Transcript CLI Command

Ntopia 스위치 운용자 교육
목
차
• Alpine 3800 스위치 소개
• 스위치 장비에 대한 기본 명령어
• Ports, Bridging 및 VLAN 구성
• IP Unicast Routing 구성
• OSPF 개념 및 구성
• Bandwidth Rate 조정
• Software Upgrade
2
Alpine 3800
Chassis Series Switches
Alpine 3808, 3804, 3802 Platforms
• Alpine 3808




1 slot for SMMi
8 slots for I/O modules
12 RU height, only 12” deep
64 Gbps non-blocking fabric
• Alpine 3804




1 slot for SMMi
4 slots for I/O modules
6 RU height, only 12” deep
32 Gbps non-blocking fabric
• Alpine 3802





Integrated SMMi
2 slots for I/O modules
3 slots in extended mode
4 RU height, only 12” deep
16 Gbps non-blocking fabric
4
Alpine 3808, 3804, 3802 Features
• High redundancy and reliability



Dual load sharing power supplies
Hot swappable I/O modules and fan tray
Dual ExtremeWare images & configurations
• Specialized interface modules



GBICs - 70 Km, WDMi - 35 Km
Ethernet over VDSL
Legacy WAN interfaces
• High density, low profile





12U (3808), 6U (3804) or 4U (3802); 12”
deep
32-port 10/100BASE-TX, 24-port 100BASEFX
4-port 1000BASE-SX or LX, 1000BASE-T
4-port T1 WAN, 4 port E1 WAN, 1-port T3
WAN
8-port Ethernet over VDSL
• Performance – 16-64 Gbps

12-48 Million pps
5
Alpine 3808 and 3804
Switch Management Module
• Dual CPU sub-system
• ExtremeWare license
SMMi
 Basic Layer 3 license included
 Upgrade to full Layer 3
• Out-of-band management
 Two serial ports modem & console
 10/100BASE-TX port
• Management interfaces
 Command Line Interface (CLI) &
ExtremeWare Vista
 SNMP & RMON client
6
Alpine 3808 and 3804 GbE Modules
• GM-4Xi (GBIC-based) is ideal for
medium & long reach application

GM-4Xi

1000BASE-LX (10 Km) & LX70
(70 Km)
Optimal for serviceability and flexibility
• GM-4SXi is ideal for local interconnect
GM-4SXi
GM-4Ti

MT-RJ multimode fiber interface
(50 & 62.5 µm)
• GM-4Ti is ideal for server co-location
and data center applications

Category 5, RJ-45 UTP interface
• All modules support up to 32 GbE
ports per chassis
• Non-blocking architecture - 6 million pps
• Wire-Speed IP/IPX Routing & switching
7
Module 1
스위치 장비에 대한 기본 명령어
Basic Management Interfaces
• CLI - Command Line Interface
 Console Port connection를 이용
 Telnet client를 이용
• ExtremeWare VISTA
 web browser Interface
9
CLI 명령어의 구조
#PROMPT
history
Accounts
clear
quit
save
logout
help
enable
disable
configure
ping
unconfigure
create
delete
show
traceroute
reboot
download
use
Configuratio
n
rip
vlan
protocol
log
stpd
switch
qosprofile
ipstats
fdb
ipfdb
memory
configuration
stats
management
collisions
iparp
errors
iproute
packet
ports
utilization
version
session
ipconfig
port
number
10
Syntax Helper의 예제
First-tier
command:
Using the
command
completion key
<tab> displays
all of the
second-tier
options
Previous
command is
echoed, Second
and Third-tier
commands are
added to syntax
string
Completed
command
syntax
Summit4:3 # show <tab>
Next possible completions:
access-profile accounts banner configuration debugtrace diagnostics dns-client dvmrp edp esrp
fdb gvrp igmp iparp ipconfig ipfdb ipmc ipqos iproute
ipstats ipxconfig ipxrip ipxroute ipxsap ipxservice
ipxstats log management memory mirroring ospf
pim-dm ports protocol qosprofile radius rip session
sntp-client stpd switch udp-profile version vlan <udp
forwarding profile> <access profile> <vlan name>
<spanning tree name> <protocol name> <QOS profile>
Summit4:3 # show port <tab>
Next possible completions:
collisions configuration info packet qosmonitor
rxerrors stats txerrors utilization <port number>
Summit4:3 # show ports configuration <tab>
Next possible completions:
<cr>
Summit4:3 # show ports configuration
11
명령어 구문에 대한 단축기능 예제
명령어를
단축한다
“SHOW
VERSION”
Summit4:3 # sh ver <cr>
System ID:
800002-11-9808A09014
Board ID:
700002-10-9751A04650
Left Board ID:
700006-02-9806A08135
Right Board ID: 700006-02-9806A08143
Image : ExtremeWare Version 4.1.12 (Build 3)
Release_Master Wed 10/13/199 9 4:14p
by
BootROM : 1.8
명령어를
단축한다
“ENABLE”
명령어를 단축한다
“ENABLE”,
“IPFORWARDING”,
“VLAN” using
named vlan Default
Summit4:3 # en ip <tab>
Ambiguous token ip
ipxsap
ipxrip
iproute
ipmcforwarding
ipforwarding
Summit4:4 #
*Summit4:4
en ipf vl default
#
<cr>
Note configuration change indicator
*
12
명령어 구문에 대한 단축기능 예제
Long Form
configure vlan red add
ports 1,2,3,5,6,7 tagged
Abbreviated Form
co red a p 1-3,5-7 t
13
CLI Console Port Connection
• 직접 콘솔 케이블을 갖고 콘솔포트로 접속한다.
• Switch console port settings are as follows:





Baud rate - 9600
Data bits - 8
Stop bit - 1
Parity - None
Flow Control - XON/XOFF
• Switch의 console port와 터미널의 설정값은 반드시
동일해야 된다.
14
User Accounts (유저 계정)
• 다음의 두 가지를 제외하고 모든 관리 parameter들을
조회할 수 있다
 User account database
 SNMP community strings
• Ping 명령어를 사용할 수 있다.
• 자신의 password를 수정할 수 있다.
• User ID로 login 하게 되면 prompt의 끝은 “>” 이다.
 Alpine3808 >
15
Administrator Accounts (관리자 계정)
•
•
•
•
•
모든 스위치의 Parameter들을 변경할 수 있다.
기타 user 추가,삭제 와 권한 변경이 가능하다.
어떤 user의 password 변경도 가능하다.
기존에 연결된 telnet session을 disconnect 할 수 있다.
Admin login 하게 되면 prompt의 끝은 “#” 이다 .
 Alpine3808 #
16
CLI Commands ( 예제 )
•
•
•
•
•
show switch
show diagnostics
show management
create accounts
show accounts
17
Sample show switch Display
18
CLI Command - show diagnostics
• Cold-boot 동안의 자체 진단 test 결과를 보여준다.
-----------------------------------------------------------------------Diagnostic Test Result run on Fri Sep 11 02:13:40 1998
-----------------------------------------------------------------------System Platform
: SUMMIT4
System Part No
: 800006
Rev. 13
Serial No 9809A09601
Main Board No
: 700002
Rev. 10
Serial No 9805A07376
MAC Address
: 00:e0:2b:03:eb:00
-----------------------------------------------------------------------CPU System
|
Passed
----------------------------------------------------------------------------------------------------------------------------------------------Registers Test |
Passed
-----------------------------------------------------------------------Memory Test
|
Passed
-----------------------------------------------------------------------System Test
|
Passed
------------------------------------------------------------------------
19
Sample Display - show management
* Summit24:19 # sh man
CLI idle timeouts:
disabled
CLI Paging:
enabled
CLI configuration logging enabled
Telnet access:
enabled
Web access:
enabled
SNMP Access:
enabled
SNMP Read Only Community:
public
SNMP Read Write Community:
private
RMON polling:
disabled
SNMP Traps:
enabled
SNMP TrapReceivers: NONE
SNMP Manager access control: disabled
SNMP stats: inPkts 48586 outPkts 48586 errors 2
authErrors 0
Gets 14047
GetNexts 34539 Sets 0
SNMP traps: sent 0 authTraps enabled
Login stats:
validLogins 36 badPasswords 1 unknownUsers 4(last bad user: )
Telnet: total 37
valid 32
invalid 5
HTTP: total 4 valid 4 invalid 0
* Summit24:20 #
20
CLI Command - create account
• Admin level에서 User account를 생성하는 방법은
아래와 같다.
• SYNTAX
create account [admin | user] <username>
{encrypted} {<password>}
21
CLI Command - show accounts
• Displays the following: (admin 계정만이 사용가능)
 계정 이름
 계정 권한
 Login 성공 및 실패 , 현 사용중인 session 의 개수와 계정의
권한을 보여준다.
User Name
Access LoginOK Failed Session
---------------- ------ ------- ------ ------admin
R/W
1
0
user
RO
0
0
22
CLI Command - show switch
23
CLI Command - reboot
reboot { <date> <time> | cancel }
This command will reboot the switch.
24
Switch Boot Messages
ExtremeWare
Copyright (C) 1999 by Extreme Networks
===============================================
Version 4.1.9 (Build 2) By Release_Master on Thu 06/17/1999 4:04p
System Serial Number: 9917F02171
Memory Size: 33554432 (32MB)
MAC Address: 00:e0:2b:0c:80:00
ASIC register and memory test ..........passed
Start running diagnostic test .............................................passed
Copyright (C) 1998 by Extreme Networks
login: admin
password:
Press the <tab> key at any time for completions.
Don't forget to save your configuration changes.
Summit4:1 #
25
CLI Command - save config
save {configuration} {primary | secondary}
Save 시 primary , secondary 영역 두 가지 중에
한가지로 선택 가능하고 특히 지정하지 않는다면
primary영역에 저장된다.
26
CLI Command - use config
use configuration {primary | secondary}
다음 booting시에 configuration 을 primary,
혹은 secondary 에서 load 할지를 선택할
수 있다.
27
CLI Command - unconfig switch
unconfig switch
User accounts 및 Password 그리고 Date ,
Time을 제외하고 모든 설정값을 공장
초기값으로 변경한다.
unconfig switch all
Date 및 Time을 제외하고 모든 설정값을
공장 초기값으로 변경한다.
28
Module 2
Ports, Bridging 및 VLAN Configuration
Ports and Configuration
Enabling and Disabling Ports
• 모든 port는 defualt로 admin enable되어 있음.
• CLI command로 port enable 혹은 disable 시킴.
[enable | disable] port <port number>
31
Turning Off Auto-Negotiation - GbE
• Gigabit 이더넷 포트도 Fast 이더넷 포트와 마찬가지로
auto-negotiation 을 on/off 시킬 수 있다.
• The command to turn auto-negotiation off is:


Config ports 4:1 auto off duplex full speed 1000
Config ports 5:1 auto off duplex half speed 100
32
CLI Commands for Port Configuration
•
•
•
•
•
•
•
•
•
•
•
•
enable/disable learning ports
enable/disable ports
config port auto on/off
show ports
show ports configuration
show ports info
show ports packet
show ports RXerrors
show ports TXerrors
show ports stats
show ports utilization
show stpd port
33
CLI Command - config port auto on/off
• auto-negotiation on
 config port <port number> auto on
• auto-negotiation off
 config port <port number> auto off {speed
[10|100]} duplex [half|full]
34
CLI Command - show ports collisions
show ports {<port number>} collisions
• 실시간 collision statistics.
Port Collision Monitor
Wed Sep 9 23:14:09 1998
Port Link
Collision Histogram
Num Status
1
2
3
4
5
6
7
8
9 10 11 12 13 14 15 16
================================================================================
1 ACTIVE
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
3
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
4
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
5
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
6
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
7
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
8
READY
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
===============================================================================
0->Clear Counters U->page up D->page down ESC->exit
35
Example - show ports configuration
Summit4 # show ports config (현 각 포트 config 현황)
Port Configuration Monitor
Wed Sep 9 23:21:28 1998
Port
Port
Link
Auto
Speed
Duplex
Flow Ld Share Media
Num
State
Status Neg
Cfg Actual Cfg Actual Ctrl
Master Pri Red
================================================================================
1 ENABLED
ACTIVE
ON AUTO
100 AUTO FULL NONE
UTP
2 ENABLED
READY
ON AUTO
AUTO
UTP
3 ENABLED
READY
ON AUTO
AUTO
UTP
4 ENABLED
READY
ON AUTO
AUTO
UTP
5 ENABLED
READY
ON AUTO
AUTO
UTP
6 ENABLED
READY
ON AUTO
AUTO
UTP
7 ENABLED
READY
ON AUTO
AUTO
UTP
8 ENABLED
READY
ON AUTO
AUTO
UTP
9 ENABLED
READY
ON AUTO
AUTO
UTP
10 ENABLED
READY
ON AUTO
AUTO
UTP
11 ENABLED
READY
ON AUTO
AUTO
UTP
12 ENABLED
READY
ON AUTO
AUTO
UTP
13 ENABLED
READY
ON AUTO
AUTO
UTP
14 ENABLED
READY
ON AUTO
AUTO
UTP
15 ENABLED
ACTIVE
ON AUTO
100 AUTO FULL NONE
UTP
16 ENABLED
ACTIVE
ON AUTO
100 AUTO FULL NONE
UTP
17 ENABLED
ACTIVE
ON 1000
1000 AUTO FULL NONE
SX
18 ENABLED
ACTIVE
ON 1000
1000 AUTO FULL NONE
SX
================================================================================
U->page up D->page down ESC->exit
36
CLI Command - show ports info
show ports {<port number>} info
• 자세한 port 상황 표시
BRIDGE_LAB_2:19 #
show ports info
Information for port 2:
Port state: enabled
Link state: ready
Port diagnostic: pass
Configured Duplex mode: auto
Configured speed: auto
Link up 0 time(s)
Link down 1 time(s)
Media type: UTP
Has redundant port: no
Summit Link disabled
Extreme Discovery Protocol: enabled
Qos Monitor: disabled
Load sharing is not enabled
MAC Learning: enabled
VLAN information:
Qos Profile: None configured
Queue to Qos Profile Mapping:
Q0: QP1
MinBw 0, MaxBw 100, Pri Low
Q1: QP2
MinBw 0, MaxBw 100, Pri Normal
Q2: QP3
MinBw 0, MaxBw 100, Pri Medium
Q3: QP4
MinBw 0, MaxBw 100, Pri High
37
CLI Command - show ports packet
• 실시간 패킷 사이즈별 트래픽 양을 표시함.
show ports {<port number>} packet
Receive Packet Statistics
Wed Sep 9 23:26:06 1998
Port Link
Packet Sizes
Num
Status
0-64
65-127
128-255
256-511
512-1023 1024-1518
================================================================================
1
ACTIVE
88
84
71
31
0
0
2
READY
0
0
0
0
0
0
3
READY
0
0
0
0
0
0
4
READY
0
0
0
0
0
0
5
READY
0
0
0
0
0
0
6
READY
0
0
0
0
0
0
7
READY
0
0
0
0
0
0
8
READY
0
0
0
0
0
0
9
READY
0
0
0
0
0
0
13
READY
0
0
0
0
0
0
14
READY
0
0
0
0
0
0
15
ACTIVE
0
0
0
70
0
0
16
ACTIVE
163
14
0
70
0
0
17
ACTIVE
28
0
20
160
0
0
18
ACTIVE
81
4
0
108
0
0
================================================================================
0->Clear Counters U->page up D->page down ESC->exit
38
CLI Command - show ports stats
• 실시간 각 포트별 트래픽 양을 보여준다.
show ports {<port number>} stats
Port Statistics
Wed Sep 9 23:31:14 1998
Port Link
Tx Pkt
Tx Byte
Rx Pkt
Rx Byte
Rx
Rx
Num Status
Count
Count
Count
Count
Bcast
Mcast
================================================================================
1 ACTIVE
187
41276
273
36112
197
72
2
READY
0
0
0
0
0
0
3
READY
0
0
0
0
0
0
4
READY
0
0
0
0
0
0
5
READY
0
0
0
0
0
0
6
READY
0
0
0
0
0
0
7
READY
0
0
0
0
0
0
8
READY
0
0
0
0
0
0
9
READY
0
0
0
0
0
0
13
READY
0
0
0
0
0
0
14
READY
0
0
0
0
0
0
15 ACTIVE
267
38315
75
25650
0
0
16 ACTIVE
75
25650
266
38251
126
65
17 ACTIVE
351
77789
221
63933
34
16
18 ACTIVE
225
47591
211
46600
59
29
===============================================================================
0->Clear Counters U->page up D->page down ESC->exit
39
Introducing
VLAN - Virtual LAN
VLAN - Default
• 기본적으로 장비는 Defualt Vlan을 갖고 있다.
• 기본적으로 모든 포트는 Default Vlan안에
포함 되어 있다.
• Default Vlan은 지워지거나 이름이 바뀔 수
없다.
 VLAN names 은 대소문자를 구분하지는 않는다.
Summit2
VLAN Default
41
Types of VLANs
• Port-based VLAN
 Untagged VLANs
 Tagged VLANs
42
Port-based VLAN
Single Switch
43
Uses of Tagged VLANs
• Vlan은 두개 이상의 S/W 로 확장될 수 있음.
• 하나의 포트는 여러 개의 vlan에 포함될 수 있다.
• untagged port는 하나의 VLAN 에만 속하게 됨.
trunk
44
Network Example
Physical Configuration
trunk
Logical Equivalent
45
VLAN Configuration Commands
• create/delete vlan
• config/unconfig vlan ipaddress
• config vlan add/del port tag | untagged
• show vlan
46
CLI Command - create/delete vlan
create vlan <vlan name>
delete vlan <vlan name>
VLAN은 우선 create 명령어를 사용하여 생성후
ipaddress, add port등을 config하여야 함.
VLAN name 은 32 문자까지 지원된다.
47
CLI Command - config/unconfig vlan
configure vlan <vlan name> ipaddress
<ipaddress> {<address mask>}
unconfigure vlan <vlan name> ipaddress
config vlan RED ipaddress 10.0.0.1 255.255.255.0
or
config vlan RED ipaddress 10.0.0.1 / 24
48
CLI Command - config vlan add/del port
configure vlan <vlan name> [add | delete]
port <port number> {tagged | untagged}
하나의 vlan에 해당하는 port 를 add 시킴.
기본적으로 port 는 untagged option으로 되어
있음.
49
Example CLI Command - show vlan
BRIDGE_LAB_2:31 # show vlan blue
VLAN Interface[3-fd8] with name "blue" created by user
Tagging:
Untagged (Internal tag 4094)
IP:
10.1.0.2/255.255.255.0
IPX:
Not configured
STPD:
Domain "s0" is not running spanning
tree protocol
Protocol:
Match all unfiltered protocols.
Qos Profile:
QP1
Ports:
3.
(Number of active port=3)
Untag: 15 18 22
50
Module 3
IP Unicast Routing and
Configuration
Layer 2 Operations Review
10.0.0.0/24
Host A
Host B
Source IP Host
Address
"A"
Destination IP
Host Address
"B"
Source MAC
Address
"A"
Destination MAC
Address
"A"
Destination MAC
Address
"B"
Source MAC
Address
"B"
Destination IP
Host Address
"A"
Source IP Host
Address
"B"
52
Layer 3 Operations - IP Routing
Network Table for Switch 1
40.0.0.0/24
Host E
Host D
S1
Destination
Network
Network
Gateway
Metric
30.0.0.0 /24
30.0.0.S1 /24
1
40.0.0.0 /24
40.0.0.S1 /24
1
10.0.0.0 /24
30.0.0.S2 /24
1
30.0.0.0/24
10.0.0.0/24
Network Table for Switch 2
Host A
S2
Host B
Destination
Network
Network
Gateway
Metric
10.0.0.0 /24
10.0.0.S2 /24
1
30.0.0.0 /24
30.0.0.S2 /24
1
40.0.0.0 /24
30.0.0.S1 /24
1
Host C
53
CLI Command -
enable/disable ipforwarding
enable ipforwarding {vlan <name>}
disable ipforwarding {vlan <name>}
VLAN별 routing을 enable/disable 할수
있으며 VLAN name을 입력하지 않으면 모든
VLAN의 routing을 enable/disable 할 수 있다.
Default setting 은 disabled.
54
Router Interface - (RIF)
• Simply a VLAN configured with an IP Address
C
B
Router Interface
D
A
Network:
VLAN Green :
192.206.35.0/24
192.206.35.1/24
Network: 192.207.36.0/24
VLAN Red: 192.207.36.1 /24
55
The IP Route Table
* Summit4:32 # show iproute
Destination
Gateway
Mtr
Flags
10.1.0.0/24
10.1.0.2
1
10.101.10.0/24 10.101.10.3
1
10.101.20.0/24 10.101.20.3
1
127.0.0.1/8
127.0.0.1
0
UH
Default Route 10.101.10.1
1
GM
Press <SPACE> to continue or <Q> to quit:
Use
0
4
4
0
22
VLAN
blue
--------------Default
--------
Origin
Direct
Direct
Direct
Direct
Static
56
Configuring IP Unicast Routing
1 – VLAN 생성 ( create VLAN test )
2 – 각 VLAN에 ipaddress 할당
3 – 각 VLAN IP forwarding enable
4 – 각 VLAN에 라우팅 프로토콜 설정
5 – 라우팅 프로토콜 활성화-enable (RIP or OSPF)
57
IP Routing CLI Commands
•
•
•
•
•
config iproute add/delete <ip addr>
config iproute add/delete default
Sh iproute or static
Sh iproute or ospf
Sh iparp
58
CLI Command - config iproute add/del
config iproute add <ipaddress> <mask>
<gateway> {<metric>}
config iproute delete <ipaddress> <mask>
<gateway>
59
CLI Command -
config iproute add/del default
config iproute add default <gateway> {<metric>}
config iproute delete default <gateway>
60
CLI Command - clear iparp
clear iparp [<ipaddress> <mask> |
vlan <name>]
하나의 entry를 Arp table안에서
임시적으로 clear 시킨다.
영구적으로 clear 되는 것이 아니고
임시적으로 clear 된다.
61
Verifying IP Routing Configuration
•
•
•
•
•
show ipconfig
show ipfdb
show iproute
show ipstats
show iparp
62
show ipconfig - Global Flags
*Summit4:27 # sh ipconfig
IP Routing :
Use Redirects :
RIP :
DVMRP :
PIM-DM :
OSPF :
IRDP :
BootpRelay :
Route Sharing :
Multinetting :
IGMP Snooping :
ARP Timeout :
Enabled
Disabled
Disabled
Disabled
Disabled
Enabled
Enabled
Disabled
Disabled
Disabled
Enabled
Enabled [20 minutes]
|
63
show ipconfig - VLAN Specific Info.
|
|
Router Interface[0] on VLAN Default is enable and up.
UDP Forwarding profile: none.
inet 10.101.3.34 netmask 0xffffff00 broadcast 10.101.3.255
Multicast ttl 1 metric 1 mtu 1500
Flags:
IP Fwding
NO Fwd Bcast YES
IPmc Fwd NO
ISQ NO
BOOTP Host NO
IGMP YES
IGMP Ver V2
SendUnreach YES Send Redir YES IRDP Advert NO ESRP NO
RIP
NO
OSPF
NO
DVMRP NO PIM-DM NO
64
CLI Command - show ipfdb
show ipfdb {<ipaddress> | vlan <name>}
Summit_Switch :2 # sh ipfdb
Dest IP Addr TblIdx MacIdx Flag FlowInfo MAC Address VLAN Port
--------------- ------ ------ ---- -------------------------- ---207.195.33.1 0DE3.0 0FED.0
.0000 00:50:04:87:82:4c 4093 7
Total number of entries = 1
65
Example Display - show iproute
* Summit3:52 # sh iproute
Destination
10.2.0.0/24
10.101.3.0/24
127.0.0.1/8
Default Route
Gateway
10.2.0.1
10.101.3.34
127.0.0.1
10.101.0.1
Mtr Flags Use
1
0
1
3696
0 UH
0
1 GM
0
VLAN
test
-------Default
--------
Origin
Direct
Direct
Direct
Static
Total number of routes = 4.
Mask distribution:
1 default routes
2 routes at length 24
Route origin distribution:
3 routes from Direct
1 routes at length 8
1 routes from Static
66
Example Display - show iparp
Summit4:1 # sh iparp
Destination
10.101.1.101
10.101.1.100
10.101.0.153
10.101.0.1
10.101.0.254
10.101.1.253
10.101.0.101
Summit4:2 #
Mac
Age Flags Vlan
00:60:08:2e:1f:bf
4
grapes (4095)
00:60:08:2e:1f:cc
9
grapes (4095)
00:60:08:b7:59:24 13
Default (1)
00:e0:2b:00:a8:00 12
Default (1)
00:e0:2b:02:a0:00 0
Default (1)
00:e0:2b:01:22:00 1
grapes (4095)
00:60:08:b3:0d:67 0
Default (1)
67
Module 4
OSPF Overview and
Configuration
The OSPF Advantage
• OSPF는 interior gateway protocol (IGP) 로써 RIP
보다 더 효과적인 프로토콜이다.
 Network 자원 소모량이 적다.
 Topology 변화에 빠른 대응한다.
 경로 계산 알고리즘은 SPF( Shortest Path First )을
사용한다.
 Traffic 분산이 가능하다
 보안성을 갖고 있음.
69
Link-state Protocol
• 각 router는 다음과 같은 자신의 정보를 알린다.
 interfaces
 costs
 neighbor information
• 위의 data를 LSDB(Link-state Database)로
저장한다.
• Routing table 은 LSDB에 근거하여 만들어진다.
• SPF(shortest-path first) 알고리즘을 사용한다.
• OSPF is a Link-state routing protocol
70
Link State Advertisement (LSA)
• 각 OSPF router는 LSA를 사용하여 routing topology
변화에 대하여 감지하며 update된 LSA를 다른 OSPF
router에게 전송하여 동일한 LSDB를 갖게된다.
• 어떤 topology 변화가 없더라도 매 30분 마다 LSA를
전송하게 된다. Topology 변화시 변화시점에서 LSA를
전송하게 된다.이웃한 router는 자신이 받은 LSA를
기존 data와 비교 후 update 하게 된다.
71
Link-State Database (LSDB)
• 모든 OSPF LSA의 집합이다.
• 각 OSPF router는 자신의 LSDB를 갖는다.
• Network에 대한 자세한 정보를 갖고 있다.
 routers
 network segments
 interconnectivity (how it is interconnected)
• LSDB는 ospf router가 이웃 router를 인식한 후 즉시
이웃 router와 DB를 교환하게 된다.
• LSDB는 reliable flooding 을 통해 DB를 유지한다.
72
Broadcast Networks Terminology
•
•
•
•
DR - Designated Router
BDR - Backup DR
DR and BDR Election
Network LSAs
73
Area 0 (Backbone)
• Is a Normal Area
• Area 사이의 routing 정보를 분배하는 역할을
한다.
• 구성요소
 all area border routers
 networks not contained in any other area
 and their attached routers
• Area ID of 0.0.0.0
• Only one backbone area per AS
• All ABRs 은 직접 backbone area에 연결 되어야
한다.
74
OSPF Configuration Example
Area 0.0.0.1
Normal
E
Internet
Area 0.0.0.4
STUB
E
BGP
E
E
E
E
VL
Area 0.0.0.2
Normal
E
Area 0.0.0.0
E
Area 0.0.0.3
Normal
E
VL
E
RIP
Cloud
E
E
Area 0.0.0.5
NSSA
75
OSPF CLI Commands
•
•
•
•
•
•
•
enable/disable ospf
config ospf add/delete vlan
create/delete ospf area
config ospf vlan area
config ospf routerid
show ospf area
show ospf interfaces
76
CLI Command - enable/disable ospf
enable ospf
disable ospf
Enable or disable OSPF for the whole router. Default is
disabled.
77
CLI Command - config ospf add/del vlan
config ospf add vlan [<name> | all]
config ospf delete vlan [<name> | all]
 Enables or disables OSPF on one or all VLANs (router
interfaces).
 The default setting is disabled.
78
CLI Command - create/del ospf area
create ospf area <areaid>
delete ospf area [<areaid> | all]
 Area 0.0.0.0은 Default로 존재하기 때문에 create 할 필요가
없으며 또한 지워질 수도 없다.
 OSPF area를 제거하게 되면 그 area와 관계된 interface 및 option
값도 또한 제거 된다.
79
CLI Command - config ospf vlan area
config ospf vlan <name> area <areaid>
 우선적으로 area를 만들어야한고 하나의 OSPF area 안에 원하는
VLAN 을 mapping 시킨다.
 기본적으로 (default) 모든 router interfaces는 backbone area에
속하여 있으므로 기본 backbone area ospf 구성시 별도의
setting을 필요로 하지 않는다.
80
CLI Command - show ospf
show ospf
 Displays global OSPF information.
show ospf area {<areaid>}
 Displays information about a particular OSPF area, or all OSPF
areas.
81
Example: show ospf area
OSPF_Switch4:
show ospf area
Area: 0.0.0.0 Stub: FALSE Rtr Id: 20.20.20.20
Spf Runs: 48 Num ABR: 6 Num ASBR: 0 Num LSA: 43 LSA Chksum:0x170863
Interfaces:
IP addr
Ospf State DR IP addr
BDR IP addr
10.0.2.1
/24 E DOWN 0.0.0.0
0.0.0.0
10.0.1.1
/24 E BDR
10.0.1.2
10.0.1.1
Inter-Area route Filter: None
External route Filter: None
Configured Address Ranges:
Area: 10.11.0.0 Stub: FALSE Rtr Id: 20.20.20.20
Spf Runs: 21 Num ABR: 2 Num ASBR: 0 Num LSA: 35 LSA Chksum:0x16c3de
Interfaces:
IP addr
Ospf State DR IP addr
BDR IP addr
10.11.1.1
/24 E DR
10.11.1.1
10.11.1.2
Inter-Area route Filter: None
External route Filter: None
Configured Address Ranges:
82
Example: show ospf interface
Summit4: sh
ospf interface
Interface(rif4): 10.15.1.1/24 Vlan: norm151 Ospf: ENABLED Router: ENABLED
AreaId: 10.15.0.0 RtId: 20.20.20.20 Cost: 1 Pri: 1 Transit Delay: 1
Hello Interval: 10s Rtr Dead Time: 40s Retransmit Interval: 5s
Authentication: NONE
State: BDR Number of events: 1
DR RtId: 30.30.30.30 DR IP addr: 10.15.1.3 BDR IP addr: 10.15.1.1
Neighbours:
RtrId: 10.10.10.10 IpAddr: 10.15.1.2 Pri: 1
State: FULL Dr: 10.15.1.3 BDR: 10.15.1.1 Dead Time: 7
RtrId: 30.30.30.30 IpAddr: 10.15.1.3 Pri: 1
State: FULL Dr: 10.15.1.3 BDR: 10.15.1.1 Dead Time: 6
83
CLI Command - show ospf
show ospf
Display global OSPF information:









Router ID
OSPF state
Is router an autonomous system boundary router (Y/N)?
Is router an area border router (Y/N)?
Number of external LSAs processed
External LSA checksum
Number of originating new LSAs
Number of received new LSAs
Shortest Path First hold time
84
Example: show ospf
Summit4: show ospf
Router Id
OSPF ASBR ABR ExtLSA ExtLSACsum OrigNewLSA RxNewLSA
SpfHoldTime
20.20.20.20 E
NO YES
0
0x0
14694
20634
3
RouterId Selection: User Configured Export Static: Disabled
Export Static: Disabled
Export Rip: Disabled
ASBR route Filter: None
85
CLI Command - config ospf routerid
config ospf routerid [automatic | <routerid>]
 OSPF router ID.
 만일 routerID를 automatic으로 설정하게 되면 스위치 interface
address중에 가장 큰 IP interface address로 routerid를
생성한다.
 Default setting 은 automatic.
86
CLI Command - enable iproute sharing
enable iproute sharing
 같은 목적지로의 경로가 여러개일 경우 (equal cost
multipath) traffic을 분산할 수 있다.
 같은 cost를 갖고있는 경로들로 traffic이 분산된다..
 Default setting 은 disabled.
87
Example: show ospf lsdb
OSPF_LAB_2:18 # show
ospf lsdb area all all
Router LSAs for area 0.0.0.0
Link State ID Adv Router
Seq#
Age Chksum #Links
------------------------------------------------------------10.10.10.10 10.10.10.10 0x8000011d 1227 0xafc6 1
20.20.20.20 20.20.20.20 0x80006754 510 0x835f 3
30.30.30.30 30.30.30.30 0x800040a9 1245 0xf018 1
40.40.40.40 40.40.40.40 0x80000169 450 0x6e4c 1
50.50.50.50 50.50.50.50 0x800001ab 1279 0x7f83 3
60.60.60.60 60.60.60.60 0x8000016c 461 0x8095 1
Network LSAs for area 0.0.0.0
Link State ID Adv Router
Seq#
Age Chksum
------------------------------------------------------------10.0.1.2
50.50.50.50 0x80000169 1273 0xb14f
Summary LSAs for area 0.0.0.0
Link State ID Adv Router
Seq#
Age Chksum
------------------------------------------------------------10.11.1.0
10.10.10.10 0x80000114 1230 0x dfc
10.11.1.0
20.20.20.20 0x8000011b 1250 0xd109
10.12.0.0
10.10.10.10 0x80000109 1018 0x22f2
10.13.1.0
20.20.20.20 0x80000194 1250 0xc698
88
Module 5
Bandwidth Rate 조정
89
Bandwidth Rate 조정
H/W Queue를 사용하는 Bandwidth 조정
: Traffic이 나가는 포트의 HW Queue 특징을 변경함으로써 Bandwidth 조정
(기본적으로 Egress 모드만 지원)
각 QP(QOS Profile) : Min B/W : 최소한의 B/W % (16등급)
Max B/W: 최대 B/W (16등급)
Priority : low , lowHi, normal, normalHi, medium, mediumHi, High,HighHi
QP1
QP2
Frame
QP3
Port 1
FDB/IPFDB
Look up
Port N
QP4
QP5
QP6
QP7
QP8
예1) Port1번의 QP2만 Max B/W : 10%으로 조정하고 싶은 경우 [ I series 장비만 적용됨 ]
config qp2 min 0 % max 10 % priority lowHi 2 (마지막에 포트번호를 적는다.)
예2) config qp2 min 0 % max 10 % priority lowHi
-> 모든 포트의 qp2를 MAX B/W가 10%으로 조정됨
90
Bandwidth Rate 조정
• QoS profile 설정 명령어
config qosprofile <qosprofile> {minbw <percent>} {maxbw <percent>} {priority <level>}
{portlist}
config qosprofile <qosprofile> {minbw <percent>} {maxbw <percent>} {priority <level>}
{minbuf <percent> maxbuf <number> [K | M]}
–
–
–
–
–
–
minbw: cumilative mins at a port should add to less than 90% for all queues; granularity
is 0, 4, 6, 8, 9, 10, 20, 25, 35, 50, 60, 80, 89
maxbw: 0% - 100%; granularity is 0, 2, 3, 5, 7, 8, 10, 11, 15, 20, 25, 30, 35, 40, 50, 60,
65, 70, 80, 95, 100
priority on old-gen: low, normal, medium, high
priority on i-serial: low, lowHi, normal, normalHi, medium, mediumHi, high, highHi
minbuf: 0% - 100%, should added up less than 100% for all queues; the default value for
each queue on each port: FE - 0k, Gig - 4k bytes
maxbuf: 0k - 16M, the default value for each queue on each port: FE - 256k, Gig - 256k
bytes (in the 6.1.6 release)
• QoS profile 확인 명령어
show qosprofile <qosprofile>
show ports info detail
Example : conf qosprofile qp1 minbw 0 % maxbw 5 % priority low 1:1
91
Module 6
software upgrade
92
Boot-ROM Upgrade (TFTP사용)
download bootrom [<host_name> | <ip_addr>]
 BootROM 업그레이드는 스위치를 부팅한 후에 CLI의 TFTP를
사용하여 수행됩니다.
 스위치의 BootROM은 부팅 프로세스 동안 중요한 특정 스위치
변수를 초기화합니다. 따라서 주의를 요합니다.
93
Configuration upload/download
(TFTP사용)
download configuration [<hostname |
ip_address>] <filename>
upload
configuration
[<ipaddress>
<hostname>] <filename> {every <time>}
|
use configuration [primary | secondary]
 전체 구성을 다운로드하면 전체 구성이 스위치로 복제되거나
복원됩니다. 일반적으로 이런 종류의 다운로드를 upload
config 명령과 결합하여 사용하면 전체 스위치 구성이 ASCII
형식으로 생성됩니다.
 USE 명령을 사용하여 다음 재부팅할 때 스위치가 로드할 config를
94
선택할 수 있습니다 .
Image Upgrade (TFTP사용)
download image [<ipaddress> | <hostname>]
<filename> {primary |secondary}
use image [primary | secondary]
 스위치는 기본과 보조 등 최대 두 이미지를 저장할 수 있습니다. 새
이미지를 다운로드할 때 새 이미지가 저장될 이미지 공간(기본
또는 보조)을 선택해야 합니다. 명시하지 않으면 기본 이미지
공간이 사용됩니다 .
 USE 명령을 사용하여 다음 재부팅할 때 스위치가 로드할
이미지를 선택할 수 있습니다 .
95
예)강릉전화국 (2002.5.22) G–2, S-2,L-2,P-2
Gsr#1
200.200.128.110/28
200.200.128.125/28
200.200.128.109/28
200.200.128.126/28
DHCP_POOL
200.200.233.32~254/24
Gsr#2
Default route
200.200.232.1
Gsr#3
Gsr#4
P 8:4
P 8:4
200.200.232.2/30
200.200.128.123/28
200.200.128.107/28
200.200.232.1/30
Default route
200.200.128.110
200.200.128.125
200.200.128.109
200.200.128.126
IP route
200.200.233.0/24
-> 200.200.232.2
Dasan- V5124
200.200.233.1/24
200.200.233.2~15
DX-6524
GIGA_module 2ea
전화국 내
FES
아파트 단지
*** 모두 Static route 로 처리
96