Manual Intel 480T

523 pages 5.66 mb

Download

Go to site of 523

Prev Next

Summary

Intel 480T - page 1

A14542-001 100044-00 rev04 Intel ® NetStructure ™ 480T Routing Switch User Guide Intel ® NetStructur e ™ 480T Routing Switch User Guide User Guide User Guide User Guide User Guide ...
Intel 480T - page 2

Copyright © 2001, Intel Corporation. All rights reserved. Intel Corporation, 5200 NE Elam Young Parkway, Hillsboro OR 97124-6497 Intel Corporation assumes no responsibility for errors or omissions in this manual. Nor does Intel make any commitment to update the information contained herein. * Other names and brands may be claimed as the property o ...
Intel 480T - page 3

Contents Contents .............. .................... .............. i Preface ................ .................... ............. 1 Introducti on ....... ....... ......... .......... ....... ......... ......... ....... .... 1 Related Publicati ons .. ....... ........ ....... ......... ......... ........ ..... 2 1: Overview ...................... . ...
Intel 480T - page 4

ii C O N T E N T S AC Connector ........ .......... ......... ....... ......... ......... ........ 10 Seri al Num ber .. ....... .... ....... ...... ..... ...... ....... .... ....... .... . 10 Cons ole P ort ...... ....... ...... ..... ...... ..... ...... ....... .... ....... ... 10 Management Port ............. ........... ............. .......... ...
Intel 480T - page 5

Intel® Ne tStructu re™ 480T Rou ting Switc h User Gu ide iii Viewi ng R MON Infor mat ion . ....... ...... ..... ...... ....... ..... ..... 3 0 To Vi ew RMO N Sta tistic s ....... .... ....... ...... ..... ...... ..... .. 31 4: Using Web Device Manager ... ....... 33 Enabling and Disabling Web Access ....... ......... ........... 33 Sett ing U p ...
Intel 480T - page 6

iv C O N T E N T S Domai n Na me Se rvice Clie nt ..... ....... .... ....... ...... ..... ...... 51 Real-time Basic Connect ivity Checking .......... ........... . 52 Ping ...... ...... ....... ..... ...... ....... .... ....... ...... ..... ...... ..... ..... 52 Trac erout e ....... .... ....... ....... .... ....... .... ....... ...... ..... ...... ...
Intel 480T - page 7

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide v 6: Configuring Ports .......................... 79 Confi guri ng Po rts .... ....... ...... ..... ...... ..... ...... ....... .... ....... . 79 Changing Port Speed and Duplex Setti ng ........... ...... 80 Random Early Detection (RED) .......... ........... ........... . 80 Turning Off ...
Intel 480T - page 8

vi C O N T E N T S Assigning a VLAN Tag ............... ........... ............. ..... 100 Mixing Port-Based and Tagged VLANs ......... .......... 102 Prot ocol-B ase d VLA Ns . ....... .... ....... ...... ..... ...... ..... ... 102 Predefined Pro tocol Filters ......... .......... ......... ....... ... 103 Defi ning P roto col Fi lter s ......... ...
Intel 480T - page 9

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide vii How FDB Entries Get Added ........... ........... .......... ... 121 Associati ng a QoS Profile with an FDB Entry ....... ... 122 Confi guri ng F DB E ntries .... ....... .... ....... ...... ..... ...... ...... 1 22 FDB Configuration Examples 123 Displ ayin g FDB En tries .... ...... ...
Intel 480T - page 10

viii C O N T E N T S Explicit Class of Service Tra ffic Grouping s (802.1p and DiffS erv) .. ....... .... ....... ...... ..... ...... ....... .... ....... .... ....... . 147 Configuri ng 802.1p Priori ty ........ ......... ....... ....... ....... 148 Observing 802.1p Information .... .......... ........... ........ 148 Replacing 802.1p Prior ity In ...
Intel 480T - page 11

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide ix Ensure that EDP is Enabled .......... ......... ......... ........ 169 ESRP and Host Attached Ports ... ....... ........... ......... . 169 Open Shortest Path Fir st and ESRP ........ ....... ........ 169 Determining the ESRP Master ........... ............ ........... .. 170 ESRP Trac ...
Intel 480T - page 12

x C O N T E N T S BGP and OSPF Route Map Support f or Tagging .... 195 BGP and OSPF Route Map Support for DSB Accounting 195 Proxy ARP ................. ................. ............... ............ ....... 196 ARP-Incapable Devices.... ........... ........... ........... ...... 196 Prox y ARP Betw een Sub nets ....... ...... ..... ...... ..... .. ...
Intel 480T - page 13

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xi Triggered Updat es ........ ........... ......... ........... ......... ... 226 Route Adve rtisem ent of VLANs .... ....... .... ....... ....... .. 226 RIP Versi on 1 Compared to RI P Version 2 ....... ...... 226 Overv iew o f O SPF ..... ..... ...... ....... .... ....... .... ....... ...
Intel 480T - page 14

xii C O N T E N T S 14: Bord er Gateway Protocol (BG P) 255 Overv iew .. .... ....... .... ....... ....... .... ....... ...... ..... ...... ....... .... 25 5 BGP A ttrib utes ...... ....... .... ....... ...... ..... ...... ....... .... ....... .. 256 BGP C ommuni ties ....... ...... ....... .... ....... ....... .... ....... ...... 25 6 BGP F eature ...
Intel 480T - page 15

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xiii PIM -SM Con figur ation E xamp le ..... ..... ...... ....... ..... .. 286 Configurati on for ABR1 ..... ........... ........... ........... ...... 287 Displaying IP Mu lticast Routing Settings ......... ......... 287 Deleting and Resett ing IP Multicast Settings ...... ..... 288 16: ...
Intel 480T - page 16

xiv C O N T E N T S Precedence Number s .................. ........... ............. .... 312 Speci fying a D efaul t Rul e ...... .... ....... ....... .... ....... ..... 3 12 The Permit-Establ ished Keyword ........ ........... ......... 313 Adding and Deleti ng Access List Entries ........... ...... 314 Maxi mum Entrie s . ....... .... ....... .. ...
Intel 480T - page 17

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xv Route Ma p Ope ration .. ...... ..... ...... ....... .... ....... ....... .. 34 1 Route Map Ex ample ..... ...... ..... ...... ....... .... ....... ....... . 341 Changes to Route Maps ....... ........... ............ ......... ... 342 Route Maps in BGP .. ..... ...... ....... .... .... ...
Intel 480T - page 18

xvi C O N T E N T S Exte rnal H ealt h Che ckin g ...... .... ....... .... ....... ....... .... . 374 Health Check s for Web Cac he Redirection and Policy Bas ed Routi ng ... ....... .... ....... ...... ..... ...... ....... .... ....... . 375 Layer 4 F lows .. ....... .... ....... ...... ..... ...... ....... .... ....... ... 376 Policy-Ba sed Routi ...
Intel 480T - page 19

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xvii Port Monit oring Display Keys ..... ........... ........... ......... 407 Sett ing t he Sy stem Reco very Leve l ....... ....... .... ....... 408 Logging ..... .......... ............. ........... ............. ........... ......... 408 Local Logging ........ ........... ........... ...
Intel 480T - page 20

Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xviii A: Technical Specificat ions and Supported Limits .................... ........... 431 Technical Spec ification s ..... ........... ......... ......... ......... .. 431 Supported Standards, RFCs and Protocols .......... .... 433 Supported Limits .......... ....... ....... ........ . ...
Intel 480T - page 21

Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xix List of Figu r es Figure 1.1: Intel ® NetStructure ™ 480T routing switch (front) ........................................................................... 9 Figure 1.2: Intel ® NetStructure ™ 480T routing s witch (with and without redundant power supply) ..................... ...
Intel 480T - page 22

xx C O N T E N T S Figure 14.1: Route reflectors ........................................ 257 Figure 14.2: Routing confederation .............................. 258 Figure 15.1: IP multicast routing PIM-DM configuration ex- ample ........................................................................ 285 Figure 15.2: IP multicast routing using PIM- ...
Intel 480T - page 23

Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xxi List of T ables Table 1.1: Switch LEDs .................................................. 11 Table 1.2: Global Factory Defaults ................................. 12 Table 1.3: Media Types and Distances ........................... 14 Table 1.4: 1000LH Specifications .................. ...
Intel 480T - page 24

xxii C O N T E N T S Table 10.7: 802.1p Priority Value-to-Har dware Queue Ma p- ping ................................................................................ 150 Table 10.8: 802.1p Configuration Commands .............. 150 Table 10.9: Default Code Point-to-QoS Profile Mapping .. 152 Table 10.10: Default 802.1p Priority Value-to-Code Point M ...
Intel 480T - page 25

Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xxiii Table 16.2: IPX § Protocol Fil ters and Enca psulation Types 298 Table 16.3: Basic IPX § Commands ............................ 300 Table 16.4: IPX § /RIP Configuration Commands ........ 301 Table 16.5: IPX § /SAP Configuration Commands ........ 302 Table 16.6: IPX § Show Comma ...
Intel 480T - page 26

xxiv C O N T E N T S ...
Intel 480T - page 27

Preface This preface provid es an overview of this user g uide, describes guide conventions, an d lists other u seful publi cations. Intr oduction This use r guide prov ides the in formation you need to con figure th e Intel ® NetS tructu re ™ 48 0T routin g switch. Informati on in the “Late Breaki ng News” shi pped with yo ur sw itch i s mo ...
Intel 480T - page 28

2 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Internet Packet Exchange (IPX) • Server Load Balancing (SLB) • Simple Network Management Prot ocol (SN MP) Related Publications For furt her informat ion refe r to these pub lications: • Comm and Line I nterf ace Re ference Gui de • Intel ® NetStr uctu r e ™ 480T R outing ...
Intel 480T - page 29

Overview The I ntel ® NetStructure ™ 480T rout ing sw itch uses a powerf ul, full- featured software operat ing system for local management of the switch. This chapter offers an overvie w of the switch operation and covers these topic s: • Summary of featur es • Software licensi ng • Hardware specifications and factory defaults • Media t ...
Intel 480T - page 30

4 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • IP Multinetting • Dynam ic Ho st Conf igur ation P roto col (DH CP)/B oots trap Pr otoco l (BOOTP) Relay • Enterpri se Standb y Router Pr otocol (ES RP) • RIP (Ro uting Inf ormation Prot ocol) v ersion 1 and version 2 • OSPF (Open Shortes t Path First) routing protoco l • ...
Intel 480T - page 31

C H A P T E R 1 Overv iew 5 Full-Duplex Support The 480T routing swi tch provide s full-dup lex support for all p orts. Full-du plex mode allows frames to be transmi tted and rec eived simultaneousl y and, in e ffect, doub les the bandwidt h availa ble on a link. All 100/1000 Mbps po rts on the 48 0Tswitch auton egotiate f or half- duplex or f ull- ...
Intel 480T - page 32

6 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Quality of Service (Q oS) See Chapter 10,"Qual ity of Serv ice (QoS)" on page 135. The local managemen t software has Policy- Based Quality of Servi ce (QoS) features th at enable you to sp ecify service levels for d ifferent traffic groups. By defau lt, all t raffic is a ssig ...
Intel 480T - page 33

C H A P T E R 1 Overv iew 7 Load Sharing See “ Con figurin g Port s ” on page 79. Load sharing al lows you to increase b andwidth and resiliency by using a group of ports to carry traffi c in paral lel between systems. The switch ’ s sharing algorithm al lows you to use mu ltiple port s as a single logical p ort. For example, VLANs treat t he ...
Intel 480T - page 34

8 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Full L ayer 3 Functional ity Switches u sing a Full Layer 3 license also sup port other r outing protocol s and functions i n addition to Basi c function s, including: • IP routing using OSPF • IP multicast routing using DVMRP • IP mult icast routing using PIM (D ense or Sparse Mo ...
Intel 480T - page 35

C H A P T E R 1 Overv iew 9 Figure 1.1: Intel ® NetStructure ™ 480T ro uting s witch (front ) For inf ormation on switch LE Ds, refer to "Swi tch LEDs" on page 10. Rear View Figure 1.2 shows two rear view co nfiguratio ns. The second h as a redundan t power supply . Figure 1.2: Intel ® NetStructure ™ 480T routin g switch (with and w ...
Intel 480T - page 36

10 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide AC Connector The 480T routin g switch au tomatica lly adjust s to the su pply vo ltage. The power suppl y unit (PSU) operates down t o 100V, and is suitabl e for bot h 110 VAC and 200- 240 VAC operati on. Serial Number Use this seri al number fo r fault-repo rting purpose s. Console Po ...
Intel 480T - page 37

C H A P T E R 1 Overv iew 11 . T a ble 1.1: Sw itch LEDs LED Color Indicates 1000BASE-X Port Status LEDs (GBIC LEDs) Link/ activity Green Orange Green flashing (st eady) Off Link is present ; port is enabl ed. Frames are being t ransmitted/rec eived on this port. Link is p resent; port is disabl ed. Link is n ot present. 100/1000B ASE-T Port St atu ...
Intel 480T - page 38

12 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Software Factory Defaults Table 1.2 l ists factory def aults for gl obal features. T a ble 1.2: G lobal F actory Defa ults Item Default Setting Serial or T elnet user account admin with no password and user with no password W eb network managemen t Enable d Te l n e t Enab led SNMP acc ...
Intel 480T - page 39

C H A P T E R 1 Overv iew 13 802.1Q taggi ng Packets are u ntagged on the defaul t VLAN. Spanning T ree Prot ocol Disabled for the Intel ® NetStru cture ™ 480T routing switch; enabled for each port in the STPD Forwarding database aging p eriod 300 seconds (5 minutes) IP Routin g Disabled RIP Disabled OSPF Disabled IP multi cast routing Disabled ...
Intel 480T - page 40

14 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Media T ypes, Distances and Specifi cations Table 1.3 describes the media types and distances (cabl e lengths) for the different types of switch ports. T a ble 1.3: M edia T ypes a nd Distances Ty p e Med ia M Hz/Km Rating Maximu m Distance 1000BAS E-SX 50/1 25 µm Multi mode Fiber 50/ ...
Intel 480T - page 41

C H A P T E R 1 Overv iew 15 Table 1.4 describes t he specifications for the 10 00B-LH interface. Optical Output Power The minimu m cable length with out a 10 d B attenuator is 32 kilo meters. The transmi tter output power level fo r the 1000-LH i s +5dBm. The maximum allowable recei ver input power level is -3dBm. Therefore, there is a mi nimum of ...
Intel 480T - page 42

16 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 43

Installation and Setup This chapt er describe s: • Determining the Switch Locat ion • Installing th e Switch • Connecting Equi pment to the Console Por t • Checking the Installation Using the Power-On Self T es t (POST) • Logg ing I n for the Fi rst Time • Upg rading Y our Fir mwar e • Installing the Gigabit In terface Connector (GBIC ...
Intel 480T - page 44

18 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Determining the Switch Locatio n The 480T r outing switch can be free stand ing or mounte d in a standard 19- inch equipmen t rack. Mount ing bracket s are supplied with the s witch . When decidi ng where to install the swi tch, ensure that: • The switch is accessib le and you can co ...
Intel 480T - page 45

C H A P T E R 2 Instal lation a nd Setup 19 4 Replace the screws and fully t ighten with a screwdriver , as shown in Figure 2.1. Figure 2.1: Fitting the m ounting br acket 5 Repeat the two previous steps for the o ther side of the switch. 6 Insert the switch into the 19-i nch rack. Ensure that ventilation holes are not obstructed. 7 Secure the swit ...
Intel 480T - page 46

20 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Free- Standing The 480T r outing switch is supplied wi th four self -adhesive r ubber pads. Y ou can stack up t o four swit ches on top of one another. 1 Apply the pads to t he underside o f the device by sticking a pad in the marked area at ea ch corner of the switch. 2 Place the devi ...
Intel 480T - page 47

C H A P T E R 2 Instal lation a nd Setup 21 If the switch passes the POST, the MGMT LED blinks at a slow rate (1 blink p er second). If th e switch fail s the POST, the MGMT LE D shows a so lid ora nge li ght . Logging In f or the First Time After the sw itch has co mpleted the Power-O n Self T est (POST), it is operational . Then you can log i n t ...
Intel 480T - page 48

22 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Upgrading Y our Firmwar e To upgrad e your Intel ® Ne tStruc ture ™ 480T ro uting s witc h you mus t upgrade the Bo otRom image and firmware. Refer to the Late Br eak ing Ne ws that shipped wi th your switch f or this proc edure. Installing the Gigabit Interface Connector (GBIC) Ens ...
Intel 480T - page 49

Using Intel ® Device View Intel ® Device View is a graphical user interface t hat helps you manage the Inte l NetS tructur e ™ 480T r outing swit ch and othe r supported Intel networking d evices on you r network. Intel De vice View pr ovides these feat ures: • The ability to configure new network devices • A graphical dev ice manager f or ...
Intel 480T - page 50

24 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can instal l both the W indows and the Web ve rsion of Int el Device View. T o Insta ll Intel Device V iew If you mana ge devi ces with Intel De vice View from only one lo cation on the networ k, insta ll the Windo ws § version. 1. Put the Intel Device V iew CD-ROM in your compute ...
Intel 480T - page 51

C H A P T E R 3 Using Int el ® Devi ce Vi ew 25 Starting the Windows § V ersion We recommend you u se the Wind ow version of Int el Device View if you manage de vices from only one l ocation on t he network. To start the Windo ws version: 1 From your deskto p, click Start . 2 Point to Programs > Intel De vice V iew > Intel Device V iew - W ...
Intel 480T - page 52

26 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Installing a New Device After you ’ ve i nstalled a new swi tch on your n etwork, you can u se Intel Device View ’ s Device Install Wizard to co nfigure it for management. T o Install and Configur e a New Switch for Management 1. Start Intel Device V iew . The Device Install W izar ...
Intel 480T - page 53

C H A P T E R 3 Using Int el ® Devi ce Vi ew 27 network. As it discov ers devices, it adds an icon for each de vice to the Device Tree on t he left side of the screen. Different states of the 480T routing swit ch are represented by unique icons in th e Device Tree as indica ted below. Device T ree icons Device T ree root Subnet Intel Switch (if no ...
Intel 480T - page 54

28 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The Device Tr ee works much li ke Windows Explorer : • T o expand the root or a subnet, click the (+) next to the icon. • T o collapse the view , click the (-) next to the icon. • Double-click a device icon to view the device image. T o Add a Device to the Devi ce T ree 1. Right- ...
Intel 480T - page 55

C H A P T E R 3 Using Int el ® Devi ce Vi ew 29 3. I n the Fi nd De vice dialog box, enter the IP address o f the device you want to find in the tree. 4. Cl ick OK . The device ’ s icon is high lighted in the Device T ree. Losi ng Con tact with a D evice If Intel Device Vi ew loses contact with a switch, it re places the switch icon wit h the re ...
Intel 480T - page 56

30 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The Express 480T Web Device Manager appears i n the Intel D evice View window. For comp lete inform ation on usin g Intel De vice View, refe r to the progra m ’ s onlin e help or see th e Intel Devic e View Help file on the installatio n CD-ROM. Vie w i n g R M O N In f o r m a ti on ...
Intel 480T - page 57

C H A P T E R 3 Using Int el ® Devi ce Vi ew 31 switch creates an ev ent (see below). For example, you m ight set an alarm if switch utilization exceeds 30%. • Group 9 Event s — Provides no tification and tells th e switch what to do when an event o ccurs on the netwo rk. Events can send a trap to a trap-r eceiving station, place an entry in t ...
Intel 480T - page 58

32 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 59

Using Web Device Manager Web Device Man ager is devic e-management software runni ng in th e Intel ® NetStru cture ™ 480T routi ng switch. It allo ws you to access t he switch over a TCP/IP network, usi ng a Web browser tha t supports frames and JavaScript § ( such as Netscape Navigator § 3.0 or later, or Mi crosoft Internet Explorer § 3.0 or ...
Intel 480T - page 60

34 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use the none option to remov e a configured access profi le. To displ ay the status of Web a ccess, use this c ommand: show management To disable Web acce ss, use this command: disable web To re-enabl e Web access, use this command: enable web {access-profile [<access-profile> | ...
Intel 480T - page 61

C H A P T E R 4 Usin g Web Devi ce Manag er 35 Accessing W eb Device Manager To access the default home page of the switch , enter this URL in your browser ( substituting t he actual ip add ress): http://<ip_address> When you acce ss the home page o f the system, the Logi n screen appears. En ter your u ser name and password and click OK. If ...
Intel 480T - page 62

36 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Below the task butt ons are options. Options are specifi c to the task button that you select. When y ou select an opt ion, the in formation displayed in the content frame chang es. However, when you select a new task button, the content f rame does not change u ntil you select a new o ...
Intel 480T - page 63

C H A P T E R 4 Usin g Web Devi ce Manag er 37 Status Messages Status messages are displa yed at the top of the content frame. There are four types of status messages: • Infor mation — Displays information that is u seful to know prior to, or as a r esult of, cha ngi ng co nfigur atio n opti ons. • Wa r n i n g — Di splays warnings about th ...
Intel 480T - page 64

38 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Filt ering Inform ation On some pages you ca n click a F ilter button t o display a sub set of informati on for a pa ge. For example, on the OSPF configuration page, you can c onfigure au thenticati on based on the VLAN, area identi fier, or v irtual lin k. Once you select a filtering ...
Intel 480T - page 65

Accessing the Switch This c hapter provid es informat ion to help y ou manage the Intel ® NetS tructu re ™ 480T rout ing switch , including: • Understand ing the Comman d Syntax • Lin e-Edi ting Keys • Command Hi story • Common Co mmands • Configuring Managem ent Access • Real-time Basic Connectivity Checking • Methods of Managing ...
Intel 480T - page 66

40 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To use the command-line i nterface (CLI): Most conf iguratio n comma nds requir e that you ha ve admini strator privil eges. 1. Enter the command name. When entering a command at the promp t, ensure that you have the appropriate pr ivilege level. 2. Enter th e parameter na me and value ...
Intel 480T - page 67

C H A P T E R 5 Accessin g the Switch 41 Command Shortcuts All componen t names must be unique. Name components using the create command. When you enter a co mmand to config ure a named component , you do not nee d to use the keyword of the component. F or example, to create a VLAN, you must enter a unique VLAN name: create vlan engineering After y ...
Intel 480T - page 68

42 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Symbols You may s ee a vari ety of sy mbol s sho wn a s par t of the co mm and syntax. These symbol s explain how to enter the comman d, and you do not ty pe them as part of the command i tself. Table 5 .1 summarizes command syntax symbols. Press the Tab ke y in the command line in ter ...
Intel 480T - page 69

C H A P T E R 5 Accessin g the Switch 43 Line-Editing Keys Table 5.2 describes t he line-editing key s available using the CLI. T a ble 5.2: Lin e-Editi ng Keys Key(s) Description Backspace Deletes charact ers to the left of the cursor and shifts the remainder of the lin e to the le ft. Delete or Ctrl + D Deletes character at t he cursor position a ...
Intel 480T - page 70

44 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Command History The local manag ement software st ores the last 49 c ommands you entered. You can display a l ist of th ese commands by usi ng this command: history Common Co mmands Table 5.3 d escribes common comman ds used to manage t he 480T routing switch. Commands specific to part ...
Intel 480T - page 71

C H A P T E R 5 Accessin g the Switch 45 configure time < date> <time> Configures the sy stem date and time. The format is as follo ws: mm/dd/yyyy hh:mm:ss The time u ses a 24-hour c lock format. configure timezone <gmt_of fset> {aut odst | noautodst } Config ures th e time zone informati on to the configure d off set from Greenwi ...
Intel 480T - page 72

46 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable cli paging Disables pausi ng of the screen display when a show command out put reaches the end of the pa ge. disable idletim eout Di sables the t imer that disconnects all sessions. Once disabl ed, console session s remain open un til the switch is reboot ed or you log of f. T ...
Intel 480T - page 73

C H A P T E R 5 Accessin g the Switch 47 enable telnet {a ccess-profile [<access_pro file> | none]} {port <tcp_port _number>} Enables T elnet access to the switch. By default, T elnet is enabled wit h no access profile, and uses T ransmission Control Protocol ( TCP) port nu mber 23. T o cancel a previously confi gured access profile, us ...
Intel 480T - page 74

48 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring Management Access The local management softwar e supports the se two level s of management: • User • Administrator In additi on to these manag ement levels, yo u can optio nally use an external RADIUS server to prov ide CLI command authorization checking for ea ch comma ...
Intel 480T - page 75

C H A P T E R 5 Accessin g the Switch 49 Pr ompt T ext The prompt text is t aken from th e SNMP sysname setting (see Table 5.8, “ SNMP Configurat ion Commands, ” on page 64) . The number th at follows t he colon indicat es the sequen tial line/ command number . If an asterisk (*) appears in front of the command-line prompt , it indicat es that ...
Intel 480T - page 76

50 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 4. Enter the new p assword at the prompt. 5. Re-enter t he password fo r verification. To add a passwor d to the default user ac count: 1. Log in to the switch using the name admi n . 2. At the pass word prompt , press Ente r , or enter t he password that you have con figured for the a ...
Intel 480T - page 77

C H A P T E R 5 Accessin g the Switch 51 Deletin g an Account To delet e an account, you must have a dministrator pr ivileges. Use this c ommand to delet e an account: delete account <username> The accoun t name admi n canno t be deleted . Domain Name Service Client The Domain Name Service (DNS) cl ient augments the se commands, to all ow the ...
Intel 480T - page 78

52 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Real-time Basic Connectivity Checking Use these commands to ch eck basic connect ivity: • ping • traceroute Ping You can use the ping comma nd to send In ternet Con trol Message Protocol (I CMP) echo messa ges to a remote IP device. The ping command is availab le for both the user ...
Intel 480T - page 79

C H A P T E R 5 Accessin g the Switch 53 T raceroute The traceroute command enab les you to trace the routed path between the switch and a dest ination endstation . The traceroute command syntax is: traceroute [<ip_address> | <hostname>] {from <src_ipaddress>} {ttl <TTL>} {port <port>} where: • ip_address is the IP a ...
Intel 480T - page 80

54 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can use Tel net, a Web browser, or an SNMP manager t o manage the switc h remotely. Th ere can be one console se ssion, one Web session or eight concu rrent Telnet sessions. Using the Console I nterface You can ac cess the built- in CLI of th e 480T r outing switch through the 9-pi ...
Intel 480T - page 81

C H A P T E R 5 Accessin g the Switch 55 Telnet session is lost inadverten tly, the swit ch termin ates the session with in two hours. Before you can start a Telnet session, you must set up the IP parameters de scribed i n the section "Co nfiguring S witch IP Parameters" on page 55 .. Telnet is e nabled by defa ult. To open the Telnet ses ...
Intel 480T - page 82

56 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can enable BOOTP on a per-VLAN basis using this command: enable bootp vlan [<name> | all] By defaul t, BOOTP is enabled on the defaul t VLAN. If you conf igure the 480T routing switch to use BOOTP, th e switch IP address is not ret ained through a power cycle, even if the con ...
Intel 480T - page 83

C H A P T E R 5 Accessin g the Switch 57 login: admin Administrator capabilities en able you to access all switch func tion s. The defau lt user names have no pa ssword s assig ned. 4. If you have been assigned a user name and p assword with admin- istrator privileges, enter them at the login prompt and press Enter . When you have su ccessfully log ...
Intel 480T - page 84

58 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Disconn ecting a T elnet Session An administra tor-level a ccount can disconnect a management session that i s established t hrough Telnet connection. I f this happens, the user logged i n through Te lnet is n otified that t he session is terminated. To terminate a Telnet sessi on: 1. ...
Intel 480T - page 85

C H A P T E R 5 Accessin g the Switch 59 Using Access P r ofiles An access profi le permits or denies a named list of IP addresses and subnet masks. To use a ccess profiles, first define the list, an d then apply the named list to the desir ed applicat ion. Access profiles are u sed by several routi ng switch features as a way to restrict access. A ...
Intel 480T - page 86

60 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The subnet mask spec ified in the access profile command i s interpreted as a reverse mask. A reverse mask indi cates the bits that are significant in the IP address an d specifies the part of the address that must match the IP address to which th e profile is applied. If you conf igur ...
Intel 480T - page 87

C H A P T E R 5 Accessin g the Switch 61 Access Profil e Rules These rules apply when u sing access profiles: • Only one access profile can b e applied to each application. • The access profile can either permit or deny the entries in the profile. • The same access pr ofile can be applied to m ore than one application. Access Profile Example ...
Intel 480T - page 88

62 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide When you acce ss the home page of the swit ch the Lo gon screen appears. Control ling W eb Access By default, Web acc ess is enabled on the routing switch. You can restrict acce ss through th e Web Device Manager u sing an access profile, which pe rmits or denies access to a named list ...
Intel 480T - page 89

C H A P T E R 5 Accessin g the Switch 63 Accessing Sw itch Agents To have access to the SNMP agent in the routing switch, at least one VLAN must have an IP address assigned to it. For more info rmation o n assigni ng IP addr esses, refer to T able 5. 3 on page 44. Supported MIBs Along with private MIB s, the routing switch support s the MIBs listed ...
Intel 480T - page 90

64 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Communi ty strings — Allo ws a simple method of authentication between the 480T routing switch and the remote Network Manager . There are two types of community strings on the switch. Read community strings provide read-o nly access to the switch. The default read-only commu nity ...
Intel 480T - page 91

C H A P T E R 5 Accessin g the Switch 65 configure snmp co mmunity [readonly | readwrite] {encrypt ed} <string> Adds an SNMP read or read/write community string . The default readonly com munity string is public . The de fault readwrite commu nity strin g is private . Ea ch community stri ng can have a maximum o f 127 characters, and can be e ...
Intel 480T - page 92

66 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying S NMP Settings To display the SNMP settin gs configured on the r outing switch, use this co mmand: show management This c ommand disp lays th e follo wing i nformat ion: • Enable/disable state for T elnet, SNMP , and W eb access, along with access profile information • S ...
Intel 480T - page 93

C H A P T E R 5 Accessin g the Switch 67 and then t o the seconda ry RADIUS server, if t he primary doe s not respond. If the RADIUS client is enabled, but access to the RADIUS primary and secondary servers fail, th e routing switch uses its local database for authenticati on. The privil eges assigned to the user (admin versus non-admin) at the RAD ...
Intel 480T - page 94

68 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 5.9: RADIUS ® Comma nds Command Descrip tion configure radius [primary | secondary] server [<ipaddress> | <hostna me>] {<udp_po rt>} client -ip <ipaddr ess> Configures the pri mary and secondar y RADIUS § serv er . Spe cify th e follow ing: • [primar ...
Intel 480T - page 95

C H A P T E R 5 Accessin g the Switch 69 configure radi us-accounting [primary | secondary] server [<ipadd ress> | <hostname>] {< udp_port>} clie nt-ip <ipaddress> Configures t he RADIUS accounting se rver . Specify the foll owing: • [primary | secondary] — Either the primary or s econdary RADIUS server . • [<ipadre ...
Intel 480T - page 96

70 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RADIUS RFC 2138 At tributes The RADIUS RFC 21 38 optional attributes sup ported are: • User-Name • User-Password • Service-T ype • Login-IP-Ho st Configuring T ACACS+ Terminal Access Controller Access Control S ystem Plus (TACACS+) is a mea ns for prov iding authen tication, a ...
Intel 480T - page 97

C H A P T E R 5 Accessin g the Switch 71 T a ble 5.10: T ACACS+ Commands Command Description configure tacacs [primary | secondary] server [<ipaddress> | <hostna me>] {<udp_po rt>} client -ip <ipaddre ss> Configures the server information for a T ACAC S+ ser ver . Spec ify t he fo llow ing: • primary | secondary — Specif ...
Intel 480T - page 98

72 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Simple Network Ti me Pr otocol (SNTP) Theroutin g switch supp orts the clien t portion of the Simple Network Time P rotocol (SNTP) Versio n 3 based on RFC 1769. The switch can use SNTP to upd ate and synchroni ze its interna l clock from a Network T ime Protocol ( NTP) server. When SN ...
Intel 480T - page 99

C H A P T E R 5 Accessin g the Switch 73 Configuring and Using SNTP To use S NTP: 1 Identify the host(s) that are con figured as NTP server(s). 2 Identify th e preferred met hod for ob taining NTP updates. The options are for the NTP server to send out broadcasts, or for switches using NTP to query the NTP server(s) directl y . A combination of bot ...
Intel 480T - page 100

74 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide If the switch cannot obtain the time, i t restarts the query process. Otherwise, the switch waits for the sntp-client update interval bef ore querying again. 6 Optiona lly , you can chan ge the interval for whi ch the SNTP client up dates the real -time clock of the swi tch using this ...
Intel 480T - page 101

C H A P T E R 5 Accessin g the Switch 75 -6:00 -360 CST - Centr al Standa rd Chicag o, Illinois, US A; Mexico City , Mexi co; Saskatchewan, Canada -7:00 -420 MST - Mounta in Standa rd Salt Lake City , Ut ah, USA; Alberta, Cana da -8:00 -480 PST - Pacific St andard Los Angeles, CA. USA; Seattle, WA , U S A -9:00 -540 YST - Y ukon Stan dard Whitehors ...
Intel 480T - page 102

76 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide NTP updates are distribut ed using GMT t ime. To proper ly display the local time in logs and other timestamp information, the switch should be co nfigured with the approp riate offset to GMT based o n geographical location. +4:00 +240 ZP4 - Rus sia Zon e 3 Abu Dhabi, UAE; Muscat; Tbli ...
Intel 480T - page 103

C H A P T E R 5 Accessin g the Switch 77 SNTP Configuration Com mands Table 5.12 describes Simple Networ k T ime Protocol (SNTP) configura tion commands. Pr ess the Tab key i n the command li ne interface for more command o ptions. SNTP Example In this example, the 480T routing switch q ueries a specific NTP server and a backup NTP server. An updat ...
Intel 480T - page 104

78 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 105

Configuring Ports This chapte r describe s how to configure po rts on the Intel ® NetStructure ™ 480T rou ting switch and co vers these topi cs: • Configurin g Ports • Changing Port Speed and Duplex Settings • Jumbo Frames • Load Sharing • Jumbo Frames • Port-Mirr oring • Enterprise Dis covery Protocol Configuring Ports By defaul t ...
Intel 480T - page 106

80 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Changing Port Speed and Duplex Setting By defa ult, the switc h is config ured to u se auto-ne gotiatio n to determine port spe ed and duple x setting for each port. You can manually co nfigure the d uplex setti ng and the spe ed of 100/100 0 Mbps port s, and you can m ...
Intel 480T - page 107

C H A P T E R 6 Config urin g Por ts 81 To tur n on RED, use this comman d: enable red port <portnumber> To configur e the proba bility at which yo u want random earl y detection t o drop packets, use t his command: configure red drop-probability <percent> The percen tage rang e is 0 - 100. T u rning Of f Auto-negotia tion for a GBIC Po ...
Intel 480T - page 108

82 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Enabling Jumbo Fr ames Some ne twork inter face car ds have a con figur ed maximum MTU size that does n ot includ e the additiona l 4 bytes of CRC. Ensu re that the NIC maximum MTU size is at or below th e maximum MTU size conf igured on the switc h . Larger frame s ar ...
Intel 480T - page 109

C H A P T E R 6 Config urin g Por ts 83 IP Fragmentation with Jum bo frames T o set the MTU s ize greater than 1500, al l ports in the VLAN m ust be jumbo-fr ame enabl ed. If an IP packet o riginates in a local net work that allows large packets and that packet t raverses a network that limits pa ckets to a smaller size, the pack et is fragmented i ...
Intel 480T - page 110

84 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de want IP fragm entation only with in a VLAN. This is for in ter-VLAN IP fragm entation only. Fo r intra-VL AN IP fragm entation , all port s in the VLAN must be configure d for jumbo frame support. Load Sharing Load sha ring (also cal led link agg regatio n) using 480T ...
Intel 480T - page 111

C H A P T E R 6 Config urin g Por ts 85 If you do not explicitl y sele ct an algor ithm, the port-ba sed sche me is used. Howev er , the address -based alg orithm has a mor e even distributi on and is t he recomm ended c hoice. You can configu re one of three load-sh aring algorithms: • Port-based • Address- based • Round-ro bin Port-based lo ...
Intel 480T - page 112

86 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de To define a load-shari ng group, you assi gn a group of ports to a single, l ogical port nu mber. To enable or disable a lo ad-sharing group, use the se commands: enable sharing <port> grouping <portlist> {algorithm [port-based | address-based | round- robi ...
Intel 480T - page 113

C H A P T E R 6 Config urin g Por ts 87 T a ble 6.1: Por t Commands Command Descrip tion configure jumbo-frame size <jumbo_frame_mt u> Configures the jumbo fr ame size. The range is between 152 3 and 9216. T he default set ting is 9216. conf igure po rts <portlist> auto off {speed [100 | 1 000]} duplex [ha lf | full] Changes the co nfig ...
Intel 480T - page 114

88 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de disable por ts <portlist> Disables a port. Even when di sabled, the link is availab le for diagno stic purposes. disable sha ring <por t> Di sables a load-sharin g group of ports. enable jumbo-frame ports [<portl ist> | all] Enables rec eption and tra ...
Intel 480T - page 115

C H A P T E R 6 Config urin g Por ts 89 show ports {<por tlist> | mgmt} conf igur atio n Displays t he port configur ation. show ports {<po rtlist> | mgmt} info {detail} Di splays detailed system-rel ated information. show ports {<po rtlist> | mgmt} packet Displays a histog ram of packet statistics. show ports {<por tlist> | ...
Intel 480T - page 116

90 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Port-Mirr oring Port-mirr oring confi gures the switch t o copy all t raffic comi ng in and out of on e or more por ts to a monit or port on the swi tch. You can connect the monitor port to a n etwork analyzer or RMON prob e for packet analysi s. The switch uses a traf ...
Intel 480T - page 117

C H A P T E R 6 Config urin g Por ts 91 Mirr oring IP Multicast T raf fic Due to IGMP snooping, mult icast traffic may cease to be seen on a mirror port. If yo u issue a restart command f or the mirror port or remove and rei nsert the port c onnection, multicast traff ic will resume for the IGMP host time-out period (260 sec onds). Mirr oring Bandw ...
Intel 480T - page 118

92 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Port-Mirr oring Example This example select s port 3 as the mirror port, and sends all t raffic coming into o r out of the swi tch on port 1 t o the mirror p ort: enable mirroring to port 3 untagged configure mirroring add port 1 This next exampl e sends all traffi c c ...
Intel 480T - page 119

C H A P T E R 6 Config urin g Por ts 93 EDP Commands Table 6.3 list s EDP commands. Fo r further comman d options, press the Tab key i n the command line i nterface. T a ble 6.3: EDP Comman ds Command Descrip tion disable ed p ports [<port list> | all ] Disables the E DP on one or more po rts. enable edp port s [<portlist> | all] Enable ...
Intel 480T - page 120

94 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de ...
Intel 480T - page 121

Virtual LANs (VLANs) Setting up Virtual L ocal Area Netw orks (VLANs) on the switch eases many time-con suming tasks of network admi nistration wh ile increasing efficiency i n network oper ations. This chapt er describe s the concept of VLANs and explains how to impl ement VLANs o n the Intel ® NetS tructure ™ 480T routing switc h. Overvi ew of ...
Intel 480T - page 122

96 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLANs Help to Control T raffic With tra ditional n etworks, broad cast traffic ca n cause congestion, because packet s are sent to all network devices, ev en though the data is not needed by all . VLANs increase the efficiency of y our network because each VLAN can be set up to include ...
Intel 480T - page 123

C H A P T E R 7 Virtual L ANs (VLANs) 97 Ty p e s o f V L A N s You can create VLANs based o n these criteria: • Physi cal port • 802.1Q ta g • Ethernet, Logical Link Con trol Service Advertis ing Protocol (LLC SAP), or Logical Link Control Subnetwork Access Protoco l ( LLC/SNAP) Ethernet protoc ol type • MAC address • A combination of th ...
Intel 480T - page 124

98 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide of the same port. Th is means that each VLAN must be configured as a router interface with a u nique IP address. Spanning Sw itches with Port-Based VL ANs To create a port-based VL AN that spans two switches, you must: • Assign the po rt on each switch to the VLAN. • Connect the tw ...
Intel 480T - page 125

C H A P T E R 7 Virtual L ANs (VLANs) 99 • On System 2, ports 1 through 4 a re part of VLA N Accounting and port s 5 through 8, 15, and 16 are part of VLAN Engineeri ng . Figure 7.3: T wo port- based VL ANs span ning two swi tches • VLAN Accounti ng spans System 1 and System 2 by way of a connection between Sys tem 1, port 12 and System 2, port ...
Intel 480T - page 126

100 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide lead to c onnectivi ty proble ms if non-80 2.1Q bridges or r outers ar e placed in the path. Uses of T agged VLANs Tagging is most commo nly used to create VLANs that span switches. The switch-t o-switch connections are t ypically called trunks . Using tags, mult iple VLA Ns can span ...
Intel 480T - page 127

C H A P T E R 7 Virtual L ANs (VLANs) 101 Figure 7.4: Physical di agram of tagge d and unt agged traffic Figure 7.5 sho ws a logical di agram of th e same network. Figure 7.5: Logical di agram of ta gged and unta gged traffic In Figure 7.4 and Figure 7.5: • The trunk por t on each switch carr ies traffic for b oth VLAN Marketi ng and VLAN Sales . ...
Intel 480T - page 128

102 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • The trunk po rt on each switch is tagged. • The server co nnected to port 9 on Sys tem 1 has a NIC that support s 802.1Q t agging. • The server co nnected to port 9 on System 1 is a member of both VLAN Marketi ng and VL AN Sa les . • All other stations use untagged traffic. ...
Intel 480T - page 129

C H A P T E R 7 Virtual L ANs (VLANs) 103 • The remainder of the traffic belongs to the VLAN named MyCompany . • All ports are member s of the VLAN MyCompany . Figure 7.6: Protocol -based VLA Ns Pr edefined Protocol Filters These protocol filters are predefined on the switch: • IP • IPX § • NetBIOS • DECnet § • IPX_8022 • IPX_SNAP ...
Intel 480T - page 130

104 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Defining Protocol Filt ers For more info rmation o n SNAP for Ethernet protocol ty pes, see TR 1 1802-5:1 997 (ISO/ IEC) [ANS I/IEEE std. 802.1H, 1997 Ed ition]. For more info rmation on standa rds see "T ech nical Specifi cations and Supporte d Limits " on page 431. If nece ...
Intel 480T - page 131

C H A P T E R 7 Virtual L ANs (VLANs) 105 Deleting a Protocol Filte r If a p roto col filter is del ete d from a VL AN, th e VL AN is assi gned a protocol f ilter of none . You can continu e to config ure the VLAN. Howeve r, no traffic is forwarded to the VLA N until a protoc ol is assigned to it. Precedence of T agged Packets Over Protocol Filters ...
Intel 480T - page 132

106 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Default VLAN The switch ships with one de fault VLAN that has these properties: • The VLAN name is default. • It includes all the ports on a new or initialized switch. The defa ult VLAN is unt agged on all ports. It has a n internal VLANid of 1. Renaming a VLAN To rename a VLAN, u ...
Intel 480T - page 133

C H A P T E R 7 Virtual L ANs (VLANs) 107 Table 7.2 describe s the commands used to configure a VLAN. Fo r a complete l ist of comman d options, pr ess the Tab key i n the command line in terface. T a ble 7.2: VLA N Config uration Co mmands Command Des cription configure dot1q eth ertype <ether type> Configures an IEEE 802.1Q Ethert ype. Use ...
Intel 480T - page 134

108 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN Configuration Examples Exampl e 1 This exampl e creates a port -based VLAN named acco unting , assigns the IP address 132 .15.121.1, and assi gns ports 1, 2, 3 and 6 to i t: create vlan accounting configure accounting ipaddress 132.15.121.1 configure vl an <name> protocol [ ...
Intel 480T - page 135

C H A P T E R 7 Virtual L ANs (VLANs) 109 configure default delete port 1-3,6 configure accounting add port 1-3,6 Because VLAN names are u nique, you do not need to e nter the keyword vlan after you ha ve created the unique VL AN name. You can use the VLAN n ame alone. Exampl e 2 This example crea tes a tag-based VLAN named video . It ass ig ns th ...
Intel 480T - page 136

110 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create protocol myprotocol configure protocol myprotocol add etype 0xf0f0 configure protocol myprotocol add etype 0xffff create vlan myvlan configure myvlan protocol myprotocol Displaying VLAN Settings To displ ay VLAN settings, use th is command: show vlan {<name>} The show com ...
Intel 480T - page 137

C H A P T E R 7 Virtual L ANs (VLANs) 111 VLAN Statistics You can coll ect statisti cs on a per VLAN basis. Avai lable statist ics include: • Receive and T ransmit Unicast • Receive and T ransmit Multi cast • Receive and T ransmit Broadcast • Receive and T ransmit Byte Co unt . To displ ay VLAN statistics use the command: show vlan stats vl ...
Intel 480T - page 138

112 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can tunnel any number of 8 02.1Q VLANs into a single VLAN that can b e switched t hrough the 48 0T routing swi tch Etherne t infra struc ture. Each tunne l is comple tely isol ated from oth er tunne ls or VLANs. This feat ure is useful i n building t ransparent pri vate networks ( ...
Intel 480T - page 139

C H A P T E R 7 Virtual L ANs (VLANs) 113 The figur e shows a vMAN configu ration with tw o tunnels that have ingress/egress ports o n each 480T routing switch. The switches are conf igured as follows: configure dot1q ethertype 9100 enable jumbo-frame ports 1,2 configure jumbo-frame size 1530 create vlan Tunnel1 configure vlan Tunnel1 tag 50 config ...
Intel 480T - page 140

114 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Specifi c to this con figurati on, a Layer 1 or Layer 2 redunda ncy method would also be employed , such as Spanni ng Tree or oth er protocol av ailable on t he switch. MAC-B ased VL ANs MAC-based VLANs allow ph ysical ports to be mappe d to a VLAN based on the source MAC address l ea ...
Intel 480T - page 141

C H A P T E R 7 Virtual L ANs (VLANs) 115 This example sho w MAC 00:00:00 :00:00:aa is on ly allowed to enter into the VLAN on po rts 10 and 1 1 because of membe rship in group 100: • The group any is equivalent to the group 0 (zero). Ports that are configured as any allow any MAC address to be assigned to a VLAN , re gard less of gro up ass oci ...
Intel 480T - page 142

116 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN association remai ns until the port connection is dropped or the FDB entry ages out. MAC-Based VLAN Commands Table 7.4 describes MAC -based VLAN commands. For a complete list of co mmand option s, press the Tab key i n the command li ne inte rfac e. MAC-Based VLAN Example In the ...
Intel 480T - page 143

C H A P T E R 7 Virtual L ANs (VLANs) 117 • The MAC ad dres s 00:00: 00: 00:00 :01 h as a gro up n umber o f 10 associated with it, and can only be assigned to a VLAN if inserted into port s 5 or 6. • The MAC ad dres s 00:0 0:00: 00:00 :03 h as a gr oup n umbe r of 200 associated with it and can only be inserted into po rts 9 through 12. To cre ...
Intel 480T - page 144

118 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Example For MAC-based VLANs, the downloaded file is an ASCII file that consists of CLI command s used to configure the most recent MAC- to-VLAN database . This fea ture is diff erent from the normal downloa d configur ation comma nd in that it allows incr emental c onfigurati on with ...
Intel 480T - page 145

Forwarding Database (FDB) This chapt er describe s the conten ts of the f orwarding da tabase (FDB), how the FDB works, and how to config ure the FDB. Overvi ew of the FDB The I ntel ® NetStru ctur e ™ 480T routin g switch maintains a dat abase of all media access control (MAC) addresses received on all of its ports. It uses the infor mation in ...
Intel 480T - page 146

120 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can downl oad up t o 7,000 MAC add resses to th e switch when using MAC-based VLANs. You c an create up t o 3,000 VLANs on the s witch . FDB Contents Each FDB entry consi sts of: • The MAC address of the d evice • An identifier for the p ort on which it was received • An ide ...
Intel 480T - page 147

C H A P T E R 8 Forwardin g Databas e (FDB) 121 Perman ent Entrie s All entri es entered through the command line int erface are stored as permanent.Only ent ries designated as P ermanent are retained in the database if t he switch is reset or a power off/ on cycle occur s. A permanent entr y can either be a uni cast or multicast MAC address. The s ...
Intel 480T - page 148

122 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Y ou can enter and update entries u sing a MIB browser , an SNMP Network Manager , or the command line interface (C LI). Associating a QoS Profile with an FD B Entry The swit ch appl ies the QoS profile as soon as the FDB entry is lear ned. You can associate a QoS profile with a M ...
Intel 480T - page 149

C H A P T E R 8 Forwardin g Databas e (FDB) 123 FDB C ONFIGURATION E XAMPLES This example add s a permanent entry to the FDB: create fdbentry 00:A0:C9:12:34:56 vlan marketing port 4 The permanent entr y has these characterist ics: • MAC address is 00:A 0:C9:12:34 :56. • VLAN name is marketing . • Port number for this device is 4. This example ...
Intel 480T - page 150

124 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying FDB Entries To display FDB entr ies, use the command: Show fdb {<mac_address> | vlan <name> | ports <portlist> | permanent} where the following is true: • mac_address — Displays the entry for a particu lar MAC address. • vlan <name> — Display ...
Intel 480T - page 151

Spanning Tree Protocol (STP) Using the Sp anning Tree Protocol ( STP) funct ionality o f the Int el ® NetS tructu re ™ 480T rout ing switch makes y our network mo re fault tole rant . STP is a pa rt of th e 802.1D bridge specificati on defined b y the IEEE (Institute of Electrical and Electronics Engine ers), a standard-setti ng body. To exp lai ...
Intel 480T - page 152

126 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide STPD has it s own Root Bridge a nd active path. Af ter the ST PD is created, you c an assign one or more VLANs to it. A port can bel ong to onl y one STPD. If a port is a member of multiple VLANs, then all those VLANs must belong to the same STPD. Remember these key po ints when confi ...
Intel 480T - page 153

C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 127 • Marketi ng is defined on all switch es (Switch A, Switch B, Switch Y , Switch Z, and Switch M). Two STPDs ar e defined: • STPD1 cont ains VLANs Sales and Personnel. • STPD2 cont ains VLANs Manuf acturing and Engineering. The VLAN Marketin g is a member of the defau lt STPD, but not assigne ...
Intel 480T - page 154

128 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Be careful when configuring your VLANs within a singl e STPD. Figure 9 .2 illustrat es an incorr ect network co nfiguratio n using a single ST PD. The STP co nfiguratio n disables the a b ilit y of the switches t o forward VLAN traffi c. Figure 9.2: T ag-ba sed ST P configur ation -In ...
Intel 480T - page 155

C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 129 Configuring STP We recommend that you d o not confi gure STP paramet ers unless you have consi derable knowl edge and experi ence with S TP. The default STP parameters are adequate for mo st networks. To confi gure STP: STPD, V LAN, and QoS profile nam es mus t be unique. F or example , a name use ...
Intel 480T - page 156

130 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 9.3: S TP Confi guration Comman ds Command Des cription configu re stpd <s tpd_name> a dd vlan <name> Adds a VLAN to the STPD. configu re stpd <stp d_name> fo rwarddel ay <value> S pecifies th e time (in se conds) tha t the ports in this ST PD spen d in ...
Intel 480T - page 157

C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 131 create stpd <s tpd_name> Creates an STPD. When creat ed, an STPD has these default p arameters: • Bridge priori ty — 32,768 • Hello ti me — 2 seconds • Forward delay — 15 seco nds enable ignore-st p vlan <name> Configures t he switch to i gnore the ST P protocol, an d not b ...
Intel 480T - page 158

132 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide STP Configuration Exampl e This example creates and enables an STPD named Backbone_st . It assigns the Man ufact uring VLAN to the STPD. It di sables STP on ports 1 thr ough 7, and port 12. create stpd backbone_st configure stpd backbone_st add vlan manufacturing enable stpd backbone_ ...
Intel 480T - page 159

C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 133 Disabling and Resetting STP To disable S TP or retur n STP setting s to their defa ults, use the commands list ed in Table 9.4. For further command options, press the T ab key in the command l ine interface. T a ble 9.4: ST P Disable an d Reset Commands Command Descri ption delete stpd < stpd_n ...
Intel 480T - page 160

134 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 161

Quality of Service (QoS) This chapt er describe s the conc ept of Quality of Servic e (QoS) and explains how to conf igure QoS on th e Intel ® Ne tStructure ™ 480T rout ing switch. Overvi ew of Policy-Bas ed Quality of Service Policy-base d QoS allows you t o assign specif ic levels of ser vice to differe nt traffic t ypes trave rsing the swi tc ...
Intel 480T - page 162

136 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide prioriti zation parameter s. The bandwidth-mana gement and prioriti zation paramet ers that mod ify the forwardi ng behavior of the switch affect how the switch transmits traffic for a given hardware queue on a phy sical por t. The switch track s and enforces the minimum a nd maximum ...
Intel 480T - page 163

C H A P T E R 10 Quality of Service (QoS) 137 Applications and T ypes of QoS Applicati ons vary sign ificantly i n QoS requirements. T hese applications are o nes that you will most commonly encount er and need to prioritize: • V oice applications • V ideo applications • Critical database applicatio ns • W eb browsing applications • File ...
Intel 480T - page 164

138 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide For example, in t he playback of stored v ideo streams, some applications can t ransmit large amounts of data for multipl e streams in one spike, with the expectation t hat the endstations wil l buffer significan t amounts of v ideo-stream data. T his can present a problem to th e net ...
Intel 480T - page 165

C H A P T E R 10 Quality of Service (QoS) 139 File S erver App licati ons File s ervin g typi cal ly pos es the great est deman d on b andw idt h, although file server appl ications ar e tolerant of l atency, jit ter, and some packet l oss, depending on t he network op erating system and the use of TCP o r UDP. Building Blocks The service that a p ...
Intel 480T - page 166

140 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 2. Assign one o r more traffic g roupings to a QoS p rofile to create a QoS policy . T raffi c group ing — A classification or traffic typ e that has one or more attributes in common . These can range f rom a physical port to a VLA N to IP Layer 4 port in formation. T raff ic groupi ...
Intel 480T - page 167

C H A P T E R 10 Quality of Service (QoS) 141 other queues. The minimum bandwid th for all queues shou ld add up to les s than 90%. The default v alue on all minimum bandwidth parameters is 0%. • Maximum ba ndwidth – The m aximu m per cen tage o f tota l li nk bandwidth that may be transmitted by a hardware queue on a physical port. The d efaul ...
Intel 480T - page 168

142 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring a QoS Pr ofile Table 10.4 lists the comman ds used to configure QoS. For further command options, press t he Tab key in the command li ne interface. T a ble 10.3: Defa ult QoS P rofiles Profile Name Hardwar e Queue Priority Buff er Mini mum Band widt h Maximu m Band widt h ...
Intel 480T - page 169

C H A P T E R 10 Quality of Service (QoS) 143 T a ble 10.4: Q oS Configur ation Com mands Command Des cription conf igur e qo sprof ile <q ospr ofi le> {m inb w <percent>} {maxbw < percent>} {pr iority <level>} {< portlist> | ma xbuf <percent> minbuf <perce nt> [K | M]} Configures a Qo S profile. Sp ecify: ...
Intel 480T - page 170

144 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Modifying a QoS Pr ofile You can modify t he default pr ofiles as desire d. To modify th e parameters of an existin g QoS profile, use this command: configure qosprofile <qosprofile> {minbw <percent>} {maxbw <percent>} {priority <level>} {minbuf <percent> ...
Intel 480T - page 171

C H A P T E R 10 Quality of Service (QoS) 145 IP-Based T r af fic Groupings IP-based traf fic groupi ngs are based on any combin ation of: • IP source or destin ation address • TCP/ UDP or other Laye r 4 pr otoco l • TCP/UDP port in formation IP-based traffic grouping s are defined using access li sts (see chapter 16). By supplyi ng a named Q ...
Intel 480T - page 172

146 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The MAC address options are: • Permanent • Dynamic • Blackhole • Broadcast/un known rate limiting Perm anent MA C Addresses Permanent MAC add resses can be assigned a QoS prof ile whenever traffic is dest ined for the MAC address. Yo u can do this when you create a permanent F ...
Intel 480T - page 173

C H A P T E R 10 Quality of Service (QoS) 147 Broadcast/Unknown Rate Limiting MAC Address IP multic ast traffic is subject to broadc ast and unknown r ate limiting only when IGMP snooping is disable d. Refer to " IGMP Snoop ing" on pag e 278. It is possib le to assig n broadcast and unknown destinat ion packets to a QoS pr ofile th at has ...
Intel 480T - page 174

148 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide be preserved a cross a routed swit ch boundary an d DiffServ cod e points can be observed or over written acr oss a Layer 2 swit ch boundary. Config uring 8 02.1p Prior ity The switch su pports the st andard 802.1p p riorit y bits that are part of a tagged E thernet pack et. The 802. ...
Intel 480T - page 175

C H A P T E R 10 Quality of Service (QoS) 149 As described in T able 10.2, by default a QoS profil e is mapped to a hardware queue, and each QoS profile has confi gurable bandwidth parameters an d priority. In this way, an 802.1p pri ority value detected on ingress can b e mapped to a particular QoS profile wi th specified ban dwidth-manageme nt an ...
Intel 480T - page 176

150 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide that i s used when t ransmitting the packet. T o replace 8 02.1p prior ity information, use the command: enable dot1p replacement ports [<portlist> | all] 802.1p priorit y information is replaced according to the hard ware queue tha t is used when transmitti ng from the switch. ...
Intel 480T - page 177

C H A P T E R 10 Quality of Service (QoS) 151 Configuring Dif fServ Contained in the header of every IP packet is a field for IP Type of Service (TOS), also referred to as the DiffServ fi eld. The DiffServ or TOS fi eld is used by the switc h to determin e the type of service provided t o the packet. Fi gure 10.2 shows t he encapsulati on of an IP ...
Intel 480T - page 178

152 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Observing DiffServ Information When a packet arrives at t he switch on an ingress port , the switch examines the first si x of eight TOS bits. T hese bits are called the code point . The switch can assign the QoS p rofile used to subsequently t ransmit the packet based on the code poi ...
Intel 480T - page 179

C H A P T E R 10 Quality of Service (QoS) 153 You can change the Qo S profile assignmen t for all 64 code poin ts. Use this command: configure diffserv examination code-point <code- point> qosprofile <qosprofile> ports [<portlist>] Once assigned , the rest o f the switches i n the networ k prioritize t he packet using t he charact ...
Intel 480T - page 180

154 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can change the 802.1p prior ity to DiffServ code point mapping to any code point value u sing thi s command: configure diffserv replacement priority vpri <number> code-point <code-point> ports [<portlist>] By doing so, t he hardware queue used t o transmit a pack ...
Intel 480T - page 181

C H A P T E R 10 Quality of Service (QoS) 155 Table 10.1 1 describes th e commands used to configure Dif fServ. For further command opt ions, press the Tab key in the command line interf ace. T a ble 10.1 1: DiffServ Confi guration C ommands Command Des cription configure diffser v examinatio n code-point <code-p oint> qosprof ile <qospr o ...
Intel 480T - page 182

156 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide DiffServ Example In this example, we use DiffServ to signal a class of servi ce through put and assign an y traffic comin g from network 1 0.1.2.x with a speci fic DiffServ code point. T his allows all ot her network switches to send and obser ve the Diffserv co de point i nstead of r ...
Intel 480T - page 183

C H A P T E R 10 Quality of Service (QoS) 157 transmit ted out t o any other port. To config ure a source por t traff ic groupin g, use this co mmand: configure ports [all | mgmt | <portnumber>] qosprofile <qosprofile> In the following ex ample, all traffic sourc ed from port 7 uses the QoS prof ile na med qp3 when being tran smitted. c ...
Intel 480T - page 184

158 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide QoS Monitor The Qo S monito r is a util ity th at moni tors the hardw are q ueues associated wit h any port(s). The QoS mo nitor keeps track of t he number of f rames and the frames per second that a specif ic queue is responsible f or transmit ting on a physi cal port. Two options ar ...
Intel 480T - page 185

C H A P T E R 10 Quality of Service (QoS) 159 • A port is samp led for fiv e seconds before the packets p er second (pps) value is displayed on the screen . Background Performanc e Monitori ng Monitori ng QoS in the background plac es the tran smit counter and any o verflow inform ation into the switch l og. The lo g notific ation appears if one ...
Intel 480T - page 186

160 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • T o display information inclu ding QoS information for the port. show ports info {detail} Modifying a QoS Policy If you chang e the para meters of a QoS profile a fter a QoS po licy was created (by app lying a QoS profile to a t raffic grouping), the timing of the con figuration c ...
Intel 480T - page 187

C H A P T E R 10 Quality of Service (QoS) 161 To se t the maxbuf value on a queue, use th is command: configure qosprofile <qos profile> minbw <per cent> maxbw <percent> priority <priority> maxbuf <n umber> To view the maxbuf c onfiguration, u se this command : show qosprofile Bandwidth Settings and T heir Impact Bandw ...
Intel 480T - page 188

162 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Minimu m bandwi dth sett ings The minimu m bandwidth sett ings determi ne the reser ved port bandwidth avai lable to each queue. Table 10.14 sh ows actual reserved bandwidth for each setting. If the reserved percentage configure d does not match the settings below, it is roun ded up. ...
Intel 480T - page 189

C H A P T E R 10 Quality of Service (QoS) 163 The sum of the minimum bandwi dth values f or the applie d QoS profiles should be kept to less than 90% of available ba ndwidth. If the minimum b andwidth settings exceed 90% it is p ossible, under a sustained situation of over-subscripti on, that a lower prio rity que ue co uld b ecom e “ starved ” ...
Intel 480T - page 190

164 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can uti lize up to eight i ngress rate-sha ping queues per VLAN and eight egress rate-shap ing queues pe r physical por t. By definin g a QoS profi le ’ s minimum and ma ximum bandwidth c orrespondin g to the ph ysical queu e and port, you define co mmitted infor mation rates fo ...
Intel 480T - page 191

C H A P T E R 10 Quality of Service (QoS) 165 • Uni cas t traffic fro m a no n-ra te-s hap ed po rt to a rat e-sha ped port within the VLAN will not be ra te-shaped. • The aggregate for warding bandwidth of all rate- shaped ports in a VLAN is determined by the traffic g roupings and ba ndwidth settings for the QoS p rofiles of the loopback port ...
Intel 480T - page 192

166 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To add rat e-shaped por ts to the VLAN, use the following c ommand: configure vlan <vlan name> add port <portlist > {tagged | untagged} {nobroadcast} soft-rate-l imit To delet e rate-shaped port s from the VLAN, use t he command: configure vlan <vlan name> delete por ...
Intel 480T - page 193

Enterprise Standby Router Protocol (ESRP) Overvie w We recommen d that all switches using E SRP use the sa me versio n of firmware fo r interope rabili ty . S ee "Softw are Upgrade a nd Boot Opti ons" on page 419. Enterp rise Standby Rout er Protocol (E SRP) allows mul tiple switches to provide redundant rout ing service s to users. Fro m ...
Intel 480T - page 194

168 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP-A ware Switches 480T routi ng switches that are not running ESRP, but are connect ed on a netw ork with other 480T rout ing switche s running ES RP, are ESRP-aware. When ESRP-aware switches are attached to ESRP-enabled switches, the ESRP-aware switches rel iably perform failover ...
Intel 480T - page 195

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 169 Multiple E SRP VLANs If multiple ESRP VLANs share a host port, each VLAN must be in an ES RP gr oup. Mixing Clients and Routers on ESRP VLANs ESRP should not be enabled on a VLAN that is also e xpected to exchange r outes with ot her non-ESR P routers ( such as router s using RIP o ...
Intel 480T - page 196

170 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • For a VLAN to be recognized as participatin g in ESRP , the assigned IP addres s or the IPX NetID for the separ ate switches must be ide ntical . Other aspects of the VLAN, including its name, are ignored . • ESRP must be enabled on the desired VLANs for each switch. ESRP can no ...
Intel 480T - page 197

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 171 default priorit y setting is 0. A priority settin g of 255 loses the election and remains in standby mode. • System MAC address — The switch with the higher MAC addr ess has prio rity . ESRP T racking You can use tr acking inf ormation to moni tor various forms of connectiv ity ...
Intel 480T - page 198

172 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide route of the switch, or any d evice meanin gful to networ k connectivity o f the master ESRP switch. The swit ch auto maticall y relinqu ishes ma ster sta tus and remai ns in sta ndby mode if a ping keepalive fail s thre e cons ecutive times. To view the statu s of tracked devices, us ...
Intel 480T - page 199

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 173 Elec tin g th e M aste r Sw itch A new master can be elect ed in one of th ese ways: • A communicated parameter change • Loss of commu nication between master an d slave(s). Whenever a parameter that det ermines the master changes (fo r example, link loss or priority change), t ...
Intel 480T - page 200

174 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP Options ESRP opti ons include: • ESRP Host Attach • ESRP Domains • ESRP Groups • Linking ES RP Switches • Configuring ESRP an d Multinetting • ESR P and S panni ng Tree ESRP Host Atta ch ESRP host at tach (HA) is an op tional ESRP confi guration that allows y ou to co ...
Intel 480T - page 201

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 175 Figure 1 1.1: ESRP hos t attach Other appl ications al low lower-cost redundant r outing configurations, because hosts can be directly attached to the switch involved with ESRP. The ESRP HA feature requires at l east one link between the master and standby E SRP switch for carrying ...
Intel 480T - page 202

176 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide For exampl e, two ESRP switches pr ovide La yer 2 and Layer 3 connectiv ity and redu ndancy for the subnet, whi le anoth er two ESRP switches p rovide Layer 2 co nnectivity and r edundancy for a portion of t he same subnet . Figure 11.2 shows ESRP groups. Figure 1 1.2: ESRP gr oups A ...
Intel 480T - page 203

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 177 Linking E SRP Switches Direct links between ES RP switches are useful under these conditi ons: • When the ESRP switches are routing and supp orting multiple VLANs (where th e master/standby configuration is sp lit so one switch is master for s ome VLANs and a second switch is mas ...
Intel 480T - page 204

178 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide you can comb ine ESRP and STP o n a networ k and a VLAN, but you must do so on se parate devices. Be carefu l to mainta in ESRP co nnectivit y between ESPR maste r and standby switches when yo u design a networ k that uses ES RP and STP. ESRP and VLA N Aggr egation Do not confi gure a ...
Intel 480T - page 205

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 179 • show esrp {detail} — V erifies ESRP is enabled and operational . ESRP Commands Table 11.1 describes the commands used t o configure ESRP. Press the Tab key in the command line inte rface for more com man d option s. Ta b l e 11 . 1 : ESRP Com mands Command Des cription config ...
Intel 480T - page 206

180 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vl an <name> delete t rack-diagnosti c Disables t he priority of the diagnostic failover. configure vl an <name> delete t rack-environment Disables the priority o f the environmental failover . configure vlan <name> delete t rack-ping <ipaddress> f re ...
Intel 480T - page 207

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 181 configure vlan <name> esrp group <number > Configures the ESRP group number . configure vl an <name> esrp priority < value> Configur es the ESRP priority . The range is 0 to 25 5. The higher number has higher priorit y . The default sett ing is 0 . A settin ...
Intel 480T - page 208

182 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP Examples This secti on provides e xamples of ESRP conf igurations. Single VLAN Using Layer 2 and Layer 3 Redund ancy This exampl e, shown in Figure 11.3, uses a number of switc hes that perform Layer 2 switch ing for VLAN Sales. The switch es are multi- homed to the VLAN Sales sw ...
Intel 480T - page 209

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 183 Figure 1 1.3: ESRP ex ample using L ayer 2 and Layer 3 redunda ncy The VLAN Sal es master switch, acting a s master for VLAN Sa les , performs both Layer 2 swit ching and Layer 3 routing services for VLAN Sales . The switch in stan dby mode for VLAN Sales performs neit her, thus pr ...
Intel 480T - page 210

184 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The following command s are used to configu re both VLAN Sales switches. The assumption is that the int er-router bac kbone is running OSPF , with other routed VLANs alrea dy properly configure d. Similar commands would be used to configure a switch on a netw ork runnin g RIP. The pri ...
Intel 480T - page 211

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 185 Figure 11.3 bui lds on Fig ure 11.4, but eli minates t he requirement of Layer 3 red undancy. It has these features: • An additional VLAN, Engineering , is added th at uses Layer 2 redundancy . • The VLAN Sales uses three active links to each upper sw itch. • The VLAN Enginee ...
Intel 480T - page 212

186 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create vlan sales configure sales add port 1-3 configure sales ipaddr 10.1.2.3/24 create vlan eng configure eng add port 1,4 configure eng ipaddr 10.4.5.6/24 enable esrp sales enable esrp eng configure eng esrp priority 5 Displaying ESRP Information To verify the operat ional state of ...
Intel 480T - page 213

C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 187 Then, se t the pri ority of environmenta l failover using t he command: configure vlan <vlan name> add track-environm ent failover <priority> Disable t he priority of environmen tal failove r, using this command: configure vlan <vlan name> delete track-envir onmen ...
Intel 480T - page 214

188 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 215

IP Unicast Routing This chapt er describe s how to config ure IP rou ting on the In tel ® NetS tructu re ™ 480T routing switch . It assumes that you are al ready familiar wi th IP unica st routing . If not, refer to the se publica tions for additi onal info rmation: • RFC 1256 — ICMP R outer Discovery Messag es • RFC 1812 — Requi r ement ...
Intel 480T - page 216

190 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Policy-Based Routing and Route Load-Sharing Policy-base d routing i s used to alte r the normal ly calculated n ext- hop route, whi ch is based on the route t able. This same a lteration can also load-share acr oss multiple routers. It im plies a set of ru les or policies that take pr ...
Intel 480T - page 217

C H A P T E R 12 IP Unicast Routing 191 Router Interfaces The rou ting softwar e and hardware mov e IP tra ffic between router interfaces. A router interface i s simply a VLAN that has an IP address assigned to it. As you create VLANs wi th IP addresses bel onging to di fferent IP subnets, you can also choose to route between the VLANs. Both the VL ...
Intel 480T - page 218

192 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Populating the Routing T able The 480T r outing switc h maintains an IP routing table for bot h network rou tes and host ro utes. The table is populated fr om these sources: If you defin e a default route, and later del ete the VLA N on t he su bnet associ ated wit h it, the now-inv a ...
Intel 480T - page 219

C H A P T E R 12 IP Unicast Routing 193 Multiple Rout es When there are multiple, conflict ing choices of equal-cost rout es to a partic ular destin ation, th e router p icks the ro ute with th e longe st matching networ k mask. If these are stil l equal, the rout er picks the route using these crite ria (in this or der): 1. Directly attached netwo ...
Intel 480T - page 220

194 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Direct • Static • RIP • OSPF • BGP These route maps mat ch the various characteristics of t he route based on the originati ng protocol and set the ac counting ind ices. Use this command to configure route maps: configure iproute route-map [bgp | direct | e-bgp | i-bgp | o ...
Intel 480T - page 221

C H A P T E R 12 IP Unicast Routing 195 enable ospf export [bgp | i-bgp | e-bgp] [[cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route map>] enable ospf export vip [[cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route map>] BGP and OSPF Route Map Support for T a gging The 480T rou ting swi ...
Intel 480T - page 222

196 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Proxy ARP Proxy Address Resolution Protoc ol (ARP) was f irst invent ed so that ARP-capable d evices could respon d to ARP request packets on behalf o f ARP-incapabl e devices. Proxy ARP can also be used t o achieve rout er redundan cy and simplif y IP client co nfigurat ion. The swit ...
Intel 480T - page 223

C H A P T E R 12 IP Unicast Routing 197 For example, an IP ho st is configured with a cl ass B address of 100.101. 102.103 and a ma sk of 255.255.0.0 : • The switch is configured with the I P address 100.101 .102.1 and a mask of 25 5.255.255. 0. • The switch is also conf igured with a proxy AR P entry of IP address 1 00.101.0.0 and mask 25 5.25 ...
Intel 480T - page 224

198 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To change the rel ative route priorit y, use this command: configure iproute priority [rip | bootp | icmp | static | ospf-intra | ospf-inter | e-bgp | i-bgp | ospf-extern1 | ospf-extern2] <priority> IP Multinetting IP mult inetting i s used in many lega cy IP netw orks to overla ...
Intel 480T - page 225

C H A P T E R 12 IP Unicast Routing 199 IP Mul tinetti ng Operat ion Multinett ed VLAN groups must conta in identical port assignm ents. To use IP multinett ing, follow these steps: 1. Select a port where you want IP multinettin g to run, for example, port 2. 2. Remove the port from th e default VLAN, using this command: configure default delete po ...
Intel 480T - page 226

200 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP Mu ltinetting Examples This example co nfigures the switch to hav e one multinetted segment (po rt 5) that contains thr ee subnets (192 .67.34.0, 192.67.35.0, a nd 192.67.37.0 ): configure default delete port 5 create protocol mnet create vlan net34 create vlan net35 create vlan ne ...
Intel 480T - page 227

C H A P T E R 12 IP Unicast Routing 201 configure net35 protocol mnet configure net37 protocol mnet config net34 add port 5 config net35 add port 5 config net37 add port 5 configure default delete port 8,9,10 create vlan net36 create vlan net45 configure net36 ipaddress 192.67.36.1 configure net45 ipaddress 192.99.45.1 configure net36 protocol ip c ...
Intel 480T - page 228

202 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 5. T urn on RIP or OSPF using on e of these commands : enable rip enable ospf V erifying the IP Unicast Routing Configuration Use the show iproute command to d isplay the cu rrent configuration of IP unicast routing for t he switch and for each VLAN. The show iproute command displays ...
Intel 480T - page 229

C H A P T E R 12 IP Unicast Routing 203 • The subVLANs use the IP addres s of the superVLAN as the def ault rout er a ddre ss. • Groups of clients are then assig ned to subVLANs that h ave no IP address, but are member s of the superVLAN. • Clients can be informally allocated any valid IP addresses within the subnet. Optionally , you can prev ...
Intel 480T - page 230

204 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In Figure 12.2, a ll stations are co nfigured to use t he address 10.3.2.1 for the defaul t router. VLAN Aggregation Pr operties These properties ap ply to VLAN aggregation o peration: • All broadcast and unknown tr af fic remains local to the subVLAN and d oes no t cros s the subVL ...
Intel 480T - page 231

C H A P T E R 12 IP Unicast Routing 205 SubVLAN Address Range Checking The use o f static A RP entries associ ated with superV LANs o r sub- VLANs is not su pported. Sub-VLAN address range s can be config ured on each subVLAN to prohibit the entry of I P addresses from hosts outside of th e configure d range. To configur e a subVLAN range u se this ...
Intel 480T - page 232

206 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN Aggregation Example The foll owing e xampl e illustra tes how to co nfigure VLAN aggregation. The VLAN vsuper i s created as a superVLAN, and subVLANs vsub1 , vsub 2 , and vsub3 are ad ded to it. 1. Create and ass ign an IP address to a VLAN des ignated as the sup erVL AN. Th is ...
Intel 480T - page 233

C H A P T E R 12 IP Unicast Routing 207 2. Create and add ports to the su bVLANs: create vlan vsub1 configure vsub1 add port 8-10 create vlan vsub2 configure vsub2 add port 11-13 create vlan vsub3 configure vsub3 add port 15-16 3. Configu re the su perVLAN by addi ng the subV LANs: configure vsuper add subvlan vsub1 configure vsuper add subvlan vsu ...
Intel 480T - page 234

208 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Configure the addr esses, where you want to d irect DHCP or BOOTP requests, using th is command: configure bootprelay add <ipaddress> To delete an entry, us e this command : configure bootprelay delete {<ipaddress> | all} V erifying the DHCP/BOOTP Relay Configuration T ...
Intel 480T - page 235

C H A P T E R 12 IP Unicast Routing 209 Configuring UDP Forwarding To configur e UDP forwar ding, the you mu st first create a UDP- forward dest ination profi le. The profil e describes the types of UDP packets (by po rt number) that are used, and where they are to be forwarded. You must give the profile a uniqu e name, in th e same manner as a VLA ...
Intel 480T - page 236

210 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Y ou can alter the default settings for security reasons, by restricting the su ccess of tools that could be used to find information on an importan t application, host, or topology . • For ICMP packets that are typically routed, you can app ly access lists to res trict forwardi ...
Intel 480T - page 237

C H A P T E R 12 IP Unicast Routing 211 IP Commands Table 12.4 describes the commands used t o configure basic IP settings. For more command options, press the Tab key in the command line interface. configure vlan <name> udp- profile <profile_name> Assigns a UDP-forwarding profile to the source VLAN. Once the UDP profile is associated w ...
Intel 480T - page 238

212 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 12.4: Ba sic I P Comm ands Command Des cription clear iparp {<ipadd ress> | vlan <name>} Removes dynamic en tries in the IP ARP table. Permanent IP ARP entries are not af fected. clear ipfdb {<ipadd ress> | vlan <name> } Removes t he dynamic entr ies in ...
Intel 480T - page 239

C H A P T E R 12 IP Unicast Routing 213 conf igur e iparp ti meout <m inut es> Confi gures the IP ARP timeout period. The defau lt setting is 20 mi nutes. A setting of 0 disables ARP agi ng. The maximum aging t ime is 32 minutes. configu re tcp-sync-r ate <number_sync_p er_sec> Configu res a limi t for the s witch to process TCP conn ec ...
Intel 480T - page 240

214 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 12.5 descri bes the commands used t o configure t he IP route table. Fo r more command op tions, press the T ab key in the command line in terface. enable boot prelay Enables t he forwarding of BOOTP and Dynamic Host Confi guration P rotocol (DHCP) requests. enable ipforward ing ...
Intel 480T - page 241

C H A P T E R 12 IP Unicast Routing 215 configure iproute add blackhole <ipaddress> <mask> Adds a blackhole address to the routing table. All traf fic destined for the configured IP address is d ropped, and no I nternet Control Message Protoco l (ICMP) messa ge is generate d. configure ip route add default < gateway> {<metric&g ...
Intel 480T - page 242

216 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T able 1 2.6 describes th e commands used to config ure IP options and the ICMP prot ocol . For more comman d options, press the Ta b key in the command line interface . T a ble 12.6: ICMP Config uration Comma nds Command Des cription configure ird p [multicast | broadcast ] Configure ...
Intel 480T - page 243

C H A P T E R 12 IP Unicast Routing 217 enable icmp add ress-mask vlan [<name> | all] Enables an ICMP address-mask rep ly (type 18, code 0) when an ICMP address mask request is received .The default settin g is enabled. If a VLAN is no t specified, the command applies to all IP interfaces. enable ic m p parameter -problem vlan [<nam e> ...
Intel 480T - page 244

218 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable icmp unrea chables vlan [<name> | all] Enables ICMP network-unreacha ble messages (type 3, c ode 0), and host unreachable messag es (type 3, code 1) when a packet cannot be forwarded to th e destination becau se of an unreachab le route or host. The default setting is ena ...
Intel 480T - page 245

C H A P T E R 12 IP Unicast Routing 219 Routing Configuration Example Figure 12.3 illustrates a 48 0T routin g switch with three VLA Ns defined as: • F inancea ddress 192.207.35.1 • protocol s ensitive V LAN using the IP protoco l • Ports 1 and 3 are assigned • IP ad dre ss 19 2.20 7.35 .1. • Personnel • Protocol-sensitive VLAN usin g t ...
Intel 480T - page 246

220 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The stati ons connected to po rts 1 through 4 gen erate a combinati on of IP traffic and NetBIOS traffic. The IP traffic is filtered by the protocol-s ensitive VLANs. All other traf fic is directed to the VLAN MyCompany . In this c onfigurati on, all IP traffic fr om stations c onnect ...
Intel 480T - page 247

C H A P T E R 12 IP Unicast Routing 221 Resetting and Disabling Route r Settings To retu rn router sett ings to their def aults and di sable routing functions, u se the commands l isted in Tab le 12.8. For mor e command opti ons, press the Tab key in the command line int erface. show iparp {<ipaddress | vl an <name> | permanent} Display s ...
Intel 480T - page 248

222 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable bo otp vlan [<name > | all] Disables the generat ion and proce ssing of BOOTP packets. disable bo otprelay Disables the forw arding of BOOTP req uests. disable icmp < packet-typ e> vlan [<name>] Disables ICMP pa rameter -problem message s. If a VLAN is not sp ...
Intel 480T - page 249

RIP and OSPF This chapt er describe s the inte rior routi ng protocol s available on the Intel ® Ne tStructure ™ 480T routi ng switch, RIP and OSPF. It assumes that you are already famili ar with IP unicast routing. If not, refer to these publicat ions: • RFC 1058 — Rout ing Informat ion Pr otocol (RIP) • RFC 1723 — RIP V er sion 2 • R ...
Intel 480T - page 250

224 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Distinguis hing RIP and OSPF The di stinction b etween R IP and OSPF lies in the fundame ntal difference s between distance -vector protoco ls and link- state protocols. Using a di stance-vector prot ocol, each router creates a unique r outing tab le from summariz ed informat ion obta ...
Intel 480T - page 251

C H A P T E R 13 RIP an d OSPF 225 Overvie w of RIP RIP is an IGP first used in compu ter routing in the Adva nced Research Projects Agency Network (ARPAnet) as early as 1969. It is primari ly intended for use in ho mogeneous netwo rks of moderate size. To determine the best path to a di stant network, a router usin g RIP always selects the path th ...
Intel 480T - page 252

226 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T riggered Updates Triggered updat es occur whenever a route r changes the metric for a route, and it is required to send an upda te message immediately, even if it is not yet time for a regular update message to be sent . This will general ly result in faster converg ence, but may a ...
Intel 480T - page 253

C H A P T E R 13 RIP an d OSPF 227 Link-State Database Upon initializ ation, each router tra nsmits a link-state advertisemen t (LSA) on each o f its interfaces. LSAs are collected by each router and entered into the LSDB of each rout er. OSPF uses flooding t o distr ibute LSAs betwee n rout ers. A ny cha nge in routin g infor matio n is sent to al ...
Intel 480T - page 254

228 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Area Border Router (ABR): An ABR has interfaces in multiple areas. It is r esponsible for ex changing summary advertisements with other ABRs. Y ou can create a maxi mum of 7 non-zer o areas. • Autonomous Sys tem Border Router (ASBR): An ASBR acts as a gate way be tween OSPF an d ...
Intel 480T - page 255

C H A P T E R 13 RIP an d OSPF 229 • External routes originating from an ASBR con nected to the NSSA can be advertised within the NSSA. • External routes originating from the NSSA can be propagated to other areas, in cluding the backbone ar ea. The comma nd to contro l the NSSA function is si milar to the command used for co nfiguring a stub ar ...
Intel 480T - page 256

230 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 13.1: V irt ual li nk for stub area You can use virt ual links to repai r a discontiguo us backbone area. I n Figure 13.2, if th e connection between ABR1 and the backbone fails, the ABR2 co nnection pr ovides redunda ncy so the disco ntiguous area continues t o communicate wit ...
Intel 480T - page 257

C H A P T E R 13 RIP an d OSPF 231 OSPF Database Overflow The OSPF Databa se Overflow feat ure allows you to both li mit the size of the LSDB an d maintain a consistent LSDB across a ll the routers in the system. Maintaining a consistent L SDB across all the routers in t he domain ensures that all router s have a consist ent view of the network. Ma ...
Intel 480T - page 258

232 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To reconfigure an OSPF interface as a normal interface: configure ospf add vlan <vlan name> area <area identifier> To display passive interface configurat ion: show ospf interfaces [detail] Routing with OSPF Set the RouterID We recommend manually se tting the rout erID of ...
Intel 480T - page 259

C H A P T E R 13 RIP an d OSPF 233 Figure 13.3: Ro ute re distr ibuti on Configuring Route Redistribution Exporting routes from OSPF to RIP, and from RIP to OSPF, are discrete co nfiguration func tions. To run OSPF and RIP simultaneousl y, first confi gure both p rotocols, and th en verify the independe nt operati on of each. Then you can configu r ...
Intel 480T - page 260

234 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These commands enabl e or disable the exporting of RIP, static, and direct rout es by way of LSAs to other OSPF routers as Autonomous System ( AS)-external type 1 or t ype 2 routes. The d efault se tting is disabled. The cost metric is inserted for all RIP-learned, stat ic, and direct ...
Intel 480T - page 261

C H A P T E R 13 RIP an d OSPF 235 OSPF Timers and Authentication Configuri ng OSPF ti mers and aut hentication on a per-ar ea basis is a shortha nd for applyi ng the timer s and authenti cation to ea ch VLAN in the are a at the time of con figuration . If you add more VLANs to the area, be sure to configure t he timers and authent ication for the ...
Intel 480T - page 262

236 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can make dy namic changes to the ro ute map. Direct and Static route chan ges are reflected immedi ately, while RIP, OSPF, and BGP changes are refle cted within 30 seconds. Route Map Support for OSPF Export When OSPF is en abled the rout e map is applied on each and every route ex ...
Intel 480T - page 263

C H A P T E R 13 RIP an d OSPF 237 BGP and OSPF Route Map Support for DSB Accounting Route map supp ort for BGP and OSPF acco unting allows you t o set the cost and type of t he exported rou tes. Use this command t o enable account ing: configure route-map <route-map> <sequence number> [add | delete] set [as-path <as no> | communi ...
Intel 480T - page 264

238 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure rip Rxmode [no ne | v1only | v2only | any] {vlan [<name> | al l]} Changes the RIP receive mo de for one or all VLANs. Specify: • none — Drop all received RIP packets. • v1only — Accept only RIP v1 for mat packets. • v2only — Accept only RIP v2 for mat packe ...
Intel 480T - page 265

C H A P T E R 13 RIP an d OSPF 239 enable rip aggreg ation Enables agg regation of subnet inf ormation on interfac es configured t o send RIP v2 or RIP v2- compat ible traffic. The 48 0T routin g switch summarizes subnet routes t o the nearest class network route. These rules apply when u sing RIP aggre gation: • Subnet routes ar e aggregated to ...
Intel 480T - page 266

240 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RIP Configuration Example Figure 13. 4 illustrates a switch that has three VLANs defined as follows: Financ e • Protoc ol-sensitiv e VLAN usi ng the IP pr otocol • Ports 1 and 3 have been assigned • IP address 192.207.35.1 Personnel • Protoc ol-sensitiv e VLAN usi ng the IP pr ...
Intel 480T - page 267

C H A P T E R 13 RIP an d OSPF 241 MyComp any • Port-based VLAN • All port s have been ass igned Figure 13.4: RIP configur ation ex ample The stations con nected to the system gen erate a combination of IP traffic and NetBIOS § traffic. The IP traffic is filtered by the protoco l- sensitive VLANs. All other t raffic is directed to the VLAN MyC ...
Intel 480T - page 268

242 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure Finance add port 1,3 configure Personnel add port 2,4 configure MyCompany add port all configure Finance ipaddress 192.207.35.1 configure Personnel ipaddress 192.207.36.1 enable ipforwarding configure rip add vlan all enable rip Displaying RIP Settings To display settings fo ...
Intel 480T - page 269

C H A P T E R 13 RIP an d OSPF 243 Configuring OSPF Each switch co nfigured t o run OSPF must hav e a unique r outerID. We recommended manuall y setting the routerID of the switc hes participat ing in OSPF, instead of having each swit ch automatically choose its rout erID based on the highest interface IP address. Not performing this c onfiguration ...
Intel 480T - page 270

244 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 13.5: O SPF Configu ration Com mands Command Descript ion configure ospf [area <areaid> | vlan [<name> | a ll]] cost [ automatic | <number>] Configures t he cost metri c of one or a ll VLAN(s). If an area is specified, the cost metric is applie d to all VLANs ...
Intel 480T - page 271

C H A P T E R 13 RIP an d OSPF 245 configure ospf [vl an <name> | area <areai d> | virtual -link <ro uterid> <ar eaid>] timer <re transmit_ interval> <t ransmit delay > <hello inte rval> <d ead interva l> Configures t he timers for one interfac e or all interfaces in th e same OSPF area. These are the ...
Intel 480T - page 272

246 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure ospf area <areaid> [interarea- filter | external-filter] [<access-profile> | none] Configures an OSPF area specifying filter and access profile. configure ospf asbr- filter [<access_prof ile> | none] Configures a r oute filter for non-OSPF routes exported i ...
Intel 480T - page 273

C H A P T E R 13 RIP an d OSPF 247 conf igur e osp f rout erid [aut omat ic | <rou terid> ] Configures the OSPF rout erID. If automa tic is specified, the 4 80T routing switch uses t he large st IP interface address as the OSPF routerID. Man ual routerI D setting is recommended. configure ospf spf-ho ld-time <seconds> Configures t he mi ...
Intel 480T - page 274

248 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable ospf export static cost <metric> [ase-type-1 | ase-type- 2] {tag <number>} Enables the d istributio n of static route s into the OSPF domain. Once enabled, the OSPF router is considered to be an ASB R. The default tag number is 0 . The default sett ing is disabled. ...
Intel 480T - page 275

C H A P T E R 13 RIP an d OSPF 249 OSPF Configuration Example Figure 13.5 sh ows an exampl e of an au tonomous syst em using OSPF routers. The details of thi s network follow. Figure 13.5: OSPF co nfiguration exampl e Area 0 is the backbone area and has these charact eristics: • 2 int ernal rout ers (IR1 and IR2) • 2 area border routers (ABR1 a ...
Intel 480T - page 276

250 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Network numbe r 10.0.x.x • 2 identif ied VLANs (A0_10_0_2 and A0_10 _0_3) Area 5 is conn ected to the backb one area throug h ABR1 and ABR2, having t hese characteristics: • Network numbe r 160.26.x.x • 1 identif ied VLAN (A5_160_2 6_26) • 2 intern al route rs • A virtua ...
Intel 480T - page 277

C H A P T E R 13 RIP an d OSPF 251 configure vlan A5_160_26_26 ipaddress 160.26.26.1 255.255.255.0 create ospf a rea 0.0.0.5 create ospf a rea 0.0.0.6 enable ipforwarding configure ospf area 0.0.0.6 stub nosummary stub- default-cost 10 configure ospf vlan A6_161_48_2 area 0.0.0.6 configure ospf vlan A5_160_26_26 area 0.0.0.5 configure ospf add virt ...
Intel 480T - page 278

252 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying OSPF Settings To display settings f or OSPF, use the commands listed in Table 13.6. For more co mmand option s, press the Tab key i n the command li ne interface. T a ble 13.6: O SPF Show Commands Command Description show ospf Displays global OSPF infor mation. show ospf ar ...
Intel 480T - page 279

C H A P T E R 13 RIP an d OSPF 253 Resetting and Disabling OSPF Settings To return OSPF settings to th eir defaults, use the commands listed in Table 13. 7. For more command o ptions, press t he Tab key in the command line i nterface. T a ble 13.7: O SPF Reset an d Disable Commands Command Description delete ospf area [<areaid> | all] Deletes ...
Intel 480T - page 280

254 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 281

1 Border Gateway Protocol (BGP) This chapt er describe s how to config ure the Border Gat eway Protocol (BGP), an ex terior r outing pr otocol avai lable on the Inte l ® NetStr uctu re ™ 480T rou ting switch. For IEEE s tandards informa tion, refer to http://stan dards.ieee. org For more information on BGP , refer to these documents: • RFC 177 ...
Intel 480T - page 282

256 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can use BGP a s an exterior border gateway protocol (E BGP), or you can u se it within an AS, as an interi or borde r gateway protocol (I BGP). BGP Attributes These well-kn own BGP attr ibutes are supp orted by the 480T routing swi tch: • Origin – Defines the origin of the ro ...
Intel 480T - page 283

C H A P T E R 14 Border G atewa y Protoco l (BG P) 257 BGP Featur es The BGP f eatures support ed by the 48 0T routing switch inc lude: • Route Reflectors • Route Confederations • Route Aggregation • Route Map Su pport • IGP Synch ronization • Loopback Inter face • OSPF- to-BG P Ro ute Redi strib ution • BGP Peer Grou ps Route Refle ...
Intel 480T - page 284

258 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route Confederations BGP requir es networks to use a fully-meshed router configura tion. This requirement does not scale well, especially when BGP i s used as an inter ior gateway protocol. One way to reduce the size of a ful ly-meshed AS is to divide t he AS into mul tiple sub-autono ...
Intel 480T - page 285

C H A P T E R 14 Border G atewa y Protoco l (BG P) 259 Using the co nfederation, AS 200 is split into two sub-ASs: SubAS65001 and SubAS 65002. Each sub-AS is fully meshed , and IBG P (Int erna l BGP ) is ru nni ng amo ng it s memb ers. EBGP (Ext ernal BGP) is u sed between Sub 65001 and SubAS65002. Rou ter B and Router D are EBGP peers. EBGP is als ...
Intel 480T - page 286

260 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create vlan bd configure vlan bd add port 3 configure vlan bd ipaddress 192.1.1.9/30 enable ipforwarding vlan bd configure ospf add vlan bd area 0.0.0.0 disable bgp configure bgp as-number 65001 configure bgp routerid 192.1.1.22 configure bgp confederation-id 200 enable bgp create bgp ...
Intel 480T - page 287

C H A P T E R 14 Border G atewa y Protoco l (BG P) 261 To configure Route r D, use these commands: create vlan db configure vlan db add port 1 configure vlan db ipaddress 192.1.1.10/30 enable ipforwarding vlan db configure ospf add vlan db area 0.0.0.0 create vlan de configure vlan de add port 2 configure vlan de ipaddress 192.1.1.14/30 enable ipfo ...
Intel 480T - page 288

262 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route Aggr egation Route aggreg ation in volves combinin g the sub-netwo rks of several routes so that they are advertised as a singl e route. Aggregation reduces t he amount of information that a BGP speak er must store and exchange wit h other BGP speaker s. Reducing t he informatio ...
Intel 480T - page 289

C H A P T E R 14 Border G atewa y Protoco l (BG P) 263 Using the Loopback Interface If you ar e using BGP as your interior gateway protocol , you may decide to adve rtise the interface a s available, rega rdless of the status of any particular interface. The loopback interface can also be used for EBGP multi hop. Using th e loopback interface elimi ...
Intel 480T - page 290

264 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use these commands to c onfigure the parameters of t he peer group. configure bgp peer-group <peer-group> remote-as <number> configure bgp peer-group <peer-group> [route- reflector-client | no-route-reflector-client] configure bgp peer-group <peer-group> weight ...
Intel 480T - page 291

C H A P T E R 14 Border G atewa y Protoco l (BG P) 265 • Passwor d To create a new nei ghbor and include i t as a member of the pee r group, use thi s command: create bgp neighbor <ip address> peer-group <peer- group> {multi-hop} This cre ates th e new neighbor as part of t he peer group , and the neighbor inherits all exi sting param ...
Intel 480T - page 292

266 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide BGP Password Encryption The neighb or password for BGP is encrypted in upload /download configu ration. Configuring BGP Table 14.1 descri bes the commands used t o configure B GP. For more command op tions, press t he Tab key in the command line inte rfac e. T a ble 14.1: BG P Configu ...
Intel 480T - page 293

C H A P T E R 14 Border G atewa y Protoco l (BG P) 267 configure bgp delete networ k [<ipaddress> | <mask> | all] Deletes a network o riginat ed fro m this r outer . configure bgp as-number <as_ number> Changes the local AS number used by BGP . Y ou must disabl e BGP befor e the AS number can be changed. configure bgp cluster -id ...
Intel 480T - page 294

268 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure bgp neighbor [ <ipaddress> | all ] password [none | {encrypted} <password>] Configures a passwor d for a neighbo r . When the password is configured , TCP MD5 authenticat ion is enabl ed on the TCP connectio n established wit h the neighbor . The encrypte d keywo ...
Intel 480T - page 295

C H A P T E R 14 Border G atewa y Protoco l (BG P) 269 configure bgp neighbor [ <ipaddress> | all ] soft-reset {in | out} Applies th e current input or output r outing policy t o the rout ing informat ion already exchanged wit h the neighb or . The i nput/ output routin g policy is determin ed by th e nlri-filter , as-path-filter , and the ro ...
Intel 480T - page 296

270 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable bg p aggregation Disables BGP route-aggreg ation filtering. disable bgp al ways-compare-med Disa bles BGP use of the Mult i-Exit Discriminat or (MED) from n eighbors in diff erent autonomous syst ems in the route- selection algori thm. MED is only used when compar ing paths fr ...
Intel 480T - page 297

C H A P T E R 14 Border G atewa y Protoco l (BG P) 271 Displaying BGP Settings To display setting s for BGP, use the commands listed in T able 14.2. For more command op tions, pr ess the Tab key in th e command line inte rfac e. enable bgp synchronization Enables sync hronization be tween BGP and IGP . W hen enabled, BGP waits for IGP to provide th ...
Intel 480T - page 298

272 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Resetting and Disabling BGP To return BGP sett ings to their defau lts, or to disable BGP, use the commands listed i n Table 14.3. For more command opt ions, press the Tab key i n the command line i nterface. T a ble 14.3: BG P Reset an d Disable Commands Command Descript ion delete b ...
Intel 480T - page 299

C H A P T E R 14 Border G atewa y Protoco l (BG P) 273 BGP Route Selection BGP will select rout es based on the fol lowing precedence (from highest to lowest ): • W eight • Local preference • Shortest length (sho rtest AS path) • Lowest origin cod e • Lowest MED • Route from exter nal peer • Lowest co st to next hop • Lowest Rout er ...
Intel 480T - page 300

274 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 301

IP Multicast Routing This chapt er describe s the components of IP multicast routing, and how to conf igur e it on the In tel ® NetStructure ™ 480T routing swit ch. For mor e informatio n on IP mult icasting , refer to th ese publicatio ns: • RFC 1 11 2 — H ost Extension f or IP Multicasting • RFC 2236 — In ternet Gr oup Mana gement Prot ...
Intel 480T - page 302

276 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP multi cast routing co nsists of these functi ons: Conf igur e IP unica st routing b efore you configur e IP multi cast routing. • A router that can f orward IP multicast packets. • A router -to-router multicast rou ting protocol, for example, Distance V ector M ultic ast Ro uti ...
Intel 480T - page 303

C H A P T E R 1 5 IP Multicast R outing 277 PIM Sparse Mode (PIM-SM) Y ou can run either P IM- DM or PIM-SM on eac h VLAN. Unlike PIM- DM, PIM-SM i s an explici t join and pr une protoco l, and supports shared tr ees as well as shortest path trees (SPTs). The routers must expl icitly be joined to one or mor e groups to en able communicat ion. This ...
Intel 480T - page 304

278 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The switch also forwards PIM-SM traffic to a PIM-DM network. The PMBR sends a join message to the RP and the PMBR then broadcasts traffic f rom the RP in to the PI M-DM netwo rk. There are no n ew commands that need to be entered to enab le PIM- SM to PIM-DM functio nality. By having ...
Intel 480T - page 305

C H A P T E R 1 5 IP Multicast R outing 279 IGMP snoop ing is di sabled, all IG MP and IP mult icast traffi c will flood wit hin a given VL AN. This is n ormal 802. 1d bridge beh avior. IGMP and IGMP snoop ing must be enabled wh en IP unicast or multic ast routing is c onfigur ed (the defau lt setting is enable d). IGMP snoop ing expect s at least ...
Intel 480T - page 306

280 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IGMP Query Interval The maximum val ue you can set for the IGMP q uery interval is 429,496,72 9. The values y ou can set for query response interval a nd the last member que ry interval are between 1 secon d and 25 seconds. IGMP Configuration Commands Table 15 .1 describes th e comman ...
Intel 480T - page 307

C H A P T E R 1 5 IP Multicast R outing 281 conf igur e igm p <qu ery _int erval > <query_ response_in terval> <last_member_que ry_interval > Configures the IGMP timer s. Ti mers are based on IEEE RFC22 36. Specify: • query_interval — The amount of t ime, in seconds, the system waits b etween sending out gener al querie s. The ...
Intel 480T - page 308

282 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configur ing IP Multicas ting Ro uting To config ure IP mult icast rout ing: 1. Configure the system for IP un icast routing. 2. Enable multicast rou ting on the interface, using this command: enable ipmcforwarding {vlan <name>} 3. Enable DVMRP or PIM on all IP multicast routing ...
Intel 480T - page 309

C H A P T E R 1 5 IP Multicast R outing 283 conf igure d vmrp time r <route _repor t_inte rval> <route_replaceme nt_time> Configures the glob al DVMRP timers. Specify the follow ing: • route_report_interval — how many seconds the system wait s between tran smi tting peri odic rout e rep ort p ack ets. The range is 1 to 2,147,48 3,64 ...
Intel 480T - page 310

284 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igur e dvm rp vl an <na me> ti mer <probe_in terval> <nei ghbor timeout > Configures DVMRP interface t imers. Specify: • probe_interval — How many seco nds the system waits between transmitting DVMRP probe messages. The range is 1 to 2,147,483,64 7 seconds ( ...
Intel 480T - page 311

C H A P T E R 1 5 IP Multicast R outing 285 Configuration Examples See Chapter 13, "RIP and OSP F" on page 223 for in formation on configur ing OSPF . In the example b elow, the system labeled IR1 is configured fo r IP multica st routing using PIM-DM. l Figure 15.1: IP m ulti cast r outi ng PI M-DM co nfigur ation example Configuration fo ...
Intel 480T - page 312

286 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vlan A0_10_0_2 ipaddress 10.0.2.2 255.255.255.0 configure ospf add vlan all enable ipforwarding enable ospf enable ipmcforwarding configure pim add vlan all enable pim PIM-SM Configuration Example In this exampl e, the system labeled ABR1 is con figured for IP multic ast rou ...
Intel 480T - page 313

C H A P T E R 1 5 IP Multicast R outing 287 Configuration for ABR1 The following is the configuration for the rou ter labeled ABR1: configure vlan A0_10_0_2 ipaddress 10.0.2.1 255.255.255.0 configure vlan A0_10_0_3 ipaddress 10.0.3.1 255.255.255.0 configure vlan A6_161_48_2 ipaddress 161.48.2.2 255.255.255.0 configure vlan A5_160_26_26 ipaddress 16 ...
Intel 480T - page 314

288 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Deleting and Resetting IP Multicast Settings To return IP multic ast routin g setting s to their de faults an d disable IP multicast r outing functi ons, use the commands liste d in Table 15.4. For more comman d options, press the Tab key i n the command line interface. show igmp snoo ...
Intel 480T - page 315

C H A P T E R 1 5 IP Multicast R outing 289 disable dv mrp {[Rxmode | txmode ] vlan [<nam e> | all]} Disables DVMRP on the system. disable dv mrp Rxmode vlan [ <name> | all] Disables receivi ng of DVMRP packets on a per - VLAN basis. disable dv mrp txmode vla n [<name> | all] Disables transmitting o f DVMRP packets on a per- VLAN ...
Intel 480T - page 316

290 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 317

IPX Routing This chapt er describes how to configure IPX § , I PX/RIP, and IPX/SA P on the I ntel ® NetStructure ™ 480T rou ting switch. It assumes that you are familiar with IPX. If not, refer to yo ur Novell documentatio n. Overvi ew of IPX The 480T r outing swit ch provides sup port for I PX, IPX/RIP (R outing Informat ion Protoc ol), and IP ...
Intel 480T - page 318

292 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX NetID or an IP address. You also can configu re a VLAN for both IP X and IP routin g. Figure 16.1 shows the same switch discussed earlier in Figu re 12.1 on page 191. In Figur e 16.1, IPX routing is added to the switch, and two additio nal VLANs have been def ined — Exec and S u ...
Intel 480T - page 319

C H A P T E R 16 IPX Ro uting 293 IPX Encapsulation T ypes Novell NetWar e § supports f our types of fr ame encapsulatio n. The term for each type i s described in Table 16.1 . To configure a VLAN to use a particular enca psulation type, use this c ommand: configure vlan <name> xnetid <netid> [enet_ii | enet_8023 | enet_8022 | enet_sna ...
Intel 480T - page 320

294 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP and IPX on the Same VLA N The switch supports IP and I PX routin g within the same VLAN. This feature does n ot require any special con figuration. T agged IPX VLAN The switch suppo rts tagged 802.1Q tra ffic on an IPX VLAN that is performing routing. Tagging is most commo nly used ...
Intel 480T - page 321

C H A P T E R 16 IPX Ro uting 295 Populating the Routing T able The routi ng switch b uilds and mai ntains an IPX routing t able. As in the case of IP, the tab le is populated u sing dyn amic and stati c entries. Dyna mic Ro utes Dynamic routes ar e typically learned u sing IPX/RIP. Routers th at use IPX/RIP exchange in formation in their routing t ...
Intel 480T - page 322

296 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX/RIP is auto matically enabled when a NetID is assign ed to the VLAN. To remove the advertisemen t of an IPX VLAN, use the command: configure ipxrip delete {vlan <name> | all} GNS Support The 480T r outing switch su pports the Get Near est Server ( GNS) reply func tion. When ...
Intel 480T - page 323

C H A P T E R 16 IPX Ro uting 297 Configuring IPX This secti on describes the c ommands associated wi th configuri ng IPX, IPX/RIP, and IPX/SAP on the 480T ro uting switch. Configur e IPX routing a s follows: 1. Create at least two VLANs (see "V irtual LANs (VLANs )" on page 95) . 2. If you are co mbining an IPX VLAN with anoth er VLAN on ...
Intel 480T - page 324

298 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • show ipxrip — Displays the enable status of I PX/RIP for the VLAN, including operational and administrative status. It als o lists identif ied IPX/RIP neig hbors, RIP packet statistics , and several other tim er settings. • show ipxservice — Displays the co ntents of the IPX ...
Intel 480T - page 325

C H A P T E R 16 IPX Ro uting 299 To increase route stab ility, you can inc rease the hold multipli er (default i s 3 for 180 seconds). To modify these para meters use CLI commands: configure ipxrip <vlan name> update-interval <time> hold-multiplier <number> configure ipxsap <vlan name> update-interval <time> hold-mult ...
Intel 480T - page 326

300 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Commands Table 16.3 descri bes the commands used t o configure b asic IPX settings. For more command opt ions, press th e Tab key in the command line in terface. T a ble 16.3: Ba sic I PX § Com mands Command Des cription configure ipxmaxhops <numb er> Configures the IPX max ...
Intel 480T - page 327

C H A P T E R 16 IPX Ro uting 301 Table 16.4 describes the commands u sed to confi gure the I PX route table. Fo r more command op tions, press the T ab key in the command line in terface. configure ip xservice delete <servi ce_type> <servic e_name> <neti d> <node_ address> <socket> Deletes an IPX service from t he ser ...
Intel 480T - page 328

302 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 16.5 descri bes the commands used t o configure I PX/SAP. For more command op tions, pr ess the Tab key in th e command line inte rfac e. conf igure ipx rip vlan [all | <name >] [impo rt- filter | export- filter | trusted-g ateway] [ none | <access-profile>] Configur ...
Intel 480T - page 329

C H A P T E R 16 IPX Ro uting 303 configure ip xsap delete vlan [< name> | all] Disables IPX/SAP on an interface. conf igur e ipx sap vl an [< name > | al l] dela y <msec> Configures the time between each SAP packet within an update i nterval. T he defaul t setting is 55 mill isecond s. conf igur e ipx sap vl an [< nam e> | ...
Intel 480T - page 330

304 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Configuration Example Figure 1 6.2 builds on t he example showin g the IP/RI P configura tion that was used in Figure 13.4 on page 241. Now, along with having IP VLANs configured, this example illustrates a switch that has tw o IPX VLANs defined. The first VLAN is Ex ec with these ...
Intel 480T - page 331

C H A P T E R 16 IPX Ro uting 305 The stations conn ected to the system generat e a combination o f IP traffic and IPX traffic. The IP t raffic is filtered by the IP VLANs. IPX traffic is filtered by the IPX VLANs. In this c onfigurati on, all IP traffic fr om stations c onnected to ports 1 and 3 have access to the IP router th rough the VLAN Fina ...
Intel 480T - page 332

306 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Resetting and Disabling IPX To retu rn IPX settings t o their default s and disable I PX function s, use the commands listed in Tabl e 16.7. show ipxrout e {vlan <name> | xnetid <neti d> | origin [sta tic | rip | local]} Displays th e IPX routes in the route t able. show i ...
Intel 480T - page 333

C H A P T E R 16 IPX Ro uting 307 unconfi gure ipxsap {vlan < name>} Resets the IP X/SAP setting s on one or all VLANs to the defaul t. Removes import an d export filters, and resets the MTU size, upd ate interva l, and inter-packe t delay . unconfi gure vlan <n ame> xnetid Removes the IPX NetID of a VLAN. T a ble 16.7: IP X § Rese t a ...
Intel 480T - page 334

308 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 335

Access Policies This chapter desc ribes access policies, a nd how they are create d and implement ed on the I ntel ® NetStructu re ™ 480T r outing switch. Overview of Access Policies Access policies are a generalized cat egory of features that i mpact forwarding an d route forwardi ng decisions. Acc ess policies ar e used primaril y for security ...
Intel 480T - page 336

310 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide profile or dropped. Usi ng access lists h as no impact on switch performance. Access lis ts are typical ly applied to traffic that cr osses Layer 3 router boundaries, bu t it is possible to use acce ss lists within a Layer 2 VLAN. Routing Access P olicies Routing access pol icies are ...
Intel 480T - page 337

C H A P T E R 1 7 Access Polici es 311 configure access-profile <access_profile> [ad d | delete] {seq-number} ipx-sap <ipx_sap_type_in _hex> <ipx_name_string> To assign IPX access profile s as either imp ort or expo rt filters to RIP or SAP, use these commands: configure ipxrip vlan [<vlan name> | all] imp ort- filter [<a ...
Intel 480T - page 338

312 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Physical source port • Precedence number ( optional) How IP Access Lists Work For each ac cess list entry, you can either per mit the packet to be forwarded, or deny th e packet (in which case, it is dropped). When you create a permit access list condit ion, you can optionall y ...
Intel 480T - page 339

C H A P T E R 1 7 Access Polici es 313 or dropped. If no defa ult rule is specified, the defaul t implici t behavior is to forwa rd the packet. This example shows a default entry used to speci fy an implicit deny: create access-list denyall ip destination 0.0.0.0/0 source 0.0.0.0/0 den y ports any Once the defaul t behavior of the access list i s e ...
Intel 480T - page 340

314 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide the keyw ord. For examp le, you could use this ent ry to permi t TCP sessions origi nated from anywher e in th e 10.1.0.0 netw ork only: create access-list TCPout tcp destination 10.1.0.0/ 16 ip-port any source 0.0.0.0/0 ip-port any permit-established ports any In this example, using ...
Intel 480T - page 341

C H A P T E R 1 7 Access Polici es 315 • IP source and destination address and mask • ICMP type cod e • Physical source port (option al) • Numbered preceden ce (optional) When using an acc ess control list with an IP deny any rule, al l ICMP traf fic will not be bloc ked (for ei ther La yer 2 or Layer 3). To block all traffic within Layer 2 ...
Intel 480T - page 342

316 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 17.1: Ac cess L ist Configu ration Com mands Command Des cription create access-list <name> ip destination [<dst_ ipaddress>/<dst _mask> | any] sour ce [<src_ipaddress>/<src_mask> | any] [deny | permit <q osprofile> | deny] port s [<portl ...
Intel 480T - page 343

C H A P T E R 1 7 Access Polici es 317 create access-list <n ame> tcp destination [<dst_ ipaddress>/< dst_mask> | a ny] ip-port [<dst_ port> | rang e <dst_port _min> <dst_port _max> | any] sour ce [<src_ipaddress>/<src_mask> | any] ip-port [<src_port > | range <src _port_min> <src_port ...
Intel 480T - page 344

318 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create ac cess-list <name> udp destinati on [<dst_ ipaddress>/< dst_mask> | a ny] ip-port [<dst_ port> | rang e <dst_port _min> <dst_port _max> | any] sour ce [<src_ipaddress>/<src_mask> | any] ip-port [<src_port > | range <src ...
Intel 480T - page 345

C H A P T E R 1 7 Access Polici es 319 create access-list ic mp destination [<de st_i pad dres s>/<m ask> | any] sour ce [<src_ipaddress>/<source_mask> | any] type <icmp_t ype> code <i cmp_code> [permit | deny] {<port list>} {precedence <number>} Creates a named ICMP access list. The access list is ap ...
Intel 480T - page 346

320 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP Access List Examples This section presents two IP access list exampl es: • Using the permit- establish keyword • Filtering ICMP packets Example 1: Usin g the Permit-Establis hed Keyword This example uses an access list that permits TCP sessions (Telne t, FTP, and HTT P) to be e ...
Intel 480T - page 347

C H A P T E R 1 7 Access Polici es 321 in conjunct ion with IP, it is technically no t an IP data packet. Thus, ICMP data traffic, such as pi ng traffic, is not affect ed. Use this command to creat e the access-list: create access-list denyall ip destination any source any deny ports any Figure 17.1: Acce ss list denies al l TCP and UDP traffic Ste ...
Intel 480T - page 348

322 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Step 3 - Permit-Established Access List When a TCP session begi ns, there is a three-way handshake that includes a sequen ce of a SYN, SYN/ACK and ACK packet s. Figure 17.3 show s an illustrati on of the handshak e that occurs when Host A init iates a T CP session to Ho st B. After th ...
Intel 480T - page 349

C H A P T E R 1 7 Access Polici es 323 Figure 17.4 shows the final outco me of this access list. Figure 17.4: Permit -establis hed acces s list filter s out SY N packet to desti nation Example 2: Fi ltering ICMP Packets This example creates an access lis t that filters out ping (ICMP echo) packets. ICMP echo packets are defined as type any code any ...
Intel 480T - page 350

324 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide See “ Creat ing an A ccess Profile ” on page 324. To use routing access policies 1. Create an access profile. 2. Configure the access profile to be of type permit , deny , or none . 3. Add entries to the acce ss profile. 4. Apply the access pro file. Creating an Access Profi le Th ...
Intel 480T - page 351

C H A P T E R 1 7 Access Polici es 325 with each entry in the list. Once a match is found, the o peration is either permitted or denied, depending on the configu ration of the matched entry . If no match is found, the operat ion is implicitly denied. To add or del ete IP addresses or VLANs from an access profile , use this c ommand: configure acces ...
Intel 480T - page 352

326 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide can be used when y ou wish to match only again st the subne t addre ss, and ignore a ll addresse s within the sub net. If you are using CIDR sub net masking, the same logic appl ies, but the configuration is more tricky. For exampl e, the address 141.251. 24.128/25 rep resents any hos ...
Intel 480T - page 353

C H A P T E R 1 7 Access Polici es 327 Deleting an Access Profile Entry To delete an access prof ile entry , use this comm and: configure access-profile <access_profile> delete <seq_number> Applying Access Pr ofiles After the access profile i s defined, apply it to one or more routing protocols or VLANs. When an access pr ofile is appli ...
Intel 480T - page 354

328 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure rip vlan [<name> | all] import-filter [<access_profile> | none] • Export Filter — Use an access pro file to determine which RIP routes are adve rtised into a particular VLAN, using this command: configure rip vlan [<name> | all] export-filter [<acces ...
Intel 480T - page 355

C H A P T E R 1 7 Access Polici es 329 Assuming the backbo ne VLAN interconnects all the routers in the company (and, therefore, the Int ernet router does not have the best routes for ot her loca l subnets), t he commands to build the acc ess policy for the switc h would b e: create access-profile nointernet type ipaddress configure access-profile ...
Intel 480T - page 356

330 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • External Filter — For switches configur ed to support multiple OSPF areas (an ABR function), yo u can apply an access profile to an OSPF area that filters a set of OSPF external rou tes from being advertised into that area. T o configure an external filter policy , use this com ...
Intel 480T - page 357

C H A P T E R 1 7 Access Polici es 331 Figure 17.7: OSPF ac cess p olicy exam ple Routing Access P olicies for DVMRP The access policy capabili ties for DVMRP resemble those for RIP. If the DVMR P protocol i s used for rout ing IP mul ticast traff ic, you can config ure the sw itch to use an access profile to determin e: • T rusted Neighb or — ...
Intel 480T - page 358

332 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Export Filter — Use an access pro file to determine which DVMRP routes are advertised into a p articular VLAN, using this command: configure dvmrp vlan [<name> | all] export- filter [<access_profile> | none] DVMRP Example In this example, the network used i n the pre ...
Intel 480T - page 359

C H A P T E R 1 7 Access Polici es 333 configure the switch to use an access pr ofile to determine trusted neighbor ( PIM) router n eighbors fo r the VLAN on th e switch running PIM. To configur e a trusted neighbor pol icy, use thi s command: configure pim vlan [<name> | all] trusted- gateway [<access_profile> | none] PIM Example With ...
Intel 480T - page 360

334 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide attributes of the NLR I. T o configure an autonomous s ystem path filter policy , use this command: configure bgp neighbor [<ipaddress> | all] as- path-filter [in | out] [<access_profile> | none] Y ou can apply the autono mous system path filter to the ingress or egress up ...
Intel 480T - page 361

C H A P T E R 1 7 Access Polici es 335 Routing Access Policy Commands Table 17.3 descri bes the commands used t o configure r outing access policies. Press the Tab key i n the command line interface for further command option s. T a ble 17.3: Rou ting Acc ess Policy Co nfiguration Command s Command Des cription configure access-pro file <access_ ...
Intel 480T - page 362

336 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure access-profil e <access_profile> delete <s eq_number> Del etes an access prof ile entry using the sequence number . configure access-profil e <access_profile> mode [permit | deny | none] Configures t he access profile t o one of the follow ing: • permit ? ...
Intel 480T - page 363

C H A P T E R 1 7 Access Polici es 337 Using R oute Ma ps Route maps a re a mechanism you c an use to conditi onally contr ol the redi stribution of routes be tween two rout ing domain s, and to modify the routin g information that is redistributed . configure ospf area <area_id> interarea- filter [<access_profile> | none] Configures t ...
Intel 480T - page 364

338 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route maps a re used in conjunc tion wit h the match and se t operations. A match opera tion specifies a criteria that must be matched. A set op eration specifies a chan ge that is made to the rout e when the matc h operation is successful. There are three basic ste ps to configuring ...
Intel 480T - page 365

C H A P T E R 1 7 Access Polici es 339 configure route-map <route-map> <sequence number> add match [nlri-list <access_profile> | as-path [access_profile <access-profile> | <as num>] | community [access-profile <access_profile> | <as_num>:<number> | number <community>] | next-hop <ipaddress> ...
Intel 480T - page 366

340 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide community [<access_profi le> | <community >] Match es the co mmuni ties in th e path attribu te aga inst the specified BGP community access profile or the community number . next -hop <ipad dre ss> Matches the next-ho p in the path attr ibute against t he specified I ...
Intel 480T - page 367

C H A P T E R 1 7 Access Polici es 341 Route Map Operation The entries in the route map are processed in the ascending order of the sequence number. W ithin the entry, t he match statements are processed fi rst. When the match ope ration is successful, the set and goto statement s within the entr y are processed, and the action associated wit h the ...
Intel 480T - page 368

342 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These points ap ply to this exampl e: • R T A is a memb er of AS 1 11 1 and peers with a router in the Internet to receive the en tire Internet routing table. • R TB is a member of AS 2222, and has an EBGP connection with R T A through which it receives the Internet r outing table ...
Intel 480T - page 369

C H A P T E R 1 7 Access Polici es 343 You can apply the chan ges on the NLRI information that had been exchanged before t he policy changes, by issuing a soft reset on the ingress or eg ress side, dependi ng on the changes. For soft reset s to be applied on the ingr ess side, the changes must be previously enabl ed on the neighbor. Changes to t he ...
Intel 480T - page 370

344 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 17.6: Rou te Map Com mands Command Des cription configure route-map <rout e-map> [add | delete] < sequence number> [deny | pe rmit] {match-all | match one} Adds o r delete s entr ies to the rout e map. Specif y: • The sequence number uniquely identifies the entry ...
Intel 480T - page 371

C H A P T E R 1 7 Access Polici es 345 conf igur e rout e- map <ro ute- map > <seq uenc e number> add set [acco unting inde x <num> value <nu m> | as-path <as_num> | community [remove | {add | delete} [access- profil e <access_prof ile> | <as_num: number> | number <numbe r>]] | cost <num> | cost ...
Intel 480T - page 372

346 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure route-map <rout e-map> add <sequence nu mber> [permit | deny] {match- one | m atch- all] Adds a statement to t he route map with t he specified sequence number and action. The sequence number determines the order of the statement in th e route map, and th e actio ...
Intel 480T - page 373

Server Load Balancing (SLB) Overvie w The Server Load Balancing (S LB) feature of the Intel ® NetS truc ture ™ 480T routin g switch divides many cl ient requests among several servers. This act ivity is transp arent to th e client us ing the re source. It is mainly used for W eb hosting where several redunda nt servers a re used to incr ease the ...
Intel 480T - page 374

348 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Nodes A node is an individual service on a p hysical server that consists of an IP address a nd a port numbe r. Pools A pool is a group of nodes that i s mapped to a correspo nding vi rtual server. Pool s allow you to scale large ne tworks that c ontain many nodes. Pools may be confi ...
Intel 480T - page 375

C H A P T E R 18 Server Load Bala ncing ( SLB) 349 • The virtual port number Once you know whi ch virtual server o ptions are use ful in your network, y ou can: • Define standa rd virtual s ervers • Define wildcard virtual servers Each virt ual server maps to a single po ol, which can be a group of content servers, firewalls, rout ers, or cac ...
Intel 480T - page 376

350 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 18.1 summari zes the features su pported by each f orwarding mode. T ransparent Mode As wit h any server load balanci ng applicati on, the conten t must be dupl icated on all phy sical s erver s. Using transpar ent mode, the 4 80T routing swi tch does not modi fy the IP addresse ...
Intel 480T - page 377

C H A P T E R 18 Server Load Bala ncing ( SLB) 351 . Figure 18.1: T ransp arent mode In Figure 18.1, the 48 0T routing switc h is configur ed to respond to requests for t he VIP by forwardi ng them to t he load balance d servers. The servers are configured as follows: • The interface f or server 1 is 1 92.168.200 .1 • The interface f or server ...
Intel 480T - page 378

352 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use these commands to cr eate a roun d-robin po ol called MyW eb , and add nodes t o the new pool : create slb pool MyWeb lb-method round configure slb pool MyWeb add 192.168.200.1:80 configure slb pool MyWeb add 192.168.200.2:80 Use this command to create a transparent mode VIP for t ...
Intel 480T - page 379

C H A P T E R 18 Server Load Bala ncing ( SLB) 353 To configur e translat ional mode, use this command: create slb vip <vipname> pool <poolname> mode translation <ipaddress>{-<upper_ipaddress>}: <L4Port> {unit <number>} Figure 18.2 shows translati onal mode. Figure 18.2: T ransl ational mo de In Figure 18.2, the ...
Intel 480T - page 380

354 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vips ipaddress 192.168.201.1 /24 configure srvr add port 4-8 configure clnt add port 1-4 enable ipforwarding These commands create a roun d-robin pool called MyW eb , and add nodes to t he new pool: create slb pool MyWeb lb-method round configure slb pool MyWeb add 192.168.2 ...
Intel 480T - page 381

C H A P T E R 18 Server Load Bala ncing ( SLB) 355 routing switch aut omatically chan ges the IP address and po rt address on incoming pac kets to that of the load balan ced servers. As with any serve r load bal ancing app lication, the content must be duplicat ed on all physical servers. Configur e port translat ion mode usi ng this command: creat ...
Intel 480T - page 382

356 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In Figure 18.3, t he 480T routin g switch is config ured to bala nce all traffic sent to the VIP based on the client IP address. All servers have the same: • MAC address • IP address • Conte nt The commands used to configure the switch, as indicated in the example are: create vl ...
Intel 480T - page 383

C H A P T E R 18 Server Load Bala ncing ( SLB) 357 • Subnet-Ro ute - If your network configuration requires that the VIPs be pro paga ted thr oug h a rou ting p roto col by th e swi tch, you need to create a loop back VLAN with the VIP(s) being valid members of th e loopback VLAN ’ s subnet. When a r outing protocol is enab led, the subnet cont ...
Intel 480T - page 384

358 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Ratio If you ar e working with servers t hat differ si gnificantly in processing spee d and memor y, you may want to switch to t he ratio load bal ancing method. In rati o, the 480T routing swi tch distr ibutes connections amon g devices acco rding to ratio wei ghts that you set , whe ...
Intel 480T - page 385

C H A P T E R 18 Server Load Bala ncing ( SLB) 359 Prior ity Priority mode is a var iant of round -robin design ed to provid e redundant st andby nodes wi thin a pool. When you add a node to a pool, you can assig n a priorit y level. Priority n umbers range fr om 1 to 65,535, with the h ighest number indicating the highe st priorit y. The 48 0T rou ...
Intel 480T - page 386

360 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igur e slb p ool <p oolna me> d elete <ipaddress> :<L4Port> Del etes a physica l server from a ser ver pool. conf igur e slb p ool <pool name > lb-m etho d [round- robin | ra tio | pri ority | l east- connections] Configures the SLB load-b alancing method. ...
Intel 480T - page 387

C H A P T E R 18 Server Load Bala ncing ( SLB) 361 disable slb Disables SLB processing. Disabling SLB: • Closes all connecti ons. • W ithdraws VIP routes or routes th at do not respond wit h proxy ARP response s of VIP addresses. • Disconnects t he switch from red undant SLB switches. disable slb go go-mode <p ort number> {al l | ping-c ...
Intel 480T - page 388

362 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable slb Enables SL B processing on t he switch, and activates these fun ctions for transparent, transla tional, and port translat ion modes: • Exportin g of VIP rout es or proxy ARP for VIP addresses. • Processing of VIP lo okup and con nection setup. • Establi shing communic ...
Intel 480T - page 389

C H A P T E R 18 Server Load Bala ncing ( SLB) 363 Advanced SLB Application Exam ple This e xample builds u pon the in troductor y SLB example . The advanced conce pts included i n this example are: • Multiple pools • Multiple VIPs • Multiple balancing algor ithms • Multiple types of health checking Figure 1 8.4 shows an example of an advan ...
Intel 480T - page 390

364 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 18.4: Advanc ed SLB con figur ation The commands used to configure are described below. Use these commands to cre ate the VLAN from which outside connections wi ll come: create vlan outside configure vlan outside ipaddress 172.16.0.1 /16 configure vlan outside add ports 1-8 To ...
Intel 480T - page 391

C H A P T E R 18 Server Load Bala ncing ( SLB) 365 configure vlan sites ipaddress 192.168.201.254 /24 All VIPs is con figured to use this subnet . There are no p orts associated with t his VLAN. You can use the se commands to create the VLAN servers and enable IP forwarding: create vlan servers configure vlan servers ipaddress 192.168.200.254 / 24 ...
Intel 480T - page 392

366 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable slb node 192.168.200.2:443 tcp-port-check The next series of commands creates a second W eb site. This second site is similar to the first example; the difference is t hat content checkin g is enable d on this si te. For this typ e of health checking, the server downloads a spe ...
Intel 480T - page 393

C H A P T E R 18 Server Load Bala ncing ( SLB) 367 create slb vip myssl3 pool site3web mode transparent 192.168.201.4:443 The next examp le demonstrates th e series of commands yo u would use to create an F TP site. The site i s defined as h aving two serve rs: 192.168.200.3 an d 192.168. 200.4. Only FTP is being ser viced by the ser vers. The t wo ...
Intel 480T - page 394

368 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Health Checking The 480T rout ing switch suppo rts both int ernal and ext ernal health checking. Health check definitions For reference, the following health check s are available on all Server Loa d Balancing, Web Cach e Redirection and Poli cy-based Routing f unctions. SLB function ...
Intel 480T - page 395

C H A P T E R 18 Server Load Bala ncing ( SLB) 369 using the name and password suppl ied during t he configurat ion. The check will succ eed when the switch successfu lly logs into the next-hop. Layer 7 NNT P Check The NNTP health chec k connects to the serv er or next-hop, establishes a conn ection, and attache s to a user defined newsgroup. Layer ...
Intel 480T - page 396

370 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The 480T r outing swit ch also support s external health chec king. External health ch ecking uses an external servi ce configured by t he user to perform heal th checks and uses S NMP (Simple Network Management P rotocol) as a mech anism to noti fy the switch of a server failure. Pin ...
Intel 480T - page 397

C H A P T E R 18 Server Load Bala ncing ( SLB) 371 Service-Check Service-ch eck is Layer 7 -based and appli cation-depend ent. It is defined on a VIP and is performed on each node in the pool with which this VI P is associated. The default frequen cy is 60 second s and the def ault timeout is 180 seconds. Each service ch eck has associated pa ramet ...
Intel 480T - page 398

372 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide text f rom error t ext, we recommend that you specify an a ctual st ring to mat ch. For FTP, Teln et, and POP3, service-check attempts to log on and off the application o n the server using the sp ecified userID and password. For SMTP, service-check i dentifies the identity of the swi ...
Intel 480T - page 399

C H A P T E R 18 Server Load Bala ncing ( SLB) 373 enable slb gogo-mode maste r service-check [http | f tp | telnet | smtp | nntp | pop3 | all | tcpport ] Use these commands to d isable GoGo mode heal th checking: disable slb gogo-mode master ping-check disable slb gogo-mode master tcp-port-check [ port | all] disable slb gogo-mode master service-c ...
Intel 480T - page 400

374 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure slb gogo-mode master service-check pop3 {l4-port port} {userid userid password {encry pted} password} configure slb gogo-mode master service-check timer [http | ftp | telnet | smtp | nntp | pop3 | tcpport] frequency seconds timeout seconds Use these command to v iew your GoG ...
Intel 480T - page 401

C H A P T E R 18 Server Load Bala ncing ( SLB) 375 Health Checks for W e b Cache Redir ection and Policy Based Routing Heal th chec king works on the ports config ured by thei r assoc iated fl ow . For example , if you con figure a flow to re direct on por t 80 (HTTP ), but F TP is configur ed as the s ervice chec k, th e swit ch wi ll try to open ...
Intel 480T - page 402

376 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Layer 4 Flows Policy-base d routing an d Web cache redi rection suppor t an any option for the Layer 4 protocol t ype which allows the redi rection of TCP, UDP and other t raffic type s with the excep tion of I CMP traffic. To configure this capability , use the any option in the synt ...
Intel 480T - page 403

C H A P T E R 18 Server Load Bala ncing ( SLB) 377 To show conf iguration an d status of fl ow redirecti on rules, use t his command: show flow-redirect [<flow_rule_name | <cr>] Maintenance Mode You can easil y put a node or VIP into maintenan ce mode by disablin g the node or VIP . In maintenance mod e, existing connections remai n active ...
Intel 480T - page 404

378 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure slb proxy-client-persistent [add | delete] <ipaddress / mask> Stic ky Pe rsiste nce Sticky p ersistence provi des a special t ype of persis tence that is especially useful for c ache servers. Similar to client persistence, sticky persistence k eeps track of in coming c ...
Intel 480T - page 405

C H A P T E R 18 Server Load Bala ncing ( SLB) 379 Availabi lity mod e or havin g to introd uce anoth er interco nnecting switch), and recovery from a switch failure occurs in less t han 8 seconds. Figure 18.5 shows SLB enable d using ESRP an d dual-att ached servers. Figure 18.5: SLB us ing ESRP and dual-attac hed ser vers 34 2 1 78 6 5 11 12 10 9 ...
Intel 480T - page 406

380 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring the Switches for SLB and ESRP The SL B and ESRP configur ations are i dentical on both sw itches , in relatio n to the po rts being used. The proce dure used to con figure t he Switch 1 and Switch 2 in Figure 1 8.5 is describ ed below. 1. Create the VLANs, using these comm ...
Intel 480T - page 407

C H A P T E R 18 Server Load Bala ncing ( SLB) 381 show slb stats vip site2 7. T o configure the ratio and priority of an ex isting pool memb er and to display the cur rent SLB pool statistics, use this co mmand for each pool member , fillin g in the ipaddress, port, ratio and prio- ity as needed: configure slb pool <poolname> member <ipad ...
Intel 480T - page 408

382 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuration of SLB w ith ESRP Note the following about t he conf igurat ions for swi tches r unning SLB and E SRP: • All switch ports connected directly to th e servers must be configured as ESRP host ports. • The link between the two s witches must be config ured as an ESRP hos ...
Intel 480T - page 409

C H A P T E R 18 Server Load Bala ncing ( SLB) 383 Redun dant SLB The 480T r outing switch su pports a fail over process that uses a redundant con figurati on of two swit ches. If one swit ch fails, t he second switch takes over the SLB duties of the first. By p reparing a redundan t switch for the possib ility of failo ver, you effectively maintai ...
Intel 480T - page 410

384 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide When both switches are active, each switch pe rforms SLB only for the VIPs assign ed to it. If a switch fails, the other switch takes o ver the VIPs assig ned to the fa iled switch. The basic fai lover conf igure command assi gns the swit ch ’ s u nit number: configure slb failover ...
Intel 480T - page 411

C H A P T E R 18 Server Load Bala ncing ( SLB) 385 Figure 18.6: Active -active configu ration In this samp le confi guration, fa ilover is en abled t o ensure fault tolerance. To co nfigure this example on t he first switch, use these commands: create vlan inside create vlan server configure vlan inside ipaddress 1.10.0.2 /16 configure vlan inside ...
Intel 480T - page 412

386 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create slb pool testpool1 configure slb pool testpool1 add 1.205.1.1:80 configure slb pool testpool1 add 1.205.1.2:80 create slb vip site1 pool testpool1 mode transparent 1.10.1.1:80 create slb vip site2 pool testpool1 mode transparent 1.10.1.2:80 configure enable slb configure vlan i ...
Intel 480T - page 413

C H A P T E R 18 Server Load Bala ncing ( SLB) 387 enable slb failover enable slb fail ping configure slb vip site1 unit 1 configure slb vip site2 unit 2 configure slb fail ping-check 1.10.0.1 freq 1 The differences betwee n the configurations of these two switches are the IP addresses, and t he designation o f the first switch as the master of the ...
Intel 480T - page 414

388 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 18.7: SLB fai lover conf iguratio n usin g SLB H/A Configurin g Clients The configuration used to connect cl ients to SLB virtu al sites with High Availability enabl ed is transparent to the accessing clients. As with normal SLB, the clients conn ect to the VIP believi ng that ...
Intel 480T - page 415

C H A P T E R 18 Server Load Bala ncing ( SLB) 389 Create the VLANs, using these commands: create vlan inside create vlan server The VLAN inside connec ts to the gateway and t he VLAN server contains all of the load balanc ed servers. The gateway is co nnected to the VLAN inside , using these commands: configure inside ipaddress 1.10.0.2 /16 config ...
Intel 480T - page 416

390 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure inside slb client configure server slb server Confi gure SLB H/A fo r the switch , using this co mmand: configure slb failover unit 1 remote 1.10.0.3 local 1.10.0.2 l4-port 1028 One switch in a High Ava ilability pai r is designated as unit 1 and the other is de signated as ...
Intel 480T - page 417

C H A P T E R 18 Server Load Bala ncing ( SLB) 391 in the load balancing scheme. Without ESRP , another switch interconnecting all the ser vers is necessary . • One switch is designated as u nit 1 and the other as unit 2. This designation determ ines which VIPs are active on eac h switch in the failover pair . • In this configuration, sit e1 is ...
Intel 480T - page 418

392 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide This configuration uses t ransparent mode. Therefore, the VIPs need to be added to the ser vers as loopbac k addresses. This i s done by configuring the net work interfaces on the servers. A det ailed descriptio n for do ing this is provided after Fi gure 18.1. Advanced SLB Commands T ...
Intel 480T - page 419

C H A P T E R 18 Server Load Bala ncing ( SLB) 393 configure slb failover uni t <number> {remot e- ip <ipaddress> local-ip <i paddress>: {<L4Port> }} Configures t he slb failover . Specify: • remote-ip-address — The re mote peer IP address. • local-ip-address — The addres s of a local IP interface used for the failov ...
Intel 480T - page 420

394 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igure sl b globa l http u rl <url_str ing> match-string [<match_stri ng> | any-cont ent] Configures the d efault par ameters for L 7 service checking. configure slb global nn tp newsgrou p <newsgroup> Conf igures the d efault paramet er for L7 service checking. ...
Intel 480T - page 421

C H A P T E R 18 Server Load Bala ncing ( SLB) 395 configure slb vi p <vipname> service-check frequency < seconds> timeou t <seconds> Confi gures the L7 service check frequen cy and timeout par ameters for a part icular VIP . T o ret urn to the global valu es, specify 0 for frequency an d timeout. configure sl b vip <vipname> ...
Intel 480T - page 422

396 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable slb no de <ipaddre ss>:{<L4Port> | al l} tcp-port -check Disables L4 port checking. disable slb no de <ipaddress> p ing-check Disables L3 pingi ng. disable slb vi p [<vipn ame> | all] cl ient- persis tence Disables client-persist ence. disable slb vi p ...
Intel 480T - page 423

C H A P T E R 18 Server Load Bala ncing ( SLB) 397 enable slb vi p [<vipname> | all] cl ient- persistence {mask <ma sk>} Enables client persistence and specifi es the timeout and c lient address mask. I f the client sets up multiple sessions to a virtual server , all sessions must connect to the same physical node . Enabli ng client p e ...
Intel 480T - page 424

398 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide W eb Cache Redir ection Web cache redirection uses the TCP or UDP port number t o redirect client re quests to a target de vice (or group of devi ces). Web cache redirection tr ansparently redi rects traffic to Web c ache devices or to proxy servers and fi rewalls located in a demilit ...
Intel 480T - page 425

C H A P T E R 18 Server Load Bala ncing ( SLB) 399 Precedence of Flow Redir ec tion Rules Multiple f low redirect ion rules can ov erlap in making a redirect ion decision. In these cases, precedence is determined by "best match" where the most specific red irection rule that satisfi es the criteria will win. T he best match is d etermined ...
Intel 480T - page 426

400 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In thi s case, Po licy 1 is the rule with the best ma tch as it contain s an explicit Dest ination IP Port even th ough the mask fo r the Destination IP Address is less specific. In thi s case, Po licy 4 is the rule with the best ma tch as it contain s an explic it destin ation IP P o ...
Intel 480T - page 427

C H A P T E R 18 Server Load Bala ncing ( SLB) 401 Flow Redir ection Example Figure 18.8 uses flow redi rection to re direct Web t raffic to Web cache servers. In this example, the clients and th e cache devices are located o n different net works. This i s done by c reating a dif ferent VLAN for the clients and cach e devices. Figure 18.8: Flow-re ...
Intel 480T - page 428

402 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These commands are used t o configure the 480T routing switch in this example: create vlan client configure vlan client add port 1 configure vlan client ipaddress 10.10.10.1/24 create vlan cache configure vlan cache add port 2 configure vlan cache ipaddress 10.10.20.1/24 create vlan i ...
Intel 480T - page 429

Status Monitoring and Statistics This chapt er describes how to view the cur rent operating st atus of the Intel ® NetStr uctu re ™ 480T r outing switch , how to displa y informati on in the log, a nd how to ta ke advantage of availabl e Remote Moni toring (RMO N) capabilitie s. Viewing stat istics on a reg ular basis al lows you to se e how wel ...
Intel 480T - page 430

404 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 19.1: St atus Mo nitoring Com mands Command Descri ption show log confi g Di splays the log configurati on, includin g the syslog host IP address, the pri ority level of messages being logged lo cally , and t he priority level of messa ges being sent t o the syslog host. show ...
Intel 480T - page 431

C H A P T E R 19 Status Monito ring a nd Stat istic s 405 Port Statistics The 480T r outing switch a llows you to view po rt statisti c information. The summary infor mation lists values for the current counter ag ainst each port on each operati onal module in t he system, and it i s refreshed appr oximately ev ery 2 seconds. Values are displayed t ...
Intel 480T - page 432

406 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Received Packet Count (Rx Pkt Count) — Th e total number of good packets that were r eceived by the port . • Received Byte Count (Rx Byte Count) — The tot al num ber of bytes that were receiv ed by the por t, including bad or lo st frames. This number includes bytes containe ...
Intel 480T - page 433

C H A P T E R 19 Status Monito ring a nd Stat istic s 407 To view port receive errors, use this command: show ports <portlist> rxerrors The following port receive error information is collected : • Receive Bad CRC Frames (Rx CRC) — The total number of frames received by the port that were of the co rrect length, but cont ained a bad FC S ...
Intel 480T - page 434

408 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Setting the System Recovery Level You can configu re the system to auto matically reboot afte r a software ta sk exception , using thi s command: configure sys-recovery-level [none | critical | all] Wh ere: • none — Configures the level to no recovery . • critical — Configures ...
Intel 480T - page 435

C H A P T E R 19 Status Monito ring a nd Stat istic s 409 form HH:MM:SS. If the event was caus ed by a user , the user name is also provid ed. • Fault level — T able 19.3 describes the three leve ls of importance that the system can assign to a fault. By default, log entries that are assig ned a critical or warning level remain in the lo g afte ...
Intel 480T - page 436

410 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Local Logging The 480T r outing switc h maintains 1 ,000 messages in it s intern al log. You can disp lay a snapshot of the l og at any time, u sing the command: show log {<priority>} Displa ys the curren t snapshot o f the log. Priority filters the log to display messages with ...
Intel 480T - page 437

C H A P T E R 19 Status Monito ring a nd Stat istic s 411 Real-Time Dis play Along with viewing a sn apshot of the lo g, you can conf igure th e system to maintain a running real-time display of log messa ges on the console. T o turn on the log d isplay, enter this command: enable log display To confi gure the lo g display, use this command: config ...
Intel 480T - page 438

412 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The priorities are the same as for l ocal logging. If not specified, only c riti cal priority message s are sent to the syslog host. Logging Configuration Changes The local management software allows you to record all configura- tion chan ges (and their sources) made thr ough the CLI ...
Intel 480T - page 439

C H A P T E R 19 Status Monito ring a nd Stat istic s 413 configu re log displ ay {<prior ity>} Configures the real- time log display . Displa ys the current snapshot of the log. Priority filters the log to displa y message s with the sele cted or higher (more critical) pri ority . Priorities include (i n order): • Critic al • Emerge ncy ...
Intel 480T - page 440

414 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RMON Using the Re mote Monitori ng (RMON) capabi lities of t he 480T routing swi tch allows net work administ rators to improve system efficiency and reduc e the load on t he network. This secti ons explain more about the RMON co ncept and the RMON features suppo rted by the switch. R ...
Intel 480T - page 441

C H A P T E R 19 Status Monito ring a nd Stat istic s 415 A typical RM ON setup consist s of two componen ts: • RMON probe — An intelligent, remotely controlled device or software agent that continually collects statistics about a LAN segment or VLAN. The probe transfers the information to a management works tation on request, or when a predefi ...
Intel 480T - page 442

416 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The History gr oup is useful for analysis of tr affic pattern s and trends on a LAN segment o r VLAN, and to establish basel ine informat ion indicat ing normal o perating par ameters. Alarms The Alarms g roup provides a versatile, g eneral mechani sm for setting th reshold and sampl ...
Intel 480T - page 443

417 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide network with out costing mo re than t raditional network management. The 48 0T routing sw itch accu rately ma intains RMON statistic s at the maximum line rat e of all of its port s. For example, stati stics can be rela ted to indi vidua l ports. RMON Pr ob e with Secu rity Feat ures ...
Intel 480T - page 444

418 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 445

Software Upgrade and Boot Options Overvie w This c hapter describe s the proce dure for u pgrading th e Intel ® NetS tructu re ™ 480T routing switch firmware image. It also inc ludes a discussion o f how to save and lo ad a primary and secondary ima ge and configu ration file on the switch. Saving Configuration Changes The configu ration is t he ...
Intel 480T - page 446

420 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide If you mak e a mistak e, or find you must rev ert to the configur ation as it was before you started makin g changes, you can set t he switch to use the secondary conf iguration on the next reboot. If the switc h is reboote d during a con figurati on save, the switch boots to fact ory ...
Intel 480T - page 447

C H A P T E R 20 Softw are Upg rade an d Boot Options 421 Once the TFT P server is runni ng, click the Server Dir. button. Verify that the active dire ctory is Pro gram Files IntelInt el Device ViewFirmware. Make sure that b oth the BootROM image (a file named ngboot nn .bin ) and the firmware ima ge (a file n amed v nnnn b nn .tfp ) are in this ...
Intel 480T - page 448

422 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Upgrading the Firmware To upgra de the firmware on the switch: 1. Download the latest image from your TF TP server . download image <TFTPserverIP> v<nnn>b<nn>.tfp primary 2. V e rify that primary imag e is now at th e latest version and that the secondary image is st ...
Intel 480T - page 449

C H A P T E R 20 Softw are Upg rade an d Boot Options 423 show switch • Reboot the switch using th e reboot com mand. If you have f ollowed upgrade instru ctions, you r origin al configu ration should b e operati onal. If you did not have an older conf iguration , you may perfo rm a minimal co nfiguratio n for the switc h through t he command lin ...
Intel 480T - page 450

424 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide specified, the current co nfiguration is immediately up loaded to the TF TP server . To cancel a scheduled configu ration upload , use the command: upload configuration cancel Using TF TP to Download th e Configuration To modify t he switch conf iguratio n, you can downl oad ASCII fil ...
Intel 480T - page 451

C H A P T E R 20 Softw are Upg rade an d Boot Options 425 connectio n (and not th e console port), your c onnection is terminat ed when the switch r eboots, but t he command execu tes normally. Downloading an Incremental Configuration You can make a part ial or incremental change to the swit ch configu ration usin g downloaded ASCII file s that con ...
Intel 480T - page 452

426 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Remember to Save Regardless of the downl oad option used , configurations are downloaded i nto switch runti me memory only. T he configurati on is saved only whe n the save command is i ssued, or if the config uration file itself in cludes the save command. If the con figuration curre ...
Intel 480T - page 453

C H A P T E R 20 Softw are Upg rade an d Boot Options 427 • Pre ss 2 for th e image stored in secon dary . Then, press th e f key to boo t from newly sel ected on-board f lash memory. To boot t o factory default con figuration : • Press the d key for defau lt, and • Press the f key to bo ot from th e configured o n-board flash . Boot Option C ...
Intel 480T - page 454

428 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide download i mage [<ipaddress> | <hostname> ] <filename> {primary | secondary} Downl oads a new image from a TF TP server over the network. If pa rameters are not specified, the imag e is saved to the current image . reboot {time < date> <time> | ca ncel} R ...
Intel 480T - page 455

C H A P T E R 20 Softw are Upg rade an d Boot Options 429 use configur ation [primar y | secondary] Configures the swit ch to use a parti cular configu ration on the n ext reboo t. Option s include the primary confi guration area or the secondary configurat ion area. use image [ primary | seconda ry] C onfigur es the switch to use a particular imag ...
Intel 480T - page 456

430 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 457

Technical Specifications and Supported Limits T echnical Specifications For IEEE s tandards informat ion refer to http://stan dards.ieee. org The following table list s specifications for the Intel ® NetStr ucture ™ 480T rou ting switch. Ta b l e A . 1 : S pecific ations Physic al Dimensio ns Height: 3.5 i nches x W idth: 17.36 i nches x Depth: ...
Intel 480T - page 458

432 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide CE (E urop ean Comm unit y) TUV/GS (German Notified Body) C-T ick (Australia n Communicati on Authori ty) Underwriters L aboratories (USA and Canada) Safety Agency Cert ifications UL 1950 3rd Ed ition, l isted cUL listed to CSA 22.2 #950 TUV GS mark safety approval to the following EN ...
Intel 480T - page 459

Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 433 Supported Standar ds, RFCs and Pr otocols Ta b l e A . 2 : S upported Standard s, RFCs and Pr otocols RFCs, Stan dards, and Protocols RFC 1058 RIP RFC 1723 RI P v2 RFC 1 1 12 IGMP RFC 2236 IGMP v2 DVMRP v3 - Draft IETF DVMRP v3-07 PIM-DM v2 - Draft IETF PIM-DM v2-dm-01 RFC 2362 P IM ...
Intel 480T - page 460

434 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Supported Limits The table below summarizes tested metrics for various features on the 480T rout ing swit ch. These met rics are l aborato ry results an d are for reference and compa rison only. T able A.3: Sup ported Lim its Metric Des cription Limit Access Profiles Used by SNMP , T ...
Intel 480T - page 461

Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 435 MAC-based VLANs – MAC addresses Maxi mum number of MAC addresses that can be downloaded t o the switch whe n using MAC- based VLANs. 7000 Proto col-sens itive VLANs – active protocol f ilters The number of simultaneousl y active protocol filters in th e switch. 15 Spanning T ree ...
Intel 480T - page 462

436 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP – number of instances Maximum number of ESRP-sup ported VLANs for a single swi tch. 64 ESRP – number of ESRP group s Maximum number of ESRP groups withi n a broadcast domai n. 4 ESRP – number of VLANs in a single ESRP domain Maximum number o f VLANs that can be joined to a ...
Intel 480T - page 463

Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 437 OSPF virtu al links Maximum number o f OSPF virtual links supporte d. 32 B G P r o u t e s M a x i m u m n u m b e r o f r o u t e s c o n t a i n e d i n t h e BGP route t able. 500,000 BGP peers Maxim um number of BGP peers on a si ngle router . 64 Policy -Based Ro uting Maxim um ...
Intel 480T - page 464

438 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Router interfaces Maximum number of IPX router interfaces. 256 IPX Access control lists Maximum number of access lists in which all rules uti lize all ava ilable opt ions. worst case: 255 T able A.3: Sup ported Lim its ...
Intel 480T - page 465

Troubleshooting If you encou nter problems when using the In tel ® NetStructu re ™ 480T routing swi tch, this appe ndix may be he lpful. If y ou have a pr oblem not listed here or in the “ Late Break ing New s, ” contact your l ocal technical support rep resentative ( see "Intel Cust omer Support" o n page 491). LEDs Why do esn ’ ...
Intel 480T - page 466

440 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide the link LED lit, and th e side with autonegotiation enabled will n ot have the LED lit. • The defaul t configur ation for a 1000 Mbps port is au tonego tiatio n enabled . V er ify by using this command: show port config Why won ’ t the switch power on? • The 480T ro uting swi t ...
Intel 480T - page 467

Appendix B T r o u b l e s h o o t i n g 441 Why won ’ t the Telnet workstation access the device? • Check that the dev ice IP address, sub net mask and default g ateway are configured correctly , and that the d evice has been reset. • Ensure that you enter the IP address of the switch correctly when invoking the T elnet facility . • Check ...
Intel 480T - page 468

442 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide How do I remove u nused default and static routes? • If you ha ve defined static or default ro utes, those routes will remain in th e configuration, ind ependent of whether the VLAN and VLAN IP address that us ed them remains. Y ou should manually delete the routes if no VLAN IP add ...
Intel 480T - page 469

Appendix B T r o u b l e s h o o t i n g 443 • T o establish a full-duplex l ink either force it at bo th sides, or run autonegotiation on both sides (us ing full-duplex as an advertised capability , the default setting). Always verify th at the switch an d the netw ork device matc h in configur ation for speed and duplex . • A mismatch of dupl ...
Intel 480T - page 470

444 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Then conver t each octet into a decimal value. (for example, 0000000 0.0000000 0.0000001 .10010000 = 0.0.1.144 ). • Ther efore , 400 = 0.0. 1.14 4 VLANs What if I can ’ t add a port t o a VLAN? • If you attempt to add a port to a VLAN and g et an error message similar to: lo ...
Intel 480T - page 471

Appendix B T r o u b l e s h o o t i n g 445 VLAN Names There are restrict ions on VLAN names. They cann ot contain white spaces and ca nnot start with a n umeric value unless you use quotation marks around the name. If a name con tains white spaces , starts with a numbe r , or contains non- alphabeti cal character s, you m ust use qu otation marks ...
Intel 480T - page 472

446 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Why does the switch keep aging out endstation entries in the switch Fo rwar ding Da tabase (FD B)? • Reduce th e number of top ology changes by disabli ng STP on thos e systems that do not u se redundant paths. • Specify that the ends tation entries are static or permanent. ESRP W ...
Intel 480T - page 473

Regulatory Information Compliance statements Each of the follo wing com pliance sta tements applies on ly to produc ts that bea r the m ark or text require d by t he appr opriate c ertifica tion agen cy. FCC Part 15 Complianc e Statement This produ ct has bee n tested and foun d to comply with the limit s for a Class A digit al device pursuant to P ...
Intel 480T - page 474

448 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide This digital ap paratus do es not exceed the Class A limits for radio noi se emissions from digit al ap parat us set out in th e inte rfer ence- cau sing eq uipm ent st anda rd enti tled : "Dig ital Apparatus," ICES-003 of the Canadia n Departm ent of C ommunic ations. CE C ...
Intel 480T - page 475

Appendix C R e g u l a t o r y I n f o r m a t i o n 449 Wa r n i n g s WARNING This is a Class A pr oduct. In a dom estic environm ent this pr oduct may ca use radio interfe rence in wh ich case the use r may be req uired to ta ke adequ ate measure s. Inter nal a cce ss to the In tel NetS truct ure 4 80T routi ng s witch is in tend ed o nly fo r q ...
Intel 480T - page 476

450 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • in Re gione n, in d enen elektr ische S t ü rme a uftrete n, mit einem Ü berspannu ngsschutzger ä t verbun den sein; w ä hrend ein es elek trisch en St urms sol lte keine V erbi ndung der T eleko mmunikation sleitung en mit dem Modem beste hen; • mit ei ner geer deten W echs ...
Intel 480T - page 477

Appendix C R e g u l a t o r y I n f o r m a t i o n 451 WARRANTY IS IN LIEU OF ANY OTHER WAR RANTY, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED T O, ANY WARRANTY OF NONINFRINGEMENT OF INTELLECTUAL PROPERTY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR ANY WARRANTY ARISING OUT OF ANY PROPOSAL, SPECIFICATION, SAMPLE OR ...
Intel 480T - page 478

452 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide syst ems) by License e or Su blice nsees, and such use is entir ely at the use r ’ s risk. Licensee agrees to defend, in demnify, a nd hold Intel ha rmless from and against an y and all cl aims arising out of use of the hardw are produc t in such applica tions by Licensee or Sublic ...
Intel 480T - page 479

Appendix C R e g u l a t o r y I n f o r m a t i o n 453 If the Custome r Support G roup verifies th at the produc t is defective, they will have the Return Ma terial Aut horization Departmen t issue you an RMA num ber to place on the oute r packag e of the pr oduct. Intel cannot acce pt any pr oduct wit hout an RM A number on the pack age. LIMITAT ...
Intel 480T - page 480

454 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide INTEL SE RESERVE LE DROIT DE VOUS LIVRER UN PRODUIT CONTENANT DES COMPOSANTS NOUVEAUX OU REPARES. CETTE GAR ANTIE REMPLACE TOUTES LES AUTRES GAR ANTIES, EXPRESSES, TACITES OU LEGALES, Y COMPRIS, MAIS SANS QUE CETTE ENUMERATION SOIT LIMITATIVE, LES GARANTIES CONCERNANT LE NON RESPECT D ...
Intel 480T - page 481

Appendix C R e g u l a t o r y I n f o r m a t i o n 455 CONCERNANT TOUS LES LI TIGES RELATIFS AU PRESENT ACCORD NE SE RA PAS SUPERIEURE AU PRIX PAYE POUR LE PR ODUIT. CES LIMITATIONS DE RESPONSABILITE POTENTIELLE ONT C ONSTITUE UN FACTEUR DETERMINANT LORS DE LA FIXATION DU PRIX DU PRODUIT. INTEL N ’ ASSUME AUCUNE AUTR E RESPONSABILITE ET N ’ A ...
Intel 480T - page 482

456 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ricicl ate, co mpleta men te collaud ate e gara ntite c ome nu ove. Per m aggiori i nforma zioni sulla gara nzia, chi amare u no dei nu meri indi cati qu i sotto. Restituzione di prodo tti difettosi ( RMA) Prima di restitu ire un prodotto, c ontattare l ’ assistenz a tecnic a di Int ...
Intel 480T - page 483

Appendix C R e g u l a t o r y I n f o r m a t i o n 457 Beschr ä nkte Har dwaregarantie (Nur f ü r Eur o pa) Intel garan tiert dem ur spr ü nglic hen Ei gent ü mer, da ß die in diesem Pa ket en thalte ne Hardware ke ine Materi al- oder Herstel lungsfehle r aufweist. Die se Garantie gilt f ü r drei (3) Jahre (a) na ch dem K aufdat um, wenn di ...
Intel 480T - page 484

458 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Nachd em die Besch ä digung vo m Kundendie nst best ä tigt worden ist, wird von der zust ä ndi gen Abteilu ng eine R ü ckg abenum mer (RMA -Nummer) au sgegeb en, die a uf der ä u ß eren Ve rpackun g der Ha rdware a ngebracht werden mu ß . In tel ak zeptiert ke in Produ kt ohne ...
Intel 480T - page 485

Appendix C R e g u l a t o r y I n f o r m a t i o n 459 partir de la fe cha que re sulte m á s reciente de entre las opciones s iguient es: (i) la fe cha de com pra, s ó lo si de vuelve la ta rjeta de reg istro con prueba de compra de la forma in dicada al resp ecto pa ra reg istrarse; o bien ( ii) la fe cha de fabr icaci ó n; o (iii) la fecha ...
Intel 480T - page 486

460 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide LA IMPOSIBILIDAD DEL USO DE ESTE PRODUCTO, YA PROVENGA DE CONTRATO, NEGLIGENCIA, AGRAVIO O BAJO CUALQUIER GARANT Í A, SIN IMPORTAR QUE INTEL HAYA RECIBIDO PREVIO AVISO DE LA POSIBILIDAD DE DICHOS DA Ñ OS, INCLUIDOS, AUNQUE NO LIMITADOS A, P É RDIDAS DE USO, INFRINGIMIENTO DE LA P R ...
Intel 480T - page 487

Intel Customer Support Intel of fers a range of support servi ces for your Int el ® Ne tStruc ture ™ 480T rou ting switch. Yo u can learn abo ut the opt ions availab le for your area by visit ing the Intel suppor t Web site at http://www.int el.com/ network/ser vices . W orldwide A ccess to T echnical Support Intel has t echnical su pport center ...
Intel 480T - page 488

462 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Other ar eas For suppor t in other count ries, use the foll owing table to dial the toll- free support number . Using the table , locate the country from wh ich you are callin g, dial the access number, awai t the dial tone, and t hen dial the l isted 800 number. Country Dialing I nfo ...
Intel 480T - page 489

Appendix D I n t e l C u s t o m e r S u p p o r t 463 United Kingd om (Mercury ) 3 0500-8 9-0011 awa it dial tone, th en 800-838- 7136 Vietnam 120 10288 awa it dial tone , then 800-8 38-7136 Notes: 1 Public phone s require co in deposit 2 Use phone s allowing i nternat ional acce ss 3 May not be available fro m ever y phone 4 Public phone s requir ...
Intel 480T - page 490

464 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ...
Intel 480T - page 491

Index Numerics 10/100 Mbps mana gement port ................................................ 10 802.1p con figuration command s (table) ................................... 150 802.1Q links , troubleshooting ................................................ 445 802.1Q VLAN tag ............................................................... 100 8021Q ...
Intel 480T - page 492

466 I N D E X access policy soft reset ......................................................................334 access profiles configuration comman ds (table) .......................................... 59 create .............................................................................59 example ................................................ ...
Intel 480T - page 493

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 467 B backbone area , OSPF ............................................................228 bandwi dth ..........................................................................138 band widt h man ageme nt ......................................................... 163 bandwidth settin gs .. ...
Intel 480T - page 494

468 I N D E X show commands (table) ...................................................271 soft reset ......................................................................334 bi-directional r ate shapin g .....................................................163 blackhole ............................................................................1 ...
Intel 480T - page 495

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 469 command histo ry ...........................................................................44 short cuts ........................................................................41 syntax, un derstandin g .......................................................39 command comp letion .. ...
Intel 480T - page 496

470 I N D E X control flow ........................... ...............................................80 controlling Telnet access .........................................................58 conversion of OSPF area .......................................................443 convert O SPF area ......................................................... ...
Intel 480T - page 497

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 471 Device Tree ..........................................................................26 DF bit ..................................................................................82 DHCP multinetting .................................................................. 198 rela y, co nfig ...
Intel 480T - page 498

472 I N D E X enable log display ................................................................ 411 enable SLB .........................................................................354 enable slb .............................. ..................................... 367, 389 enable slb failover ................................................... ...
Intel 480T - page 499

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 473 master, failover ..............................................................170 master, priority .............................................................. 170 master, tracking .......... ................................................... 170 ping ............................. ...
Intel 480T - page 500

474 I N D E X FDB handlin g .....................................................................119 file server appl ications, QoS ...................................................139 Filter button (Web Access) ......................................................38 filter, ICMP .................................................................. ...
Intel 480T - page 501

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 475 heat dissipation ....................................................................432 high avail abil ity ........................................................... 387, 388 high avail abil ity mo de, SLB ...................................................378 History ............. ...
Intel 480T - page 502

476 I N D E X IP access rules ........................ ............................................. 309 IP address, enterin g ................................................................56 IP address, trou bleshooting ....... ............................................. 445 IP ARP Requ est ..................................................... ...
Intel 480T - page 503

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 477 resetting ....................................................................... 221 router interfaces .......... ................................................... 191 router show commands (table) ..........................................220 routing table ......................... ...
Intel 480T - page 504

478 I N D E X settings, display ing .........................................................305 show commands (table) ...................................................305 IRDP .................................................................................218 J jumbo frame .....................................................81, 87, 88, 112 mtu ...
Intel 480T - page 505

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 479 log display ..........................................................................411 logging and Telnet ................. ................................................... 411 commands (t able) ..........................................................412 configuration chang es ...
Intel 480T - page 506

480 I N D E X metro pol itan area net work .....................................................112 MGMT LED .........................................................................21 MIB ..................................................................................433 MIBs ...................................................................... ...
Intel 480T - page 507

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 481 Origin, BGP ........................................................................256 OSPF advantages ....................................................................224 area 0 ..........................................................................228 areas .................. ...
Intel 480T - page 508

482 I N D E X permanent entries, FDB ............ ............................................. 121 permanent entry , troubleshooting ............................................441 persistence, SLB, client .........................................................377 PIM trusted neig hbor ............................................................ ...
Intel 480T - page 509

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 483 master port ................ .....................................................85 mirrorin g ........................................................................90 monitoring .................................................................... 403 monitori ng display keys ..... ...
Intel 480T - page 510

484 I N D E X band widt h man ageme nt ................................................... 135 bandwidth settin gs .........................................................161 blackhole ......................................................................146 broadcast/unknow n rate limiting .......................................147 buffer ....... ...
Intel 480T - page 511

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 485 queries, router, I GMP ...........................................................278 query, gr oup specific, IGMP ..................................................281 R rack .....................................................................................18 rack mount .......... ...
Intel 480T - page 512

486 I N D E X split horizon ..................................................................225 timer ...........................................................................225 triggered updates ........................................................... 226 vers ion 2 ......................................................................226 ...
Intel 480T - page 513

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 487 access profile ................................................................324 access profile, applying ...................................................327 access profile, changing ..................................................334 access profile, configuring ............... ...
Intel 480T - page 514

488 I N D E X service-check ......................................................................371 sessions, deleti ng ...................................................................58 shortcuts, comm and ................................................................41 show flow-redirect .................................................... ...
Intel 480T - page 515

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 489 ratio weight ..................................................................358 redundant configuration ..................................................383 round-ro bin ...................................................................357 service-check .......................... ...
Intel 480T - page 516

490 I N D E X Greenwich Mean Time Offs ets (table) .................................. 74 soft re sets ........................................................................... 334 software fac tory de fau lts ................................................................12 Software Licensing ................. ................................... ...
Intel 480T - page 517

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 491 forward delay ............. ...................................................129 hel lo time .....................................................................129 initialization, trou bleshooting ........................................... 445 max age ............................ ...
Intel 480T - page 518

492 I N D E X T TACA CS+ commands (t able) ............................................................71 desc ript ion ...................................................................... 70 servers, specifying ............ ...............................................70 tag ..................................................................... ...
Intel 480T - page 519

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 493 Transparen t mode ................................................................ 349 transparent mode .............. ................................................... 349 transparent mode, SLB ..........................................................350 transparent private ne two ...
Intel 480T - page 520

494 I N D E X viewing accounts ...................................................................50 VIPs, SLB .......................................................................... 348 Virtual LANs. See VLANs virtual link, OSPF ................... ............................................. 229 VLAN debu g-tr acin g ......................... ...
Intel 480T - page 521

Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 495 name s ..........................................................................105 port , trou ble shoot ing ....................................................... 444 port-based ................. ..................................................... 97 protocol filters ........... ...
Intel 480T - page 522

496 I N D E X wildcard IP address ................. ............................................. 349 ...
Intel 480T - page 523

A14542-001 100044-00 rev04 Intel ® NetStructure ™ 480T Routing Switch User Guide Intel ® NetStructur e ™ 480T Routing Switch User Guide User Guide User Guide User Guide User Guide ...

Manufacturer Intel Category Switch

Documents that we receive from a manufacturer of a Intel 480T can be divided into several groups. They are, among others:
- Intel technical drawings
- 480T manuals
- Intel product data sheets
- information booklets
- or energy labels Intel 480T
All of them are important, but the most important information from the point of view of use of the device are in the user manual Intel 480T.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Intel 480T, service manual, brief instructions and user manuals Intel 480T. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Intel 480T.

Similar manuals

Intel IXF1104

227 pages
Intel AXXSW1GB

220 pages
Intel 1000LX

30 pages
Intel 82550

175 pages

A complete manual for the device Intel 480T, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Intel 480T by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Intel 480T.

A complete Intel manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Intel 480T - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Intel 480T, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Intel 480T, that we can find in the current document
3. Tips how to use the basic functions of the device Intel 480T - which should help us in our first steps of using Intel 480T
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Intel 480T
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Intel 480T in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Intel 480T?

Use the form below

If you did not solve your problem by using a manual Intel 480T, ask a question using the form below. If a user had a similar problem with Intel 480T it is likely that he will want to share the way to solve it.

Manual Intel 480T

Summary

Intel 480T - page 1

Intel 480T - page 2

Intel 480T - page 3

Intel 480T - page 4

Intel 480T - page 5

Intel 480T - page 6

Intel 480T - page 7

Intel 480T - page 8

Intel 480T - page 9

Intel 480T - page 10

Intel 480T - page 11

Intel 480T - page 12

Intel 480T - page 13

Intel 480T - page 14

Intel 480T - page 15

Intel 480T - page 16

Intel 480T - page 17

Intel 480T - page 18

Intel 480T - page 19

Intel 480T - page 20

Intel 480T - page 21

Intel 480T - page 22

Intel 480T - page 23

Intel 480T - page 24

Intel 480T - page 25

Intel 480T - page 26

Intel 480T - page 27

Intel 480T - page 28

Intel 480T - page 29

Intel 480T - page 30

Intel 480T - page 31

Intel 480T - page 32

Intel 480T - page 33

Intel 480T - page 34

Intel 480T - page 35

Intel 480T - page 36

Intel 480T - page 37

Intel 480T - page 38

Intel 480T - page 39

Intel 480T - page 40

Intel 480T - page 41

Intel 480T - page 42

Intel 480T - page 43

Intel 480T - page 44

Intel 480T - page 45

Intel 480T - page 46

Intel 480T - page 47

Intel 480T - page 48

Intel 480T - page 49

Intel 480T - page 50

Intel 480T - page 51

Intel 480T - page 52

Intel 480T - page 53

Intel 480T - page 54

Intel 480T - page 55

Intel 480T - page 56

Intel 480T - page 57

Intel 480T - page 58

Intel 480T - page 59

Intel 480T - page 60

Intel 480T - page 61

Intel 480T - page 62

Intel 480T - page 63

Intel 480T - page 64

Intel 480T - page 65

Intel 480T - page 66

Intel 480T - page 67

Intel 480T - page 68

Intel 480T - page 69

Intel 480T - page 70

Intel 480T - page 71

Intel 480T - page 72

Intel 480T - page 73

Intel 480T - page 74

Intel 480T - page 75

Intel 480T - page 76

Intel 480T - page 77

Intel 480T - page 78