SmartSwitch Router
User Reference Manual
9032578-04
Notice
Industry Canada Notice
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital
apparatus set out in the Radio Interference Regulations of the Canadian Department of
Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables
aux appareils numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique
édicté par le ministère des Communications du Canada.
NOTICE: The Industry Canada label identifies certified equipment. This certification means that the
equipment meets telecommunications network protective, operational and safety requirements as
prescribed in the appropriate Terminal Equipment Technical Requirements documents (s). The
department does not guarantee the equipment will operate to the user’s satisfaction.
Before installing this equipment, users should ensure that it is permissible to be connected to the
facilities of the local telecommunications company. The equipment must also be installed using an
acceptable method of connection. The customer should be aware that compliance with the above
conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be coordinated by a representative designated by the supplier.
Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may give
the telecommunications company cause to request the user to disconnect the equipment.
Users should ensure for their own protection that the electrical ground connections of the power
utility, telephone lines and internal metallic water pipe system, if present, are connected together. This
precaution may be particularly important in rural areas. Caution: Users should not attempt to make
such connections themselves, but should contact the appropriate electric inspection authority, or
electrician, as appropriate.
NOTICE: The Ringer Equivalence Number (REN) assigned to each terminal device provides an
indication of the maximum number of terminals allowed to be connected to a telephone interface. The
termination on an interface may consist of any combination of devices subject only to the requirement
that the sum of the ringer equivalence Numbers of all the devices does not exceed 5.
VCCI Notice
This is a Class A product based on the standard of the Voluntary Control Council for Interference by
Information Technology Equipment (VCCI). If this equipment is used in a domestic environment,
radio disturbance may arise. When such trouble occurs, the user may be required to take corrective
actions.
SmartSwitch Router User Reference Manual
3
Notice
CABLETRON SYSTEMS, INC.
PROGRAM LICENSE AGREEMENT
IMPORTANT:
THIS LICENSE APPLIES FOR USE OF PRODUCT IN THE FOLLOWING
GEOGRAPHICAL REGIONS:
CANADA
MEXICO
CENTRAL AMERICA
SOUTH AMERICA
BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY
READ THIS LICENSE AGREEMENT.
This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems, Inc.
(“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software
program (“Program”) in the package. The Program may be contained in firmware, chips or other
media. UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND BY
THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE LIMITATION
OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO THE TERMS OF
THIS AGREEMENT, RETURN THE UNOPENED PRODUCT TO CABLETRON OR YOUR DEALER,
IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT FOR A FULL REFUND.
IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT CABLETRON SYSTEMS
(603) 332-9400. Attn: Legal Department.
1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this
package subject to the terms and conditions of this License Agreement.
You may not copy, reproduce or transmit any part of the Program except as permitted by the
Copyright Act of the United States or as authorized in writing by Cabletron.
2. OTHER RESTRICTIONS. You may not reverse engineer, decompile, or disassemble the
Program.
3. APPLICABLE LAW. This License Agreement shall be interpreted and governed under the laws
and in the state and federal courts of New Hampshire. You accept the personal jurisdiction and
venue of the New Hampshire courts.
4. EXPORT REQUIREMENTS. You understand that Cabletron and its Affiliates are subject to
regulation by agencies of the U.S. Government, including the U.S. Department of Commerce,
which prohibit export or diversion of certain technical products to certain countries, unless a
license to export the product is obtained from the U.S. Government or an exception from obtaining
such license may be relied upon by the exporting party.
If the Program is exported from the United States pursuant to the License Exception CIV under the
U.S. Export Administration Regulations, You agree that You are a civil end user of the Program and
agree that You will use the Program for civil end uses only and not for military purposes.
If the Program is exported from the United States pursuant to the License Exception TSR under the
U.S. Export Administration Regulations, in addition to the restriction on transfer set forth in
4
SmartSwitch Router User Reference Manual
Notice
Sections 1 or 2 of this Agreement, You agree not to (i) reexport or release the Program, the source
code for the Program or technology to a national of a country in Country Groups D:1 or E:2
(Albania, Armenia, Azerbaijan, Belarus, Bulgaria, Cambodia, Cuba, Estonia, Georgia, Iraq,
Kazakhstan, Kyrgyzstan, Laos, Latvia, Libya, Lithuania, Moldova, North Korea, the People’s
Republic of China, Romania, Russia, Rwanda, Tajikistan, Turkmenistan, Ukraine, Uzbekistan,
Vietnam, or such other countries as may be designated by the United States Government), (ii)
export to Country Groups D:1 or E:2 (as defined herein) the direct product of the Program or the
technology, if such foreign produced direct product is subject to national security controls as
identified on the U.S. Commerce Control List, or (iii) if the direct product of the technology is a
complete plant o r any major component of a plant, export to Country Groups D:1 or E:2 the direct
product of the plant or a major component thereof, if such foreign produced direct product is
subject to national security controls as identified on the U.S. Commerce Control List or is subject to
State Department controls under the U.S. Munitions List.
5. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Product (i) was
developed solely at private expense; (ii) contains “restricted computer software” submitted with
restricted rights in accordance with section 52.227-19 (a) through (d) of the Commercial Computer
Software-Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data
belonging to Cabletron and/or its suppliers. For Department of Defense units, the Product is
considered commercial computer software in accordance with DFARS section 227.7202-3 and its
successors, and use, duplication, or disclosure by the Government is subject to restrictions set
forth herein.
6. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing,
Cabletron makes no warranty, expressed or implied, concerning the Program (including its
documentation and media).
CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY
CABLETRON IN WRITING, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING WRITTEN
MATERIALS, AND ANY ACCOMPANYING HARDWARE.
7. NO LIABILITY FOR CONSEQUENTIAL DAMAGES. IN NO EVENT SHALL CABLETRON OR
ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION,
LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR
RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE
THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL
DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED WARRANTIES IN SOME
INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU.
SmartSwitch Router User Reference Manual
5
Notice
CABLETRON SYSTEMS SALES AND SERVICE, INC.
PROGRAM LICENSE AGREEMENT
IMPORTANT:
THIS LICENSE APPLIES FOR USE OF PRODUCT IN THE UNITED STATES OF
AMERICA AND BY UNITED STATES OF AMERICA GOVERNMENT END
USERS.
BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY
READ THIS LICENSE AGREEMENT.
This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems
Sales and Service, Inc. (“Cabletron”) that sets forth your rights and obligations with respect to the
Cabletron software program (“Program”) in the package. The Program may be contained in firmware,
chips or other media. UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME
BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE
LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO
THE TERMS OF THIS AGREEMENT, RETURN THE UNOPENED PRODUCT TO CABLETRON OR
YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT FOR A
FULL REFUND.
IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT CABLETRON SYSTEMS
(603) 332-9400. Attn: Legal Department.
1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this
package subject to the terms and conditions of this License Agreement.
You may not copy, reproduce or transmit any part of the Program except as permitted by the
Copyright Act of the United States or as authorized in writing by Cabletron.
2. OTHER RESTRICTIONS. You may not reverse engineer, decompile, or disassemble the
Program.
3. APPLICABLE LAW. This License Agreement shall be interpreted and governed under the laws
and in the state and federal courts of New Hampshire. You accept the personal jurisdiction and
venue of the New Hampshire courts.
4. EXPORT REQUIREMENTS. You understand that Cabletron and its Affiliates are subject to
regulation by agencies of the U.S. Government, including the U.S. Department of Commerce,
which prohibit export or diversion of certain technical products to certain countries, unless a
license to export the product is obtained from the U.S. Government or an exception from obtaining
such license may be relied upon by the exporting party.
If the Program is exported from the United States pursuant to the License Exception CIV under the
U.S. Export Administration Regulations, You agree that You are a civil end user of the Program and
agree that You will use the Program for civil end uses only and not for military purposes.
If the Program is exported from the United States pursuant to the License Exception TSR under the
U.S. Export Administration Regulations, in addition to the restriction on transfer set forth in
Sections 1 or 2 of this Agreement, You agree not to (i) reexport or release the Program, the source
code for the Program or technology to a national of a country in Country Groups D:1 or E:2
(Albania, Armenia, Azerbaijan, Belarus, Bulgaria, Cambodia, Cuba, Estonia, Georgia, Iraq,
6
SmartSwitch Router User Reference Manual
Notice
Kazakhstan, Kyrgyzstan, Laos, Latvia, Libya, Lithuania, Moldova, North Korea, the People’s
Republic of China, Romania, Russia, Rwanda, Tajikistan, Turkmenistan, Ukraine, Uzbekistan,
Vietnam, or such other countries as may be designated by the United States Government), (ii)
export to Country Groups D:1 or E:2 (as defined herein) the direct product of the Program or the
technology, if such foreign produced direct product is subject to national security controls as
identified on the U.S. Commerce Control List, or (iii) if the direct product of the technology is a
complete plant o r any major component of a plant, export to Country Groups D:1 or E:2 the direct
product of the plant or a major component thereof, if such foreign produced direct product is
subject to national security controls as identified on the U.S. Commerce Control List or is subject to
State Department controls under the U.S. Munitions List.
5. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Product (i) was
developed solely at private expense; (ii) contains “restricted computer software” submitted with
restricted rights in accordance with section 52.227-19 (a) through (d) of the Commercial Computer
Software-Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data
belonging to Cabletron and/or its suppliers. For Department of Defense units, the Product is
considered commercial computer software in accordance with DFARS section 227.7202-3 and its
successors, and use, duplication, or disclosure by the Government is subject to restrictions set
forth herein.
6. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing,
Cabletron makes no warranty, expressed or implied, concerning the Program (including its
documentation and media).
CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY
CABLETRON IN WRITING, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING WRITTEN
MATERIALS, AND ANY ACCOMPANYING HARDWARE.
7. NO LIABILITY FOR CONSEQUENTIAL DAMAGES. IN NO EVENT SHALL CABLETRON
OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING,
WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS
INTERRUPTION, LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL,
CONSEQUENTIAL, OR RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE
OR INABILITY TO USE THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT
ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR
INCIDENTAL DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED
WARRANTIES IN SOME INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY
NOT APPLY TO YOU.
SmartSwitch Router User Reference Manual
7
Notice
CABLETRON SYSTEMS LIMITED
PROGRAM LICENSE AGREEMENT
IMPORTANT:
THIS LICENSE APPLIES FOR THE USE OF THE PRODUCT IN THE
FOLLOWING GEOGRAPHICAL REGIONS:
EUROPE
MIDDLE EAST
AFRICA
ASIA
AUSTRALIA
PACIFIC RIM
BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY
READ THIS LICENSE AGREEMENT.
This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems
Limited (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron
software program (“Program”) in the package. The Program may be contained in firmware, chips or
other media. UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND
BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE
LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO
THE TERMS OF THIS AGREEMENT, RETURN THE UNOPENED PRODUCT TO CABLETRON OR
YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT FOR A
FULL REFUND.
IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT CABLETRON SYSTEMS
(603) 332-9400. Attn: Legal Department.
1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this
package subject to the terms and conditions of this License Agreement.
You may not copy, reproduce or transmit any part of the Program except as permitted by the
Copyright Act of the United States or as authorized in writing by Cabletron.
2. OTHER RESTRICTIONS. You may not reverse engineer, decompile, or disassemble the
Program.
3. APPLICABLE LAW. This License Agreement shall be governed in accordance with English law.
The English courts shall have exclusive jurisdiction in the event of any disputes.
4. EXPORT REQUIREMENTS. You understand that Cabletron and its Affiliates are subject to
regulation by agencies of the U.S. Government, including the U.S. Department of Commerce,
which prohibit export or diversion of certain technical products to certain countries, unless a
license to export the product is obtained from the U.S. Government or an exception from obtaining
such license may be relied upon by the exporting party.
If the Program is exported from the United States pursuant to the License Exception CIV under the
U.S. Export Administration Regulations, You agree that You are a civil end user of the Program and
agree that You will use the Program for civil end uses only and not for military purposes.
8
SmartSwitch Router User Reference Manual
Notice
If the Program is exported from the United States pursuant to the License Exception TSR under the
U.S. Export Administration Regulations, in addition to the restriction on transfer set forth in
Sections 1 or 2 of this Agreement, You agree not to (i) reexport or release the Program, the source
code for the Program or technology to a national of a country in Country Groups D:1 or E:2
(Albania, Armenia, Azerbaijan, Belarus, Bulgaria, Cambodia, Cuba, Estonia, Georgia, Iraq,
Kazakhstan, Kyrgyzstan, Laos, Latvia, Libya, Lithuania, Moldova, North Korea, the People’s
Republic of China, Romania, Russia, Rwanda, Tajikistan, Turkmenistan, Ukraine, Uzbekistan,
Vietnam, or such other countries as may be designated by the United States Government), (ii)
export to Country Groups D:1 or E:2 (as defined herein) the direct product of the Program or the
technology, if such foreign produced direct product is subject to national security controls as
identified on the U.S. Commerce Control List, or (iii) if the direct product of the technology is a
complete plant o r any major component of a plant, export to Country Groups D:1 or E:2 the direct
product of the plant or a major component thereof, if such foreign produced direct product is
subject to national security controls as identified on the U.S. Commerce Control List or is subject to
State Department controls under the U.S. Munitions List.
5. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Product (i) was
developed solely at private expense; (ii) contains “restricted computer software” submitted with
restricted rights in accordance with section 52.227-19 (a) through (d) of the Commercial Computer
Software-Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data
belonging to Cabletron and/or its suppliers. For Department of Defense units, the Product is
considered commercial computer software in accordance with DFARS section 227.7202-3 and its
successors, and use, duplication, or disclosure by the Government is subject to restrictions set
forth herein.
6. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing,
Cabletron makes no warranty, expressed or implied, concerning the Program (including its
documentation and media).
CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY
CABLETRON IN WRITING, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING WRITTEN
MATERIALS, AND ANY ACCOMPANYING HARDWARE.
7. NO LIABILITY FOR CONSEQUENTIAL DAMAGES. IN NO EVENT SHALL CABLETRON OR
ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION,
LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR
RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE
THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL
DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED WARRANTIES IN SOME
INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU.
SmartSwitch Router User Reference Manual
9
Notice
SAFETY INFORMATION
CLASS 1 LASER TRANSCEIVERS
The SSR-HFX11-08 100Base-FX Module, SSR-GSX11-02 1000Base-LX Module, SSR-GLX19-02
1000Base-LX Module, SSR-HFX29-08 100Base-FX SMF Module, SSR-GLX70-01 1000Base-LLX
module, SSR-2-SX 1000Base-SX Module, SSR-2-LX 1000Base-LX Module, SSR-2-LX70 1000Base-LX
Module, and SSR-2-GSX system use Class 1 Laser transceivers. Read the following safety
information before installing or operating these modules.
The Class 1 laser transceivers use an optical feedback loop to maintain Class 1 operation limits. This
control loop eliminates the need for maintenance checks or adjustments. The output is factory set, and
does not allow any user adjustment. Class 1 Laser transceivers comply with the following safety
standards:
•
•
•
21 CFR 1040.10 and 1040.11 U.S. Department of Health and Human Services (FDA).
IEC Publication 825 (International Electrotechnical Commission).
CENELEC EN 60825 (European Committee for Electrotechnical Standardization).
When operating within their performance limitations, laser transceiver output meets the Class 1
accessible emission limit of all three standards. Class 1 levels of laser radiation are not considered
hazardous.
SAFETY INFORMATION
CLASS 1 LASER TRANSCEIVERS
Laser Radiation and Connectors
When the connector is in place, all laser radiation remains within the fiber. The maximum amount of
-6
radiant power exiting the fiber (under normal conditions) is -12.6 dBm or 55 x 10 watts.
Removing the optical connector from the transceiver allows laser radiation to emit directly from the
optical port. The maximum radiance from the optical port (under worst case conditions) is
-2
3
2
0.8 W cm or 8 x 10 W m sr-1.
Do not use optical instruments to view the laser output. The use of optical instruments to view
laser output increases eye hazard. When viewing the output optical port, power must be removed
from the network adapter.
10
SmartSwitch Router User Reference Manual
Notice
DECLARATION OF CONFORMITY
ADDENDUM
Application of Council Directive(s):
89/336/EEC
73/23/EEC
Manufacturer’s Name:
Manufacturer’s Address:
Cabletron Systems, Inc.
35 Industrial Way
PO Box 5005
Rochester, NH 03867
European Representative Name:
European Representative Address:
Mr. J. Solari
Cabletron Systems Limited
Nexus House, Newbury
Business Park
London Road, Newbury
Berkshire RG13 2PZ, England
Conformance to Directive(s)/Product Standards: EC Directive 89/336/EEC
EC Directive 73/23/EEC
EN 55022
EN 50082-1
EN 60950
Equipment Type/Environment:
Networking Equipment, for
use in a Commercial or Light
Industrial Environment.
We the undersigned, hereby declare, under our sole responsibility, that the equipment packaged with
this notice conforms _to the above directives.
Manufacturer
Legal Representative in Europe
Mr. Ronald Fotino
Full Name
Mr. J. Solari
Full Name
Principal Compliance Engineer
Title
Managing Director - E.M.E.A.
Title
Rochester, NH, USA
Location
Newbury, Berkshire, England
Location
SmartSwitch Router User Reference Manual
11
Notice
12
SmartSwitch Router User Reference Manual
Contents
Preface..................................................................................................... 25
Understanding the Command Line Interface.............................................................32
Basic Line Editing Commands......................................................................................33
User Mode........................................................................................................................34
Boot PROM Mode...........................................................................................................38
Setting the SSR Name.....................................................................................................44
Connecting Between the SSR and Other Systems......................................................46
Configuring Logging......................................................................................................46
SmartSwitch Router User Reference Manual
13
Contents
Installing the Control Module...................................................................................... 53
Hot Swapping a Switching Fabric Module (SSR 8600 only)........................................... 53
Port-based VLANs.................................................................................................. 57
Explicit and Implicit VLANs................................................................................. 60
14
SmartSwitch Router User Reference Manual
Contents
Specify Traffic Distribution Policy (Optional)............................................................71
Configuring Client Parameters.....................................................................................76
Updating the Lease Database...............................................................................................78
Secondary Subnets and Directly-Connected Clients .................................................81
IP Routing Overview.............................................................................................................85
IP Routing Protocols.......................................................................................................86
Multicast Routing Protocols...................................................................................86
Configuring ARP Cache Entries............................................................................88
SmartSwitch Router User Reference Manual
15
Contents
Assigning IP/IPX Interfaces......................................................................................... 93
Basic VRRP Configuration............................................................................................ 96
Monitoring VRRP................................................................................................................ 105
RIP Overview....................................................................................................................... 109
Configuring RIP Route Default-Metric..................................................................... 112
OSPF Multipath............................................................................................................ 116
Enabling OSPF.............................................................................................................. 116
Creating Virtual Links................................................................................................. 119
16
SmartSwitch Router User Reference Manual
Contents
AS-Path Regular Expression Examples..............................................................133
IBGP Internal Group Example.............................................................................141
Multi-Exit Discriminator Attribute Example............................................................156
Route-Filter.............................................................................................................166
Export Policies...............................................................................................................166
Export-Source.........................................................................................................166
Route-Filter.............................................................................................................167
Specifying a Route Filter..............................................................................................167
Aggregate-Destination..........................................................................................169
Route-Filter.............................................................................................................170
SmartSwitch Router User Reference Manual
17
Contents
Example 1: Redistribution into RIP.................................................................... 174
Exporting All Static Routes Except the Default Route to All RIP Interfaces
Import Policies.............................................................................................................. 179
Creating an Aggregate Route..................................................................................... 180
Creating an Aggregate Destination........................................................................... 182
Example 1: Importing from RIP.......................................................................... 182
Importing a Selected Subset of Routes from One RIP Trusted Gateway ....
Importing a Selected Subset of Routes from All RIP Peers Accessible Over
Exporting All Static Routes Reachable Over a Given Interface to a Specific
Example 2: Exporting to OSPF............................................................................ 194
IP Multicast Overview........................................................................................................ 199
18
SmartSwitch Router User Reference Manual
Contents
Configuring IGMP on an IP Interface........................................................................201
Configuring IGMP Query Interval.............................................................................201
Configuring DVMRP Parameters...............................................................................203
Configuring DVMRP TTL & Scope............................................................................204
Monitoring IGMP & DVMRP.............................................................................................205
Setting the IP Policy Action..................................................................................212
Authenticating Users through a Firewall..................................................................217
Configuring NAT.................................................................................................................224
NAT and FTP........................................................................................................................226
SmartSwitch Router User Reference Manual
19
Contents
Using Dynamic NAT............................................................................................ 228
Allowing Access to Load Balancing Servers............................................................ 236
Setting Timeouts for Load Balancing Mappings..................................................... 236
Web Hosting with Multiple Virtual Groups and Multiple Destination Servers
20
SmartSwitch Router User Reference Manual
Contents
Enabling SAP.................................................................................................................249
Creating an IPX Access Control List...................................................................250
Creating an IPX GNS Access Control List..........................................................251
How ACL Rules are Evaluated...................................................................................257
Implicit Deny Rule........................................................................................................258
Editing ACLs Offline....................................................................................................260
Maintaining ACLs Using the ACL Editor.................................................................261
Monitoring ACLs .................................................................................................................269
Monitoring TACACS Plus....................................................................................274
Configuring Layer-2 Port-to-Address Lock Filters..................................................276
SmartSwitch Router User Reference Manual
21
Contents
Example 1: Address Filters.................................................................................. 279
Configuring Layer-2 QoS............................................................................................ 285
Traffic Prioritization for Layer-3 & Layer-4 Flows......................................................... 286
Specifying Precedence for an IP QoS Policy ..................................................... 287
Setting an IPX QoS Policy.................................................................................... 287
Configuring ToS Rewrite for IP Packets................................................................... 289
Limiting Traffic Rate........................................................................................................... 291
Standard RMON Groups..................................................................................... 302
22
SmartSwitch Router User Reference Manual
Contents
Example Configurations.......................................................................................319
Random Early Discard (RED).......................................................................321
Adaptive Shaping...........................................................................................322
Frame Relay Overview........................................................................................................322
Virtual Circuits..............................................................................................................322
Permanent Virtual Circuits (PVCs).....................................................................323
Configuring Frame Relay Interfaces for the SSR.............................................................323
Frame Relay Port Configuration........................................................................................325
Use of LCP Magic Numbers........................................................................................327
Defining the Type and Location of a PPP Interface.................................................328
Setting up a PPP Service Profile..................................................................................328
Applying a Service Profile to an Active PPP Port....................................................329
SmartSwitch Router User Reference Manual
23
Preface
About This Manual
This manual provides detailed information and procedures for configuring the
SmartSwitch Router (SSR) software. If you have not yet installed the SSR, use the
instructions in the SmartSwitch Router Getting Started Guide to install the chassis and
perform basic setup tasks, then return to this manual for more detailed configuration
information.
Who Should Read This Manual?
Read this manual if you are a network administrator responsible for configuring and
monitoring the SSR.
How to Use This Manual
If You Want To
See
Read overview information
Configure bridging
Configure SmartTRUNKs
Configure Dynamic Host Configuration
Protocol server
parameters
SmartSwitch Router User Reference Manual
25
Preface
If You Want To
Configure VRRP
See
Configure RIP routing
Configure OSPF routing
Configure BGP routing
Configure routing policies
Configure IP multicast routing
Configure IP policy-based forwarding
Configure Network Address Translation
Configure web hosting
Configure IPX routing
Configure Access Control Lists
Configure security
Configure QoS (Quality of Service)
parameters
Monitor performance
Configure RMON
Configure WAN
26
SmartSwitch Router User Reference Manual
Preface
Related Documentation
The SmartSwitch Router documentation set includes the following items. Refer to these
other documents to learn more about your product.
For Information About
See the
Installing and setting up the SSR
SmartSwitch Router Getting Started Guide
Managing the SSR using Cabletron’s
element management application
CoreWatch User’s Manual and the
CoreWatch online help
The complete syntax for all CLI commands
SmartSwitch Router Command Line
Interface Reference Manual
System messages and SNMP traps
SmartSwitch Router Error Reference
Manual
SmartSwitch Router User Reference Manual
27
Preface
28
SmartSwitch Router User Reference Manual
Chapter 1
SSR Product
Overview
The SmartSwitch Router (SSR) provides non-blocking, wire-speed Layer-2 (switching),
Layer-3 (routing) and Layer-4 (application) switching. The hardware provides wire-speed
performance regardless of the performance monitoring, filtering, and Quality of Service
(QoS) features enabled by the software. You do not need to accept performance
compromises to run QoS or access control lists (ACLs).
The following table lists the basic hardware and software specifications for the SSR:
Table 1. SSR Hardware and software specifications
Feature
Specification
Throughput
SSR 2000:
•
•
8-Gbps non-blocking switching fabric
Up to 6 million packets-per-second routing throughput
SSR 8000:
•
•
16-Gbps non-blocking switching fabric
Up to 15 million packets-per-second routing throughput
SSR 8600:
•
•
32-Gbps non-blocking switching fabric
Up to 30 million packets-per-second routing throughput
SmartSwitch Router User Reference Manual
29
Chapter 1: SSR Product Overview
Table 1. SSR Hardware and software specifications (Continued)
Feature
Capacity
Specification
4,096 Virtual LANs (VLANs)
•
•
•
3 MB input/output buffering per Gigabit port
1 MB input/output buffering per 10/100 port
SSR 2000:
•
•
•
•
Up to 16,000 routes
Up to 128,000 Layer-4 application flows
Up to 180,000 Layer-2 MAC addresses
2,000 Layer-2 security and access-control filters
SSR 8000:
•
•
•
•
Up to 250,000 routes
Up to 2,000,000 Layer-4 application flows
Up to 400,000 Layer-2 MAC addresses
20,000 Layer-2 security and access-control filters
SSR 8600:
Up to 250,000 routes
•
•
•
•
•
•
•
•
•
•
•
•
•
Up to 4,000,000 Layer-4 application flows
Up to 800,000 Layer-2 MAC addresses
20,000 Layer-2 security and access-control filters
IP: RIP v1/v2, OSPF, BGP 2, 3 ,4
IPX: RIP, SAP
Routing
protocols
Multicast: IGMP, DVMRP
Bridging and
VLAN protocols
802.1d Spanning Tree
802.1Q (VLAN trunking)
Media Interface
protocols
802.3 (10Base-T)
802.3u (100Base-TX, 100Base-FX)
802.3x (1000Base-SX, 1000Base-LX)
802.3z (1000Base-SX, 1000Base-LX)
30
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Table 1. SSR Hardware and software specifications (Continued)
Feature
Quality of
Specification
Layer-2 prioritization (802.1p)
•
•
•
•
•
•
•
•
•
•
•
•
•
Service (QoS)
Layer-3 source-destination flows
Layer-4 source-destination flows
Layer-4 application flows
RMON
RMON v1/v2 for each port
Management
SNMP
CoreWatch Element Manager (GUI)
Emacs-like Command Line Interface (CLI)
Traffic to Control Module
Port mirroring
Hot swapping
Traffic from specific ports
Traffic to specific chassis slots (line cards)
Power supply (when redundant supply is installed and online)
Cabletron Systems SmartTRUNK support
Load balancing/
sharing
Redundancy
•
•
Redundant and hot-swappable power supplies
Virtual Router Redundancy Protocol (VRRP)
Supported Media (Encapsulation Type)
The SSR supports the following industry-standard networking media:
•
•
•
IP: IEEE 802.3 SNAP and Ethernet Type II
IPX: IEEE 802.3 SNAP, Ethernet Type II, IPX 802.3, 802.2
802.1Q VLAN Encapsulation
Supported Routing Protocols
The SSR supports many routing protocols based on open standards. The SSR can receive
and forward packets concurrently from any combination of the following:
•
Interior gateway protocols:
Open Shortest Path First (OSPF) Version 2
–
SmartSwitch Router User Reference Manual
31
Chapter 1: SSR Product Overview
–
Routing Information Protocol (RIP) Version 1, 2
detail.
•
•
Exterior gateway protocol:
–
Border Gateway Protocol (BGP) Version 2,3,4
Novell IPX routing protocols:
–
–
Routing Information Protocol (RIP)
Service Advertising Protocol (SAP)
in detail.
Configuring the SmartSwitch Router
The SSR provides a command line interface (CLI) that allows you to configure and
manage the SSR. The CLI has several command modes, each of which provides a group of
related commands that you can use to configure the SSR and display its status. Some
commands are available to all users; others can be executed only after the user enters an
“Enable” password.
You use the CLI to configure ports, IP/IPX interfaces, routing, switching, security filters
and Quality of Service (QoS) policies.
Understanding the Command Line Interface
The SSR Command Line Interface (CLI) provides access to several different command
modes. Each command mode provides a group of related commands. This chapter
describes how to access and list the commands available in each command mode and
explains the primary uses for each command mode. This chapter also describes the other
features of the user interface.
SSR commands can be entered at a terminal connected to the access server or router using
the command line interface (CLI). The SSR can also be configured using the CoreWatch
Java-based management application. Using CoreWatch is described in the CoreWatch
User’s Manual.
32
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Basic Line Editing Commands
The CLI supports EMACs-like line editing commands. The following table lists some
commonly used commands.
Table 2. Common CLI key commands
Key Sequence
Command
Move cursor to beginning of line
Ctrl+A
Ctrl+B
Ctrl+D
Ctrl+E
Ctrl+F
Ctrl+N
Move cursor back one character
Delete character
Move cursor to end of line
Move cursor forward one character
Scroll to next command in command history (use the cli show
history command to display the history)
Ctrl+P
Ctrl+U
Ctrl+X
Ctrl+Z
Scroll to previous command in command history
Erase entire line
Erase from cursor to end of line
Exit current access mode to previous access mode
Access Modes
The SSR CLI has four access modes.
•
•
•
•
User – Allows you to display basic information and use basic utilities such as ping but
does not allow you to display SNMP, filter, and access control list information or make
other configuration changes. You are in User mode when the command prompt ends
with the >character:
Enable – Allows you to display SNMP, filter, and access control information as well as
all the information you can display in User mode. To enter Enable mode, enter the
enable command, then supply the password when prompted. When you are in Enable
mode, the command prompt ends with the #character:
Configure – Allows you to make configuration changes. To enter Configure mode, first
enter Enable mode (enable command), then enter the configure command from the
Enable command prompt. When you are in Configure mode, the command prompt
ends with(config).
Boot – This mode appears when the SSR the external flash card or the system image is
not found during bootup. You should enter the reboot command to reset the SSR. If the
SSR still fails to bootup, please call Cabletron Technical Support.
SmartSwitch Router User Reference Manual
33
Chapter 1: SSR Product Overview
Note: The command prompt will show the name of the SmartSwitch Router in front of
the mode character(s). The default name is “ssr”.
When you are in Configure or Enable mode, enter the exit command or press Ctrl+Z to
exit to the previous access mode.
Note: When you exit Configure mode, the CLI will ask you whether you want to
activate the configuration commands you have issued. If you enter Y (Yes), the
configuration commands you issued are placed into effect and the SmartSwitch
Router’s configuration is changed accordingly. However, the changes are not
written to the Startup configuration file in the Control Module’s boot flash and,
therefore, are not reinstated after a reboot.
User Mode
After you log in to the SSR, you are automatically in User mode. The User commands
available are a subset of those available in Enable mode. In general, the User commands
allow you to display basic information and use basic utilities such as ping information.
To list the User commands, enter:
List the User commands.
?
The User mode command prompt consists of the SSR name followed by the angle bracket
(>):
ssr>
The default name is SSR unless it has been changed during initial configuration using the
system set name command. Refer to the SmartSwitch Router Command Line Interface
Reference Manual for information on the system facility.
To list the commands available in User mode, enter a question mark (?) as shown in the
following example:
ssr> ?
aging
cli
dvmrp
enable
exit
- Show L2 and L3 Aging information
- Modify the command line interface behavior
- Show DVMRP related parameters
- Enable privileged user mode
- Exit current mode
file
help
igmp
ip-redundancy
ipx
- File manipulation commands
- Describe online help facility
- Show IGMP related parameters
- Show IP Redundancy information (VRRP)
- Show IPX related parameters
- Show L2 Tables information
- Log off the system
l2-tables
logout
34
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
multicast
ping
- Configure Multicast related parameters
- Ping utility
pvst
- Show Per Vlan Spanning Tree Protocol (PVST)
parameters
sfs
statistics
stp
- Show SecureFast Switching (SFS) parameters
- Show or clear SSR statistics
- Show STP status
telnet
traceroute
vlan
- Telnet utility
- Traceroute utility
- Show VLAN-related parameters
Enable Mode
Enable mode provides more facilities than User mode. You can display critical features
within Enable mode including router configuration, access control lists, and SNMP
statistics. To enter Enable mode, enter the enable command, then supply the password
when prompted.
To list the Enable commands, enter:
List the Enable commands.
?
The Enable mode command prompt consists of the SSR name followed by the pound
sign(#):
ssr#
To list the commands available in Enable mode, enter a question mark (?) as shown in the
following example:
ssr# ?
acl
aging
arp
bgp
cli
configure
copy
dhcp
- Show L3 Access Control List
- Show L2 and L3 Aging information
- Show or modify ARP entries
- Show Border Gateway Protocol (BGP) parameters
- Modify the command line interface behavior
- Enter Configuration Mode
- Copy configuration database
- Configure DHCP server
dvmrp
enable
exit
- Show DVMRP related parameters
- Enable privileged user mode
- Exit current mode
file
- File manipulation commands
- Show L2 security filters
- Display Frame Relay statistics
- Describe online help facility
- Show http parameters
filters
frame-relay
help
http
igmp
interface
- Show IGMP related parameters
- Show interface related parameters
SmartSwitch Router User Reference Manual
35
Chapter 1: SSR Product Overview
ip
- Show IP related parameters
- Show IP policy information
- Show IP Redundancy information (VRRP)
- Show unicast IP Routing related parameters
- Show IPX related parameters
- Show L2 Tables information
- Show LFAP parameters
ip-policy
ip-redundancy
ip-router
ipx
l2-tables
lfap
load-balance
- Show Load Balancing related parameters and
hosts
logout
mtrace
multicast
nat
- Log off the system
- Multicast Traceroute utility
- Configure Multicast related parameters
- Show Network Address Translation related
parameters
ntp
ospf
- Network Time Protocol (NTP)
- Show/Monitor Open Shortest Path First Protocol
(OSPF).
ping
port
ppp
- Ping utility
- Show or change Port parameters
- Display Point to Point Protocol (PPP)
statistics
pvst
- Show Per Vlan Spanning Tree Protocol (PVST)
parameters
qos
- Show Quality of Service parameters
- Show RADIUS related parameters
- Show rate-limit policy information
- Show Router Discovery Protocol (RIP) parameters
- Reboot the system
radius
rate-limit
rdisc
reboot
rip
- Show/Query Routing Information Protocol(RIP)
tables
rmon
sfs
smarttrunk
snmp
statistics
stp
- Show RMON related parameters
- Show SecureFast Switching (SFS) parameters
- Show SmartTRUNK information
- Show SNMP related parameters.
- Show or clear SSR statistics
- Show STP status
system
tacacs
tacacs-plus
telnet
traceroute
vlan
- Show system-wide parameters
- Show TACACS related parameters
- Show TACACS+ related parameters
- Telnet utility
- Traceroute utility
- Show VLAN-related parameters
- Configure web caching parameters
web-cache
To exit Enable mode and return to User mode, use one of the following commands:
exit
Exit Enable mode.
Ctrl+Z
36
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Configure Mode
Configure mode provides the capabilities to configure all features and functions on the
SSR. You can configure features and functions within Configure mode including router
configuration, access control lists and spanning tree.
To list the Configure commands, enter:
List the Configure commands.
?
The Configure mode command prompt consists of the SSR name followed by the pound
sign (#):
ssr(config)#
To list the commands available in Configure mode, enter a question mark (?) as shown in
the following example:
ssr(config)# ?
acl
- Configure L3 Access Control List
- Edit an ACL in the ACL Editor
- Configure ACL policy
acl-edit
acl-policy
aging
- Configure L2 and L3 Aging
arp
- Configure ARP entries
bgp
cli
dhcp
- Configure Border Gateway Protocol (BGP)
- Modify the command line interface behavior
- Configure DHCP server
dvmrp
exit
- Configure DVMRP related parameters
- Exit current mode
filters
frame-relay
help
igmp
interface
ip
ip-policy
ip-redundancy
ip-router
- Configure L2 security filters
- Configure wan interface parameters
- Describe online help facility
- Configure IGMP related parameters
- Configure interface related parameters
- Configure IP related parameters
- Configure IP policy for packet forwarding
- Configure IP redundancy protocols
- Configure Unicast Routing Protocol related
parameters
ipx
lfap
- Configure IPX related parameters
- Configure Lightweight Flow Accounting Protocol
client
load-balance
nat
- Configure Load Balancing related parameters
- configure network address translation
parameters
ntp
- Configure Network Time Protocol (NTP)
parameters
ospf
port
ppp
- Configure Open Shortest Path Protocol (OSPF)
- Configure Port parameters
- Configure wan interface parameters
SmartSwitch Router User Reference Manual
37
Chapter 1: SSR Product Overview
pvst
- Configure Per Vlan Spanning Tree Protocol
(PVST)
qos
- Configure Quality of Service parameters
- Configure RADIUS related parameters
- Configure rate limits for flows
- Configure Router Discovery Protocol
- Configure Routing Information Protocol (RIP)
- Configure RMON related parameters
- Configure SecureFast Switching (SFS) parameters
- Configure SmartTRUNK
radius
rate-limit
rdisc
rip
rmon
sfs
smarttrunk
snmp
- Configure SNMP related parameters.
- Configure STP parameters
stp
system
tacacs
tacacs-plus
vlan
- Configure system-wide parameters
- Configure TACACS related parameters
- Configure TACACS+ related parameters
- Configure VLAN-related parameters
- Configure web caching parameters
web-cache
Special configuration mode commands:
clear
diff
- Show configuration commands
- Compare active configuration against another
configuration
erase
negate
- Erase configuration information
- Negate a command or a group of commands
using line numbers
no
- Negate matching commands
save
search
show
- Save configuration information
- Look up a command in configuration
- Show configuration commands
To exit Configure mode and return to Enable mode, use one of the following commands:
exit
Exit Configure mode.
Ctrl+Z
Boot PROM Mode
If your SSR does not find a valid system image on the external PCMCIA flash, the system
might enter programmable read-only memory (PROM) mode. You should then reboot the
SSR at the boot PROM to restart the system. If the system fails to reboot successfully,
please call Cabletron Systems Technical Support to resolve the problem.
To reboot the SSR from the ROM monitor mode, enter the following command.
reboot
Reboot in Boot PROM mode.
38
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Disabling a Function or Feature
The CLI provides for an implicit negate. This allows for the “disabling” of a feature or
function which has been “enabled”. Use the negate command on a specific line of the
active configuration to “disable” a feature or function which has been enabled. For
example, Spanning Tree Protocol is disabled by default. If after enabling Spanning Tree
Protocol on the SmartSwitch Router, you want to disable STP, you must specify the negate
command on the line of the active configuration containing the stp enablecommand.
Loading System Images and Configuration Files
The SSR contains an internal flash on the Control Module and an external PC flash. The
internal flash contains the SSR boot image and user defined configuration files. An
external PC flash contains the system image executed by the Control Module. When an
SSR boots, the boot image is executed first, followed by the system image and finishing
with a configuration file.
Boot and System Image
Only one boot image exists on the internal flash of the SSR Control Module. Multiple
system images can be stored on the external PC flash.
Configuration Files
The SSR uses three special configuration files:
•
Active – The commands from the Startup configuration file and any configuration
commands that you have made active from the scratchpad (see below).
Caution: The active configuration remains in effect only during the current power cycle. If
you power down or reboot the SSR without saving the active configuration changes to the
Startup configuration file, the changes are lost.
•
Startup – The configuration file that the SSR uses to configure itself when the system
is powered on.
•
Scratchpad – The configuration commands you have entered during a management
session. These commands do not become active until you explicitly activate them.
Because some commands depend on other commands for successful execution, the
SSR scratchpad simplifies system configuration by allowing you to enter configuration
commands in any order, even when dependencies exist. When you activate the
commands in the scratchpad, the SSR sorts out the dependencies and executes the
command in the proper sequence.
SmartSwitch Router User Reference Manual
39
Chapter 1: SSR Product Overview
Loading System Image Software
By default, the SSR boots using the system image software installed on the Control
Module’s PCMCIA flash card. To upgrade the system software and boot using the
upgraded image, use the following procedure.
1. Display the current boot settings by entering the system show version command:
Here is an example:
ssr# system show version
Software Information
Software Version : 2.1
Copyright
: Copyright (c) 1996-1998 Cabletron Systems Inc.
Image Information : Version 2.1.0.0 built on Wed Jan 20 19:28:49 1999
Image Boot Location: file:/pc-flash/boot/img8/
Note: In this example, the location “pc-flash” indicates that the SSR is set to use the
factory-installed software on the flash card.
2. Copy the software upgrade you want to install onto a TFTP server that the SSR can
access. (Use the ping command to verify that the SSR can reach the TFTP server.)
3. Use the system image add command to copy the software upgrade onto the PCMCIA
flash card in the Control Module.
Here is an example:
ssr# system image add 10.50.11.12 img2100
Downloading image 'img2100' from host '10.50.11.12'
to local image img2100 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.
4. Enter the system image list command to list the images on the PCMCIA flash card
and verify that the new image is on the card:
Here is an example:
ssr# system image list
Images currently available:
img2100
5. Use the system image choose command to select the image file the SSR will use the
next time you reboot the switch.
Here is an example:
ssr# system image choose img2100
Making image img2100 the active image for next reboot
40
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
6. Enter the system image list command to verify the change.
Note: You do not need to activate this change.
Loading Boot PROM Software
The SSR boots using the boot PROM software installed on the Control Module’s internal
memory. To upgrade the boot PROM software and boot using the upgraded image, use
the following procedure.
1. Display the current boot settings by entering the system show version command:
Here is an example:
ssr# system show version
Software Information
Software Version : 2.1
Copyright
: Copyright (c) 1996-1999 Cabletron Systems Inc.
Image Information : Version 2.1.0.0 built on Wed Jan 2022:49:07 1999
Image Boot Location: file:/pc-flash/boot/img2100/
Boot Prom Version : prom-1.0
In this example, the location “pc-flash” indicates that the SSR is set to use the factory-
installed software on the flash card.
2. Copy the software upgrade you want to install onto a TFTP server that the SSR can
access. (Use the ping command to verify that the SSR can reach the TFTP server.)
3. Use the system promimage upgrade command to copy the boot PROM upgrade onto
the internal memory in the Control Module.
Here is an example:
ssr# system promimage upgrade 10.50.11.12 prom2
Downloading image 'prom2' from host '10.50.11.12'
to local image prom2 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.
4. Enter the system show version command to verify that the new boot PROM software
is on the internal memory of the Control Module:
Activating the Configuration Commands in the Scratchpad
The configuration commands you have entered using procedures in this chapter are in the
scratchpad but have not yet been activated. Use the following procedure to activate the
configuration commands in the scratchpad.
SmartSwitch Router User Reference Manual
41
Chapter 1: SSR Product Overview
1. If you have not already done so, enter the enable command to enter Enable mode in
the CLI.
2. If you have not already done so, enter the configure command to enter Configure
mode in the CLI.
3. Enter the following command:
save active
4. The CLI displays the following message:
Do you want to make the changes Active? [y]
5. Enter yes or y to activate the changes.
Note: If you exit Configure mode (by entering the exit command or pressing Ctrl+Z),
the CLI will ask you whether you want to make the changes in the scratchpad
active.
Copying the Configuration to the Startup Configuration File
After you save the configuration commands in the scratchpad, the Control Module
executes the commands and makes the corresponding configuration changes to the SSR.
However, if you power down or reboot the SSR, the new changes are lost. Use the
following procedure to save the changes into the Startup configuration file so that the SSR
reinstates the changes when you reboot the software.
1. Ensure that you are in the Enable mode by entering the enable command.
2. Enter the following command to copy the configuration changes in the Active
configuration to the Startup configuration:
copy active to startup
3. When the CLI displays the following message, enter yes or y to save the changes.
Are you sure you want to overwrite the Startup configuration? [n]
Note: You also can save active changes to the Startup configuration file from within
Configure mode by entering the save startup command:
The new configuration changes are added to the Startup configuration file stored in the
Control Module’s boot flash.
42
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Displaying Configuration Changes
While in Configure mode, you can display the configuration of the running system as well
as non-activated changes that are in the Scratchpad by entering the following command:
show
Display running system configuration and non-activated
changes in scratchpad.
While in Enable mode, you can display the active configuration of the system by entering
the following command:
system show active-config
Display active configuration of the
system.
The show and system show active-config commands normally display configuration
commands in the order that they are executed. To display the configuration commands in
a different order, enter the following command in Configure mode:
system set show-config alphabetical
Display configuration commands in
alphabetical order.
Whenever you have activated commands in the scratchpad, you can compare the
activated changes with a previously-saved configuration file. To compare the activated
commands with the Startup (or another) configuration file, enter the following command
in Configure mode:
diff <filename>|startup
Compare activated commands with
Startup configuration file.
Managing the SSR
The SSR contains numerous system facilities for system management. You can perform
configuration management tasks on the SSR including:
•
•
•
•
•
Setting the SSR name
Setting the SSR date and time
Configuring NTP
Configuring the CLI
Configuring SNMP services
SmartSwitch Router User Reference Manual
43
Chapter 1: SSR Product Overview
•
•
Configuring DNS
Connecting between the SSR and other systems
Setting the SSR Name
The SSR name is set to ssr by default. You may customize the name for the SSR by entering
the following command in Configure mode:
Set the SSR name.
system set name <system-name>
Setting SSR Date and Time
The SSR system time can keep track of time as entered by the user or via NTP. To
configure the SSR date and time manually, enter the following command in Enable mode:
Set SSR date and time.
system set date year <year> month <month>
day <day> hour <hour> min <min> second <sec>
Configuring NTP
You can use the ntp set server command to instruct the SSR’s NTP client to periodically
synchronize its clock. By default, the SSR specifies an NTPv3 client that sends a
synchronization packet to the server every 60 minutes. This means the SSR will attempt to
set its own clock against the server once every hour. The synchronization interval as well
as the NTP version number can be changed.
Note: To ensure that NTP has the correct time, you need to specify the time zone, as
well. You can set the time zone by using the system set timezone command.
When specifying daylight saving time, you’ll need to use the system set daylight-
saving command.
To configure the SSR’s NTP client to synchronize its clock, enter the following command
in Configure mode:
Instruct SSR’s NTP server to
periodically synchronize clock
ntp set server <host> [interval <minutes>]
[source <ipaddr>] [version <num>]
44
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Configuring the SSR CLI
You can customize the CLI display format to a desired line length or row count. To
configure the CLI terminal display, enter the following command in Enable mode:
Configure the CLI terminal display. cli set terminal rows <num> columns
<num>
Configuring SNMP Services
The SSR accepts SNMP sets and gets from an SNMP manager. You can configure SSR
SNMP parameters including community strings and trap server target addresses.
To configure the SSR SNMP community string, enter the following command in
Configure mode:
Configure the SNMP community string. snmp set community <community-name>
privilege read|read-write
To configure the SNMP trap server target address, enter the following command in
Configure mode:
Configure the SNMP trap server
target address.
snmp set target <IP-addr> community
<community-name> [status
enable|disable]
Configuring DNS
The SSR allows you to configure up to three Domain Name Service (DNS) servers.
To configure the DNS, enter the following command in Configure mode:
Configure DNS.
system set dns server <IPaddr>[ <IPaddr>[ <IPaddr>]]
domain <name>
SmartSwitch Router User Reference Manual
45
Chapter 1: SSR Product Overview
Connecting Between the SSR and Other Systems
To test a connection between the SSR and an IP host, enter the following command in User
or Enable mode:
Test connection
between the SSR
and an IP host.
ping <hostname-or-IPaddr> packets <num> size <num> wait
<num> [flood] [dontroute]
To open a Telnet session from the SSR to an IP host, enter the following command in User
or Enable mode:
Telnet to a specified telnet <hostname-or-IPaddr> [socket <socket-number>]
IP host.
The SSR accepts up to four Telnet sessions. You can immediately end a particular Telnet
session (for example, an unauthorized user is logged in to the SSR).
To end a user’s Telnet session, first determine the session ID by entering the following
command in Enable mode:
Show current
system show users
Telnet sessions.
To end the Telnet session, enter the following command in Enable mode:
system kill telnet-session <session-id>
Kill the Telnet
session.
Configuring Logging
During operation, the SSR system software sends messages to the management console.
These messages include informational, warning, error, and fatal messages. Console
messages can also be sent to a Syslog server.
To configure a Syslog server, enter the following command in Configure mode:
system set syslog [server <hostname-or-
IPaddr>][level <level-type>][facility <facility-
type>][source <source-IPaddr>][buffer-size <size>]
Configure a Syslog server.
If a Syslog server is identified and ACL logging is enabled, then messages about whether
packets are forwarded or dropped because of ACL are sent to the Syslog server. Chapter
46
SmartSwitch Router User Reference Manual
Chapter 1: SSR Product Overview
Monitoring Configuration
The SSR provides many commands for displaying configuration information. After you
add configuration items and commit them to the active configuration, you can display
them using the following commands.
Task
Display history buffer.
Command
cli show history
cli show terminal
snmp show access
Show terminal settings.
Show all accesses to the SNMP agent.
Show all SNMP information.
snmp show all
snmp show chassis-id
snmp show community
snmp show statistics
snmp show trap
Show chassis ID.
Show the SNMP community strings.
Show SNMP related statistics.
Show trap target related configuration.
Show the active configuration of the system.
system show active-config
system show bootlog
Show the contents of the boot log file, which
contains all the system messages generated
during bootup.
system show bootprom
Show boot PROM parameters for TFTP
downloading of the system image.
system show syslog buffer
Show the most recent Syslog messages kept in
the local syslog message buffer.
system show capacity
all|chassis|task|cpu|memory
Show usage information about various system
resources.
system show contact
Show the contact information (administrator
name, phone number, and so on).
system show cpu-utilization
Shows the percentage of the CPU that is
currently being used.
system show date
system show dns
Show the SSR date and time.
Show the IP addresses and domain names for
DNS servers.
system show environmental
system show hardware
Show environmental information, such as
temperature and power supply status.
Show SSR hardware information.
SmartSwitch Router User Reference Manual
47
Chapter 1: SSR Product Overview
Task
Command
system show location
system show login-banner
system show name
Show SSR location.
Show the SSR login banner.
Show SSR name.
system show poweron-selftest-
mode
Show the type of Power-On Self Test (POST)
that should be performed.
system show scratchpad
Show the configuration changes in the
scratchpad. These changes have not yet been
activated.
system show startup-config
system show switching-fabric
system show syslog
Show the startup configuration for the next
reboot.
Show the status of the switching fabric
module.
Show the IP address of the SYSLOG server
and the level of messages the SSR sends to the
server.
system show telnet-access
system show terminal
system show timezone
Lists the last five Telnet connections to the
SSR.
Show the default terminal settings (number of
rows, number of columns, and baud rate.
Show the time zone offset from UCT in
minutes.
system show uptime
system show users
Show SSR uptime.
Show the current Telnet connections to the
SSR.
system show version
Show the software version running on the
SSR.
48
SmartSwitch Router User Reference Manual
Chapter 2
Hot Swapping
Line Cards and
Control Modules
Hot Swapping Overview
This chapter describes the hot swapping functionality of the SSR. Hot swapping is the
ability to replace a line card or Control Module while the SSR is operating. Hot swapping
allows you to remove or install line cards without switching off or rebooting the SSR.
Swapped-in line cards are recognized by the SSR and begin functioning immediately after
they are installed.
On the SSR 8000 and SSR 8600, you can hot swap line cards and secondary control
modules. On the SSR 8600, you can also hot swap the secondary switching fabric module.
This chapter provides instructions for the following tasks:
•
•
•
Hot swapping line cards
Hot swapping secondary Control Modules
Hot swapping the secondary Switching Fabric Module (SSR 8600 only)
Hot Swapping Line Cards
The procedure for hot swapping a line card consists of deactivating the line card,
removing it from its slot in the SSR chassis, and installing a new line card in the slot.
SmartSwitch Router User Reference Manual
49
Chapter 2: Hot Swapping Line Cards and Control Modules
Deactivating the Line Card
To deactivate the line card, do one of the following:
•
Press the Hot Swap button on the line card. The Hot Swap button is recessed in the line
card's front panel. Use a pen or similar object to reach it.
location of the Offline LED and Hot Swap button on a 1000Base-SX line card.
SSR-GSX11-02
1000BASE-SX
1
2
Tx Link
Tx Link
Offline
Hot
Offline LED
Swap
Online
Rx AN
Rx
AN
Hot Swap Button
Figure 1. Location of Offline LED and Hot Swap button on a 1000Base-SX line card
•
Use the system hotswap out command in the CLI. For example, to deactivate the line
card in slot 7, enter the following command in Enable mode:
ssr# system hotswap out slot 7
After you enter this command, the Offline LED on the line card lights, and messages
appear on the console indicating the ports on the line card are inoperative.
Note: If you have deactivated a line card and want to activate it again, simply pull it
from its slot and push it back in again. (Make sure the Offline LED is lit before you
pull out the line card.) The line card is activated automatically.
Alternately, if you have not removed a line card you deactivated with the system
hotswap out command, you can reactivate it with the system hotswap in
command. For example, to reactivate a line card in slot 7, enter the following
command in Enable mode:
ssr# system hotswap in slot 7
Removing the Line Card
To remove a line card from the SSR:
1. Make sure the Offline LED on the line card is lit.
50
SmartSwitch Router User Reference Manual
Chapter 2: Hot Swapping Line Cards and Control Modules
Warning: Do not remove the line card unless the Offline LED is lit. Doing so can cause the
SSR to crash.
2. Loosen the captive screws on each side of the line card.
3. Carefully remove the line card from its slot in the SSR chassis.
Installing a New Line Card
To install a new line card:
1. Slide the line card all the way into the slot, firmly but gently pressing the line card
fully in place to ensure that the pins on the back of the line card are completely seated
in the backplane.
Note: Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
2. Tighten the captive screws on each side of the line card to secure it to the chassis.
Once the line card is installed, the SSR recognizes and activates it. The Online LED
button lights.
Hot Swapping One Type of Line Card With Another
You can hot swap one type of line card with another type. For example, you can replace a
10/100Base-TX line card with a 1000Base-SX line card. The SSR can be configured to
accommodate whichever line card is installed in the slot. When one line card is installed,
configuration statements for that line card are used; when you remove the line card from
the slot and replace it with a different type, configuration statements for the new line card
take effect.
To set this up, you include configuration statements for both line cards in the SSR
configuration file. The SSR determines which line card is installed in the slot and uses the
appropriate configuration statements.
For example, you may have an SSR with a 10/100Base-TX line card in slot 7 and want to
hot swap it with a 1000Base-SX line card. If you include statements for both line cards in
the SSR configuration file, the statements for the 1000Base-SX take effect immediately
after you install it in slot 7.
Hot Swapping a Secondary Control Module
If you have a secondary control module installed on the SSR, you can hot swap it with
another Control Module or line card.
SmartSwitch Router User Reference Manual
51
Chapter 2: Hot Swapping Line Cards and Control Modules
Warning: You can only hot swap an inactive Control Module. You should never remove
the active Control Module from the SSR. Doing so will crash the system.
The procedure for hot swapping a control module is similar to the procedure for hot
swapping a line card. You must deactivate the Control Module, remove it from the SSR,
and insert another Control Module or line card in the slot.
Deactivating the Control Module
To deactivate the Control Module:
1. Determine which is the secondary Control Module.
Control Modules can reside in slot CM or slot CM/1 on the SSR. Usually slot CM
contains the primary Control Module, and slot CM/1 contains the secondary Control
Module. On the primary Control Module, the Online LED is lit, and on the secondary
Control Module, the Offline LED is lit.
Note: The Offline LED on the Control Module has a different function from the
Offline LED on a line card. On a line card, it means that the line card has been
deactivated. On a Control Module, a lit Offline LED means that it is standing
by to take over as the primary Control Module if necessary; it does not mean
that the Control Module has been deactivated.
2. Press the Hot Swap button on the secondary Control Module.
When you press the Hot Swap button, all the LEDs on the Control Module (including
Hot Swap button on a Control Module.
SSR-CM2
CONTROL MODULE
Offline LED
10/100 Mgmt
Online Offline
Hot
Console
OK HBT
Swap
ERR DIAG
Hot Swap Button
Figure 2. Location of Offline LED and Hot Swap button on a Control Module
Removing the Control Module
To remove a Control Module from the SSR:
1. Make sure that none of the LEDs on the Control Module are lit.
2. Loosen the captive screws on each side of the Control Module.
3. Carefully remove the Control Module from its slot in the SSR chassis.
52
SmartSwitch Router User Reference Manual
Chapter 2: Hot Swapping Line Cards and Control Modules
Installing the Control Module
To install a new Control Module or line card into the slot:
Note: You can install either a line card or a Control Module in slot CM/1, but you can
install only a Control Module in slot CM.
1. Slide the Control Module or line card all the way into the slot, firmly but gently
pressing it fully in place to ensure that the pins on the back of the card are completely
seated in the backplane.
Note: Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
2. Tighten the captive screws on each side of the Control Module or line card to secure it
to the chassis.
On a line card, the Online LED lights, indicating it is now active.
On a secondary Control Module, the Offline LED lights, indicating it is standing by to
take over as the primary Control Module if necessary.
Hot Swapping a Switching Fabric Module (SSR 8600
only)
The SSR 8600 has slots for two Switching Fabric Modules. While the SSR 8600 is operating,
you can install a second Switching Fabric Module. If two Switching Fabric Modules are
installed, you can hot swap one of them.
When you remove one of the Switching Fabric Modules, the other goes online and stays
online until it is removed or the SSR 8600 is powered off. When the SSR 8600 is powered
on again, the Switching Fabric Module in slot “Fabric 1”, if one is installed there, becomes
the active Switching Fabric Module.
Warning: You can only hot swap a Switching Fabric Module if two are installed on the SSR
8600. If only one Switching Fabric Module is installed, and you remove it, the SSR 8600
will crash.
The procedure for hot swapping a Switching Fabric Module is similar to the procedure for
hot swapping a line card or Control Module. You deactivate the Switching Fabric Module,
remove it from the SSR, and insert another Switching Fabric Module in the slot.
Note: You cannot deactivate the Switching Fabric Module with the system hotswap
command.
To deactivate the Switching Fabric Module:
1. Press the Hot Swap button on the Switching Fabric Module you want to deactivate.
SmartSwitch Router User Reference Manual
53
Chapter 2: Hot Swapping Line Cards and Control Modules
Offline LED and Hot Swap button on a Switching Fabric Module.
Offline LED
Offline
Online
Switching Fabric
SSR-SF-16
Hot
Active
Swap
Hot Swap Button
Figure 3. Location of Offline LED and Hot Swap button on a Switching Fabric
Module
To remove the Switching Fabric Module:
1. Loosen the captive screws on each side of the Switching Fabric Module.
2. Pull the metal tabs on the Switching Fabric Module to free it from the connectors
holding it in place in the chassis.
3. Carefully remove the Switching Fabric Module from its slot.
To install a Switching Fabric Module:
1. Slide the Switching Fabric Module all the way into the slot, firmly but gently pressing
to ensure that the pins on the back of the module are completely seated in the
backplane.
Note: Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
2. Tighten the captive screws on each side of the Switching Fabric Module to secure it to
the chassis.
54
SmartSwitch Router User Reference Manual
Chapter 3
Bridging
Configuration
Guide
Bridging Overview
The SmartSwitch Router provides the following bridging functions:
•
•
•
•
Compliance with the IEEE 802.1d standard
Compliance with the IGMP multicast bridging standard
Wire-speed address-based bridging or flow-based bridging
Ability to logically segment a transparently bridged network into virtual local-area
networks (VLANs), based on physical ports or protocol (IP or IPX or bridged protocols
like Appletalk)
•
•
Frame filtering based on MAC address for bridged and multicast traffic
Integrated routing and bridging, which supports bridging of intra-VLAN traffic and
routing of inter-VLAN traffic
Spanning Tree (IEEE 802.1d)
Spanning tree (IEEE 802.1d) allows bridges to dynamically discover a subset of the
topology that is loop-free. In addition, the loop-free tree that is discovered contains paths
to every LAN segment.
SmartSwitch Router User Reference Manual
55
Chapter 3: Bridging Configuration Guide
Bridging Modes (Flow-Based and Address-Based)
The SSR provides the following types of wire-speed bridging:
Address-based bridging - The SSR performs this type of bridging by looking up the
destination address in an L2 lookup table on the line card that receives the bridge packet
from the network. The L2 lookup table indicates the exit port(s) for the bridged packet. If
the packet is addressed to the SSR's own MAC address, the packet is routed rather than
bridged.
Flow-based bridging - The SSR performs this type of bridging by looking up an entry in
the L2 lookup table containing both the source and destination addresses of the received
packet in order to determine how the packet is to be handled.
The SSR ports perform address-based bridging by default but can be configured to
perform flow-based bridging instead, on a per-port basis. A port cannot be configured to
perform both types of bridging at the same time.
The SSR performance is equivalent when performing flow-based bridging or address-
based bridging. However, address-based bridging is more efficient because it requires
fewer table entries while flow-based bridging provides tighter management and control
over bridged traffic.
VLAN Overview
Virtual LANs (VLANs) are a means of dividing a physical network into several logical
(virtual) LANs. The division can be done on the basis of various criteria, giving rise to
different types of VLANs. For example, the simplest type of VLAN is the port-based
VLAN. Port-based VLANs divide a network into a number of VLANs by assigning a
VLAN to each port of a switching device. Then, any traffic received on a given port of a
switch belongs to the VLAN associated with that port.
VLANs are primarily used for broadcast containment. A layer-2 (L2) broadcast frame is
normally transmitted all over a bridged network. By dividing the network into VLANs,
the range of a broadcast is limited, i.e., the broadcast frame is transmitted only to the
VLAN to which it belongs. This reduces the broadcast traffic on a network by an
appreciable factor.
The type of VLAN depends upon one criterion: how a received frame is classified as
belonging to a particular VLAN. VLANs can be categorized into the following types:
•
•
•
•
Port based
MAC address based
Protocol based
Subnet based
56
SmartSwitch Router User Reference Manual
Chapter 3: Bridging Configuration Guide
•
•
Multicast based
Policy based
Detailed information about these types of VLANs is beyond the scope of this manual.
Each type of VLAN is briefly explained in the following subsections.
Port-based VLANs
Ports of L2 devices (switches, bridges) are assigned to VLANs. Any traffic received by a
port is classified as belonging to the VLAN to which the port belongs. For example, if
ports 1, 2, and 3 belong to the VLAN named “Marketing”, then a broadcast frame received
by port 1 is transmitted on ports 2 and 3. It is not transmitted on any other port.
MAC-address-based VLANs
In this type of VLAN, each switch (or a central VLAN information server) keeps track of
all MAC addresses in a network and maps them to VLANs based on information
configured by the network administrator. When a frame is received at a port, its
destination MAC address is looked up in the VLAN database. The VLAN database
returns the name of the VLAN to which this frame belongs.
This type of VLAN is powerful in the sense that network devices such as printers and
workstations can be moved anywhere in the network without the need for network
reconfiguration. However, the administration is intensive because all MAC addresses on
the network need to be known and configured.
Protocol-based VLANs
Protocol-based VLANs divide the physical network into logical VLANs based on
protocol. When a frame is received at a port, its VLAN is determined by the protocol of
the packet. For example, there could be separate VLANs for IP, IPX and Appletalk. An IP
broadcast frame will only be sent to all ports in the IP VLAN.
Subnet-based VLANs
Subnet-based VLANs are a subset of protocol based VLANs and determine the VLAN of a
frame based on the subnet to which the frame belongs. To do this, the switch must look
into the network layer header of the incoming frame. This type of VLAN behaves similar
to a router by segregating different subnets into different broadcast domains.
SmartSwitch Router User Reference Manual
57
Chapter 3: Bridging Configuration Guide
Multicast-based VLANs
Multicast-based VLANs are created dynamically for multicast groups. Typically, each
multicast group corresponds to a different VLAN. This ensures that multicast frames are
received only by those ports that are connected to members of the appropriate multicast
group.
Policy-based VLANs
Policy-based VLANs are the most general definition of VLANs. Each incoming
(untagged) frame is looked up in a policy database, which determines the VLAN to which
the frame belongs. For example, you could set up a policy which creates a special VLAN
for all email traffic between the management officers of a company, so that this traffic will
not be seen anywhere else.
SSR VLAN Support
The SSR supports:
•
•
•
Port-based VLANs
Protocol-based VLANs
Subnet-based VLANs
When using the SSR as an L2 bridge/switch, use the port-based and protocol-based
VLAN types. When using the SSR as a combined switch and router, use the subnet-based
VLANs in addition to port-based and protocol-based VLANs. It is not necessary to
remember the types of VLANs in order to configure the SSR, as seen in the section on
configuring the SSR.
VLANs and the SSR
VLANs are an integral part of the SSR family of switching routers. The SSR switching
routers can function as layer-2 (L2) switches as well as fully-functonal layer-3 (L3) routers.
Hence they can be viewed as a switch and a router in one box. To provide maximum
performance and functionality, the L2 and L3 aspects of the SSR switching routers are
tightly coupled.
The SSR can be used purely as an L2 switch. Frames arriving at any port are bridged and
not routed. In this case, setting up VLANs and associating ports with VLANs is all that is
required. You can set up the SSR switching router to use port-based VLANs, protocol-
based VLANs, or a mixture of the two types.
The SSR can also be used purely as a router, i.e., each physical port of the SSR is a separate
routing interface. Packets received at any interface are routed and not bridged. In this
case, no VLAN configuration is required. Note that VLANs are still created implicitly by
58
SmartSwitch Router User Reference Manual
Chapter 3: Bridging Configuration Guide
the SSR as a result of creating L3 interfaces for IP and/or IPX. However, these implicit
VLANs do not need to be created or configured manually. The implicit VLANs created by
the SSR are subnet-based VLANs.
Most commonly, an SSR is used as a combined switch and router. For example, it may be
connected to two subnets S1 and S2. Ports 1-8 belong to S1 and ports 9-16 belong to S2.
The required behavior of the SSR is that intra-subnet frames be bridged and inter-subnet
packets be routed. In other words, traffic between two workstations that belong to the
same subnet should be bridged, and traffic between two workstations that belong to
different subnets should be routed.
The SSR switching routers use VLANs to achieve this behavior. This means that a L3
subnet (i.e., an IP or IPX subnet) is mapped to a VLAN. A given subnet maps to exactly
one and only one VLAN. With this definition, the terms VLAN and subnet are almost
interchangeable.
To configure an SSR as a combined switch and router, the administrator must create
VLANs whenever multiple ports of the SSR are to belong to a particular VLAN/subnet.
Then the VLAN must be bound to an L3 (IP/IPX) interface so that the SSR knows which
VLAN maps to which IP/IPX subnet.
Ports, VLANs, and L3 Interfaces
The term port refers to a physical connector on the SSR, such as an ethernet port. Each
port must belong to at least one VLAN. When the SSR is unconfigured, each port belongs
to a VLAN called the “default VLAN”. By creating VLANs and adding ports to the
created VLANs, the ports are moved from the default VLAN to the newly created VLANs.
Unlike traditional routers, the SSR has the concept of logical interfaces rather than
physical interfaces. An L3 interface is a logical entity created by the administrator. It can
contain more than one physical port. When an L3 interface contains exactly one physical
port, it is equivalent to an interface on a traditional router. When an L3 interface contains
several ports, it is equivalent to an interface of a traditional router which is connected to a
layer-2 device such as a switch or bridge.
Access Ports and Trunk Ports (802.1Q support)
The ports of an SSR can be classified into two types, based on VLAN functionality: access
ports and trunk ports. By default, a port is an access port. An access port can belong to at
most one VLAN of the following types: IP, IPX or bridged protocols. The SSR can
automatically determine whether a received frame is an IP frame, an IPX frame or neither.
Based on this, it selects a VLAN for the frame. Frames transmitted out of an access port
are untagged, meaning that they contain no special information about the VLAN to which
they belong. Untagged frames are classified as belonging to a particular VLAN based on
the protocol of the frame and the VLAN configured on the receiving port for that protocol.
SmartSwitch Router User Reference Manual
59
Chapter 3: Bridging Configuration Guide
For example, if port 1 belongs to VLAN IPX_VLAN for IPX, VLAN IP_VLAN for IP and
VLAN OTHER_VLAN for any other protocol, then an IP frame received by port 1 is
classified as belonging to VLAN IP_VLAN.
Trunk ports (802.1Q) are usually used to connect one VLAN-aware switch to another.
They carry traffic belonging to several VLANs. For example, suppose that SSR A and B
are both configured with VLANs V1 and V2.
Then a frame arriving at a port on SSR A must be sent to SSR B, if the frame belongs to
VLAN V1 or to VLAN V2. Thus the ports on SSR A and B which connect the two SSRs
together must belong to both VLAN V1 and VLAN V2. Also, when these ports receive a
frame, they must be able to determine whether the frame belongs to V1 or to V2. This is
accomplished by “tagging” the frames, i.e., by prepending information to the frame in
order to identify the VLAN to which the frame belongs. In the SSR switching routers,
trunk ports always transmit and receive tagged frames only. The format of the tag is
specified by the IEEE 802.1Q standard. The only exception to this is Spanning Tree
Protocol frames, which are transmitted as untagged frames.
Explicit and Implicit VLANs
As mentioned earlier, VLANs can either be created explicitly by the administrator (explicit
VLANs) or are created implicitly by the SSR when L3 interfaces are created (implicit
VLANs).
Configuring SSR Bridging Functions
Configuring Address-based or Flow-based Bridging
The SSR ports perform address-based bridging by default but can be configured to
perform flow-based bridging instead of address-based bridging, on a per-port basis. A
port cannot be configured to perform both types of bridging at the same time.
The SSR performance is equivalent when performing flow-based bridging or address-
based bridging. However, address-based bridging is more efficient because it requires
fewer table entries while flow-based bridging provides tighter management and control
over bridged traffic.
For example, the following illustration shows an SSR with traffic being sent from port A to
port B, port B to port A, port B to port C, and port A to port C.
60
SmartSwitch Router User Reference Manual
Chapter 3: Bridging Configuration Guide
SSR
A
B C
The corresponding bridge tables for address-based and flow-based bridging are shown
below. As shown, the bridge table contains more information on the traffic patterns when
flow-based bridging is enabled compared to address-based bridging.
Address-Based Bridge Table
A (source)
Flow-Based Bridge Table
A → B
B → A
B → C
A → C
B (source)
C (destination)
With the SSR configured in flow-based bridging mode, the network manager has “per
flow” control of layer-2 traffic. The network manager can then apply Quality of Service
(QoS) policies or security filters based on layer-2 traffic flows.
To enable flow-based bridging on a port, enter the following command in Configure
mode.
Configure a port for flow-based
bridging.
port flow-bridging <port-list>|all-ports
To change a port from flow-based bridging to address-based bridging, enter the following
command in Configure mode:
Change a port from flow-
based bridging to address-
based bridging.
negate<line-number of active config containing command>:
port flow-bridging<port-list>|all-ports
Configuring Spanning Tree
Note: Some commands in this facility require updated SSR hardware. Please refer to the
Release Notes for details.
SmartSwitch Router User Reference Manual
61
Chapter 3: Bridging Configuration Guide
The SSR supports per VLAN spanning tree. By default, all the VLANs defined belong to
the default spanning tree. You can create a separate instance of spanning tree using the
following command:
Create spanning tree for a VLAN.
pvst create spanningtree vlan-name
<string>
By default, spanning tree is disabled on the SSR. To enable spanning tree on the SSR, you
perform the following tasks on the ports where you want spanning tree enabled..
Enable spanning tree on one or
more ports for default spanning
tree.
stp enable port<port-list>
Enable spanning tree on one or
pvst enable port<port-list> spanning-tree
more ports for a particular VLAN.
<string>
Adjusting Spanning-Tree Parameters
You may need to adjust certain spanning-tree parameters if the default values are not
suitable for your bridge configuration. Parameters affecting the entire spanning tree are
configured with variations of the bridge global configuration command. Interface-specific
parameters are configured with variations of the bridge-group interface configuration
command.
You can adjust spanning-tree parameters by performing any of the tasks in the following
sections:
•
•
Set the Bridge Priority
Set an Interface Priority
Note: Only network administrators with a good understanding of how bridges and the
Spanning-Tree Protocol work should make adjustments to spanning-tree
parameters. Poorly chosen adjustments to these parameters can have a negative
impact on performance. A good source on bridging is the IEEE 802.1d
specification.
Setting the Bridge Priority
You can globally configure the priority of an individual bridge when two bridges tie for
position as the root bridge, or you can configure the likelihood that a bridge will be
selected as the root bridge. The lower the bridge's priority, the more likely the bridge will
be selected as the root bridge. This priority is determined by default; however, you can
change it.
62
SmartSwitch Router User Reference Manual
Chapter 3: Bridging Configuration Guide
To set the bridge priority, enter the following command in Configure mode:
Set the bridge priority for default
spanning tree.
stp set bridging priority <num>
Set the bridge priority for a
pvst set bridging spanning-tree <string>
particular instance of spanning tree. priority <num>
Setting a Port Priority
You can set a priority for an interface. When two bridges tie for position as the root bridge,
you configure an interface priority to break the tie. The bridge with the lowest interface
value is elected.
To set an interface priority, enter the following command in Configure mode:
Establish a priority for a specified
interface for default spanning tree.
stp set port <port-list> priority <num>
Establish a priority for a specified
interface for a particular instance of
spanning tree.
pvst set port <port-list> spanning-tree
<string> priority <num>
Assigning Port Costs
Each interface has a port cost associated with it. By convention, the port cost is 1000/data
rate of the attached LAN, in Mbps. You can set different port costs.
To assign port costs, enter the following command in Configure mode:
Set a different port cost other than
the defaults for default spanning
tree.
stp set port <port-list> port-cost <num>
Set a different port cost other than
pvst set port <port-list> spanning-tree
the defaults for a particular instance <string> port-cost <num>
of spanning tree.
Adjusting Bridge Protocol Data Unit (BPDU) Intervals
You can adjust BPDU intervals as described in the following sections:
•
•
Adjust the Interval between Hello BPDUs
Define the Forward Delay Interval
SmartSwitch Router User Reference Manual
63
Chapter 3: Bridging Configuration Guide
•
Define the Maximum Idle Interval
Adjusting the Interval between Hello Times
You can specify the interval between hello time.
To adjust this interval, enter the following command in Configure mode:
Specify the interval between hello
time for default spanning tree.
stp set bridging hello-time <num>
Specify the interval between hello
time for a particular instance of
spanning tree.
pvst set bridging spanning-tree <string>
hello-time <num>
Defining the Forward Delay Interval
The forward delay interval is the amount of time spent listening for topology change
information after an interface has been activated for bridging and before forwarding
actually begins.
To change the default interval setting, enter the following command in Configure mode:
Set the default of the forward delay stp set bridging forward-delay <num>
interval for default spanning tree.
Set the default of the forward delay pvst set bridging spanning-tree <string>
interval for a particular instance of
spanning tree.
forward-delay <num>
Defining the Maximum Age
If a bridge does not hear BPDUs from the root bridge within a specified interval, it
assumes that the network has changed and recomputes the spanning-tree topology.
To change the default interval setting, enter the following command in Configure mode:
Change the amount of time a bridge will
wait to hear BPDUs from the root bridge
for default spanning tree.
stp set bridging max-age <num>
Change the amount of time a bridge will
wait to hear BPDUs from the root bridge
for a particular instance of spanning tree.
pvst set bridging spanning-tree
<string> max-age <num>
64
SmartSwitch Router User Reference Manual
Chapter 3: Bridging Configuration Guide
Configuring a Port or Protocol based VLAN
To create a port or protocol based VLAN, perform the following steps in the Configure
mode.
1. Create a port or protocol based VLAN.
2. Add physical ports to a VLAN.
Creating a Port or Protocol Based VLAN
To create a VLAN, enter the following command in Configure mode.
Create a VLAN. vlan create <vlan-name> <type> id <num>
Adding Ports to a VLAN
To add ports to a VLAN, enter the following command in Configure mode.
Add ports to a VLAN.
vlan add ports <port-list> to <vlan-name>
Configuring VLAN Trunk Ports
The SSR supports standards-based VLAN trunking between multiple SSRs as defined by
IEEE 802.1Q. 802.1Q adds a header to a standard Ethernet frame which includes a unique
VLAN id per trunk between two SSRs. These VLAN IDs extend the VLAN broadcast
domain to more than one SSR.
To configure a VLAN trunk, enter the following command in the Configure mode.
Configure 802.1Q VLAN trunks.
vlan make <port-type> <port-list>
Configuring VLANs for Bridging
The SSR allows you to create VLANs for AppleTalk, DECnet, SNA, and IPv6 traffic as well
as for IP and IPX traffic. You can create a VLAN for handling traffic for a single protocol,
such as a DECnet VLAN. Or, you can create a VLAN that supports several specific
protocols, such as SNA and IP traffic.
Note: Some commands in this facility require updated SSR hardware. Please refer to the
Release Notes for details.
SmartSwitch Router User Reference Manual
65
Chapter 3: Bridging Configuration Guide
Configuring Layer-2 Filters
Layer-2 security filters on the SSR allow you to configure ports to filter specific MAC
addresses. When defining a Layer-2 security filter, you specify to which ports you want
the filter to apply. Refer to the “Security Configuration Chapter” for details on configuring
Layer-2 filters. You can specify the following security filters:
•
Address filters
These filters block traffic based on the frame's source MAC address, destination MAC
address, or both source and destination MAC addresses in flow bridging mode.
Address filters are always configured and applied to the input port.
•
•
Port-to-address lock filters
These filters prohibit a user connected to a locked port or set of ports from using
another port.
Static entry filters
These filters allow or force traffic to go to a set of destination ports based on a frame's
source MAC address, destination MAC address, or both source and destination MAC
addresses in flow bridging mode. Static entries are always configured and applied at
the input port.
•
Secure port filters
A secure filter shuts down access to the SSR based on MAC addresses. All packets
received by a port are dropped. When combined with static entries, however, these
filters can be used to drop all received traffic but allow some frames to go through.
Monitoring Bridging
The SSR provides display of bridging statistics and configurations contained in the SSR.
To display bridging information, enter the following commands in Enable mode.
ip show routes
Show IP routing table.
l2-tables show all-macs
Show all MAC addresses currently
in the l2 tables.
l2-tables show port-macs
l2-tables show mac-table-stats
l2-tables show mac
Show l2 table information on a
specific port.
Show information the master MAC
table.
Show information on a specific
MAC address.
66
SmartSwitch Router User Reference Manual
|