Register / log-in to add to your Hammerwall Collection.
Manual Location
The Search Results for the Search Section to the left will appear here.
Page: 1
® SuperStack 3 Switch Implementation Guide Generic guide for units in the SuperStack 3 Switch 4400 Series : 3C17203 , 3C17204 , 3C17205 , 3C17206 , 3C17210 http : / / www . 3com.com / Part No . DUA1720 - 3BAA05 Published March 2004
Page: 2
3Com Corporation Copyright © 2004 , 3Com Corporation . All rights reserved . No part of this documentation may be reproduced in any form or by any means or used to make any derivative work ( such as translation , transformation , or 350 Campus Drive adaptation ) without written permission from 3Com Corporation . Marlborough , 3Com Corporation reserves the right to revise this documentation and to make changes in content from time MA 01752 - 3064 to time without obligation on the part of 3Com Corporation to provide notification of such revision or change . 3Com Corporation provides this documentation without warranty , term , or condition of any kind , either implied or expressed , including , but not limited to , the implied warranties , terms or conditions of merchantability , satisfactory quality , and fitness for a particular purpose . 3Com may make improvements or changes in the product ( s ) and / or the program ( s ) described in this documentation at any time . If there is any software on removable media described in this documentation , it is furnished under a license agreement included with the product as a separate document , in the hard copy documentation , or on the removable media in a directory file named LICENSE.TXT or ! LICENSE.TXT . If you are unable to locate a copy , please contact 3Com and a copy will be provided to you . UNITED STATES GOVERNMENT LEGEND If you are a United States government agency , then this documentation and the software described herein are provided to you subject to the following : All technical data and computer software are commercial in nature and developed solely at private expense . Software is delivered as “ Commercial Computer Software � as defined in DFARS 252.227 - 7014 ( June 1995 ) or as a “ commercial item � as defined in FAR 2.101 ( a ) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software . Technical data is provided with limited rights only as provided in DFAR 252.227 - 7015 ( Nov 1995 ) or FAR 52.227 - 14 ( June 1987 ) , whichever is applicable . You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in , or delivered to you in conjunction with , this User Guide . Unless otherwise indicated , 3Com registered trademarks are registered in the United States and may or may not be registered in other countries . 3Com , the 3Com logo and SuperStack are registered trademarks of 3Com Corporation . Intel and Pentium are registered trademarks of Intel Corporation . Microsoft , MS - DOS , Windows , and Windows NT are registered trademarks of Microsoft Corporation . Novell and NetWare are registered trademarks of Novell , Inc . UNIX is a registered trademark in the United States and other countries , licensed exclusively through X / Open Company , Ltd . Solaris is a registered trademark of Sun Microsystems . IEEE and 802 are registered trademarks of the Institute of Electrical and Electronics Engineers , Inc . All other company and product names may be trademarks of the respective companies with which they are associated . ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally - friendly in all operations . To uphold our policy , we are committed to : Establishing environmental performance standards that comply with national legislation and regulations . Conserving energy , materials and natural resources in all operations . Reducing the waste generated by all operations . Ensuring that all waste conforms to recognized environmental standards . Maximizing the recyclable and reusable content of all products . Ensuring that all products can be recycled , reused and disposed of safely . Ensuring that all products are labelled according to recognized environmental standards . Improving our environmental record on a continual basis . End of Life Statement 3Com processes allow for the recovery , reclamation and safe disposal of all end - of - life electronic components . Regulated Materials Statement 3Com products do not contain any hazardous or ozone - depleting material . Environmental Statement about the Documentation The documentation for this product is printed on paper that comes from sustainable , managed forests ; it is fully biodegradable and recyclable , and is completely chlorine - free . The varnish is environmentally - friendly , and the inks are vegetable - based with a low heavy - metal content . ENCRYPTION This product contains encryption and may require U.S . and / or local government authorization prior to export or import to another country .
Page: 3
CONTENTS ABOUT THIS GUIDE Conventions 10 Related Documentation 11 Documentation Comments 11 1 SWITCH FEATURES OVERVIEW What is Management Software ? 13 Switch Features Explained 13 Automatic IP Configuration 14 Security 14 Power Management 14 Aggregated Links 15 Auto - negotiation 15 Multicast Filtering 16 Resilient Links 16 Spanning Tree Protocol and Rapid Spanning Tree Protocol 16 Switch Database 17 Traffic Prioritization 17 Roving Analysis 18 RMON 18 Webcache Support 18 Broadcast Storm Control 19 VLANs 19 Configuration Save and Restore 19 2 OPTIMIZING BANDWIDTH Port Features 21 Duplex 21 Flow Control 22 Auto - negotiation 22
Page: 4
Smart Auto - sensing 23 Aggregated Links 23 How 802.3ad Link Aggregation Operates 24 Implementing 802.3ad Aggregated Links 25 Aggregated Links and Your Switch 27 Aggregated Link — Manual Configuration Example 31 3 USING MULTICAST FILTERING What is an IP Multicast ? 33 Benefits of Multicast 34 Multicast Filtering 34 Multicast Filtering and Your Switch 35 IGMP Multicast Filtering 36 4 USING RESILIENCE FEATURES Resilience Feature Overview 40 What are Resilient Links ? 40 Spanning Tree Protocol ( STP ) 41 Rapid Spanning Tree Protocol ( RSTP ) 42 What is STP ? 42 How STP Works 44 STP Requirements 44 STP Calculation 45 STP Configuration 46 STP Reconfiguration 46 How RSTP Differs to STP 46 STP Example 46 STP Configurations 48 Default Behavior 50 RSTP Default Behavior 50 Fast Start Default Behavior 50 Using STP on a Network with Multiple VLANs 51 5 USING THE SWITCH DATABASE What is the Switch Database ? 53 How Switch Database Entries Get Added 53
Page: 5
Switch Database Entry States 54 6 USING TRAFFIC PRIORITIZATION What is Traffic Prioritization ? 56 How Traffic Prioritization Works 57 Traffic Classification 58 Traffic Marking 59 Traffic Re - Marking 61 Traffic Prioritization 61 Traffic Queues 65 Traffic Shaping 65 Configuring Traffic Prioritization on the Switch 66 Methods of Configuring Traffic Prioritization 67 Important QoS Considerations 67 Default QoS Configurations 69 Example QoS Configurations 70 Other Configuration Examples and Guidelines 71 7 STATUS MONITORING AND STATISTICS Roving Analysis Port 73 Roving Analysis and Your Switch 73 RMON 74 What is RMON ? 74 The RMON Groups 74 Benefits of RMON 75 RMON and the Switch 76 Alarm Events 77 The Default Alarm Settings 77 The Audit Log 78 Email Notification of Events 78 8 SETTING UP VIRTUAL LANS What are VLANs ? 81 Benefits of VLANs 82 VLANs and Your Switch 83 The Default VLAN 83
Page: 6
Communication Between VLANs 83 Creating New VLANs 84 VLANs : Tagged and Untagged Membership 84 Configurable Management VLAN 85 VLAN Configuration Examples 85 Using Untagged Connections 85 Using 802.1Q Tagged Connections 86 Securing Switch Management Using a VLAN 88 9 USING WEBCACHE SUPPORT What is Webcache Support ? 89 Benefits of Webcache Support 89 How Webcache Support Works 90 Cache Health Checks 91 Webcache Support Example 92 Important Considerations 93 10 USING AUTOMATIC IP CONFIGURATION How Your Switch Obtains IP Information 96 How Automatic IP Configuration Works 96 Automatic Process 97 Important Considerations 98 Server Support 98 Event Log Entries and Traps 98 11 MAKING YOUR NETWORK SECURE Port Security 100 What is Network Login ? 101 How Network Login Works 102 Auto VLAN and QoS Assignment 103 Important Considerations 103 What is Disconnect Unauthorized Device ( DUD ) ? 104 How DUD Works 104 What is Switch Management Login ? 104 Benefits of RADIUS Authentication 105 How RADIUS Authentication Works 106
Page: 7
Important Considerations 107 What is RADIUS ? 108 Trusted IP 108 Configuring Trusted IP 108 Secure Shell ( SSH ) 109 What is Secure Shell ? 109 How Secure Shell Works 110 Benefits of Secure Shell 110 Prerequisite for Using SSH 111 Generating and Configuring Switch Host Keys 111 Supplying the Switch’s Host Public Key to Clients 112 Configuring the Switch for User Authentication 112 Transferring Public Keys to the Switch 115 12 POWER MANAGEMENT AND CONTROL What is Power over Ethernet ? 117 Benefits of Power over Ethernet 117 Planning Power Budgets 118 Calculating Power Budgets 118 Implementing a Power Plan 119 Configuring a Guaranteed Power Plan 120 Monitoring Power Usage 120 Monitoring Power Usage LEDs 121 Monitoring Port LEDs 121 Monitoring Power Usage using the Web Interface 122 Problem Solving 123 13 USING SWITCH CONFIGURATION FEATURES Configuration Save and Restore 125 Upgrading Management Software 127 Upgrading the Switch 4400 SE 127 A CONFIGURATION RULES Configuration Rules for Gigabit Ethernet 131 Configuration Rules for Fast Ethernet 132 Configuration Rules with Full Duplex 133
Page: 8
B NETWORK CONFIGURATION EXAMPLES Simple Network Configuration Examples 136 Segmentation Switch Example 136 Collapsed Backbone Switch Example 137 Desktop Switch Example 138 Advanced Network Configuration Examples 139 Improving the Resilience of Your Network 139 Enhancing the Performance of Your Network 140 Utilizing the Traffic Prioritization Features of Your Network 141 C IP ADDRESSING IP Addresses 143 Simple Overview 143 Advanced Overview 144 Subnets and Subnet Masks 146 Default Gateways 148 GLOSSARY INDEX
Page: 9
ABOUT THIS GUIDE ® This guide describes the features of the SuperStack 3 Switch 4400 Series and outlines how to use these features to optimize the performance of your network . Most features detailed in this guide are common to all Switches in the 4400 Series . Refer to the Management Quick Reference Guide that accompanies your Switch for details of the specific features your Switch supports . This guide is intended for the system or network administrator who is responsible for configuring , using , and managing the Switches . It assumes a working knowledge of local area network ( LAN ) operations and familiarity with communication protocols that are used to interconnect LANs . For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch or on the 3Com Web site . If release notes are shipped with your product and the information there differs from the information in this guide , follow the instructions in the release notes . Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format ( PDF ) or HTML on the 3Com World Wide Web site : http : / / www . 3com.com /
Page: 10
10 ABOUT THIS GUIDE Conventions Table 1 and Table 2 list conventions that are used throughout this guide . Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions Caution Information that alerts you to potential loss of data or potential damage to an application , system , or device Warning Information that alerts you to potential personal injury Table 2 Text Conventions Convention Description Screen displays This typeface represents information as it appears on the screen . Syntax The word “ syntax � means that you must evaluate the syntax provided and then supply the appropriate values for the placeholders that appear in angle brackets . Example : To change your password , use the following syntax : system password < password > In this example , you must supply a password for < password > . Commands The word “ command � means that you must enter the command exactly as shown and then press Return or Enter . Commands appear in bold . Example : To display port information , enter the following command : bridge port detail The words “ enter � When you see the word “ enter � in this guide , you must type and “ type � something , and then press Return or Enter . Do not press Return or Enter when an instruction simply says “ type . � Keyboard key names If you must press two or more keys simultaneously , the key names are linked with a plus sign ( + ) . Example : Press Ctrl + Alt + Del Words in italics Italics are used to : ■Emphasize a point . ■Denote a new term at the place where it is defined in the text . ■Identify menu names , menu commands , and software button names . Examples : From the Help menu , select Contents . Click OK .
Page: 11
Related Documentation 11 Related In addition to this guide , each Switch documentation set includes the Documentation following : â– SuperStack 3 Switch 4400 Getting Started Guide This guide contains : â– all the information you need to install and set up the Switch in its default state â– information on how to access the management software to begin managing the Switch . â– SuperStack 3 Switch Management Interface Reference Guide This guide provides detailed information about the Web interface and Command Line Interface that enable you to manage the Switch . It is supplied in HTML format on the CD - ROM that accompanies the Switch . â– SuperStack 3 Switch Management Quick Reference Guide This guide contains : â– a list of the features supported by the Switch . â– a summary of the Web interface and Command Line Interface commands for the Switch . â– Release Notes These notes provide information about the current software release , including new features , modifications , and known problems . There are other publications you may find useful , such as : â– Documentation accompanying the Advanced Redundant Power system . â– Documentation accompanying the Expansion Modules . â– Documentation accompanying 3Com Network Supervisor . This is supplied on the CD - ROM that accompanies the Switch . Documentation Your suggestions are very important to us . They will help make our Comments documentation more useful to you . Please e - mail comments about this document to 3Com at : pddtechpubs_comments @ 3com.com
Page: 12
12 ABOUT THIS GUIDE Please include the following information when contacting us : â– Document title â– Document part number ( on the title page ) â– Page number ( if appropriate ) Example : â– SuperStack 3 Switch Implementation Guide â– Part number : DUA1720 - 3BAA05 â– Page 25 Please note that we can only respond to comments and questions about 3Com product documentation at this e - mail address . Questions related to technical support or sales should be directed in the first instance to your network supplier .
Page: 13
SWITCH FEATURES OVERVIEW 1 ® This chapter contains introductory information about the SuperStack 3 Switch 4400 management software and supported features . It covers the following topics : ■What is Management Software ? ■Switch Features Explained For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch . What is Your Switch can operate in its default state . However , to make full use of Management the features offered by the Switch , and to change and monitor the way it Software ? works , you have to access the management software that resides on the Switch . This is known as managing the Switch . Managing the Switch can help you to improve its efficiency and therefore the overall performance of your network . There are several different methods of accessing the management software to manage the Switch . These methods are explained in Chapter 3 of the Getting Started Guide that accompanies your Switch . Switch Features The management software provides you with the capability to change the Explained default state of some of the Switch features . This section provides a brief overview of these features — their applications are explained in more detail later in this guide . For a list of the features supported by your Switch , please refer to the Management Quick Reference Guide that accompanies your Switch .
Page: 14
14 CHAPTER 1 : SWITCH FEATURES OVERVIEW Automatic IP Your Switch can have its IP information automatically configured using a Configuration DHCP server , Auto - IP , or BOOTP server . Alternatively , you can manually configure the IP information . For more information about how the automatic IP configuration feature works , see Chapter 10 ’ Using Automatic IP Configuration ’ Security Your Switch has the following security features , which guard against unauthorized users connecting devices to your network : ■Network Login — controls user access at the network edge by blocking or unblocking access on a per - port basis . ■Disconnect Unauthorized Device ( DUD ) — disables a port if an unauthorized device transmits data on it . ■Switch Management Login — user name and password information is stored in a database on a RADIUS server in your network . Login attempts to the Switch are remotely authenticated by the RADIUS server . ■Trusted IP — enables a you to define the IP host addresses and subnets trusted to access the management interfacessof the switch . ■SSH — enables secure access to the Command Line Interface of the Switch . For more information about how the port security features work , see ’ . Chapter 11 ’ Making Your Network Secure Power Management Power Management is the supply and control of power to connected Ethernet devices . Power Management provides two benefits : ■Cabling needs are reduced — Power over Ethernet ( 802.3af ) compliant devices need only an Ethernet cable . ■Reliability is increased — As the power is supplied over the Ethernet cable it can be backed up by redundant and uninterruptible power supplies . Power Management is only available on the Switch 4400 PWR ( 3C17205 ) . For more information about power management , see Chapter 12 ’ Power Management and Control ’ .
Page: 15
Switch Features Explained 15 Aggregated Links Aggregated links are connections that allow devices to communicate using up to four links in parallel . Aggregated links provide two benefits : ■They can potentially double , triple or quadruple the bandwidth of a connection . ■They can provide redundancy — if one link is broken , the other links share the traffic for that link . For more information about aggregated links , see Chapter 2 ’ Optimizing Bandwidth ’ . Auto - negotiation Auto - negotiation allows ports to auto - negotiate port speed , duplex - mode ( only at 10 Mbps and 100 Mbps ) and flow control . When auto - negotiation is enabled ( default ) , a port “ advertises � its maximum capabilities — these capabilities are by default the parameters that provide the highest performance supported by the port . 100BASE - FX and 1000BASE - SX ports do not support auto - negotiation of port speed . Ports operating at 1000 Mbps only support full duplex mode . For details of the auto - negotiation features supported by your Switch , please refer to the Management Quick Reference Guide that accompanies your Switch . Duplex Full duplex mode allows packets to be transmitted and received simultaneously and , in effect , doubles the potential throughput of a link . Flow Control All Switch ports support flow control , which is a mechanism that minimizes packet loss during periods of congestion on the network . Flow control is supported on ports operating in half duplex mode , and is implemented using the IEEE Std 802.3 - 2002 ( incorporating 802.3x ) on ports operating in full duplex mode . Smart Auto - sensing Smart auto - sensing allows auto - negotiating multi - speed ports , such as 10 / 100 Mbps or 100 / 1000 Mbps , to monitor and detect high error rates ,
Page: 16
16 CHAPTER 1 : SWITCH FEATURES OVERVIEW or problems in the “ physical � interconnection to another port . The port reacts accordingly by tuning the link from its higher speed to the lower supported speed to provide an error - free connection to the network . 100BASE - FX and 1000BASE - SX ports do not support smart auto - sensing . For more information about auto - negotiation and port capabilities , see ’ . Chapter 2 ’ Optimizing Bandwidth Multicast Filtering Multicast filtering allows the Switch to forward multicast traffic to only the endstations that are part of a predefined multicast group , rather than broadcasting the traffic to the whole network . The multicast filtering system supported by your Switch uses IGMP ( Internet Group Management Protocol ) snooping to detect the endstations in each multicast group to which multicast traffic should be forwarded . For more information about multicast filtering , see Chapter 3 ’ Using Multicast Filtering ’ . Resilient Links The resilient link feature enables you to protect critical links and prevent network downtime should those links fail . Setting up resilient links ensures that if a main communication link fails , a standby duplicate link automatically takes over the task of the main link . Each main and standby link pair is referred to as a resilient link pair . Resilient links are a simple method of creating redundancy that provides you with a fast reaction to link failure . Resilient links are quick to set up , you have full control over their configuration , and the port at the other end of the resilient link does not have to support any resilience feature . For more information about resilient links , see Chapter 4 ’ Using Resilience Features ’ . Spanning Tree Spanning Tree Protocol ( STP ) and Rapid Spanning Tree Protocol ( RSTP ) Protocol and Rapid are bridge - based systems that make your network more resilient to link Spanning Tree failure and also provide protection from network loops — one of the Protocol major causes of broadcast storms .
Page: 17
Switch Features Explained 17 STP allows you to implement alternative paths for network traffic in the event of path failure and uses a loop - detection process to : ■Discover the efficiency of each path . ■Enable the most efficient path . ■Disable the less efficient paths . ■Enable one of the less efficient paths if the most efficient path fails . RSTP is an enhanced version of the STP feature and is enabled by default . RSTP can restore a network connection quicker than the legacy STP feature . RSTP can detect if it is connected to a legacy device that only supports IEEE 802.1D STP and will automatically downgrade to STP on that particular port . STP conforms to the IEEE Std 802.1D , 1998 Edition and RSTP conforms to the IEEE Std 802.1w - 2001 . For more information about STP and RSTP , see Chapter 4 ’ Using Resilience Features ’ . Switch Database The Switch Database is an integral part of the Switch and is used by the Switch to determine if a packet should be forwarded , and which port should transmit the packet if it is to be forwarded . For more information about the Switch Database , see Chapter 5 ’ Using the Switch Database ’ . Traffic Prioritization Using the traffic prioritization capabilities of your Switch provides Quality of Service ( QoS ) to your network through increased reliability of data delivery . You can prioritize traffic on your network to ensure that high priority data is transmitted with minimum delay . Traffic can be controlled by a set of rules to obtain the required Quality of Service for your network . The rules define different types of traffic and specify how each type should be treated as it passes through the Switch , for example , prioritized or discarded . Being able to define exactly how you want your Switch to treat selected applications , devices , users and types of traffic allows you to have more control over your network . For more information about traffic prioritization , see Chapter 6 ’ Using Traffic Prioritization ’ .
Page: 18
18 CHAPTER 1 : SWITCH FEATURES OVERVIEW Roving Analysis Roving analysis is a system that allows you to attach a network analyzer to one port and use it to monitor the traffic of other ports on the Switch . The system works by enabling you to define an analysis port ( the port that is connected to the analyzer ) , and a monitor port ( the port that is to be monitored ) . Once the pair are defined , and you start monitoring , the Switch takes all the traffic going in and out of the monitor port and copies it to the analysis port . You can use roving analysis when you need the functions of a network analyzer , but do not want to change the physical characteristics of the monitored segment by attaching an analyzer to that segment . For more information about roving analysis , see Chapter 7 ’ Status Monitoring and Statistics ’ . RMON Remote Monitoring ( RMON ) is an industry standard feature for traffic monitoring and collecting network statistics . The Switch software continually collects statistics about the LAN segments connected to the Switch . If you have a management workstation with an RMON management application , the Switch can transfer these statistics to your workstation on request or when a pre - defined threshold is exceeded . Event Notification You can configure your Switch to send you notification when certain events occur . You can receive notification via email , SMS ( Short Message Server ) , or pager . For more information about RMON and Event Notification , see Chapter 7 ’ Status Monitoring and Statistics ’ . Webcache Support Webcache support allows your Switch to detect and redirect HTTP web traffic to a local Webcache . Users can then access frequently used Web pages stored locally on the Webcache — this allows your network to operate more efficiently and reduces WAN network traffic . To make Webcache support available on the SuperStack 3 Switch 4400 SE , upgrade the product to the Switch 4400 SE Enhanced Software Upgrade ( 3C17207 ) . For more information about Webcache Support , see Chapter 9 ’ Using Webcache Support ’ .
Page: 19
Switch Features Explained 19 Broadcast Storm Broadcast Storm Control is a system that monitors the level of broadcast If the broadcast traffic level rises to a pre - defined Control traffic on that port . number of frames per second ( threshold ) , the broadcast traffic on the port traffic level drops below the threshold . This is blocked until the broadcast system prevents the overwhelming broadcast traffic that can result from network equipment which is faulty or configured incorrectly . VLANs A Virtual LAN ( VLAN ) is a flexible group of devices that can be located anywhere in a network , but which communicate as if they are on the same physical segment . With VLANs , you can segment your network without being restricted by physical connections — a limitation of traditional network design . As an example , with VLANs you can segment your network according to : ■Departmental groups ■Hierarchical groups ■Usage groups For more information about VLANs , see Chapter 8 ’ Setting Up Virtual LANs ’ . Configuration Save Configuration Save and Restore allows the configuration of your Switch and Restore to be saved as a file on a remote server , or to be restored onto the Switch from a remote file . For further information about Configuration Save and Restore , see ’ . Chapter 13 ’ Using Switch Configuration Features
Page: 20
20 CHAPTER 1 : SWITCH FEATURES OVERVIEW
Page: 21
OPTIMIZING BANDWIDTH 2 There are many ways you can optimize the bandwidth on your network and improve network performance . If you utilize certain Switch features you can provide the following benefits to your network and end users : â– Increased bandwidth â– Quicker connections â– Faster transfer of data â– Minimized data errors â– Reduced network downtime For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch . Port Features The default state for all the features detailed below provides the best configuration for most users . In normal operation , you do not need to alter the Switch from its default state . However , under certain conditions you may wish to alter the default state of these ports , for example , if you are connecting to old equipment that does not comply with the IEEE 802.3x standard . Duplex Full duplex allows packets to be transmitted and received simultaneously and , in effect , doubles the potential throughput of a link . Half duplex only allows packets to be transmitted or received at any one time . To communicate effectively , both devices at either end of a link must use the same duplex mode . If the devices at either end of a link support auto - negotiation , this is done automatically . If the devices at either end of
Page: 22
22 CHAPTER 2 : OPTIMIZING BANDWIDTH a link do not support auto - negotiation , both ends must be manually set to full duplex or half duplex accordingly . Ports operating at 1000 Mbps support full duplex mode only . Flow Control All Switch ports support flow control , which is a mechanism that prevents packet loss during periods of congestion on the network . Packet loss is caused by one or more devices sending traffic to an already overloaded port on the Switch . Flow control prevents packet loss by inhibiting the transmitting port from generating more packets until the period of congestion ends . Flow control is implemented using the IEEE Std 802.3 - 2002 ( incorporating 802.3x ) for ports operating in full duplex mode , and Intelligent Flow Management ( IFM ) for ports operating in half duplex mode . Auto - negotiation Auto - negotiation allows ports to automatically determine the best port speed , duplex - mode ( only at 10 Mbps and 100 Mbps ) and flow control . When auto - negotiation is enabled ( default ) , a port “ advertises � its maximum capabilities — these capabilities are by default the parameters that provide the highest performance supported by the port . You can modify the capabilities that a port “ advertises � on a per port basis , dependant on the type of port . You can disable auto - negotiation for the whole Switch , or per port . You can also modify the capabilities that a port “ advertises � on a per port basis , dependant on the type of port . 100BASE - FX and 1000BASE - SX ports do not support auto - negotiation of port speed . Ports operating at 1000 Mbps support full duplex mode only . If auto - negotiation is disabled , the auto - MDIX feature does not operate on the ports . Therefore the correct cables , that is , cross - over or straight - through need to be used . For more information , see the Getting Started Guide that accompanies your Switch . Conditions that affect auto - negotiation : ■Ports at both ends of the link must be set to auto - negotiate .
Page: 23
Aggregated Links 23 ■1000BASE - SX ports support auto - negotiation , however , the standard defines that 1000BASE - SX can only operate at 1000 Mbps , full duplex mode , so they can only auto - negotiate flow control . Smart Auto - sensing Smart auto - sensing allows auto - negotiating multi - speed ports , such as 100 / 1000 Mbps , to monitor and detect a high error rate on a link , or a problem in the “ physical � interconnection to another port and react accordingly . In other words , auto - negotiation may “ agree � upon a configuration that the link cannot sustain ; smart auto - sensing can detect this and adjust the link accordingly . For example , smart auto - sensing can detect network problems , such as an unacceptably high error rate or a poor quality cable . If both ends of the link support 100 / 1000 Mbps auto - negotiation , then auto - sensing tunes the link to 100 Mbps to provide an error - free 100 Mbps connection to the network . An SNMP Trap is sent every time a port is down - rated to a lower speed . Conditions that affect smart auto - sensing : ■Smart auto - sensing will not operate on links that do not support auto - negotiation , or on links where one end is at a fixed speed . The link will reset to the higher speed of operation when the link is lost or the unit is power cycled . ■Smart auto - sensing can only be configured for the whole Switch and not on a per port basis . 100BASE - FX and 1000BASE - SX ports do not support smart auto - sensing . Aggregated Links Aggregated links are connections that allow devices to communicate using up to four member links ( using LACP ) in parallel . Aggregated links provide the following benefits : ■They can potentially double , triple or quadruple the bandwidth of a connection . The capacity of the multiple links is combined into one logical link . ■They can provide redundancy — if one link is broken , the other links share the traffic for that link . shows two Switches connected using an aggregated link Figure 1 containing four member links . If all ports on both Switch units are
Page: 24
24 CHAPTER 2 : OPTIMIZING BANDWIDTH configured as 100BASE - TX and they are operating in full duplex , the potential maximum bandwidth of the connection is 800 Mbps . Figure 1 Switch units connected using an aggregated link . 3Com recommends that you use IEEE 802.3ad LACP automatic aggregations rather than manual aggregations to ensure maximum resilience on your network . Using manual aggregations to connect to a stack could result in network loops if the cascade fails . By default , LACP is disabled on all Switch ports . How 802.3ad Link Your Switch supports IEEE Std 802.3 - 2002 ( incorporating 802.3ad ) Aggregation aggregated links which use the Link Aggregation Control Protocol Operates ( LACP ) . LACP provides automatic , point - to - point redundancy between two devices ( switch - to - switch or switch - to - server ) that have full duplex connections operating at the same speed . By default , LACP is disabled on all Switch ports . If LACP is enabled on all Switch ports , this means that your Switch will detect if there is more than one connection to another device and will automatically create an aggregated link consisting of those links . If a member link in an aggregated link fails , the traffic using that link is dynamically reassigned to the remaining member links in the aggregated shows the simplest case : two member links , that is the link . Figure 2 physical links , form an aggregated link . In this example , if link 1 fails , the data flow between X and B is remapped to physical link 2 . The re - mapping occurs as soon as the Switch detects that a member link has failed — almost instantaneously . As a result , aggregated link configurations are extremely resilient and fault - tolerant .
Page: 25
Aggregated Links 25 Figure 2 Dynamic Reassignment of Traffic Flows The key benefits of 802.3ad link aggregation are : ■Automatic configuration — network management does not need to be used to manually aggregate links . ■Rapid configuration and reconfiguration — approximately one to three seconds . ■Compatibility — non - 802.3ad devices can interoperate with 802.3ad enabled devices . However , you will need to manually configure the aggregated links as LACP will not be able to automatically detect and form an aggregation with a non - 802.3ad device . ■The operation of 802.3ad can be configured and managed via network management . Implementing LACP can be enabled or disabled on a per port basis . You can implement 802.3ad Aggregated 802.3ad aggregated links in three ways : Links ■Manual Aggregations — You can manually add and remove ports to and from an aggregated link via Web or CLI commands . However , if a port has LACP enabled , and if a more appropriate or correct automatic membership is detected by LACP , it will override the manual configuration . , if a port on Switch C is physically connected For example , in Figure 3 to Switch B , but you manually configure the port on Switch C to be a member of an aggregated link for Switch A in error , LACP ( if it is enabled ) will detect this and place the port in the aggregated link for Switch B , thus overriding the manual configuration .
Page: 26
26 CHAPTER 2 : OPTIMIZING BANDWIDTH Figure 3 Aggregated Link — Example ■LACP Pre - Configured Aggregations — If you need to know which aggregated link is associated with which device in your network you can use a LACP pre - configured aggregation . This allows you to manually configure the MAC address of a particular partner device ( called the partner ID ) against a specified aggregated link . LACP will then automatically determine the port membership for that aggregated link . The aggregated link may be manually configured with appropriate configuration settings , such as VLAN membership , to match the partner device . ■LACP Automatic Aggregations — If LACP detects at least two active ports sharing the same partner device , and if no matching pre - configured aggregated links exist , LACP will automatically assign a free un - configured aggregated link to form an aggregated link with the partner device . The aggregated link will inherit its configuration from the first port originally detected against the partner device . If you have an existing single port connection between two devices , this automatic behavior allows quick and easy addition of extra bandwidth by simply adding an extra physical link between the units . The Spanning Tree costs for a port running LACP is the cost assigned for an aggregated link running at that speed . As required by the IEEE Std 802.3 - 2002 ( incorporating 802.3ad ) , no changes in cost are made according to the number of member links in the aggregated link .
Page: 27
Aggregated Links 27 Aggregated Links and ■When any port is assigned to an aggregated link ( either manually or Your Switch via LACP ) it will adopt the configuration settings of the aggregated link . When a port leaves an aggregated link its original configuration settings are restored . ■A maximum of four active aggregations can be created . A maximum of up to four ports may be added manually to any individual aggregation , but any number may join automatically via LACP . There are however a few points to consider : ■Switch 4400 Series — The Switch only supports a maximum of four active ports in any individual aggregation . Any extra ports will remain in a standby state and may become active if one of the four active ports fails . ■If multiple links are connected between a unit and more than four , only four of the devices will be other devices as shown in Figure 4 assigned to aggregated links . The remaining devices will each only have one link made active , that is , passing data . All other links will be made inactive to prevent loops occurring . LACP detects if one of the existing four aggregated links is removed and will then automatically assign one of the remaining devices to the aggregated link that has become free . Figure 4 How LACP works on a Switch with multiple aggregated links
Page: 28
28 CHAPTER 2 : OPTIMIZING BANDWIDTH â– When multiple links of different speed connect two devices only the highest speed links will be aggregated . The other links will be held in a standby state until there is a problem with a higher speed link ( s ) . The lower speed link ( s ) will then become active . â– Note that resilient links must be disabled on any port that is to become part of an aggregated link . It is not possible to configure resilient links on a port that is a member of an aggregated link , and vice versa . â– A LinkUp / LinkDown trap will only be sent for individual links . The Traps will not be sent for an aggregation . When setting up an aggregated link , note that : â– The ports at both ends of a member link must be configured as members of an aggregated link , if you are manually configuring aggregated links . â– A member link port can only belong to one aggregated link . â– The member link ports can be mixed media , that is fiber and / or twisted pair ports within the same aggregated link . â– The member link ports can have different port configurations within the same aggregated link , that is , auto - negotiation , port speed , and duplex mode . However , please note the following : â– To be an active participant in an aggregated link the member link ports must operate in full duplex mode . ( If a member link port does not operate in full duplex mode it can still be a member of an aggregated link but it will never be activated . ) â– If ports of a different speed are aggregated together , the higher speed links carry the traffic . The lower speed links only carry the traffic if the higher speed links fail . â– Aggregated links and resilient links are mutually exclusive , that is , you cannot have both these features operating on the same ports . â– Aggregated links and roving analysis are mutually exclusive , that is , you cannot have both these features operating on the same ports . â– Aggregated links and port security are mutually exclusive , that is , you cannot have both these features operating on the same ports . â– The port to which the Webcache is connected cannot be a member of an aggregated link .
Page: 29
Aggregated Links 29 â– Member links must retain the same groupings at both ends of an will not aggregated link . For example , the configuration in Figure 5 work as Switch A has one aggregated link defined whose member links are then split between two aggregated links defined on Switches B and C . Note that this illegal configuration could not occur if LACP is enabled . Figure 5 An illegal aggregated link configuration To make this configuration work you need to have two aggregated links defined on Switch A , one containing the member links for Switch B and the other containing those for Switch C . Alternatively , if Switches B and C are , for example , stacked Switch 4400 Series units and their member link ports defined as part of the same , the configuration will operate aggregated link as shown in Figure 6 correctly as aggregated links are supported stack - wide by the Switch 4400 Series . Figure 6 A legal aggregated link configuration When using an aggregated link , note that :
Page: 30
30 CHAPTER 2 : OPTIMIZING BANDWIDTH ■To gather statistics about an aggregated link , you must add together the statistics for each port in the aggregated link . ■If you wish to disable a single member link of an aggregated link , you must first physically remove the connection to ensure that you do not lose any traffic , before you disable both ends of the member link separately . If you do this , the traffic destined for that link is distributed to the other links in the aggregated link . If you do not remove the connection and only disable one end of the member link port , traffic is still forwarded to that port by the aggregated link port at the other end . This means that a significant amount of traffic may be lost . ■Before removing an entire aggregated link , you must disable all the aggregated link ports or disconnect all the links , except one — if you do not , a loop may be created . ■When manually creating an aggregated link between two devices , the ports in the aggregated link must not be physically connected together until the aggregated link has been correctly configured at both ends of the link . Failure to configure the aggregated link at both ends before physically connecting the ports can result in a number of serious network issues such as lost packets and network loops . Traffic Distribution and Link Failure on Aggregated Links To maximize throughput , all traffic is distributed across the individual links that make up an aggregated link . Therefore , when a packet is made available for transmission down an aggregated link , a hardware - based traffic distribution mechanism determines which particular port in the link should be used . The mechanism may use the MAC address , IP address , or a combination of both dependent upon the mode of operation . The traffic is distributed among the member links as efficiently as possible . To avoid the potential problem of out - of - sequence packets ( or “ packet re - ordering � ) , the Switch ensures that all the conversations between a given pair of endstations will pass through the same port in the aggregated link . Single - to - multiple endstation conversations , on the other hand , may still take place over different ports . If the link state on any of the ports in an aggregated link becomes inactive due to link failure , then the Switch will automatically redirect the aggregated link traffic to the remaining ports . Aggregated links therefore provide built - in resilience for your network .
Page: 31
Aggregated Links 31 The Switch also has a mechanism to prevent the possible occurrence of packet re - ordering when a link recovers too soon after a failure . Aggregated Link — illustrates an 800 Mbps aggregated link The example shown in Figure 7 Manual between two Switch units , ( that is , each port is operating at 100 Mbps , Configuration full duplex ) . Example Figure 7 An 800 Mbps aggregated link between two Switch units To manually set up this configuration : 1 Prepare ports 2 , 4 , 6 and 8 on the upper Switch for aggregated links . To do this : a Check that the ports have an identical configuration using your preferred management interface . b Add the ports 2 , 4 , 6 and 8 on the specified unit to the aggregated link . 2 Prepare ports 2 , 4 , 6 and 8 on the lower Switch for aggregated links . To do this : a Check that the ports have an identical configuration using your preferred management interface . b Add the ports 2 , 4 , 6 and 8 on the specified unit to the aggregated link .
Page: 32
32 CHAPTER 2 : OPTIMIZING BANDWIDTH 3 Connect port 2 on the upper Switch to port 2 on the lower Switch . 4 Connect port 4 on the upper Switch to port 4 on the lower Switch . 5 Connect port 6 on the upper Switch to port 6 on the lower Switch . 6 Connect port 8 on the upper Switch to port 8 on the lower Switch .
Page: 33
USING MULTICAST FILTERING 3 Multicast filtering improves the performance of networks that carry multicast traffic . This chapter explains multicasts , multicast filtering , and how multicast filtering can be implemented on your Switch . It covers the following topics : ■What is an IP Multicast ? ■Multicast Filtering ■IGMP Multicast Filtering For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch . What is an IP A multicast is a packet that is intended for “ one - to - many � and “ many - Multicast ? to - many � communication . Users explicitly request to participate in the communication by joining an endstation to a specific multicast group . If the network is set up correctly , a multicast can only be sent to an endstation or a subset of endstations in a LAN , or VLAN , that belong to the relevant multicast group . Multicast group members can be distributed across multiple subnetworks ; thus , multicast transmissions can occur within a campus LAN or over a WAN . In addition , networks that support IP multicast send only one copy of the desired information across the network until the delivery path that reaches group members diverges . It is only at these points that multicast packets are replicated and forwarded , which makes efficient use of network bandwidth .
Page: 34
34 CHAPTER 3 : USING MULTICAST FILTERING A multicast packet is identified by the presence of a multicast group address in the destination address field of the packet’s IP header . Benefits of Multicast The benefits of using IP multicast are that it : ■Enables the simultaneous delivery of information to many receivers in the most efficient , logical way . ■Reduces the load on the source ( for example , a server ) because it does not have to produce multiple copies of the same data . ■Makes efficient use of network bandwidth and scales well as the number of participants or collaborators expands . ■Works with other IP protocols and services , such as Quality of Service ( QoS ) . There are situations where a multicast approach is more logical and efficient than a unicast approach . Application examples include distance learning , transmitting stock quotes to brokers , and collaborative computing . A typical use of multicasts is in video - conferencing , where high volumes of traffic need to be sent to several endstations simultaneously , but where broadcasting that traffic to all endstations would seriously reduce network performance . Multicast Filtering Multicast filtering is the process that ensures that endstations only receive multicast traffic if they register to join specific multicast groups . With multicast filtering , network devices only forward multicast traffic to the ports that are connected to registered endstations . shows how a network behaves without multicast filtering and Figure 8 with multicast filtering .
Page: 35
Multicast Filtering 35 Figure 8 The effect of multicast filtering Multicast Filtering Your Switch provides automatic multicast filtering support using IGMP and Your Switch ( Internet Group Management Protocol ) Snooping . It also supports IGMP query mode . Snooping Mode Snooping Mode allows your Switch to forward multicast packets only to the appropriate ports . The Switch “ snoops � on exchanges between endstations and an IGMP device , typically a router , to find out the ports that wish to join a multicast group and then sets its filters accordingly Query Mode Query mode allows the Switch to function as the Querier if it has the lowest IP address in the subnetwork to which it belongs . IGMP querying is disabled by default on the Switch 4400 . This helps prevent interoperability issues with core products that may not follow the lowest IP address election method . You can enable or disable IGMP query mode for all Switch units in the queryMode command on the Command Line Interface stack using the IGMP menu . You would enable query mode if you wish to run multicast sessions in a network that does not contain any IGMP routers ( or queriers ) . This
Page: 36
36 CHAPTER 3 : USING MULTICAST FILTERING command will configure the Switch 4400 Series to automatically negotiate with compatible devices on VLAN 1 to become the querier . The Switch 4400 Series is compatible with any device that conforms to the IGMP v2 protocol . The Switch 4400 Series does not support IGMP v3 . If you have an IGMP v3 network , you should disable IGMP snooping for all Switch units in the stack using the snoopMode command on the Command Line Interface IGMP menu . IGMP Multicast IGMP is the system that all IP - supporting network devices use to register Filtering endstations with multicast groups . It can be used on all LANs and VLANs that contain a multicast capable IP router and on other network devices that support IP . IGMP multicast filtering works as follows : 1 The IP router ( or querier ) periodically sends query packets to all the endstations in the LANs or VLANs that are connected to it . If your network has more than one IP router , then the one with the lowest IP address becomes the querier . The Switch can be the IGMP querier and will become so if its own IP address is lower than that of any other IGMP queriers connected to the LAN or VLAN . However , as the Switch only has an IP address on its default VLAN , the Switch will only ever query on the default VLAN ( usually VLAN1 , unless changed using Configurable Management VLAN ) . Therefore , if there are no other queriers on other VLANs , the IP multicast traffic will not be forwarded on them . 2 When an IP endstation receives a query packet , it sends a report packet back that identifies the multicast group that the endstation would like to join . 3 When the report packet arrives at a port on a Switch with IGMP multicast learning enabled , the Switch learns that the port is to forward traffic for the multicast group and then forwards the packet to the router . 4 When the router receives the report packet , it registers that the LAN or VLAN requires traffic for the multicast groups . 5 When the router forwards traffic for the multicast group to the LAN or VLAN , the Switch units only forward the traffic to ports that received a report packet .
Page: 37
IGMP Multicast Filtering 37 Enabling IGMP Multicast Learning You can enable or disable multicast learning and IGMP querying using the snoopMode command on the CLI or the Web interface . For more information about enabling IGMP multicast learning , please refer to the Management Interface Reference Guide supplied on your Switch CD - ROM . If IGMP multicast learning is not enabled then IP multicast traffic is always forwarded , that is , it floods the network . For information about configuring IGMP functionality on an endstation , refer to the user documentation supplied with your endstation or the endstation’s Network Interface Card ( NIC ) .
Page: 38
38 CHAPTER 3 : USING MULTICAST FILTERING
Page: 39
USING RESILIENCE FEATURES 4 Setting up resilience on your network helps protect critical links against failure , protects against network loops , and reduces network downtime to a minimum . This chapter explains the features supported by the Switch that provide resilience for your network . It covers the following topics : ■Resilient Links ■Spanning Tree Protocol ( STP ) ■Rapid Spanning Tree Protocol ( RSTP ) — an enhanced version of the STP feature . For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch .
Page: 40
40 CHAPTER 4 : USING RESILIENCE FEATURES Resilience Feature Resilient links and STP / RSTP cannot both be used on the network at the Overview same time . Table 3 lists the key differences between each feature , so you can evaluate the benefits of each to determine which feature is most suitable for your network . Table 3 Resilient Links and Spanning Tree Protocols — Key Differences Rapid Spanning Tree Protocol Resilient Links Spanning Tree Protocol User configures each STP is disabled by default . RSTP is enabled by default . Switch separately . User enables STP on each Switch . Manual configuration . Automatic configuration . Automatic configuration . Within 5 seconds restores Up to 30 second delay on Within 5 seconds restores an active connection from link failure to restoring a a network connection . a standby link . network connection . 3Com recommends that you use the Rapid Spanning Tree Protocol feature ( default enabled ) to provide optimum performance for your network and ease of use . The Switch also supports aggregated links which increase bandwidth and also provide resilience against individual link failure . Aggregated links will operate with STP enabled , but will not operate on ports that are part of a on resilient link pair . For more information , see Aggregated Links 3 . page 2 What are Resilient The resilient link feature enables you to protect critical links and prevent Links ? network downtime if those links fail . A resilient link is comprised of a resilient link pair containing a main link and a standby link . If the main link fails , the standby link quickly and automatically takes over the task of the main link and becomes the “ active link � . The resilient link pair is defined by specifying a main port and a standby port at one end of the link . During normal operation , the main port is enabled and the standby port is disabled . If the main link fails , the main port is disabled and the standby port is enabled . If the main link becomes operational , you can then re - enable the main port and disable the standby port again . There are two user configurable modes of operation for resilient links :
Page: 41
Spanning Tree Protocol ( STP ) 41 ■Symmetric ( default ) — the standby link remains as the active link even if the main link resumes normal operation . ■Switchback — the standby link continues as the active link until the main link resumes normal operation . The active link then switches back from the standby link to the main link . When setting up resilient links , note the following : ■Resilient link pairs cannot be set up if the Switch has the Spanning Tree Protocol ( STP ) or Rapid Spanning Tree Protocol ( RSTP ) enabled . ■A resilient link pair must only be defined at one end of the link . ■A resilient link pair can only be set up if : ■The ports use the same VLAN tagging system ( 802.1Q tagging ) . ■Neither of the ports have security enabled . ■Neither of the ports have network login enabled . ■Neither of the ports are part of an aggregated link . ■Neither of the ports belong to another resilient link pair . ■The port state of ports in a resilient link pair cannot be manually changed . Spanning Tree The Spanning Tree Protocol ( STP ) makes your network more resilient to Protocol ( STP ) link failure and also provides a protection from loops — one of the major causes of broadcast storms . STP is enabled by default on your Switch . To be fully effective , STP must be enabled on all Switches in your network . RSTP provides the same functionality as STP . For details on how the two on page 46 . systems differ , see “ How RSTP Differs to STP � The following sections explain more about STP and the protocol features supported by your Switch . They cover the following topics : ■What is STP ? ■How STP Works ■Using STP on a Network with Multiple VLANs
Page: 42
42 CHAPTER 4 : USING RESILIENCE FEATURES The protocol is a part of the IEEE Std 802.1D , 1998 Edition bridge specification . To explain STP more effectively , your Switch will be referred to as a bridge . Rapid Spanning Tree The Rapid Spanning Tree ( RSTP ) is an enhanced Spanning Tree feature . Protocol ( RSTP ) RSTP implements the Spanning Tree Algorithm and Protocol , as defined in the IEEE Std 802.1w - 2001 . Some of the benefits of RSTP are : â– Faster determination of the Active Spanning Tree topology throughout a bridged network . â– Support for bridges with more than 256 ports . â– Support for the Fast - Forwarding configuration of edge ports provided by the ' Fast Start ' feature . Fast Start allows a port that is connected to an endstation to begin forwarding traffic after only 4 seconds . During this 4 seconds RSTP ( or STP ) will detect any misconfiguration that may cause a temporary loop and react accordingly . If you have Fast Start disabled on a port , the Switch will wait for 30 seconds before RSTP ( or STP ) lets the port forward traffic . â– Easy deployment throughout a legacy network , through backward compatibility : â– it will default to sending 802.1D style BPDU's on a port if it receives packets of this format . â– it is possible for some ports on a Switch to operate in RSTP ( 802.1w ) mode , and other ports , for example those connected to a legacy Switch , to operate in STP ( 802.1D ) mode . â– you have an option to force your Switch to use the legacy 802.1D version of Spanning Tree , if required . What is STP ? STP ( 802.1D ) is a bridge - based system that allows you to implement parallel paths for network traffic and uses a loop - detection process to : â– Find and disable the less efficient paths ( that is , the paths that have a lower bandwidth ) . â– Enable one of the less efficient paths if the most efficient path fails .
Page: 43
What is STP ? 43 RSTP provides the same functionality as STP . For details on how the two on page 46 . systems differ , see “ How RSTP Differs to STP � shows a network containing three LAN segments As an example , Figure 9 separated by three bridges . With this configuration , each segment can communicate with the others using two paths . Without STP enabled , this configuration creates loops that cause the network to overload . Figure 9 A network configuration that creates loops Figure 10 shows the result of enabling STP on the bridges in the configuration . STP detects the duplicate paths and prevents , or blocks , one of them from forwarding traffic , so this configuration will work satisfactorily . STP has determined that traffic from LAN segment 2 to LAN segment 1 can only flow through Bridges C and A , because , for example , this path has a greater bandwidth and is therefore more efficient . Figure 10 Traffic flowing through Bridges C and A
Page: 44
44 CHAPTER 4 : USING RESILIENCE FEATURES If a link failure is detected , as shown in Figure 11 , the STP process reconfigures the network so that traffic from LAN segment 2 flows through Bridge B . Figure 11 Traffic flowing through Bridge B STP determines which is the most efficient path between each bridged segment and a specifically assigned reference point on the network . Once the most efficient path has been determined , all other paths are blocked . , Figure 10 , and Figure 11 , STP initially determined Therefore , in Figure 9 that the path through Bridge C was the most efficient , and so blocked the path through Bridge B . After the failure of Bridge C , STP re - evaluated the situation and opened the path through Bridge B . How STP Works When enabled , STP determines the most appropriate path for traffic through a network . It does this as outlined in the sections below . STP Requirements Before it can configure the network , the STP system requires : ■Communication between all the bridges . This communication is carried out using Bridge Protocol Data Units ( BPDUs ) , which are transmitted in packets with a known multicast address . ■Each bridge to have a Bridge Identifier . This specifies which bridge acts as the central reference point , or Root Bridge , for the STP system — the lower the Bridge Identifier , the more likely the bridge is to become the Root Bridge . The Bridge Identifier is calculated using the MAC address of the bridge and a priority defined for the bridge . The default priority of your Switch is 32768 .
Page: 45
How STP Works 45 ■Each port to have a cost . This specifies the efficiency of each link , usually determined by the bandwidth of the link — the higher the shows the default port costs for cost , the less efficient the link . Table 4 a Switch . Table 4 Default port costs Path Cost 802.1D , Path Cost Port Speed Link Type 1998 Edition 802.1w - 2001 10 Mbps Half Duplex 100 2,000,000 Full Duplex 95 1,999,999 * Aggregated Link 90 1,000,000 100 Mbps Half Duplex 19 200,000 Full Duplex 18 199,999 Aggregated Link 15 100,000 * 1000 Mbps Full Duplex 4 20,000 Aggregated Link 3 10,000 * * This path cost is correct where there are two ports in an aggregated link . However , if there are more ports in the aggregated link , the path cost will be proportionately lower . For example , if there are four ports in the aggregated link , the 802.1w path costs will be : 500,000 for 10 Mbps , 50,000 for 100 Mbps , and 5,000 for 1000 Mbps . The 802.1D , 1998 Edition path cost values are not affected by the number of ports in an aggregated link . STP Calculation The first stage in the STP process is the calculation stage . During this stage , each bridge on the network transmits BPDUs that allow the system to work out : ■The identity of the bridge that is to be the Root Bridge . The Root Bridge is the central reference point from which the network is configured . ■The Root Path Costs for each bridge — that is , the cost of the paths from each bridge to the Root Bridge . ■The identity of the port on each bridge that is to be the Root Port . The Root Port is the one that is connected to the Root Bridge using the most efficient path , that is , the one that has the lowest Root Path Cost . Note that the Root Bridge does not have a Root Port . ■The identity of the bridge that is to be the Designated Bridge of each LAN segment . The Designated Bridge is the one that has the lowest Root Path Cost from that segment . Note that if several bridges have the same Root Path Cost , the one with the lowest Bridge Identifier becomes the Designated Bridge .
Page: 46
46 CHAPTER 4 : USING RESILIENCE FEATURES All traffic destined to pass in the direction of the Root Bridge flows through the Designated Bridge . The port on this bridge that connects to the segment is called the Designated Bridge Port . STP Configuration After all the bridges on the network have agreed on the identity of the Root Bridge , and have established the other relevant parameters , each bridge is configured to forward traffic only between its Root Port and the Designated Bridge Ports for the respective network segments . All other ports are blocked , which means that they are prevented from receiving or forwarding traffic . STP Reconfiguration Once the network topology is stable , all the bridges listen for Hello BPDUs transmitted from the Root Bridge at regular intervals . If a bridge does not receive a Hello BPDU after a certain interval ( the Max Age time ) , the bridge assumes that the Root Bridge , or a link between itself and the Root Bridge , has gone down . The bridge then reconfigures the network to cater for the change . If you have configured an SNMP trap destination , when the topology of your network changes , the first bridge to detect the change sends out an SNMP trap . CAUTION : Network loops can occur if aggregated links are manually configured incorrectly , that is , the physical connections do not match the assignment of ports to an aggregated link . RSTP and STP may not detect these loops . So that RSTP and STP can detect all network loops you must ensure that all aggregated links are configured correctly . How RSTP Differs to RSTP works in a similar way to STP , but it includes additional information STP in the BPDUs . This information allows each bridge to confirm that it has taken action to prevent loops from forming when it wants to enable a link to a neighbouring bridge . This allows adjacent bridges connected via point - to - point links to enable a link without having to wait to ensure all other bridges in the network have had time to react to the change . So the main benefit of RSTP is that the configuration decision is made locally rather than network - wide which is why RSTP can carry out automatic configuration and restore a link faster than STP . shows a LAN that has STP enabled . The LAN has three STP Example Figure 12 segments , and each segment is connected using two possible links .
Page: 47
How STP Works 47 Figure 12 Port costs in a network â– Bridge A has the lowest Bridge Identifier in the network , and has therefore been selected as the Root Bridge . â– Because Bridge A is the Root Bridge , it is also the Designated Bridge for LAN segment 1 . Port 1 on Bridge A is therefore selected as the Designated Bridge Port for LAN Segment 1 . â– Port 1 of Bridges B , C , X and Y have been defined as Root Ports because they are the nearest to the Root Bridge and therefore have the most efficient path . â– Bridges B and X offer the same Root Path Cost for LAN segment 2 , however , Bridge B has been selected as the Designated Bridge for the segment because it has a lower Bridge Identifier . Port 2 on Bridge B is therefore selected as the Designated Bridge Port for LAN Segment 2 .
Page: 48
48 CHAPTER 4 : USING RESILIENCE FEATURES ■Bridge C has been selected as the Designated Bridge for LAN segment 3 , because it offers the lowest Root Path Cost for LAN Segment 3 : ■the route through Bridges C and B costs 200 ( C to B = 100 , B to A = 100 ) ■the route through Bridges Y and B costs 300 ( Y to B = 200 , B to A = 100 ) . Port 2 on Bridge C is therefore selected as the Designated Bridge Port for LAN Segment 3 . shows three possible STP configurations using SuperStack 3 STP Configurations Figure 13 Switch units . ■Configuration 1 — Redundancy for Backbone Link In this configuration , the Switches both have STP enabled and are connected by two links . STP discovers a duplicate path and blocks one of the links . If the enabled link breaks , the disabled link becomes re - enabled , therefore maintaining connectivity . ■Configuration 2 — Redundancy through Meshed Backbone In this configuration , four Switch units are connected in a way that creates multiple paths between each one . STP discovers the duplicate paths and blocks two of the links . If an enabled link breaks , one of the disabled links becomes re - enabled , therefore maintaining connectivity . ■Configuration 3 — Redundancy for Cabling Error In this configuration , a Switch has STP enabled and is accidentally connected to a hub using two links . STP discovers a duplicate path and blocks one of the links , therefore avoiding a loop .
Page: 49
How STP Works 49 Figure 13 STP configurations
Page: 50
50 CHAPTER 4 : USING RESILIENCE FEATURES Default Behavior This section contains important information to note when using the RSTP and Fast Start features , particularly if you already have existing Switch 4400 units in your network with an older version of software . RSTP Default When using the RSTP feature on version 2.0 or later software , note the Behavior following : â– A Switch with version 2.0 factory loaded will have RSTP enabled by default . â– A Switch with version 1.0 software will have STP disabled by default . â– A Switch that you upgrade to version 2.0 software will retain its settings from prior to the upgrade , for example , if STP is disabled prior to the upgrade , it will stay disabled even though version 2.0 has RSTP enabled by default . However , if you initialize an upgraded Switch , this will clear the settings and the Switch will then assume all the version 2.0 default settings , including RSTP enabled . â– If you connect a new Switch with version 2.0 already loaded to a stack of upgraded units , all the upgraded units will assume the default settings of the new Switch , that is , they will have RSTP enabled by default . Fast Start Default When using the Fast Start feature on version 2.0 or later software , note Behavior the following : â– A Switch with version 2.0 factory loaded will have Fast Start enabled by default on the front panel ports , and disabled on any expansion module ports . â– A Switch with version 1.0 software will have Fast Start disabled by default . â– A Switch that you upgrade to version 2.0 software will retain its settings from prior to the upgrade only if any manual settings were configured . However , if the Switch was still operating in its default state , then upon upgrade it will assume version 2.0 Fast Start default settings . â– If you initialize an upgraded Switch , this will clear the settings and the Switch will assume all the default version 2.0 settings , that is , it will have Fast Start enabled .
Page: 51
Using STP on a Network with Multiple VLANs 51 Using STP on a The IEEE Std 802.1D , 1998 Edition does not take into account VLANs Network with when it calculates STP information — the calculations are only performed Multiple VLANs on the basis of physical connections . For this reason , some network configurations can result in VLANs being subdivided into a number of isolated sections by the STP system . Therefore , you must ensure that any VLAN configuration on your network takes into account the expected STP topology and alternative topologies that may result from link failures . shows a network containing VLANs 1 and 2 . They For example , Figure 14 are connected using the 802.1Q - tagged link between Switch B and Switch C . By default , this link has a path cost of 100 and is automatically blocked because the other Switch - to - Switch connections have a path cost of 36 ( 18 + 18 ) . This means that both VLANs are now subdivided — VLAN 1 on Switch units A and B cannot communicate with VLAN 1 on Switch C , and VLAN 2 on Switch units A and C cannot communicate with VLAN 2 on Switch B . Figure 14 Configuration that separates VLANs To avoid any VLAN subdivision , it is recommended that all inter - Switch connections are made members of all available 802.1Q VLANs to ensure connectivity at all times . For example , the connections between Switches A and B , and between Switches A and C should be 802.1Q tagged and carrying VLANs 1 and 2 to ensure connectivity . “ Setting Up For more information about VLAN Tagging , see Chapter 8 Virtual LANs � .
Page: 52
52 CHAPTER 4 : USING RESILIENCE FEATURES
Page: 53
USING THE SWITCH DATABASE 5 What is the Switch The Switch Database is used by the Switch to determine where a packet Database ? should be forwarded to , and which port should transmit the packet if it is to be forwarded . The database contains a list of entries — each entry contains three items : ■MAC ( Ethernet ) address information of the endstation that sends packets to the Switch . ■Port identifier , that is the port attached to the endstation that is sending the packet . ■VLAN ID of the VLAN to which the endstation belongs . For details of the number of addresses supported by your Switch database , please refer to Chapter 1 of the Getting Started Guide that accompanies your Switch . For detailed descriptions of the Web interface operations and the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch . How Switch Entries are added to the Switch Database in one of two ways : Database Entries ■The Switch can learn entries . The Switch updates its database with the Get Added source MAC address of the endstation that sent the packet , the VLAN ID , and the port identifier on which the packet is received . ■You can enter and update entries using the management interface via bridge addressDatabase CLI command , the the Bridge > Address Database Web interface operation , or an SNMP Network Manager , for example 3Com Network Supervisor .
Page: 54
54 CHAPTER 5 : USING THE SWITCH DATABASE Switch Database Databases entries can have three states : Entry States ■Learned — The Switch has placed the entry into the Switch Database when a packet was received from an endstation . Note that : ■Learned entries are removed ( aged out ) from the Switch Database if the Switch does not receive further packets from that endstation within a certain period of time ( the aging time ) . This prevents the Switch Database from becoming full with obsolete entries by ensuring that when an endstation is removed from the network , its entry is also removed from the database . ■Learned entries are removed from the Switch Database if the Switch is reset or powered - down . ■Non - aging learned — If the aging time is set to 0 seconds , all learned entries in the Switch Database become non - aging learned entries . This means that they are not aged out , but they are still removed from the database if the Switch is reset or powered - down . ■Permanent — The entry has been placed into the Switch Database using the management interface . Permanent entries are not removed from the Switch Database unless they are removed using the Switch bridge addressDatabase remove CLI management interface via the command or the Switch is initialized .
Page: 55
USING TRAFFIC PRIORITIZATION 6 Using the traffic prioritization capabilities of your Switch provides Quality of Service ( QoS ) to your network through increased reliability of data delivery . You can prioritize traffic on your network to ensure that high priority data is transmitted with minimum delay . Traffic can be controlled by a set of rules to obtain the required Quality of Service for your network . The rules define different types of traffic and specify how each type should be treated as it passes through the Switch , for example , prioritized or discarded . Being able to define exactly how you want your Switch to treat selected applications , devices , users and types of traffic allows you to have more control over your network . There are two different categories of rules : ■Application - based rules — describe how to deal with traffic for a specific application , for example , Netmeeting or Lotus Notes . ■Device - based rules — describe how to deal with traffic that flows to and from specific devices , for example , servers or server farms . This chapter explains more about traffic prioritization . ■What is Traffic Prioritization ? ■How Traffic Prioritization Works ■Configuring Traffic Prioritization on the Switch ■Important QoS Considerations ■Default QoS Configurations ■Example QoS Configurations ■Other Configuration Examples and Guidelines By default , the SuperStack 3 Switch 4400 SE supports a basic level of QoS . To make advanced traffic prioritization available on the Switch 4400
Page: 56
56 CHAPTER 6 : USING TRAFFIC PRIORITIZATION SE , upgrade the product to the Switch 4400 SE Enhanced Software Upgrade ( 3C17207 ) . For a list of the features supported by your Switch , please refer to the Management Quick Reference Guide that accompanies your Switch . For detailed descriptions of the Command Line Interface ( CLI ) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD - ROM that accompanies your Switch . What is Traffic Today’s application traffic consists of three common types of data : Prioritization ? ■Time critical data such as video and voice . ■Business critical data such as database transactions and online transactions . ■Opportunistic data such as web browsing , email and file transfers . When these different types of data compete for the same bandwidth , a network can quickly become overloaded , resulting in slow response times ( long latency ) , and application time - outs . Traffic prioritization is a mechanism that allows you to prioritize data so that time - sensitive and system - critical data can be transferred smoothly and with minimal delay over a network . The benefits of using traffic prioritization are : ■You can control a wide variety of traffic and manage congestion on your network , therefore improving performance . ■You can assign priorities to traffic , for example , set higher priorities to time - critical or business - critical applications . ■You can provide predictable throughput for multimedia applications such as video conferencing or voice over IP platforms like the 3Com NBX , as well as minimizing traffic delay and jitter . ■You can improve network performance as the amount of traffic grows , which also reduces the need to constantly add bandwidth to the network , therefore saving cost . ■You can apply security policies through traffic filtering .
Page: 57
How Traffic Prioritization Works 57 For a look at a 3Com white paper on how to gain control of the network , please refer to the PDF format article at this link : http : / / www . 3com.com / other / pdfs / products / en_US / getcontrolofth enetwork.pdf ( correct at time of publication ) How Traffic Traffic prioritization uses the four traffic queues that are present in your Prioritization Works Switch to ensure that high priority traffic is forwarded on a different queue from lower priority traffic . This is what provides Quality of Service ( QoS ) to your network . Traffic prioritization in your Switch may be applied dependent upon two factors : ■The level of service requested by an end - station — the transmitting end - station sets the priority of each stream of traffic . Received traffic at the Switch is forwarded through the appropriate queue depending on its priority level for onward transmission across the network . or ■The level of service configured at the Switch for incoming traffic — the network administrator configures the Switch to prioritize or discard traffic from applications or devices . For example , converged network applications such as voice or video conferencing or business critical software such as Oracle may require a high level of service from the network . A QoS network can differentiate between time critical data , business critical data and opportunistic data ( such as email , File Transfer Protocol ( FTP ) and Web traffic ) . A QoS network also has the ability to stop unauthorized usage of the network , such as online gaming . To achieve this level of intelligence , a QoS network incorporates six processes : ■Traffic Classification — a QoS network examines the traffic to identify which application or device generated the traffic . ■Traffic Marking — after traffic is identified , it is Marked so that other network devices can identify the data and give it the correct level of service .
Page: 58
58 CHAPTER 6 : USING TRAFFIC PRIORITIZATION ■Traffic Remarking — if a traffic packet enters the Switch with a priority marking requesting an unacceptable level of service , the Switch can Re - mark it with a different priority value to downgrade its level of service . ■Traffic Prioritization — once the network can differentiate types of traffic , for example , a telephone conversation from Web surfing , prioritization can ensure that a large download from the Internet does not disrupt the telephone conversation . ■Dropped Traffic — traffic can be discarded either because it has an unacceptable marking or if it is of a type that is prohibited on the network , for example , an unwanted application or to / from a prohibited device . ■Traffic Shaping — the egress traffic rate at a port can then be configured to reduce congestion on the network . The required traffic shape can be specified in terms of the average rate in Mbps and maximum burst size in Kbytes . Traffic Classification To determine the service level to be applied to each incoming traffic type , each packet or frame must first be classified . Traffic classification is the means of identifying which application , device or user generated the traffic . The Switch employs several methods of classifying ( identifying ) traffic . These can be based on any combination of fields in the first 64 bytes of the packet , and at different levels of the OSI 7 layer model as shown in 5 . Table Table 5 Attributes on which incoming traffic can be classified ( identified ) OSI Layer and Protocols Summary of Protocols Layer 2 Chatty protocols such as AppleTalk and IPX , used by a small number of older devices , can cause ■IEEE 802.1D priority traffic delays . Identifying and prioritizing data based on these protocols can reduce delays . ■EtherType AppleTalk can be identified by its EtherType of 0x809B , and IPX can be identified by EtherType 0x8137 .
Page: 59
How Traffic Prioritization Works 59 OSI Layer and Protocols Summary of Protocols Layer 3 Many applications are identified by their Source IP address , or IP protocol . Because servers are ■Destination IP address sometimes dedicated to single applications , such as email , the Source IP address or protocol in a ■Source IP address packet can identify which application generated ■IP protocols : ( ICMP , IGMP , the packet . RSVP , UDP , TCP , etc ) As well as being a traffic marking mechanism , ■DiffServ code point ( DSCP ) the DSCP field in the IP header can also be used to classify traffic . Layer 4 Many applications use certain TCP or UDP sockets to communicate . By examining the ■UDP / TCP Source and socket number in the IP packet , the intelligent Destination ports for IP network can determine what type of application applications generated the packet . This is also known as Layer 4 switching . Traffic Marking After traffic has been identified through classification , it must be Marked to ensure that other devices such as Layer 2 switches or routers on the network know how to prioritize the application , device or user that generated it . The Switch uses two of the industry - standard methods of marking network traffic : ■IEEE 802.1D — a layer 2 marking scheme . ■Differentiated Services ( DiffServ ) — a layer 3 marking scheme . IEEE 802.1D Traffic Marking The IEEE Std 802.1D , 1998 Edition marking scheme is an enhancement to the IEEE Std 802.1D to enable Quality of Service in the LAN . Traffic service levels are defined in the IEEE 802.1Q 4 - byte tag , which is used to carry VLAN identification as well as IEEE 802.1p priority information . The 4 byte tag immediately follows the destination MAC address and Source MAC address . The IEEE Std 802.1D , 1998 Edition priority marking scheme assigns each frame with an IEEE 802.1p priority level between 0 and 7 , which determines the level of service that type of traffic should receive . Refer to for an example of how different traffic types can be mapped to Table 6 the eight IEEE 802.1p priority levels .
Page: 60
60 CHAPTER 6 : USING TRAFFIC PRIORITIZATION Table 6 IEEE recommendation for mapping 802.1p priority levels to 802.1D traffic types IEEE 802.1p IEEE 802.1D Priority Level Traffic Type 0 Best Effort ( default ) 1 Background 2 Standard ( spare ) 3 Excellent Effort ( business critical ) 4 Controlled Load ( streaming multimedia ) 5 Video ( interactive media ) , less than 100 milliseconds latency and jitter 6 Voice ( interactive voice ) , less than 10 milliseconds latency and jitter 7 Network Control Reserved traffic The traffic marking and prioritization supported by the Switch using layer 2 information is compatible with the relevant sections of the IEEE Std 802.1D , 1998 Edition ( incorporating IEEE 802.1p ) . The IEEE 802.1D standard is the most widely used prioritization scheme in the LAN environment , but it does however have some restrictions : â– It requires an additional 4 - byte tag in the frame , which is normally optional in Ethernet networks . Without this tag , the scheme cannot work . â– The tag is part of the IEEE 802.1Q header , so to implement QoS at layer 2 , the entire network has to implement IEEE 802.1Q VLAN tagging . â– It is only supported on a LAN and not across routed WAN links , because the IEEE 802.1Q tags are removed when the packets pass through a router . Differentiated Services ( DiffServ ) Traffic Marking DiffServ is a Layer 3 marking scheme that uses the DiffServ Code Point ( DSCP ) field in the IP header to store the packet priority information . DSCP is an advanced intelligent method of traffic marking because you can choose how your network prioritizes different types of traffic . DSCP uses 64 values that map to user - defined service levels , allowing you to establish more control over network traffic .