Elastic Networks BitStorm L3S-T User manual
BitStorm L3S-T
User's Manual
includes the BitStorm L3S-X
Stack Slave
08-01082-01 Rev 1.5
Last Updated 9/15/00
Table of Contents
About this Manual●
Introduction
BitStorm L3S-T Overview●
BitStorm L3S-X Overview●
Stacking BitStorm L3S Switches●
Routing●
VLANs●
Management Options●
Installing the BitStorm L3S-T Switch
Selecting a Proper Location●
Cabling Guidelines●
Installing the Gigabit Uplinks●
Building a Stack●
Installing the Stacking Interface●
Mounting in an Equipment Rack●
Powering On the Switch●
Setting Up the BitStorm L3S-T Management Console●
Setting the IP Address, Mask and Gateway●
Installing TFTP Suite2000Pro●
Upgrading Firmware●
Finishing the Installation●
System Password●
Managing the Switch
Using Telnet●
Configuring IP Routing●
Configuring VLANs●
Quality of Service●
BitStorm L3S Series Device Manager - Command Line version●
BitStorm L3S Series Device Manager - Console version●
BitStorm L3S Series Device Manager - Web version●
Using Other SNMP Management Systems●
RMON●
Appendix
BitStorm L3S-T Technical Specifications●
BitStorm L3S-X Technical Specifications●
Notices●
Glossary●
2
About this Manual
In this manual, BitStorm L3S Switch or Switch refers to:
BitStorm L3S-T Gigabit Ethernet Switch
●
BitStorm L3S-X Gigabit Ethernet Switch●
This issue of the BitStorm L3S-T User's Manual replaces all earlier versions.
BitStorm L3S Series Device Manager
This manual includes instructions on how to monitor and configure the Switch using BitStorm L3S Series Device
Manager, the Switch's built-in management software.
The section titled "Managing the Switch" is divided into three parts. Each part describes one of the BitStorm L3S
Series Device Manager's three interfaces:
Command Line version
●
Console version●
Web version●
Who this manual is for
This manual is written for the network administrator or person in charge of setting up systems on a network. It
assumes a working knowledge of VT-100 terminals, computer networks, hubs, switches, routers and PCs.
Related publications
EN publications:
BitStorm L3S-T Quick Start Installation Guide
●
BitStorm L3S-T Gigabit Module Installation Guide●
BitStorm L3S-X Quick Start Installation Guide●
Other publications:
Documents supplied by your vendor, if you are using a network management application other than the
BitStorm L3S Series Device Manager
●
Documents supplied by your vendor if you are using an RMON management application●
All IEEE Standards Documents and RFCs listed under Technical Specifications●
World Wide Web
Also, visit our website for:
User's manuals and technical documentation
●
Software updates●
Frequently Asked Questions●
Tips●
Product information●
3
Introduction
BitStorm L3S-T Overview●
BitStorm L3S-X Overview●
Stacking●
Routing
The Routing Information Protocol (RIP)❍
Open Shortest Path First (OSPF)❍
●
Virtual LANs (VLANs)
Sample VLAN Applications❍
●
Management Options●
4
BitStorm L3S-T Overview
The BitStorm L3S-T is a stackable Fast Ethernet Switch with 24 10/100Base-TX ports, two optional Gigabit
uplinks and WAN interfaces.
BitStorm L3S-T front panel
Non-blocking 64Gbps switching fabric
With a powerful, non-blocking 64Gbps switching fabric, this Layer 3 switch is specifically designed to meet the
rapidly changing needs of growing companies. This flexible routing Switch is an ideal wiring closet or collapsed
backbone solution for small and medium-sized businesses, and for branch offices or departments of large
enterprises.
Powerful 96-port stack master
The BitStorm L3S-T can stand alone or be a master controlling a three-unit stack with up to 96 Fast Ethernet and
two Gigabit ports.
This Switch can control any combination of up to three of these EN slave switches:
BitStorm L3S-X with 24 fixed 10/100Base-TX ports with RJ-45 connectors●
A unique stacking interface connects a BitStorm L3S-X switch directly to the BitStorm L3S-T's switching fabric
through slots on the back panel shown below. This is a dedicated 8Gbps connection between each slave and the
master and guarantees full wire-speed, non-blocking performance on all ports throughout the stack.
BitStorm L3S-T back panel
Wire-speed routing, VLANs, QoS traffic classes
Wire-speed IP routing, VLANs and Quality of Service (QoS) traffic classes are some of the other advanced
traffic-enhancing capabilities built into the BitStorm L3S-T. Network administrators can configure these options to
eliminate traditional routers and their bottlenecks, set priorities for network traffic and keep bandwidth-intensive
5
applications, like video, under control.
Management
The BitStorm L3S-T includes the BitStorm L3S Series Device Manager for complete switch management. With
the BitStorm L3S Series Device Manager, you can easily configure and monitor the Switch through Netscape,
Internet Explorer, a command line interface or a text-based console program. Or, use HP OpenView or any other
SNMP management system.
Complete, fast, easy
The BitStorm L3S-T offers all these benefits in a complete system package. This innovative Switch installs
quickly and provides instant bandwidth relief—while simple management and automatic features reduce your
operating costs.
Automatic switch activities
Discovers the topology of MAC addresses through hardware-based learning
●
Builds route entries based on ARP requests●
Switches all non-IP packets●
Reads the destination MAC address from packets received from local end stations and either forwards
them to a learned destination port or switches them to ports based on VLAN membership
●
Switches all packets at wire speed●
Major Features
64Gbps switching fabric with wire-speed, non-blocking performance
●
Non-blocking dedicated stacking interface that preserves switch ports●
24 fixed, full duplex, auto-sensing, auto-negotiating 10/100Base-TX ports with UTP RJ-45 connectors●
Two optional Gigabit Ethernet uplink modules, each with a single full duplex 1000Base-SX port with SC
connector
●
Three stacking interface slots on the back panel to connect any combination of slave switches, increasing
port count to a maximum of 96 10/100 ports
●
Store and forward architecture with full error-checking—CRC, alignment, runt, dribble and jabber●
Redundant power supply connector●
Console port for management●
Single entity management across all switches in a stack●
Dynamic IP routing using RIP1, RIP2, OSPF●
Support for up to 1,024 user-defined VLANs by protocol type, MAC address or switch port●
802.1Q VLAN tagging to streamline traffic flow●
802.1p traffic classes to prioritize traffic●
CIDR (Classless Internet Domain Routing) and VLSM (Variable Length Subnet Mask) addressing support●
Spanning Tree Protocol (STP)●
BitStorm L3S Series Device Manager management system including a full Command Line interface●
Complete web-based management control using Netscape or Internet Explorer●
RMON and SNMP support●
Field upgradable firmware with TFTP●
Package contents
The following items are included in the BitStorm L3S-T shipping carton:
BitStorm L3S-T Gigabit Ethernet Switch
●
Two mounting handles with socket head screws●
Allen wrench●
One 120v power cord●
One 240v power cord●
6
Four Phillips head rack mount screws●
Console cable●
BitStorm L3S-T Quick Start Installation Guide●
BitStorm L3S-T Release Notes●
BitStorm L3S CD with:
-- BitStorm L3S-T software
-- BitStorm L3S-T User’s Guide
-- Java Windows plug-in for browser-based management
-- BitStorm L3S-T Management Information Bases (MIBs)
-- TFTP Suite2000Pro software
●
7
BitStorm L3S-X Overview
The BitStorm L3S-X Gigabit Ethernet Switch is Layer 2/Layer 3 stackable switch with 24 fixed 10/100 ports. This
Switch does not stand alone. It is used only as a slave to the BitStorm L3S-T.
Up to three BitStorm L3S-X switches can be connected to the BitStorm L3S-T stack master using the Stacking
Interface Module shipped with each slave switch.
This Switch has:
24 fixed, full duplex, auto-sensing, auto-negotiating 10/100 Base-TX ports with RJ-45 UTP connectors
●
Built-in stacking interface●
Field service diagnostic port●
BitStorm L3S-X front panel
BitStorm L3S-X back panel
Package contents
The following items are included in the BitStorm L3S-X shipping carton:
BitStorm L3S-X Gigabit Ethernet Switch
●
Two mounting handles with socket head screws●
One 120v power cord●
One 240v power cord●
BitStorm L3S-T Stacking Interface Module and cable●
BitStorm L3S-X Quick Start Installation Guide●
BitStorm L3S-X Release Notes●
BitStorm L3S CD with BitStorm L3S-X software●
8
Stacking BitStorm L3S Switches
As new networks are deployed and existing ones continue to grow aggressively, managers need cost-effective
products that can adapt. Low cost, high-performance “stacked” switches that can be managed as a single entity
are the most desirable solutions, especially for small to medium-sized enterprises.
What is a “stackable” switch?
A stackable solution ensures that a “master” switch can be connected to one or more “slave” switches and that all
can function or be managed as a single logical device.
Built in a predominately standalone fixed-port configuration, this type of switch is typically a single-board system
that is self-contained in an enclosure with its own power supply.
Port density is increased by connecting one switch to another, unlike a chassis-based system in which ports are
added using expansion boards. A stackable switch is connected in a peer-to-peer or in a master-slave relationship
to switches of equal or similar size.
When a “stack” is not a stack
Many manufacturers today say their switches are “stackable” simply because they can be connected using a
single Gigabit uplink on each switch.
This not only “burns” switch resources by stealing a Gigabit link, it is an ineffective design that creates severe
blocking and packet loss between switches. Others use a “virtual chassis” where a separate switch is used as a
“traffic cop” to interconnect switches, again, using gigabit ports for this connection and creating both non
wire-speed transfers and blocking.
These switches are more accurately described as “linked” not “stacked”. They cannot truly be called stackable
switches because:
these external Gigabit links introduce a significant degree of blocking
●
these connections consume switch ports●
in many cases, they are not necessarily managed as a single unit and therefore cannot truly be called
stackable switches.
●
Linking
Some manufacturers “stack” their switches
by using a Gigabit uplink on each switch.
This uses valuable resources and creates
severe blocking and packet loss.
Virtual Chassis
Other manufacturers use a “virtual chassis” concept that burns
Gigabit ports while creating non wire-speed transfers and
blocking constraints.
Stacking
The BitStorm L3S system uses dedicated 8
Gbps stacking interfaces to guarantee
wire-speed, non-blocking performance.
When a stack is a stack
The only true stacking interface is a design that uses an external, high-speed bus to interconnect separate
stackable switches.
High-speed stacking bus
This interface connects the ports on the stackable “slave” switches directly to the switching fabric on the “master”
switch. This is the only switch interface technology that can deliver the bandwidth necessary for wire-speed packet
forwarding and eliminate blocking between connected switches.
What is blocking?
Basically, blocking is the inability of a switch to forward traffic due to bandwidth limitations. Technically, packet
transfers are blocked when sufficient bandwidth is not available for all packets to be forwarded at the highest
speed possible on the link.
Packets can be blocked externally as they are forwarded between switches as well as internally within the switch.
Internal, or head-of-line blocking, is eliminated through complex buffering and queuing, while blocking between
9
switches is a simple matter of providing sufficient bandwidth for wire-speed packet transfers.
How BitStorm L3S stacking eliminates blocking
BitStorm L3S's high performance stacking architecture guarantees that packets are forwarded at wire speed to all
ports on all switches in the stack without blocking any transmissions. BitStorm L3S does this using a dedicated
high-speed interface connecting all ports directly to the central switching fabric.
Blocking between switches
To avoid blocking between switches, a stackable switch must be able to forward the full traffic load from any of its
switch ports to any switch port on any switch in its stack.
Using the example of a single Gigabit uplink that is used to connect two switches with 24 Fast Ethernet ports, that
single Gigabit uplink is less than half the bandwidth needed to prevent blocking between two switches.
At full duplex, that single uplink delivers only 2Gbps of bandwidth instead the 4.8Gbps needed to forward packets
at wire-speed over all 24 Fast Ethernet ports also operating at full duplex.
At full duplex, 24 Fast Ethernet ports talking to 24 Fast Ethernet ports need 200 Mbps x 24,
or 4.8 Gbps of bandwidth for non-blocking performance.
At full duplex, a single Gigabit link between switches only provides 2 Gbps of bandwidth,
less than half of what's required.
BitStorm L3S stacking dedicates 8Gbps of bandwidth between 24-port switches,
almost double the 4.8 Gbps required for non-blocking transfers.
Single entity management
In a BitStorm L3S stack, the management software running in the master extends its power over the ports on the
slave switches. In effect, the slaves rely upon the greater power of the master. As such, slaves are very cost
effective. The master CPU runs a single management system that sees all ports in the stack as its own, making
the slave switches transparent to the network.
10
Routing
This Layer Three Gigabit Ethernet Switch is both a switch and a router.
It operates at Layer 2 like traditional switches, forwarding and discarding packets based only on Media Access
Control layer (MAC) addresses. Like traditional routers, it also operates at Layer 3, using network layer
information to route packets to another router, switched network segment or end-station.
Wire-speed routing
But, unlike traditional routers, the Switch routes at wire-speed, nearly ten times faster than conventional routers.
Conventional routers maintain routing tables in software and use a CPU to look up and maintain these
addresses. This Switch achieves routing at wire speed by using Application Specific Integrated Circuits, or
ASICs, to maintain routing tables in hardware.
The Switch eliminates the need for routers in the local area network (LAN). It might also be called a high-speed
or hardware-based router.
Migrating from routing to multi-layer switching
Migrating from a router-centric network to a BitStorm L3S network is extremely simple.
A typical, traditional collapsed backbone layout in a small company places the router in the center of the network
to create IP subnets and stop broadcast traffic from flooding the entire network.
That router can be replaced by a BitStorm L3S Layer 3 Gigabit Ethernet switch and moved to the edge of the
LAN to handle WAN communications.
Layer 2 switches can now be moved into workgroups, replacing hubs and putting each user on a dedicated port.
As traffic demands increase, those Layer 2 switches can be replaced by more BitStorm L3S switches.
How the Switch handle IP routing
On a local network, a Layer 2 switch identifies and transfers packets by reading the hardware addresses—the
source and destination MAC addresses. A Layer 2 switch cannot forward traffic destined outside of its local
11
network, so a router would be attached to one of the Switch’s ports and the router is set as the Switch’s default
gateway.
The Layer 2 switch propagates all packets to be routed to the router. The router compares the IP destination
address in each packet it receives to the information in its routing table, then either drops the packet or forwards
it to another router or network segment.
Dedicated routers are expensive, complex and slow.
They can create serious network bottlenecks because they must analyze all broadcast packets, forwarding
some, while maintaining up to date routing tables by communicating with other routers.
Traditionally, this processing is handled by the CPU and can be extremely time-consuming.
This Switch does the work of both of these devices, switching packets locally using Layer 2 information, building
and maintaining routing tables and routing packets like a traditional router, but at wire speed. The Switch
achieves wire-speed routing because IP address information is cached in hardware. The Switch does not have to
rely on its CPU for processing.
Enabling routing
Routing on this Switch is not only much faster, it is much easier to configure than on a traditional router. The
network manager configures routing interfaces by creating one or more port-based VLANs and by assigning an
IP address and subnet mask to the VLAN.
Dynamic routing protocols
These switches can also be configured to use standard routing protocols—RIP1, RIP2, OSPF—to calculate
paths through the network. They can be deployed on any network regardless of routing protocols already in use.
For more details, see:
Routing Information Protocol (RIP)●
Open Shortest Path First (OSPF)●
12
The Routing Information Protocol (RIP)
The Routing Information Protocol (RIP) is an Interior Gateway Protocol (IGP) used mainly on
moderately-sized networks. RIP uses a vector-distance routing method that keeps a table of all known IP
address destinations (the vector) and the number of hops to reach them (the distance).
Configuring RIP
To configure RIP settings using either the Command Line or Web version of the BitStorm L3S Series Device
Manager, see:
Configuring RIP - Command Line version●
Configuring RIP - Web version●
For an overview of RIP and the settings you need to make in configuring RIP, see Background below. For
complete details, refer to RFC 1058 and RFC 1723, which define RIP versions 1 and 2.
Background
RIP routers choose the network path that goes through the minimum number of routers, or hops. RIP supports a
maximum hop count of 15. Destinations 16 hops or more away are considered unreachable.
The hop count is also referred to as the cost or metric. IP address prefixes belonging to directly connected
network segments appear in the routing table with a cost of 1.
RIP routers exchange routing information with other RIP routers by broadcasting updates at regular, pre-set
intervals. These updates include a copy of a router's entire routing table, the list of all known destination prefixes
and their metrics.
When it receives a RIP update from a neighbor, a RIP router decides whether or not to update its own routing
table.
Triggered updates
When its routing table does change, the RIP router can be set to broadcast updates immediately without waiting
for the preset update timer whose default is 30 seconds. These are called triggered updates. Triggered updates
advertise only those prefixes whose cost has changed. For example:
an interface has been enabled
●
an interface has gone down●
a RIP update from a neighbor has modified the routing table●
a routing table entry has timed out●
Because a RIP router expects to receive routing updates continually, it eventually gives up on the next-hop
router after it fails to receive updates. After 90 seconds pass without an update from the next hop router, the
router moves the next hop to any neighboring router that advertises a path of equal cost. After 180 seconds, the
entry is declared unreachable.
RIP can be enabled on any routing interface on your Switch. When you configure RIP, the Switch uses this
protocol to determine the best path to another network. It does this by sending and receiving updated routing
information from other RIP routers.
It compiles this information in a routing table of every network destination it has learned. This table includes:
the IP address of the destination network
●
the metric, or number of hops, to the destination network●
the IP address of the next router●
a timer indicating how much time has elapsed since an entry was last updated●
Under RIP, routers are either active or silent. Active routers advertise their routes to others. Silent routers can
only listen. They cannot send routing information to others. Both active and silent RIP routers listen to all
messages and update their routing tables accordingly.
Once a RIP-enabled routing interface learns a route, it keeps it until it learns a better one. If the first port to
advertise a route fails, all listeners must timeout all routes they learned via RIP from all other RIP ports. A route
13
becomes invalid if 180 seconds pass without that route being advertised again.
RIP has certain features that provide stability in rapidly changing network conditions.
Split horizon
When RIP enabled interfaces are initialized, they build a routing table based on their directly connected
interfaces. During the time it takes for this information to converge and the best route to be determined and
stabilized, routing loops can occur. These loops are created when one routing interface receives information that
includes itself as an intermediate hop to another destination.
For example, Router Interface 2 has a route to Router A, broadcasts that to Router Interface 1, which broadcasts
back to Router Interface 2 a route to A, with Router Interface 2 as an intermediate hop.
Split horizon helps reduce bandwidth consumption and speeds up information distribution by advertising to an
interface only the routing information obtained from other interfaces. Router Interface 1 does not advertise the
routes it learned from Router Interface 2 back to Router Interface 2.
Poison reverse updates
Poison reverse updates prevent larger loops in a network by setting the metric (cost) of neighboring routers to
infinity, and therefore, unreachable.
14
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed to overcome some of RIP's
limitations when it operates in more complex networks.
Where RIP keeps a table of all known destinations and the number of hops to reach them, OSPF is a link-state
routing method that keeps routing information only for the router's IP domain and its neighboring routers, not the
entire network.
OSPF works best in hierarchical networks, while RIP, which is a simpler protocol to manage, works best in flat
networks. For complete technical details on implementing OSPF, refer to RFCs 1583 and 1850 which define
OSPFv2.
OSPF benefits
faster route convergence
●
conserves bandwidth, only sending updates when changes occur●
no hop count limit●
supports hierarchical topologies●
OSPF overview
OSPF splits the network into independent parts called areas and connects these areas to a backbone area.
Each area is identified with a unique 32-bit area_id number imbedded in OSPF packets. The Switch processes
OSPF packets only if one of its interfaces resides in the area advertised by the packet.
Each OSPF router builds a shortest path tree with itself as the root. The router sends updates to its neighboring
routers and verifies that they all have a consistent network map.
Autonomous system
In OSPF, a single IP domain is called an autonomous system (AS). The topology within other areas is hidden
from the rest of the autonomous system.
This diagram illustrates the OSPF areas and types of routers described below.
Area 0 - the Backbone
An OSPF network must have an area configured as Area 0, or the backbone area. All areas in an
●
15
autonomous system must be connected to the backbone. This backbone area allows summary
information to be exchanged between Area Border Routers. When designing an OSPF network, you
should start with Area 0.
Stub Areas
A stub area is an area that is only connected to one area, often this is the backbone area. Route
information is not advertised into stub areas. By creating stub areas, you reduce the router's memory use
and processing requirements.
●
Not-so-Stubby Areas (NSSA)
A not-so-stubby area is the same as a stub area except that external routes learned by an Autonomous
System Border Router can be advertised within the NSSA. Likewise, external routes learned in an NSSA
can be advertised to other areas.
●
OSPF routers
OSPF classifies different types of routers depending on the area in which they reside and what their tasks are.
An Internal Router (IR) is one with all of its routing interfaces in the same OSPF area.
●
An Area Border Router (ABR) has interfaces in more than one OSPF area. Every ABR listens and
exchanges information with other ABRs. By examining the advertisements from other ABRs, an ABR
creates its link state database
●
An Autonomous System Border Router (ASBR) is a gateway between OSPF and other routing
protocols or other autonomous systems.
●
Link State Database
A Link State Database is used to create the OSPF routing table. This database contains all the Link State
Announcements (LSA) that it has issued and received. All routers within an area have exactly the same Link
State Database.
Link State Announcements (LSA)
When OSPF is configured on a routing interface on a BitStorm L3S Switch, the Switch sends a Link State
Advertisement (LSA) over the routing interface. This LSA tells neighboring routers the state of the routing
information in that routing interface's Link State Database.
Configuring OSPF
To configure OSPF, see:
OSPF Configuration Basics●
16
Virtual LANs
A virtual LAN (VLAN) is a logical way to segment a network without changing physical connections. In a VLAN,
broadcast packets or packets with unknown destination addresses are forwarded only to ports that are VLAN
members.
Eliminate need for more routers
Using VLANs, you can increase network segmentation without adding more hardware. VLANs can eliminate the
need for existing routers or for more routers as your network grows. Existing routers can be redeployed to
concentrate on WAN traffic. Think of VLANs as simply a group of end-stations that
can be on multiple physical segments,
●
are not constrained by their physical location,●
can communicate as if they were on a common LAN.●
Major VLAN benefits
Reduces the size of the collision domain and load on servers and workstations by filtering out irrelevant
traffic
●
Eliminates complicated, time-consuming move and change procedures as users change workgroups●
Reduces traffic over routers●
Increases security●
Simple management for more than 4,000 VLANs
Your Switch can support up to 4,096 VLANs and has features that reduce complex VLAN configuration and
management.
Layer 2 VLANs
You can create Layer 2 VLANs based on ports on the Switch or end-station MAC addresses. Port-based VLANs
create immediate and separate collision domains on a single switch or directly-connected switches. MAC
address-based VLANs could be used in environments where laptop users want to connect to the network on any
available network jack.
Layer 3 VLANs
You can create Layer 3 VLANs manually or let the Switch create them automatically. The Switch can currently be
set to automatically create network protocol-based VLANs.
802.1Q VLAN tagging
The Switch supports 802.1Q VLAN tagging, a process whereby the Switch dynamically inserts VLAN
membership information into packets to distribute VLAN membership information across multiple switches.
This VLAN membership information comes from
the administrator configuring specific VLANs
●
the Switch learning VLAN identity by snooping the packets traveling through it●
VLAN-tagged packets are forwarded within the Switch only to ports leading to a VLAN member and outside of
the Switch to other 802.1Q compliant switches.
802.1Q VLAN tagging—externally
The IEEE 802.1Q VLAN tagging standard defined how manufacturers could create devices that would support
VLANs that could span multiple switches from different vendors. This interoperability and traffic containment
across different switches is the result of a switch's ability to use and recognize the 802.1Q Tag Header.
Switches that implement 802.1Q tagging add this tag header to the frame directly after the destination and
source MAC addresses. Your Switch supports external 802.1Q VLAN tagging, fully described in VLAN Tagging.
802.1Q VLAN tagging—internally
Just as importantly, the adoption of this standard also gave EN a mechanism to streamline traffic within the
Switch itself. Your Switch, automatically and transparently, makes filtering and forwarding decisions by reading
VLAN membership information contained in the packet header and updating VLAN membership tables by what it
learns. This is how it works:
17
Incoming
The Switch classifies packets coming in on a port based on their VLAN identifier (VID)—or lack of one. If
the packet has a VID, the Switch forwards the packet only to the ports for that VLAN.
●
VLAN tagging
If the packet does not have a VID, the Switch assigns one based on what it has learned. It inspects the
packet and places it in a VLAN based on what it learns. It assigns the packet to an existing VLAN in the
following order.
IP address
❍
network protocol type❍
MAC address❍
If there are no matches, the Switch tags the packet with the VID of the port it came in on.❍
●
Learning
The Switch learns VLAN membership information by inspecting the source addresses and VLAN
classification of all incoming and outgoing packets and records this information in its forwarding database.
●
Filtering and forwarding
Based on the information found in the VLAN database and the port state, the Switch either forwards
packets to other ports or filters them.
●
To learn how to use and configure VLANs, see:
Sample VLAN Applications●
Configuring VLANs—Overview●
18
Sample VLAN Applications
Here are some examples of how different types of VLANs solve business and network traffic dilemmas.
Users in the Engineering Department have highly sensitive material that needs to be protected.●
Solution: Create firewalls by placing each user into his or her own MAC-based VLAN. Traffic to
that VLAN is intended only for that user. No one can listen to that user’s traffic because it never
goes onto any other segment. Or, you can ensure greater security by dedicating a switch port to
each user in their own port-based VLANs, creating both a physical and a virtual restriction.
Users in the Accounting and Manufacturing Departments need guaranteed access to the
mainframe via SNA.
●
Solution: Create a protocol-based VLAN and set a priority level for this traffic using Quality of
Service. These users are members of other VLANs—such as the corporate email VLAN—but their
SNA traffic will always be handled as the Switch’s first priority traffic.
The Sales Department has mobile, laptop users who need to dial in and often work from different
company branch locations.
●
Solution: Create an IP subnet VLAN using IP addresses to identify each user. Regardless of
where they are on the corporate network, or which docking station or network jack they use, they
will be located.
The company’s top executives—the President and Vice Presidents of all departments—need
access to the Accounting, Sales and Manufacturing VLANs.
●
Solution: Make each executive a member of each departmental VLAN.
A member of the Accounting VLAN sits in the Sales Department, using the Sales Department
printer. Each time he prints, the print job travels over the router to the printer.
●
Solution: Make the printer a member of both the Sales VLAN and the Accounting VLAN.
19
Management Options
The Switch is shipped complete with its own SNMP management system called the BitStorm L3S Series Device
Manager. This management system gives you different levels of control over all of the Switch's functions through
three different user interfaces:
a command line
●
a text-based console●
a web browser●
The management capabilities vary depending on your selection. For complete details, see these sections:
The BitStorm L3S Series Device Manager - Command Line version●
The BitStorm L3S Series Device Manager - Console version●
The BitStorm L3S Series Device Manager - Web version●
You can also manage the Switch using:
HP OpenView or any other SNMP-based management software
●
Telnet●
In-band and out-of-band management
You can manage your Switch either in-band or out-of-band.
Out-of-band
Directly at the Switch, using the console version of the Switch's built-in BitStorm L3S Series Device
Manager. You can access this text-based software using a VT100 terminal or workstation running
VT100 emulation software, such as Windows HyperTerminal, connected to the Switch's console
port.
❍
Directly at the Switch, using an SNMP-based network management system installed on a
workstation directly connected to the Switch's console port.
❍
Remotely through a modem attached to the Switch's console port, using the Switch's built-in
console program or any SNMP-based network management system
❍
●
In-band
Over the network, using an SNMP-based network management system installed on a network
workstation or Telnet.
❍
●
20
This manual suits for next models
1
Table of contents
