Juniper Networks, Inc.1194 North Mathilda AvenueSunnyvale, CA 94089USA408-745-2000www.juniper.netPart Number: 530-029705-01, Revision 2Juniper Network
x List of TablesEX2500 Ethernet Switch Configuration Guide
86 IndexEX2500 Ethernet Switch Configuration GuideHhelp, requesting... xiiihigh availabilit
Index 87IndexQQoS802.1p priority...63ACLs...
88 IndexEX2500 Ethernet Switch Configuration GuideUUDP...54UFD ...
Objectives xiAbout This GuideThis preface provides the following guidelines for using the Juniper Networks EX2500 Ethernet Switch Configuration Guid
EX2500 Ethernet Switch Configuration Guidexii Documentation ConventionsDocumentation ConventionsTable 1 describes the notice icons used in this manu
List of Technical Publications xiiiAbout This GuideList of Technical PublicationsTable 3 lists the documentation supporting the EX2500 Ethernet Swit
EX2500 Ethernet Switch Configuration Guidexiv Requesting Technical SupportSelf-Help Online Tools and ResourcesFor quick and easy problem resolution,
EX2500 Ethernet Switch Applications 1Part 1EX2500 Ethernet Switch ApplicationsThis configuration guide will help you plan, implement, and administer
EX2500 Ethernet Switch Configuration Guide2 EX2500 Ethernet Switch Applications
Configuring the Management Interface 3Chapter 1Accessing the SwitchThe EX2500 software provides a means for accessing, configuring, and viewing info
EX2500 Ethernet Switch Configuration Guide4 Dynamic Host Configuration Protocol3. Configure the management IP address, subnet mask, and default gate
Using Telnet 5Chapter 1: Accessing the SwitchDHCP is an extension of another network IP management protocol, Bootstrap Protocol (BOOTP), with an add
ii Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, In
EX2500 Ethernet Switch Configuration Guide6 Using the EX2500 Web Device ManagerBy default, EX2500 Web Device Manager access is enabled on the switch
Using SNMP 7Chapter 1: Accessing the SwitchThe EX2500 Web Device Manager is organized at a high level as follows: Context tabs—These tabs allow you
EX2500 Ethernet Switch Configuration Guide8 Using SNMPSNMPv3SNMPv3 is an enhanced version of the Simple Network Management Protocol, approved by the
Using SNMP 9Chapter 1: Accessing the Switch2. Configure a user access group, along with the views the group may access. Use the access table to conf
EX2500 Ethernet Switch Configuration Guide10 Securing Access to the SwitchSNMPv3 Trap Host ConfigurationTo configure a user for SNMPv3 traps, you ca
Securing Access to the Switch 11Chapter 1: Accessing the SwitchRADIUS Authentication and AuthorizationThe EX2500 switch supports the RADIUS (Remote
EX2500 Ethernet Switch Configuration Guide12 Securing Access to the Switch3. If desired, you may change the default UDP port number used to listen t
Securing Access to the Switch 13Chapter 1: Accessing the SwitchSwitch User AccountsThe user accounts listed in Table 4 can be defined in the RADIUS
EX2500 Ethernet Switch Configuration Guide14 Securing Access to the SwitchTACACS+ AuthenticationThe EX2500 switch supports authentication and author
Securing Access to the Switch 15Chapter 1: Accessing the SwitchThe default mapping between TACACS+ authorization levels and EX2500 management access
Table of Contents iiiTable of ContentsAbout This Guide xiObjectives ...
EX2500 Ethernet Switch Configuration Guide16 Securing Access to the SwitchCommand Authorization and LoggingWhen TACACS+ Command Authorization is ena
Securing Access to the Switch 17Chapter 1: Accessing the SwitchSecure Shell Secure Shell (SSH) uses secure tunnels to encrypt and secure messages be
EX2500 Ethernet Switch Configuration Guide18 Securing Access to the SwitchWhen the SSH server is first enabled and applied, the switch automatically
Securing Access to the Switch 19Chapter 1: Accessing the SwitchConsiderations for Configuring End User Accounts A maximum of 10 user IDs are suppor
EX2500 Ethernet Switch Configuration Guide20 Securing Access to the SwitchListing Current UsersThe following command displays defined user accounts
VLAN Overview 21Chapter 2VLANsThis chapter describes network design and topology considerations for using Virtual Local Area Networks (VLANs). VLANs
EX2500 Ethernet Switch Configuration Guide22 VLANs and Port VLAN ID NumbersVLANs and Port VLAN ID NumbersVLAN NumbersThe EX2500 switch supports up t
VLAN Tagging 23Chapter 2: VLANsVLAN TaggingEX2500 software supports 802.1Q VLAN tagging, providing standards-based VLAN support for Ethernet systems
EX2500 Ethernet Switch Configuration Guide24 VLAN TaggingFigure 1: Default VLAN SettingsWhen a VLAN is configured, ports are added as members of th
VLAN Tagging 25Chapter 2: VLANsFigure 2: Port-Based VLAN AssignmentAs shown in Figure 3, the untagged packet is marked (tagged) as it leaves the sw
iv Table of ContentsEX2500 Ethernet Switch Configuration GuideTACACS+ Authentication...
EX2500 Ethernet Switch Configuration Guide26 VLAN Topologies and Design ConsiderationsAs shown in Figure 5, the tagged packet remains unchanged as i
VLAN Topologies and Design Considerations 27Chapter 2: VLANs All ports that are involved in port mirroring must have memberships in the same VLANs.
EX2500 Ethernet Switch Configuration Guide28 VLAN Topologies and Design ConsiderationsUse the following procedure to configure the sample network sh
Private VLANs 29Chapter 2: VLANsPrivate VLANsPrivate VLANs provide Layer 2 isolation between the ports within the same broadcast domain. Private VLA
EX2500 Ethernet Switch Configuration Guide30 Private VLANsPrivate VLAN Configuration GuidelinesThe following guidelines apply when configuring priva
Spanning Tree Overview 31Chapter 3Spanning Tree ProtocolWhen multiple paths exist on a network, Spanning Tree Protocol configures the network so tha
EX2500 Ethernet Switch Configuration Guide32 Spanning Tree OverviewThe relationship between port, trunk groups, VLANs, and spanning trees is shown i
Spanning Tree Overview 33Chapter 3: Spanning Tree ProtocolPort PriorityThe port priority helps determine which bridge port becomes the root or desig
EX2500 Ethernet Switch Configuration Guide34 Spanning Tree Overview Each STG must have a VLAN assigned to it before it becomes functional. You cann
Rapid Spanning Tree Protocol 35Chapter 3: Spanning Tree Protocol When you remove a port from a VLAN that belongs to an STG, that port is removed fr
Table of ContentsTable of Contents vPVRST Configuration Guidelines ...38Configuring PVRST
EX2500 Ethernet Switch Configuration Guide36 Rapid Spanning Tree ProtocolPort Type and Link TypeSpanning tree configuration includes the following p
Per VLAN Rapid Spanning Tree 37Chapter 3: Spanning Tree ProtocolPer VLAN Rapid Spanning TreePer VLAN Rapid Spanning Tree Plus Protocol (PVRST+) enha
EX2500 Ethernet Switch Configuration Guide38 Per VLAN Rapid Spanning TreeIn Figure 8, VLAN 1 and VLAN 2 belong to different Spanning Tree Groups. Th
Multiple Spanning Tree Protocol 39Chapter 3: Spanning Tree ProtocolMultiple Spanning Tree ProtocolMultiple Spanning Tree Protocol (MSTP) extends Rap
EX2500 Ethernet Switch Configuration Guide40 Multiple Spanning Tree ProtocolFigure 9 shows how multiple spanning trees can provide redundancy withou
Fast Uplink Convergence 41Chapter 3: Spanning Tree ProtocolAdd server ports 1 and 2 to VLAN 1. Add uplink ports 19 and port 20 to VLAN 1.ex2500(conf
EX2500 Ethernet Switch Configuration Guide42 Fast Uplink ConvergenceConfiguration GuidelinesWhen you enable Fast Uplink Convergence, the EX2500 swit
Trunking Overview 43Chapter 4Ports and TrunkingTrunk groups can provide super-bandwidth, multi-link connections between switches or other trunk-capa
EX2500 Ethernet Switch Configuration Guide44 Trunking OverviewEach packet’s particular MAC or IP address information results in selecting one line i
Port Trunking Configuration Example 45Chapter 4: Ports and Trunking You cannot change the VLAN membership for a trunk group’s member port. You can
vi Table of ContentsEX2500 Ethernet Switch Configuration GuideHistory MIB Object ID...
EX2500 Ethernet Switch Configuration Guide46 Port Trunking Configuration Example1. Follow these steps on the EX2500 switch: a. Define a trunk group.
Configurable Trunk Hash Algorithm 47Chapter 4: Ports and TrunkingConfigurable Trunk Hash AlgorithmThis feature allows you to configure parameters fo
EX2500 Ethernet Switch Configuration Guide48 Link Aggregation Control ProtocolA port’s Link Aggregation Identifier (LAG ID) determines how the port
Link Aggregation Control Protocol 49Chapter 4: Ports and TrunkingWhen the system is initialized, all ports by default are in LACP off mode and are a
EX2500 Ethernet Switch Configuration Guide50 Link Aggregation Control ProtocolWe recommend that you use the default long timeout to reduce LAPDU pro
QoS Overview 51Chapter 5Quality of ServiceQuality of Service features allow you to allocate network resources to mission-critical applications at th
EX2500 Ethernet Switch Configuration Guide52 Using ACL FiltersFigure 11: QoS ModelThe basic QoS model works as follows: Classify traffic: Read
Using ACL Filters 53Chapter 5: Quality of ServiceEach ACL contains rules that define the matching criteria for data packets. The ACL checks each pac
EX2500 Ethernet Switch Configuration Guide54 Using ACL FiltersIP Extended ACLsThe switch supports up to 128 IP ACLs (standard and extended), numbere
Using ACL Filters 55Chapter 5: Quality of Service Understanding ACL PriorityEach ACL has a unique priority value, based on its number. The lower the
List of Figures viiList of FiguresFigure 1: Default VLAN Settings...24Figure 2: Por
EX2500 Ethernet Switch Configuration Guide56 Using ACL FiltersAssigning ACLs to a PortOnce you configure an ACL, you must assign the ACL to a port.
Using ACL Filters 57Chapter 5: Quality of Service3. Verify the configuration. ex2500# show access-lists 1Standard IP Access List 1------------------
EX2500 Ethernet Switch Configuration Guide58 Using ACL FiltersACL Example 4—Blocking All Except Certain PacketsUse this configuration to block all t
Using Storm Control Filters 59Chapter 5: Quality of ServiceUsing Storm Control FiltersThe EX2500 switch provides filters that can limit the number o
EX2500 Ethernet Switch Configuration Guide60 Using DSCP Values to Provide QoSUsing DSCP Values to Provide QoSThe switch uses the Differentiated Serv
Using DSCP Values to Provide QoS 61Chapter 5: Quality of ServicePer Hop BehaviorThe DSCP value determines the Per Hop Behavior (PHB) of each packet.
EX2500 Ethernet Switch Configuration Guide62 Using DSCP Values to Provide QoSQoS LevelsTable 16 shows the default service levels provided by the swi
Using 802.1p Priority to Provide QoS 63Chapter 5: Quality of ServiceUsing 802.1p Priority to Provide QoSThe EX2500 switch provides Quality of Servic
EX2500 Ethernet Switch Configuration Guide64 Queuing and SchedulingQueuing and SchedulingThe EX2500 switch has eight output Class of Service (COS) q
RMON Overview 65Chapter 6Remote MonitoringRemote Monitoring (RMON) allows network devices to exchange network monitoring data. The following topics
viii List of FiguresEX2500 Ethernet Switch Configuration Guide
EX2500 Ethernet Switch Configuration Guide66 RMON Group 1—StatisticsRMON Group 1—StatisticsThe switch supports collection of Ethernet statistics as
RMON Group 2—History 67Chapter 6: Remote MonitoringRMON Group 2—HistoryThe RMON History Group allows you to sample and archive Ethernet statistics f
EX2500 Ethernet Switch Configuration Guide68 RMON Group 3—Alarms3. View RMON history for the port. ex2500(config)# show rmon historyRMON is enable
RMON Group 9—Events 69Chapter 6: Remote MonitoringRMON Group 9—EventsThe RMON Event Group allows you to define events that are triggered by alarms.
EX2500 Ethernet Switch Configuration Guide70 RMON Group 9—Events
IGMP Snooping 71Chapter 7IGMPInternet Group Management Protocol (IGMP) is used by IP Multicast routers to learn about the existence of host group me
EX2500 Ethernet Switch Configuration Guide72 FastLeaveThe client-server path is set up as follows: 1. An IP Multicast router (Mrouter) sends Members
IGMPv3 Snooping 73Chapter 7: IGMPIGMPv3 SnoopingIGMPv3 includes new membership report messages to extend IGMP functionality. The switch provides sno
EX2500 Ethernet Switch Configuration Guide74 Static Multicast Router4. Enable IGMPv3 Snooping (optional). ex2500(config)# ip igmp snoop igmpv3 enabl
High Availability Overview 75Chapter 8High Availability Through Uplink Failure DetectionThis chapter describes how to use Uplink Failure Detection (
List of Tables ixList of TablesTable 1: Notice Icons... xiiTable 2:
EX2500 Ethernet Switch Configuration Guide76 Failure Detection PairFigure 14: Uplink Failure Detection ExampleFailure Detection PairTo use UFD, you
UFD Configuration Example 77Chapter 8: High Availability Through Uplink Failure Detection Ports that are already members of a trunk group are not a
EX2500 Ethernet Switch Configuration Guide78 Monitoring UFD
Appendixes 79Part 2Appendixes “Monitoring Ports with Port Mirroring” on page 81 discusses the main tool for troubleshooting your switch—monitoring
EX2500 Ethernet Switch Configuration Guide80 Appendixes
Port Mirroring Overview 81Appendix AMonitoring Ports with Port MirroringThis appendix explains port mirroring to help you monitor ports and troubles
EX2500 Ethernet Switch Configuration Guide82 Configuring Port MirroringAs shown in Figure 15, port 2 is acting as a monitor port, receiving mirrored
Indexes 83Part 3Indexes Index on page 85
EX2500 Ethernet Switch Configuration Guide84 Indexes
Index 85IndexNumerics802.1p priority for QoS ............63802.1Q VLAN tagging .........
Kommentare zu diesen Handbüchern