Define the admin key on port EXT1. Only ports with the same ad min key can form a LACP trunk gr ...
Nortel Networks 42C4911 - page 104

Alteon OS Application Guide 104  Chapter 4: Ports and Trunking 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 105

42C4911, January 2007 105 C HAPTER 5 Spanning T ree Gr oup When multiple paths exist on a network , Spanning Tree Group (STG) configures the network so that a switch uses only the most ef ficient pa th. The following topics are discussed in this chapter:  “Overview” on page 106  “Bridge Protocol Data Units (BPDUs)” on page 107  “ ...
Nortel Networks 42C4911 - page 106

Alteon OS Application Guide 106  Chapter 5: Spanning Tree G roup 42C4911, January 2007 Ov ervie w Spanning Tree Group (STG) detects and eliminates logical loops in a bridged or switched net- work. When multiple paths exist, Spanning Tree configures the network so that a switch uses only the most efficient path. If that path fail s, Spanning T re ...
Nortel Networks 42C4911 - page 107

Alteon OS Application Guide Chapter 5: Spanning Tree Group  107 42C4911, January 2007 Bridge Pr otoc ol Data Units (BPDU s) T o create a Spanning Tr ee, the switch generates a configuration Bridge Protocol Data Unit (BPDU), which it then forwards out of its ports. All switch es in the Layer 2 network parti cipat- ing in the Spanning Tree gather ...
Nortel Networks 42C4911 - page 108

Alteon OS Application Guide 108  Chapter 5: Spanning Tree G roup 42C4911, January 2007 Po r t Pa t h Co s t The port path cost assigns lower values to high-bandwid th po rts, such as Giga bit Ethernet , to encourage their use. The cost of a port also depend s on whether t he port operates at ful l-duplex (lower cost) or half-duplex (hi gher cost ...
Nortel Networks 42C4911 - page 109

Alteon OS Application Guide Chapter 5: Spanning Tree Group  109 42C4911, January 2007  If ports are tagged, all trunked po rts can belong to multiple STGs.  A port that is not a member of any VLAN can not be added to any STG . The port must be added to a VLAN, and that VLAN added to the desired STG . Rules for VLAN T agged por ts  T agg ...
Nortel Networks 42C4911 - page 110

Alteon OS Application Guide 110  Chapter 5: Spanning Tree G roup 42C4911, January 2007 Multiple Spanning T rees Each GbE Switch Module supports a maximum of 128 Sp anning T ree Groups (STGs). Multi- ple STGs provide multiple data paths, whi ch can be used for load-balancing and redund ancy . Y o u enable load balancing between two Gb E Swit ch M ...
Nortel Networks 42C4911 - page 111

Alteon OS Application Guide Chapter 5: Spanning Tree Group  111 42C4911, January 2007 Wh y Do W e Need Multiple Spanning T rees? Figure 5-1 shows a simple example of why we n eed multiple Spanning Trees. T w o VLANs, VLAN 1 and VLAN 100 exist between applicati on switch A and GbE Switch Module B. If you have a single Spanning Tree Group, the swi ...
Nortel Networks 42C4911 - page 112

Alteon OS Application Guide 112  Chapter 5: Spanning Tree G roup 42C4911, January 2007 Figure 5-2 Implementing M ultiple S panning T ree Groups VLAN Participation in Spanning T ree Groups The VLAN participation for each Spanning T ree Group in Figure 5-2 on page 1 12 is discussed in the following sections:  VLAN 1 Participation If application ...
Nortel Networks 42C4911 - page 113

Alteon OS Application Guide Chapter 5: Spanning Tree Group  113 42C4911, January 2007  VLAN 3 Participation For VLAN 3 you can have GbE Switch Mod ule B or app licati on switch C to be the root bridge. If switch B is the root bridge for VLAN 3, Spannin g Tree Group 2, then switch B transmits the BPDU out from port 18. Application switch C rec ...
Nortel Networks 42C4911 - page 114

Alteon OS Application Guide 114  Chapter 5: Spanning Tree G roup 42C4911, January 2007 N OTE – Each instance of Spanning Tree Group is enabled by defaul t. 3. Configure the following on application switch C: Add port 8 to VLAN 3 and define Spanning Tree Group 3 for VLAN 3. VLAN 3 is automatically removed from Span n ing T ree Group 1 and by de ...
Nortel Networks 42C4911 - page 115

Alteon OS Application Guide Chapter 5: Spanning Tree Group  115 42C4911, January 2007 P o rt F a s t F o rw a r di n g Port Fast For warding perm its a port t hat partic ipates in Spanning Tree to bypass the Listening and Learning states and enter dir ectly into the Forwarding state. While in the Forwarding state, the port listens to the BPDUs t ...
Nortel Networks 42C4911 - page 116

Alteon OS Application Guide 116  Chapter 5: Spanning Tree G roup 42C4911, January 2007 Fa s t U p l i n k C o n v e r g e n c e Fast Uplink Convergence enables the GbESM to quickly recover from the failure of the pri- mary link or trunk group in a Layer 2 network u sing Spanning Tree Protocol. Normal recovery can take as long as 50 seconds, whil ...
Nortel Networks 42C4911 - page 117

42C4911, January 2007 117 C HAPTER 6 Rapid Spanning T r ee Pr otoc ol/Multiple Spanning T ree Pr otocol IEEE 802.1w Rapid Spanning T ree Protocol enha nces the Spanning Tree Pr otocol to provide rapid convergence on Spanning Tree Group 1. IEEE 802.1s Multiple Spanning Tree Protocol extends the Rapid Span ning Tr ee Protocol, to provide both rap id ...
Nortel Networks 42C4911 - page 118

Alteon OS Application Guide 118  Chapter 6: Rapid Spanning Tree Protocol/M ultiple Spanning Tree Pr otocol 42C4911 , January 2007 Rapid Spanning T ree Pr otoc ol Rapid Spanning Tree Protocol (RSTP) provides rapid convergence of the spanning tree and provides for fast re-configuration critical for netw orks carrying delay-sensitive traf fic such ...
Nortel Networks 42C4911 - page 119

Alteon OS Application Guide Chapter 6: Rapid Spanning Tree Protoc ol/Multiple Spanning Tree Protocol  119 42C4911, January 2007 P ort T ype and Link T ype Spanning Tree configuration includes the following parameters to support RSTP and MSTP: edge port and link type. Alth ough these paramet ers are configured for Spanning Tr ee Groups 1-128 ( /c ...
Nortel Networks 42C4911 - page 120

Alteon OS Application Guide 120  Chapter 6: Rapid Spanning Tree Protocol/M ultiple Spanning Tree Pr otocol 42C4911 , January 2007 RSTP Co nfigura tion Example This section provides steps to configure Ra pid Spanning T ree on the GbE Switch Module, using the Command-Line Interface (CLI). Configur e Rapid Spanning T ree 1. Configure port an d VLAN ...
Nortel Networks 42C4911 - page 121

Alteon OS Application Guide Chapter 6: Rapid Spanning Tree Protoc ol/Multiple Spanning Tree Protocol  121 42C4911, January 2007 Multiple Spanning T ree P rot ocol IEEE 802.1s Multiple Spanning T ree extends the IEEE 802.1w Rapid Spanning T ree Protocol through multiple Spannin g Tree Groups. MSTP maintains up to 32 spanning-tree instances, that ...
Nortel Networks 42C4911 - page 122

Alteon OS Application Guide 122  Chapter 6: Rapid Spanning Tree Protocol/M ultiple Spanning Tree Pr otocol 42C4911 , January 2007 MSTP Co nfigura tion Guidelines This section provides important inform ation about configuri ng Mul tiple Spanning Tree Groups:  When you enable MSTP , you must co nfigure the Region N ame, and a defaul t version n ...
Nortel Networks 42C4911 - page 123

42C4911, January 2007 123 C HAPTER 7 Quality of Ser vice Quality of Service featur es allow you to allocat e network reso urces to mission-critical ap plica- tions at the expense of ap plications that are less sensitive to such fact ors as time del ays or net- work congestion. Y ou can configure your networ k to prioritize specifi c types of traffi ...
Nortel Networks 42C4911 - page 124

Alteon OS Application Guide 124  Chapter 7: Quality of Service 42C4911, January 2007 Overview QoS helps you allocate gu aranteed bandwidth to the critical applications, and limit bandwi dth for less critical applications. Ap plications such as video and vo ice must have a certain amount of bandwidth to work correctly; u sing QoS, you can provide ...
Nortel Networks 42C4911 - page 125

Alteon OS Application Guide Chapter 7: Quality of Service  125 42C4911, January 2007 The basic GbESM QoS model works as follows:  Classify traffic:  Read DSCP  Read 802.1p Priority  Match ACL filter parameters  Meter traf fic:  Define bandwidth and burst parameters  Select actions to perform on in- profile and out-o f-p rofi ...
Nortel Networks 42C4911 - page 126

Alteon OS Application Guide 126  Chapter 7: Quality of Service 42C4911, January 2007 Us i n g ACL Fi l t e r s Access Control Lists are filters that allow you to classify and segment traffic, so you can pro- vide different levels of service to different traf fic typ es. Each filter defines the conditions that must match for inclusion in the filt ...
Nortel Networks 42C4911 - page 127

Alteon OS Application Guide Chapter 7: Quality of Service  127 42C4911, January 2007  Packet Format  Ethernet format (eth2, SNAP , LLC)  Ethernet tagging format  IP format (IPv4, IPv6)  Egress port packets T able 7-2 Well-Known Application Ports Number TC P/UDP Application Number TC P/UDP Application Number TC P/UDP Application 20 ...
Nortel Networks 42C4911 - page 128

Alteon OS Application Guide 128  Chapter 7: Quality of Service 42C4911, January 2007 Summar y of A CL Actions Actions determine how th e traffi c is treate d. The GbESM QoS actions include the following:  Pass or Drop  Re-mark a new Dif fServ Code Point (DSCP)  Re-mark the 802.1p field  Set the COS queue Understanding A CL Pr ecedenc ...
Nortel Networks 42C4911 - page 129

Alteon OS Application Guide Chapter 7: Quality of Service  129 42C4911, January 2007 Usi n g ACL G ro u p s Access Control Lists (ACLs) allow you to classify packets according to a particular content in the packet header , such as the source addre ss, destination address, source port number , destina- tion port number , and others. Packet classi ...
Nortel Networks 42C4911 - page 130

Alteon OS Application Guide 130  Chapter 7: Quality of Service 42C4911, January 2007  Access Control Groups An Access Control Group (ACL Group) is a collection of ACLs. For example: In the example above, each ACL defines a filter rule. ACL 3 has a higher precedence than ACL 1, based on its nu mb er . Use ACL Groups to create a traf fic profil ...
Nortel Networks 42C4911 - page 131

Alteon OS Application Guide Chapter 7: Quality of Service  131 42C4911, January 2007 Meterin g QoS metering provides different levels of service to data streams th rou gh user-configurable parameters. A meter is used to measure the traf fic stream against a traf fic profile, which you create. Thus, creating meters yi elds In-Profile and Out-of-P ...
Nortel Networks 42C4911 - page 132

Alteon OS Application Guide 132  Chapter 7: Quality of Service 42C4911, January 2007 A CL C onfigurat ion Examples Example 1 Use this configuration to block traffic to a specifi c host. All traf fic that ingresses on port EXT1 is denied if it is destined for the host at IP address 100.10.1.1 1. Configure an Access Control List. 2. Add ACL 1 to p ...
Nortel Networks 42C4911 - page 133

Alteon OS Application Guide Chapter 7: Quality of Service  133 42C4911, January 2007 3. Apply and save the configuration. Example 3 Use this configuration to block traffic from a netw ork that is destined for a specific egress port. All traffic that ingresses port EXT1 from the ne twork 100.10.1.0/24 and is destined for port INT1 is denied. 1. C ...
Nortel Networks 42C4911 - page 134

Alteon OS Application Guide 134  Chapter 7: Quality of Service 42C4911, January 2007 U sing DSCP V alues to Pro vide QoS The six most significant bits in the TOS byte of the IP header are defined as DiffServ Code Points (DSCP). Packets are marked with a certain value depending on the type of treatmen t the packet must receive in the network devi ...
Nortel Networks 42C4911 - page 135

Alteon OS Application Guide Chapter 7: Quality of Service  135 42C4911, January 2007 The GbESM default settings are based on the following standard PHBs, as defined in the IEEE standards:  Expedited Forwarding (EF)—T his PH B has the hi ghest egress priority and lowest drop precedence level. EF traffic is forwarded ahead of all other traffi ...
Nortel Networks 42C4911 - page 136

Alteon OS Application Guide 136  Chapter 7: Quality of Service 42C4911, January 2007 QoS Lev els T abl e 7-5 shows the default service levels provided by the GbESM, listed from hig hest to lowest importance: T able 7-5 Default QoS Service Levels Service Level Default PHB 802.1p Priority Critical CS7 7 Network Control CS6 6 Premium EF , CS5 5 Pla ...
Nortel Networks 42C4911 - page 137

Alteon OS Application Guide Chapter 7: Quality of Service  137 42C4911, January 2007 DSCP Re -mark ing and Mapping The GbESM can re-mark the DSCP value of ingress packets to a new value, and set the 802.1p priority val ue, based on the DSCP valu e. Y ou can view the default setting s by using the cfg/qos/dscp/cur command, as shown below . Use th ...
Nortel Networks 42C4911 - page 138

Alteon OS Application Guide 138  Chapter 7: Quality of Service 42C4911, January 2007 DSCP Re-mark ing Confi guration Example 1. T urn DSCP re-mar king on globally , and define the DSCP -D SCP-802.1p ma pping. Y ou can use the default mapping, as shown in the cfg/qos/dscp/cur command ou tput. 2. Enable DSCP re-marking on a port. >> Main# cf ...
Nortel Networks 42C4911 - page 139

Alteon OS Application Guide Chapter 7: Quality of Service  139 42C4911, January 2007 U sing 802.1p Priorities to Pr ovide QoS Alteon OS provides Quality of Service functi ons based on the priority bits in a packet’ s VLAN header . (The priority bits are defined by th e 802.1p standard with in the IEEE 802.1q VLAN header .) The 802.1p bits, if ...
Nortel Networks 42C4911 - page 140

Alteon OS Application Guide 140  Chapter 7: Quality of Service 42C4911, January 2007 802.1p C onfiguration Example 1. Configure a port’ s default 802.1p priority . 2. Map the 802.1p priority value to a COS queue and set the COS queue scheduling weight. Queuing and Scheduling The GbESM has eight output Class of Service (COS) queues per port, in ...
Nortel Networks 42C4911 - page 141

42C4911, January 2007 P ar t 2: IP Routing This section discusses Layer 3 switching fun ctions. In addition to swit ching traffic at near line rates, the application switch can perform multi-pro toco l routing. This section discusses basic routing and advanced routin g protocols:  Basic Routing  Routing Informati on Protocol (R IP )  Inter ...
Nortel Networks 42C4911 - page 142

Alteon OS Application Guide 142 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 143

42C4911, January 2007 143 C HAPTER 8 Basic IP Routing Th is c ha pt er provides configuration background and examples for using the GbE Switch Mod- ule to perform IP routing functions. Th e followi ng topics are addressed in this chapter:  “IP Routing Benefits” on page 144  “Routing Between IP Subnets” on page 145  “Example of Su ...
Nortel Networks 42C4911 - page 144

Alteon OS Application Guide 144  Chapter 8: Basic IP Routing 42C4911, January 2007 IP Routing Benefits The GbE Switch Module uses a combination of c onfigurable IP switch in terfaces and IP rout- ing options. The swit ch IP routing capabili ties provide th e following benefits:  Connects the server IP subnets to the rest of the backbone netwo ...
Nortel Networks 42C4911 - page 145

Alteon OS Application Guide Chapter 8: Basic IP Routing  145 42C4911, January 2007 Routing Betw een IP Subnets The physical layout o f most corp orate networks has evolved over time. Classi c hub/router topologies have given way to faster sw itched topologies, particularly now th at sw itches are increasingly intelligent. GbE Switch Mod ules are ...
Nortel Networks 42C4911 - page 146

Alteon OS Application Guide 146  Chapter 8: Basic IP Routing 42C4911, January 2007  Routers can be slower than switches. The cro ss-subnet side trip from the switch to the router and back again adds two hops for the data , slowi ng th roughput considerabl y .  T raffic to the router incr eases, increasing congestion. Even if every end-stat ...
Nortel Networks 42C4911 - page 147

Alteon OS Application Guide Chapter 8: Basic IP Routing  147 42C4911, January 2007 W ithout Layer 3 IP routing on the switch, cross-subnet com munication is relayed to the default gateway (in this case, the router) for the next level of routing intel ligence. The rout er fills in the necessary address information and sends the data back to the s ...
Nortel Networks 42C4911 - page 148

Alteon OS Application Guide 148  Chapter 8: Basic IP Routing 42C4911, January 2007 Example of Subnet Routing Prior to configuri ng, you must be connected to the sw itch Command Line Interface (CLI) as the administrator . N OTE – For details about accessing and using any of the menu commands described in this example, see the Alteon OS Command ...
Nortel Networks 42C4911 - page 149

Alteon OS Application Guide Chapter 8: Basic IP Routing  149 42C4911, January 2007 IP interfaces are configured using the following comm ands at the CLI: 3. Set each server and workstation’ s default gatew ay to the appropriate switch IP interface (the one in the same subnet as the server or workstation). 4. Configure the default gateways t o ...
Nortel Networks 42C4911 - page 150

Alteon OS Application Guide 150  Chapter 8: Basic IP Routing 42C4911, January 2007 Using VLANs to Segregat e Broadcast Domains In the previous example, devices that share a common IP network are all in the same broadcast domain. If you want to limit the broadcasts on your netwo rk, you could use VLANs to create distinct broadcast domains. For ex ...
Nortel Networks 42C4911 - page 151

Alteon OS Application Guide Chapter 8: Basic IP Routing  151 42C4911, January 2007 Each time you add a port to a VLAN, you may get the follow ing prompt: Enter y to set the default Port VLAN ID (PVI D) for the port. 3. Add each IP interface to the appr opriate VLAN. Now that the ports are separated into three VL ANs, the IP interface for each su ...
Nortel Networks 42C4911 - page 152

Alteon OS Application Guide 152  Chapter 8: Basic IP Routing 42C4911, January 2007 Dynamic Host C onfigura tion P rotoc ol Dynamic Host Configuration Protocol (D HCP) is a transport protocol that provides a frame- work for automatically assigning IP addresses and config urat ion informatio n to oth er IP hosts or clients in a large TCP/IP networ ...
Nortel Networks 42C4911 - page 153

Alteon OS Application Guide Chapter 8: Basic IP Routing  153 42C4911, January 2007 DHCP Relay A gent DHCP is described in RFC 2131, and the DHCP relay agent supp orted on GbE Switch Mod- ules is described in RFC 1542. DHCP uses UDP as its transport protocol. The client sends messages to the server on port 67 and the server sends m e ss a ges to ...
Nortel Networks 42C4911 - page 154

Alteon OS Application Guide 154  Chapter 8: Basic IP Routing 42C4911, January 2007 DHCP Relay A gent C onfigura tion T o enable the GbE Switch Module to be the BOOTP forwarder, you n eed to configure the DHCP/BOOTP server IP addresses on the switch. Y ou generally configure the IP interface on the client side to mat ch the client’ s subnet, an ...
Nortel Networks 42C4911 - page 155

42C4911, January 2007 155 C HAPTER 9 Routing Informa t ion Pr otoc ol In a routed environment, rout ers communicate with one anothe r to keep track of available routes. Routers can learn about available rout es dynamically using the Ro uting Informat ion Protocol (RIP). Alteon OS software supp orts RIP version 1 (RIPv1) and RIP version 2 (RIPv2) fo ...
Nortel Networks 42C4911 - page 156

Alteon OS Application Guide 156  Chapter 9: Routing Inform ation Protocol 42C4911, January 2007 Routing Updates RIP sends routing-update messages at regular in tervals and when the network topolo gy changes. Each router “advertises ” routing information by sending a rou ting informatio n update every 30 seconds. If a router doesn’t receive ...
Nortel Networks 42C4911 - page 157

Alteon OS Application Guide Chapter 9: Routing Info rmation Protocol  157 42C4911, Januar y 2007 RIPv2 in RIPv1 compatibility mode Alteon OS allows you to configure RIPv2 in RIPv1com patibility mod e, for using both RIPv 2 and RIPv1 routers within a network. In this mo de, th e regular routing updates use broadcast UDP data packet to allow RIPv1 ...
Nortel Networks 42C4911 - page 158

Alteon OS Application Guide 158  Chapter 9: Routing Inform ation Protocol 42C4911, January 2007 Default The RIP router can listen and supply a default rout e, usually represented as 0.0.0.0 in the rout- ing table. When a router does not have an expli c it ro ute to a destination network in its routing table, it uses the default r oute to forward ...
Nortel Networks 42C4911 - page 159

Alteon OS Application Guide Chapter 9: Routing Info rmation Protocol  159 42C4911, Januar y 2007 1. Add VLANs for routing interfaces. 2. Add IP interfaces to VLANs. 3. T urn on RIP globally and enable RIP for each interface. Use the /maint/route/dump command to check th e current valid routes in the routing table of the switch. For those RIP lea ...
Nortel Networks 42C4911 - page 160

Alteon OS Application Guide 160  Chapter 9: Routing Inform ation Protocol 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 161

42C4911, January 2007 161 C HAPTER 10 IGMP Internet Group Management Protocol (IGMP) is used by IP Multicast routers to learn about the existence of host group members on their direct ly attached subnet (see RFC 2236). The IP Multicast routers get this information by broa dcasting IGMP Membersh ip Queries an d listen- ing for IP hosts reporting the ...
Nortel Networks 42C4911 - page 162

Alteon OS Application Guide 162  Chapter 10: IGMP 42C4911, January 2007 IGMP Snooping IGMP Snooping allows the switch to fo rward mu lticast traffic only to those ports that request it. IGMP Snooping prevents multicast traffic from being flooded to all ports. The switch learn s which server hosts are interested in receiving multicast traffic, an ...
Nortel Networks 42C4911 - page 163

Alteon OS Application Guide Chapter 10: IGMP  163 42C4911, January 2007 IGMP Snooping Co nfigura tion Example This section provides steps to configure IGMP Snooping on the GbESM, using the Command- Line Interface (CLI). Configure IGMP Snooping 1. Configure port and VLAN membership on the switch. 2. T urn on IGMP . 3. Add VLANs to IGMP Snoopi ng ...
Nortel Networks 42C4911 - page 164

Alteon OS Application Guide 164  Chapter 10: IGMP 42C4911, January 2007 These commands display information abou t IGMP Groups and Mrouters learned through IGMP Snooping. Static Multicast Router A static multicast router (Mrou t er) can be configured for a par ticular port on a particular VLAN. A static Mrouter does not have to b e learned thro u ...
Nortel Networks 42C4911 - page 165

Alteon OS Application Guide Chapter 10: IGMP  165 42C4911, January 2007 IGMP Relay The GbESM can act as an IGMP Relay (or IGMP Proxy) device that relays IGMP multicast messages and traffic between an Mrouter and en d stations. IGMP Relay allows the GbESM t o participate in network multicasts with no conf igurati on of the vari ous mu lticast rou ...
Nortel Networks 42C4911 - page 166

Alteon OS Application Guide 166  Chapter 10: IGMP 42C4911, January 2007 C onfigure IGMP Relay Use the following procedure to configure IGMP Relay . 1. Configure an IP interfa ce and assign VLANs. 2. T urn IGMP on. 3. Enable IGMP Relay and add VLANs to the downstr eam network. 4. Configure th e upstre am Mr outers. >> /cfg/l3/if 2 (Select I ...
Nortel Networks 42C4911 - page 167

Alteon OS Application Guide Chapter 10: IGMP  167 42C4911, January 2007 5. Apply and save the configuration. >> Multicast router 2# apply (Apply the configuration) >> Multicast router 2# save (Save the configuration) ...
Nortel Networks 42C4911 - page 168

Alteon OS Application Guide 168  Chapter 10: IGMP 42C4911, January 2007 A dditional IGMP F eatures The following topics are discussed in this section:  “FastLeave” on page 168  “IGMP Filtering” on page 168 Fa s t L e a v e In normal IGMP opera ti on, wh en the receives an IGMPv2 leave message, it sends a Group- Specific Query to de ...
Nortel Networks 42C4911 - page 169

Alteon OS Application Guide Chapter 10: IGMP  169 42C4911, January 2007 Each IGMP Filter allows you to set a st art and e nd point that defines the range of IP addresses upon which the filter takes action. Each IP address in the range must be between 224.0.1.0 and 239.255.255.255. If yo u choose any as the start point, then th e filter acts upon ...
Nortel Networks 42C4911 - page 170

Alteon OS Application Guide 170  Chapter 10: IGMP 42C4911, January 2007 3. Assign the IGMP filter to a port. >> /cfg/l3/igmp/igmpflt (Select IGMP Filtering menu) >>IGMP Filter# port EXT3 (Select port E XT3) >>IGMP Port EXT3# filt ena (Enable IGMP Filtering on th e port) Current port EXT3 filtering: disable d New port EXT3 filte ...
Nortel Networks 42C4911 - page 171

42C4911, January 2007 171 C HAPTER 11 Border Gate wa y Pr otocol Border Gateway Protocol (BGP) is an Internet protocol that enab les routers on a network to share and advertise routing info rmation with each other about th e segments of the IP address space they can access within their network and with routers on external networks. BGP allows you t ...
Nortel Networks 42C4911 - page 172

Alteon OS Application Guide 172  Chapter 11: Border Gateway Protocol 42C4911, January 2007 Internal Routing V ersus Ex ternal Routing T o ensure effective processing of network traffi c, every router on your network needs to know how to send a packet (d irectly or i ndirectly) to any other lo catio n/destination in your net work. This is referre ...
Nortel Networks 42C4911 - page 173

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  17 3 42C4911, January 2007 T ypically , an AS has one or more bo rd e r ro u t e r s —peer routers that exchan ge routes with other ASs—and an internal rou ting scheme that enables routers in that AS to reach every other router and destination within that AS. When you adverti ...
Nortel Networks 42C4911 - page 174

Alteon OS Application Guide 174  Chapter 11: Border Gateway Protocol 42C4911, January 2007 Wha t is a Route Map? A route map is used to control and modify routing informati on. Route maps define conditio ns for redistributing routes from one rou ting protocol to an oth er or controlling routi ng informa- tion when injecting it in and out of BG P ...
Nortel Networks 42C4911 - page 175

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  17 5 42C4911, January 2007 Figure 1 1-2 Distributing Network Filters in Access List s and Route Maps Incoming and Outgoing Route Maps Y o u can have two ty pes of route maps: incoming and outgoing. A BGP peer router can be con- figured to support up to eight rou te maps in th e i ...
Nortel Networks 42C4911 - page 176

Alteon OS Application Guide 176  Chapter 11: Border Gateway Protocol 42C4911, January 2007 Prec edenc e Y o u can set a priority to a route map by specifying a precedence valu e with the following command: The smaller the value the higher the precedence. If two route maps have the same precedence value, the smaller numb er has higher precedence. ...
Nortel Networks 42C4911 - page 177

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  17 7 42C4911, January 2007 3. (Optional) Configur e the attrib utes in the AS filter menu. 4. Set up the BGP attributes. If you want to overwrite the attributes th at the peer router is sending, then define the following BGP attributes:  Specify the AS numbers that yo u want t ...
Nortel Networks 42C4911 - page 178

Alteon OS Application Guide 178  Chapter 11: Border Gateway Protocol 42C4911, January 2007 A ggregating Rout es Aggregation is the process of co mbining several different routes in such a way that a single route can be advertised, which minimizes the size of the routing tabl e. Y ou can configure aggregate routes in BGP either by redistributing ...
Nortel Networks 42C4911 - page 179

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  17 9 42C4911, January 2007 Redistributing Routes In addition to running mult iple routi ng prot ocols simu ltan eously , Alteon OS software can redistribute informatio n from one routing protocol to another . For example, you can instruct the switch to use BGP to readvertise stat ...
Nortel Networks 42C4911 - page 180

Alteon OS Application Guide 180  Chapter 11: Border Gateway Protocol 42C4911, January 2007 BGP A ttributes The following two BGP attributes are discussed in this section: Local preference and metric (Multi-Exit D iscriminator). Local P refer ence A ttribute When there are multiple paths to the same destin ation, the local prefer ence attribut e ...
Nortel Networks 42C4911 - page 181

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  18 1 42C4911, January 2007 Selec ting Route Pa ths in BGP BGP selects only on e path as the b est path. It does not rely on metrics attribut es to determ ine the best path. When the same network is lear ned via more than one BGP peer , BGP uses its policy for selecting the best r ...
Nortel Networks 42C4911 - page 182

Alteon OS Application Guide 182  Chapter 11: Border Gateway Protocol 42C4911, January 2007 BGP F ailover C onfiguration Use the following example to create redundant default gateways for a GbE Switch Module at a W eb Host/ISP sit e, eliminating the p ossibility , should one gat eway go down, that request s will be forwarded to an upstream router ...
Nortel Networks 42C4911 - page 183

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  18 3 42C4911, January 2007 1. Define the VLANs. For simplicity , both default gatew ays are configur ed in the same VLAN in this example. The gateways could be in the same VLA N or different VLANs . 2. Define the IP interfaces. The switch will need an IP interface for each defaul ...
Nortel Networks 42C4911 - page 184

Alteon OS Application Guide 184  Chapter 11: Border Gateway Protocol 42C4911, January 2007 4. Configure BGP peer r outer 1 and 2. Peer 1 is the primary gateway router . Peer 2 is configured with a metric of “3.” The metric option is key to ensuring gateway traffic is directed to Peer 1, as it will make Peer 2 appear to be three router hops a ...
Nortel Networks 42C4911 - page 185

Alteon OS Application Guide Chapter 11: Bord er Gateway Pro tocol  18 5 42C4911, January 2007 Default Redistribution and Route A ggrega tion Example This example shows you how to configure the sw itch to redistribute information from one routing protocol to another and create an aggregate rou te entry in the BGP routing table to min- imize the s ...
Nortel Networks 42C4911 - page 186

Alteon OS Application Guide 186  Chapter 11: Border Gateway Protocol 42C4911, January 2007 3. Configure internal peer r outer 1 and external peer router 2. 4. Configure r edistribution for Peer 1. 5. Configure aggr egation policy control. Configure the routes that you want aggregated. >> # /cfg/l3/bgp/peer 1 (Select internal peer r outer 1 ...
Nortel Networks 42C4911 - page 187

42C4911, January 2007 187 C HAPTER 12 OSPF Alteon OS supports the Open Shortest Path First (OSPF) routin g protocol. The Alteon OS implementation conforms to the OSPF versio n 2 specifications detailed in Internet RFC 1583. The following sections discuss OSPF support for the GbE Switch Module:  “OSPF Overview” on page 188 . This section prov ...
Nortel Networks 42C4911 - page 188

Alteon OS Application Guide 188  Chapter 12: OSPF 42C4911, January 2007 OSPF Over view OSPF is designed for routing traffic within a single IP domain called an Autonomou s System (AS). The AS can be divided into smaller logical units kn own as ar eas . All routing devices m aintain link in formation in their own Link State Database (LSDB ). The ...
Nortel Networks 42C4911 - page 189

Alteon OS Application Guide Chapter 12: OSPF  189 42 C4911, Januar y 2007  T ransit Area—an area that allows area summ ary information to be exchanged between routing devices. Th e backbone (a rea 0), any area that contains a virtual link to connect two areas, and any area that is no t a stub area or an NSSA ar e considered transit areas. F ...
Nortel Networks 42C4911 - page 190

Alteon OS Application Guide 190  Chapter 12: OSPF 42C4911, January 2007 T ypes of OSPF Routing Devices As shown in Figure 12-2 , OSPF uses the followin g types of routing devices:  Internal Router (IR)—a router that has all of its inte rfaces within the same area. IRs main- tain LSDBs identical to those of other routing devices with in the ...
Nortel Networks 42C4911 - page 191

Alteon OS Application Guide Chapter 12: OSPF  191 42 C4911, Januar y 2007 Neighbors and Adjac encies In areas with two or more routin g devi ces, neigh bors and adjacencies are formed. Neighbors are routing devices that ma intain information about each others’ health. T o establish neighbor relationships, routing devices periodically send he l ...
Nortel Networks 42C4911 - page 192

Alteon OS Application Guide 192  Chapter 12: OSPF 42C4911, January 2007 The Shortest Path F irst T ree The routing devices use a link-state algorithm (Dijk stra’ s algori thm ) to calculate the shortest path to all known destinations, based on the cumu lati ve cost required to reach the destination. The cost of an individual interface in OSPF ...
Nortel Networks 42C4911 - page 193

Alteon OS Application Guide Chapter 12: OSPF  193 42 C4911, Januar y 2007 OSPF Implementation in A lteon OS Alt eon O S supports a single instance of OSPF and up to 4 K routes on the network. The follow - ing sections describe O SPF implementation in Alte on OS:  “Configurable Parameters” on page 193  “Defining Areas” on page 194 ? ...
Nortel Networks 42C4911 - page 194

Alteon OS Application Guide 194  Chapter 12: OSPF 42C4911, January 2007 Defining Areas If you are configuring multiple areas in yo ur OSPF domain, one of the areas must be desig- nated as area 0, known as the backbone . The backbone is the central OSPF area and is usually physically connected to al l other areas. The areas inject rout ing i nfor ...
Nortel Networks 42C4911 - page 195

Alteon OS Application Guide Chapter 12: OSPF  195 42 C4911, Januar y 2007 Using the Area ID to A ssi gn the OSPF Area Number The OSPF area number is defined in the areaid <IP addr ess> option. The octet format is used in order to be compatible with two different systems of notation used by other OSPF net- work vendors. There are two valid ...
Nortel Networks 42C4911 - page 196

Alteon OS Application Guide 196  Chapter 12: OSPF 42C4911, January 2007 Inter face C ost The OSPF link-state algorithm (Dij kstra’ s algorithm) places each ro uting device at the root of a tree and determines the cumulative cost required to reach each destination. Usually , the cost is inversely proportional to the bandwidth of the interface. ...
Nortel Networks 42C4911 - page 197

Alteon OS Application Guide Chapter 12: OSPF  197 42 C4911, Januar y 2007 Default Routes When an OSPF routi ng device encounters traffic for a destin ation address it does not recog- nize, it forwards that traffic along the default r oute . T ypically , the default route leads upstream toward the backbone until it reaches th e intended area or a ...
Nortel Networks 42C4911 - page 198

Alteon OS Application Guide 198  Chapter 12: OSPF 42C4911, January 2007 The OSPF default route configuration can be removed with the command: V irtual Links Usually , all areas in an OSPF AS are physical ly connected to the backbone. In some cases where this is not possible, you can use a virtual link . V irtual links are cr eated to connect one ...
Nortel Networks 42C4911 - page 199

Alteon OS Application Guide Chapter 12: OSPF  199 42 C4911, Januar y 2007 Router ID Routing devices in OSPF areas are identified by a router ID. The router ID is expressed in IP address format. The IP address of the router ID is not required to be included in any IP inter- face range or in any OSPF area. The router ID can be configured in one of ...
Nortel Networks 42C4911 - page 200

Alteon OS Application Guide 200  Chapter 12: OSPF 42C4911, January 2007 Figure 12-4 shows authentication config ured for area 0 with the pa ssword test. Simple authen- tication is also con figured for the virt ual link between area 2 and area 0. Area 1 is not config- ured for OSPF authentication. Figure 12-4 OSPF Authentication T o configure sim ...
Nortel Networks 42C4911 - page 201

Alteon OS Application Guide Chapter 12: OSPF  201 42 C4911, Januar y 2007 3. Enable OSPF authenti ca tion for Ar ea 2 on switch 4. 4. Configure a simple t ext passwor d up to eight charac ters for the virtual link between Area 2 and Area 0 on switches 2 and 4. Use the following commands to configure MD 5 authentication on the switches shown in F ...
Nortel Networks 42C4911 - page 202

Alteon OS Application Guide 202  Chapter 12: OSPF 42C4911, January 2007 6. Assign MD5 key ID to OSPF virt ual link on switches 2 and 4. Host Routes for Lo ad Balancing Alteon OS implementati on of OSPF includes host rout es. Host ro utes are used for advertising network device IP addresses to external networks, accomplishing the following goals: ...
Nortel Networks 42C4911 - page 203

Alteon OS Application Guide Chapter 12: OSPF  203 42 C4911, Januar y 2007 OSPF F eatur es Not Suppor ted in This Release The following OSPF features are not supported in this release:  Summarizing external routes  Filtering OSPF routes  Using OSPF to forward multicast routes  Configuring OSPF on non-b road cast multi-acce ss networks ...
Nortel Networks 42C4911 - page 204

Alteon OS Application Guide 204  Chapter 12: OSPF 42C4911, January 2007 OSPF C onfiguration Examples A summary of the basic steps for configuring OSPF on the GbE S wit ch Mod ule is listed here. Detailed instructions for each of the step s is covered in the following sections : 1. Configure IP interfaces. One IP interface is required for each de ...
Nortel Networks 42C4911 - page 205

Alteon OS Application Guide Chapter 12: OSPF  205 42 C4911, Januar y 2007 Example 1: Simple OSPF Domain In this example, two OSPF areas are defined—one area is the backbone and the other is a stub area. A stub area does not allow advertisements of exte rnal routes, thus reducing the size of the database. Instead, a default summary rou te of IP ...
Nortel Networks 42C4911 - page 206

Alteon OS Application Guide 206  Chapter 12: OSPF 42C4911, January 2007 3. Define the backbone. The backbone is always confi gured as a transit area using areaid 0.0.0.0 . 4. Define the stub ar ea. 5. Attach the network int e rface to the backbone. 6. Attach the network int erf ace to the stub area. 7. Apply and save the co nfiguration changes. ...
Nortel Networks 42C4911 - page 207

Alteon OS Application Guide Chapter 12: OSPF  207 42 C4911, Januar y 2007 Example 2: V irtual Links In the example shown in Figure 12-6 , area 2 is not physically connect ed to the backbone as is usually required. Instead, area 2 will be connected to the backbo ne via a virtual link through area 1. The virtual link must be configured at each end ...
Nortel Networks 42C4911 - page 208

Alteon OS Application Guide 208  Chapter 12: OSPF 42C4911, January 2007 4. Define the backbone. 5. Define the transit area. The area that contains the virtual link must be configured as a transit area. 6. Attach the network int e rface to the backbone. 7. Attach the network int erf ace to the transit area. 8. Configure the virtual link. The nbr ...
Nortel Networks 42C4911 - page 209

Alteon OS Application Guide Chapter 12: OSPF  209 42 C4911, Januar y 2007 Configuring OSPF f or a V ir tual Link on Switch #2 1. Configure IP interfaces on each network that will be attached to OSP F areas. T wo IP interfaces are needed on Switch #2: one for the transit area ne twork on 10.10.12.0/24 and one for the stub area network on 10.10.24 ...
Nortel Networks 42C4911 - page 210

Alteon OS Application Guide 210  Chapter 12: OSPF 42C4911, January 2007 6. Define the stub ar ea. 7. Attach the network int e rface to the backbone. 8. Attach the network int erf ace to the transit area. 9. Configure the virtual link. The nbr router ID configured in this step mu st be the same as the router ID that was config- ured for switch #1 ...
Nortel Networks 42C4911 - page 211

Alteon OS Application Guide Chapter 12: OSPF  211 42 C4911, Januar y 2007 Example 3: Summarizing Routes By default, ABRs advertise all the network a ddresses from one area into another area. Route summarization can be used for consolidating advertised addres ses and reducin g the percei ved complexity of the network. If the network IP addresses ...
Nortel Networks 42C4911 - page 212

Alteon OS Application Guide 212  Chapter 12: OSPF 42C4911, January 2007 Follow this procedure to config ure OSPF support as shown in Figure 12-7 : 1. Configure IP interfaces for each network which will be attached to OSPF ar eas. 2. Enable OSPF . 3. Define the backbone. 4. Define the stub ar ea. 5. Attach the network int e rface to the backbone. ...
Nortel Networks 42C4911 - page 213

Alteon OS Application Guide Chapter 12: OSPF  213 42 C4911, Januar y 2007 7. Configure r oute summariza tion by specifying the starting address and mask of the range of addres ses to be summarized. 8. Use the hide command to preven t a range of addr es ses fr om advertising to the backbone. 9. Apply and save the configuration changes. V erifying ...
Nortel Networks 42C4911 - page 214

Alteon OS Application Guide 214  Chapter 12: OSPF 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 215

42C4911, January 2007 Pa r t 3 : H i g h A v a i l a b i l i t y Fu n d a m e n t a l s Internet traffic consists of my riad services and applications which use the Internet Protocol (IP) for data delivery . However , IP is not optimized for all the various application s . Hig h A vailabil ity goes beyond IP and makes intelligen t switching decisi ...
Nortel Networks 42C4911 - page 216

Alteon OS Application Guide 216 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 217

42C4911, January 2007 217 C HAPTER 13 High A vailability GbE Switch Modules support high-availabil ity network top ologies through an en hanced implementation of the V irtual Router Redund ancy Prot ocol (VRRP). The following topics are discussed in this chapter:  “Layer 2 Failover” on page 218 . This section discusses trunk failover without ...
Nortel Networks 42C4911 - page 218

Alteon OS Application Guide 218  Chapter 13: High Availability 42C4911, January 2007 Lay er 2 F ailov er The primary application for Layer 2 Failover is to support Network Adapter T eaming. W i th Network Adapter T eaming, the NICs on each server all share th e same IP address, and are configured into a team. One NIC is the primary link, and the ...
Nortel Networks 42C4911 - page 219

Alteon OS Application Guide Chapter 13: High Availability  2 19 42C4911, January 2007 Setting the F ailover Limit The failover limit lets you specify the minimum num ber of operational links required within each trigger before the trigger initiates a failover event. Fo r example, if the limit is two ( /cfg/l2/failovr/trigger x/limit 2 ), a failo ...
Nortel Networks 42C4911 - page 220

Alteon OS Application Guide 220  Chapter 13: High Availability 42C4911, January 2007 C onfiguration Guidelines This section provides important inform ation about configuri ng L2 Fai lover:  A failover trigger can monitor multiple static trunks or a single LACP key , but not both.  W i th VLAN Monitor on, the fo llowing addit ion al guideli ...
Nortel Networks 42C4911 - page 221

Alteon OS Application Guide Chapter 13: High Availability  2 21 42C4911, January 2007 Figure 13-2 shows a configuration with two trunks, each in a di fferent Failover T r igger . GbESM 1 is the primary switch for Server 1 and Server 2. GbESM 2 is the primary switch for Server 3 and Server 4. VLAN Monitor is turned on. STP is turned off. If all l ...
Nortel Networks 42C4911 - page 222

Alteon OS Application Guide 222  Chapter 13: High Availability 42C4911, January 2007 Figure 13-3 shows a config urat ion with two trunks. VLA N Moni tor is tu rned off, so only one Failover T rigger is configured on each switch. GbESM 1 is the primary s witch for Server 1 and Server 2. GbESM 2 is the prim ary switch for Se rver 3 and Server 4. S ...
Nortel Networks 42C4911 - page 223

Alteon OS Application Guide Chapter 13: High Availability  2 23 42C4911, January 2007 C onfiguring T runk F ailover The following procedure pertains to example 1, as shown in Figure 1 3-1 . 1. Configure Network Adapter T eaming on the servers. 2. Define a trunk gr oup on the GbESM. 3. Configure Failov er parameters. 4. Apply and verify the confi ...
Nortel Networks 42C4911 - page 224

Alteon OS Application Guide 224  Chapter 13: High Availability 42C4911, January 2007 VRRP Overview In a high-availabili ty netw ork topology , no de vice can create a si ngl e point-of-failure fo r the network or force a single point-of-failure to a ny other part of the netw ork. This means that your network will remain in service despite the fa ...
Nortel Networks 42C4911 - page 225

Alteon OS Application Guide Chapter 13: High Availability  2 25 42C4911, January 2007 There is no requirement for any VRRP router to be the IP addr ess owner . Most VRRP installa- tions choose not t o implement an IP address owne r . For the purposes of this chapter , VRRP routers that are not the IP address owner are called re n t e r s . Maste ...
Nortel Networks 42C4911 - page 226

Alteon OS Application Guide 226  Chapter 13: High Availability 42C4911, January 2007 VRRP Operation Only the virtual router master responds to ARP req uests. Therefore, the upst ream routers only forward packets destined to the master . The mast er also responds to ICMP ping requests. The backup does not forward any traffic, nor does it respond ...
Nortel Networks 42C4911 - page 227

Alteon OS Application Guide Chapter 13: High Availability  2 27 42C4911, January 2007 Fa i l o v e r M e t h o d s W ith service availability becomi ng a major concern on the In ternet, service providers are increasingly deploying Internet traffic control devices, such as application switche s, in red un- dant configurations. T raditionally , t ...
Nortel Networks 42C4911 - page 228

Alteon OS Application Guide 228  Chapter 13: High Availability 42C4911, January 2007 Active-Ac tive Redundancy In an active-active conf iguration, shown in Figur e 13-5 , two switches provide redundancy fo r each other , with both active at the same time. E ach switch processes traffic on a diff erent sub- net. When a failure occurs, the remaini ...
Nortel Networks 42C4911 - page 229

Alteon OS Application Guide Chapter 13: High Availability  2 29 42C4911, January 2007 Hot-Standby Redundancy The primary application for VRRP-based hot-standby is to support Server Load Balanc ing when you have configured Network Adapter T eam ing on your server blades. With Network Adapter T eaming, the NICs on each server share the same IP add ...
Nortel Networks 42C4911 - page 230

Alteon OS Application Guide 230  Chapter 13: High Availability 42C4911, January 2007 Alteon OS extensions to VRRP This section describes the following VRRP enha ncements that are implemented in Alteon OS:  T racking VRRP Router Priority T racking VRRP Router Priority Alteon OS supports a tracking function that dynam ically modifies the priori ...
Nortel Networks 42C4911 - page 231

Alteon OS Application Guide Chapter 13: High Availability  2 31 42C4911, January 2007 V ir tual Router Deplo yment C onsiderations Review the following issues described in this section to prevent ne twork problem s when deploying virtual routers:  Assigning VRRP V irtual Router ID  Configuring the Switch for Tracking Assigning VRR P V ir t ...
Nortel Networks 42C4911 - page 232

Alteon OS Application Guide 232  Chapter 13: High Availability 42C4911, January 2007 The user can implement this behavior by config uri ng the swit ch for tracking as follows: 1. Set the priority for switch 1 to 101. 2. Leave the priority for switch 2 at the default value of 100. 3. On both switches, enable tracking based on ports ( ports ), int ...
Nortel Networks 42C4911 - page 233

Alteon OS Application Guide Chapter 13: High Availability  2 33 42C4911, January 2007 High A vailability C onfigurat ions GbE Switch Modules offer flexibility in implementin g redundant configuratio ns. This section discusses the more useful and easily deployed configuration s :  “Active-Active Confi guration” on page 233  “Hot-Stand ...
Nortel Networks 42C4911 - page 234

Alteon OS Application Guide 234  Chapter 13: High Availability 42C4911, January 2007 T ask 1: Configure GbESM 1 1. Configure clien t and server interfaces. 2. Configure th e defa ult gat e ways. Each default gateway points to a Layer 3 rou t e r . /cfg/l3/if 1 (Select interf ace 1) >> IP Interface 1# addr 192.168.1.10 0 (Define IP addr ess ...
Nortel Networks 42C4911 - page 235

Alteon OS Application Guide Chapter 13: High Availability  2 35 42C4911, January 2007 3. T urn on VRRP and configure tw o V irtual Interface Routers. 4. Enable tracking on ports. Set the priority of V irtual Router 1 to 101, so that it becomes the Master . 5. Configure ports . 6. T urn off Spanning T ree Protocol globally . /cfg/l3/vrrp/on (T ur ...
Nortel Networks 42C4911 - page 236

Alteon OS Application Guide 236  Chapter 13: High Availability 42C4911, January 2007 T ask 2: Configure GbESM 2 1. Configure clien t and server interfaces. 2. Configure th e defa ult gat e ways. Each default gateway points to a Layer 3 rou t e r . /cfg/l3/if 1 (Select interf ace 1) >> IP Interface 1# addr 192.168.1.10 1 (Define IP addr ess ...
Nortel Networks 42C4911 - page 237

Alteon OS Application Guide Chapter 13: High Availability  2 37 42C4911, January 2007 3. T urn on VRRP and configure tw o V irtual Interface Routers. 4. Enable tracking on ports. Set the priority of V irtual Router 2 to 101, so that it becomes the Master . 5. Configure ports . 6. T urn off Spanning T ree Protocol glob ally . Apply and save chang ...
Nortel Networks 42C4911 - page 238

Alteon OS Application Guide 238  Chapter 13: High Availability 42C4911, January 2007 Hot-Standby C onfigura tion The primary application for VRRP-based hot-sta ndby is to support Network Adapter T eaming on your server blades. W ith Network Adapter T eaming, the NICs on each server share the same IP address, and are configured into a t eam. One ...
Nortel Networks 42C4911 - page 239

Alteon OS Application Guide Chapter 13: High Availability  2 39 42C4911, January 2007 Figure 13-8 illustrates a com mon hot-standby implementat ion on a singl e blade server . Noti ce that the BladeCenter server NICs are configured into a team th at shares the same IP address across both NICs. Because only one link can be active at a time, the h ...
Nortel Networks 42C4911 - page 240

Alteon OS Application Guide 240  Chapter 13: High Availability 42C4911, January 2007 2. Configure V irtual Interface Routers. 3. Enable VRRP Hot S t andby . 4. Configure VRRP Group parameters. Set the VRRP priority to 101, so that this switch is the Master . 5. T urn off Spanning T ree Protocol gl obally . Apply and save changes. /cfg/l3/vrrp/on ...
Nortel Networks 42C4911 - page 241

Alteon OS Application Guide Chapter 13: High Availability  2 41 42C4911, January 2007 T ask 2: Configure GbESM 2 1. On GbESM 1, configure the int erfaces for clients (174.14.20. 1 1 1) and serv ers (10.1.1. 1 1 1 ). 2. Configure V irtual Interface Routers. 3. Enable VRRP Hot S t andby . 4. Configure VRRP Gr oup parameters. Use the defa ult VRRP ...
Nortel Networks 42C4911 - page 242

Alteon OS Application Guide 242  Chapter 13: High Availability 42C4911, January 2007 5. T urn off Spanning T ree Protocol gl obally . Apply and save changes. /cfg/l2/stg 1/off (T urn off Spanning T r ee) >> Spanning Tree Group 1# apply (Apply changes) >> Spanning Tree Group 1# save ...
Nortel Networks 42C4911 - page 243

42C4911, January 2007 P ar t 4: Appendices This section describes the following topi cs:  T roubleshooting  RADIUS Server Configuration N otes  Glossary ...
Nortel Networks 42C4911 - page 244

Alteon OS Application Guide 244 42C4911, January 2007 ...
Nortel Networks 42C4911 - page 245

42C4911, January 2007 245 A PPENDIX A T roubleshooting This section discusses some tools to help you troubleshoo t com mon problems on the GbE Switch Modul e:  “Monitoring Ports” on page 246 ...
Nortel Networks 42C4911 - page 246

Alteon OS Application Guide 246  Appendix A: Troubles hooting 42C4911, January 2007 Monitoring P or ts The port mirroring feature in the Alteon O S allows you to attach a sniffer to a monitoring port that is configured to receive a copy of all p ackets that are forwarded from the mirrored port. Alteon OS enables you to mirror port traffic for al ...
Nortel Networks 42C4911 - page 247

Alteon OS Application Guide Appendix A: Troubleshooting  247 42C4911, January 2007 N OTE – T raffic on VLAN 4095 is not mirrored to the external ports. P ort Mirroring behavior This section describes the compo sition of monitored p ackets in the GbE Switch Module, based on the configuration of the ports. If a tagged port's PVID is the sam ...
Nortel Networks 42C4911 - page 248

Alteon OS Application Guide 248  Appendix A: Troubles hooting 42C4911, January 2007 Lay er 3 P ort M irroring (Monitoring Port and Egress P or t in the same GEA) In this scenario, you observe Layer 3 port mirroring on an egress port, and both the egress port and the monitoring port are in the same Gigabit Eth ernet Aggregator (GEA) unit. T o fin ...
Nortel Networks 42C4911 - page 249

Alteon OS Application Guide Appendix A: Troubleshooting  249 42C4911, January 2007 Laye r 3 P or t Mirroring (Both P orts in Different GEAs) In this scenario, you ob serve Layer 3 port mirroring on an egress port, but the egress port and the monitoring port reside on different Gigabit Ethernet Aggregato r (GEA) units. T o find out which GEA unit ...
Nortel Networks 42C4911 - page 250

Alteon OS Application Guide 250  Appendix A: Troubles hooting 42C4911, January 2007 Lay er 3 P ort M irroring (MP P ackets, Both P or ts in the Same GEA) MP packets are generated by the management pr ocessor , such as routing packets between direct interfaces. In this scenario, the mirrored port and the monitoring port reside on the same Gigabit ...
Nortel Networks 42C4911 - page 251

Alteon OS Application Guide Appendix A: Troubleshooting  251 42C4911, January 2007 C onfiguring P or t Mirroring T o configu re port mi rrori ng for the example sho wn in Figure A-1 , 1. Specify the monitoring port. 2. Select the ports that you want to mirror . 3. Enable port mirroring. 4. Apply and save the configuration. >> # /cfg/pmirr/ ...
Nortel Networks 42C4911 - page 252

Alteon OS Application Guide 252  Appendix A: Troubles hooting 42C4911, January 2007 5. V iew the curr ent configuration. >> PortMirroring # cur (Display the current settings) Port mirroring is enabled Monitoring Ports Mirrored Ports INT1 none INT2 none INT3 none INT4 none INT5 none ----- ----- ----- EXT1 none EXT2 none EXT3 (EXT1, in) (EXT ...
Nortel Networks 42C4911 - page 253

42C4911, January 2007 253 A PPENDIX B RADIUS S er v er C onfiguration Not es Use the following informatio n to modify your RADIUS configuration files for the Nortel Networks BaySecure Access Cont rol RADIUS server , to provide authenti cation for users of the GbE Switch Modul e. 1. Create a dictionary file called alteon.dct , with the following con ...
Nortel Networks 42C4911 - page 254

Alteon OS Application Guide 254  Appendix B: RADIUS Server Configuration Notes 42C4911, January 2007 2. Open the dictiona.dcm file, and add the following line (as in the example):  @alteon.dct 3. Open the vendor file ( vendor.ini ), and add th e following data to the V endor -Pr oduct identification list: vendor-product = Alteon Blade-server ...
Nortel Networks 42C4911 - page 255

42C4911, January 2007 255 Glossar y DIP (Destination IP Addr ess) The destination IP address of a frame. Dport (Destination Po r t ) The destination port (applic ation socket: for example, http-80/https-443/DNS-53) NA T (Network Address T ranslation) Any time an IP address is cha nged from one source IP or dest ination IP address to another address ...
Nortel Networks 42C4911 - page 256

Alteon OS Application Guide 256  Glossary 42C4911, January 2007 Vi r t u a l R o u te r A shared address between two devices utiliz ing VRRP , as defined in RFC 2338. One vir- tual router is associa ted with a n IP interfa ce. This is one of t he IP in terfaces t hat the switch is assigned. All IP interfa ces on the GbE Switch Modules must be in ...
Nortel Networks 42C4911 - page 257

42C4911, January 2007 257 Inde x Symbols ............. .............. .............. .............. ............ ..... 161 [ ] ........................ ........... ............... .............. ....... 18 Numerics 802.1Q VLAN tagging ................. .............. .......... 80 A accessing the switch LDAP ............. ........... .............. ...
Nortel Networks 42C4911 - page 258

Alteon OS Application Guide 258  Index 42C4911, January 2007 F Failover ......................... .............. .............. ........218 failover overview ................... .............. .............. .....227 fault tolerance port trunking .............. .............. .............. .......95 fragmenting jumbo frames ....... ............ ...
Nortel Networks 42C4911 - page 259

Alteon OS Application Guide Index  259 42C4911, January 2007 O OSPF area types .................... .............. .............. ... 188 authentication ...... .............. .............. ........... 199 configuration examples .................. ...... 205 to ?? default route ................... .............. .............. 197 external route ...
Nortel Networks 42C4911 - page 260

Alteon OS Application Guide 260  Index 42C4911, January 2007 segments. See IP subnets. service ports ..................... .............. ........... ........127 SNMP ................ .............. .............. .............36, 193 HP-OpenView ...................... .............. ..........36 spanning tree configuration rules ............... ...

Manufacturer Nortel Networks Category Switch

Documents that we receive from a manufacturer of a Nortel Networks 42C4911 can be divided into several groups. They are, among others:
- Nortel Networks technical drawings
- 42C4911 manuals
- Nortel Networks product data sheets
- information booklets
- or energy labels Nortel Networks 42C4911
All of them are important, but the most important information from the point of view of use of the device are in the user manual Nortel Networks 42C4911.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Nortel Networks 42C4911, service manual, brief instructions and user manuals Nortel Networks 42C4911. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Nortel Networks 42C4911.

Similar manuals

A complete manual for the device Nortel Networks 42C4911, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Nortel Networks 42C4911 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Nortel Networks 42C4911.

A complete Nortel Networks manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Nortel Networks 42C4911 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Nortel Networks 42C4911, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Nortel Networks 42C4911, that we can find in the current document
3. Tips how to use the basic functions of the device Nortel Networks 42C4911 - which should help us in our first steps of using Nortel Networks 42C4911
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Nortel Networks 42C4911
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Nortel Networks 42C4911 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Nortel Networks 42C4911?

Use the form below

If you did not solve your problem by using a manual Nortel Networks 42C4911, ask a question using the form below. If a user had a similar problem with Nortel Networks 42C4911 it is likely that he will want to share the way to solve it.

Manual Nortel Networks 42C4911

Summary

Nortel Networks 42C4911 - page 1

Nortel Networks 42C4911 - page 2

Nortel Networks 42C4911 - page 3

Nortel Networks 42C4911 - page 4

Nortel Networks 42C4911 - page 5

Nortel Networks 42C4911 - page 6

Nortel Networks 42C4911 - page 7

Nortel Networks 42C4911 - page 8

Nortel Networks 42C4911 - page 9

Nortel Networks 42C4911 - page 10

Nortel Networks 42C4911 - page 11

Nortel Networks 42C4911 - page 12

Nortel Networks 42C4911 - page 13

Nortel Networks 42C4911 - page 14

Nortel Networks 42C4911 - page 15

Nortel Networks 42C4911 - page 16

Nortel Networks 42C4911 - page 17

Nortel Networks 42C4911 - page 18

Nortel Networks 42C4911 - page 19

Nortel Networks 42C4911 - page 20

Nortel Networks 42C4911 - page 21

Nortel Networks 42C4911 - page 22

Nortel Networks 42C4911 - page 23

Nortel Networks 42C4911 - page 24

Nortel Networks 42C4911 - page 25

Nortel Networks 42C4911 - page 26

Nortel Networks 42C4911 - page 27

Nortel Networks 42C4911 - page 28

Nortel Networks 42C4911 - page 29

Nortel Networks 42C4911 - page 30

Nortel Networks 42C4911 - page 31

Nortel Networks 42C4911 - page 32

Nortel Networks 42C4911 - page 33

Nortel Networks 42C4911 - page 34

Nortel Networks 42C4911 - page 35

Nortel Networks 42C4911 - page 36

Nortel Networks 42C4911 - page 37

Nortel Networks 42C4911 - page 38

Nortel Networks 42C4911 - page 39

Nortel Networks 42C4911 - page 40

Nortel Networks 42C4911 - page 41

Nortel Networks 42C4911 - page 42

Nortel Networks 42C4911 - page 43

Nortel Networks 42C4911 - page 44

Nortel Networks 42C4911 - page 45

Nortel Networks 42C4911 - page 46

Nortel Networks 42C4911 - page 47

Nortel Networks 42C4911 - page 48

Nortel Networks 42C4911 - page 49

Nortel Networks 42C4911 - page 50

Nortel Networks 42C4911 - page 51

Nortel Networks 42C4911 - page 52

Nortel Networks 42C4911 - page 53

Nortel Networks 42C4911 - page 54

Nortel Networks 42C4911 - page 55

Nortel Networks 42C4911 - page 56

Nortel Networks 42C4911 - page 57

Nortel Networks 42C4911 - page 58

Nortel Networks 42C4911 - page 59

Nortel Networks 42C4911 - page 60

Nortel Networks 42C4911 - page 61

Nortel Networks 42C4911 - page 62

Nortel Networks 42C4911 - page 63

Nortel Networks 42C4911 - page 64

Nortel Networks 42C4911 - page 65

Nortel Networks 42C4911 - page 66

Nortel Networks 42C4911 - page 67

Nortel Networks 42C4911 - page 68

Nortel Networks 42C4911 - page 69

Nortel Networks 42C4911 - page 70

Nortel Networks 42C4911 - page 71

Nortel Networks 42C4911 - page 72

Nortel Networks 42C4911 - page 73

Nortel Networks 42C4911 - page 74

Nortel Networks 42C4911 - page 75

Nortel Networks 42C4911 - page 76

Nortel Networks 42C4911 - page 77

Nortel Networks 42C4911 - page 78