0
General Features

                            AT-8000S




Marvell Confidential
Agenda

         •     Speed/duplex auto negotiation
         •     Flow Control
         •     Back pressure
         •  ...
Speed/ Duplex
                       Auto Negotiation




Marvell Confidential
Auto Negotiation

         • The purpose of auto negotiation is to allow a
           device to advertise modes of operati...
CLI – Auto negotiation

         • Use the following interface mode command to allow auto
           negotiation on a give...
CLI – Show advertisement
         • Use the following show command to view:
                 – device interface advertisem...
CLI – Speed and Duplex

         • Use the following interface mode command to define the
           speed of an interface...
Flow control




Marvell Confidential
Flow Control

         •     The system supports flow control on all ports including
               Aggregate Links.

    ...
CLI - Flow Control

         •  Use the following interface mode command to configure the
            flow control of a gi...
Back Pressure




Marvell Confidential
Back Pressure

         •     The system supports backpressure on all ports (when in
               half duplex mode).

  ...
CLI - Back Pressure

       •      Use the following interface mode command to enable the
              back pressure of a...
MDI/MDIX




Marvell Confidential
MDI/MDIX - Preview

         •     Normally, Twisted Pair ports must be connected so that the
               Transmit pair...
MDI/MDIX

         •     The device can automatically correct errors in cable
               selection, and make the disti...
CLI - MDI/MDIX

         •     Use mdix command to enable cable crossover on a given
               interface. To disable ...
Storm Control




Marvell Confidential
Storm Control – broadcast Rate
         Limiting
              •        The device can measure the rate of incoming broadc...
CLI - Storm Control

         •     Use the following Interface Configuration Mode command to
               enable broadc...
CLI - Storm Control

         •     Use the following Interface Configuration Mode command to set
               the maxim...
Show - Storm Control

         •     Use the following EXEC Mode command to see the storm control
               configuta...
Port security




Marvell Confidential
Port Security
       •   A control mechanism which monitors received and learned
           packets on a port.
       •   ...
Port Security – Number of MACs
              •        A port security feature to increase security by limiting
           ...
Port security - Configuration

         •     Port security can be enabled only on ports which have been
               de...
CLI - Port Security

         •     Use the following interface configuration mode command to allow
               multipl...
CLI – Basic Port Security

         • Use the following interface mode command to lock learning
           of new addresse...
CLI – Lock Port Addresses

   console# show bridge address-table
   Aging time is 300 sec
     Vlan         Mac Address   ...
CLI – Enabling a Port Shutdown
            •     Use the following Privileged EXEC mode command to enable a
              ...
CLI – Enabling a Port Shutdown (cont’)
              •        …Enabling a port that was shut down by port security feature...
CLI – port security mode

         • Use the following Interface Configuration mode command to
           configure the po...
CLI – port security max

         •     The following Interface Configuration mode command
               configures the m...
CLI – port security routed secure-address


         •     Use the following interface configuration mode command
        ...
CLI – Show Port Security

         • Use the following privilege EXEC mode command to view
           port security settin...
Port Mirroring




Marvell Confidential
Port Mirroring
             •     One session of traffic monitoring is supported system-wide (tx and
                   rx...
Port Mirroring

         •     Target ports:
                 –     Cannot be a member of a LAG.
                 –     Ca...
CLI - Configuring Port Mirroring
             • Use the following Interface mode command to
               define port mir...
CLI - Configuring Port Mirroring
             •     Use the following Interface Configuration mode command to
            ...
Combo ports




Marvell Confidential
Combo Ports Overview

         •     A single logical port that has two physical connections:
               a) RJ45 Conne...
Combo Ports


         •     If both RJ45 and SFP are present (link up in both
               connections), the SFP will b...
VCT

                        Virtual Cable Test




Marvell Confidential
VCT - Functional description
             •     Virtual Cable Test (VCT) technology provides the
                   mechan...
CLI - VCT Configuration
             •  Use the following EXEC privilege mode command to
                activate VCT on a...
CLI - VCT Show command
             • Use the following EXEC privilege mode command to show
               VCT results:
  ...
Marvell Confidential
Upcoming SlideShare
Loading in...5
×

At8000 s caracteristicas gerais

485

Published on

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
485
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "At8000 s caracteristicas gerais"

  1. 1. General Features AT-8000S Marvell Confidential
  2. 2. Agenda • Speed/duplex auto negotiation • Flow Control • Back pressure • MDI/MDIX • Storm Control • Port Security • Port Mirroring • Combo Ports • VCT Marvell Confidential
  3. 3. Speed/ Duplex Auto Negotiation Marvell Confidential
  4. 4. Auto Negotiation • The purpose of auto negotiation is to allow a device to advertise modes of operation. • User can set the speed, duplex mode and flow control advertisement • Speed-duplex capabilities to be advertised can be any combination of the following: 10h, 10f, 100h, 100f, 1000f Marvell Confidential
  5. 5. CLI – Auto negotiation • Use the following interface mode command to allow auto negotiation on a given interface or to advertise link capabilities. Use the no form of this command to disable negotiation: negotiation {10h} {10f} {100h} {100f} {1000f} no negotiation console(config)# interface ethernet 1/e1 console(config-if)# negotation console(config-if)# negotation 10h Marvell Confidential
  6. 6. CLI – Show advertisement • Use the following show command to view: – device interface advertisement – Connected link partner advertisement – resolution console# show interfaces advertise ethernet 1/e1 Port: 1/e1 Type: 100M-Copper Link state: Up Auto negotiation: Enabled 1000f 1000h 100f 100h 10f 10h ..... ..... .... .... ... ... Admin Local link Advertisement no no no no no yes Oper Local link Advertisement no no no no no yes Oper Remote link Advertisement no no yes yes yes yes Priority Resolution - - - - - yes Marvell Confidential
  7. 7. CLI – Speed and Duplex • Use the following interface mode command to define the speed of an interface, when auto-negotiation is disabled. Use the no form of this command to return to default: speed {10|100|1000} no speed • Use the following interface mode command to define the duplex mode (full/half)of an interface, when auto- negotiation is disabled. Use the no form of this command to return to default (full duplex): duplex {half|full} no duplex console(config)# interface ethernet 1/e1 console(config-if)# no negotiation console(config-if)# speed 100 console(config-if)# duplex full Marvell Confidential
  8. 8. Flow control Marvell Confidential
  9. 9. Flow Control • The system supports flow control on all ports including Aggregate Links. • Default state on all ports is flow control set to OFF. • The user may enable or disable this feature on a per-port basis. Marvell Confidential
  10. 10. CLI - Flow Control • Use the following interface mode command to configure the flow control of a given interface. To restore the default (flow control off), use the no form of this command. flowcontrol { auto | on | off} no flowcontrol – auto Auto negotiation – on Enable – off Disable console(config-if)# flowcontrol auto Marvell Confidential
  11. 11. Back Pressure Marvell Confidential
  12. 12. Back Pressure • The system supports backpressure on all ports (when in half duplex mode). • The user may enable or disable this feature on a per-port basis. • Default status on all ports is set to OFF. Marvell Confidential
  13. 13. CLI - Back Pressure • Use the following interface mode command to enable the back pressure of a given interface. To disable it, use the no form of this command. back-pressure no back-pressure console(config-if)# back-pressure Marvell Confidential
  14. 14. MDI/MDIX Marvell Confidential
  15. 15. MDI/MDIX - Preview • Normally, Twisted Pair ports must be connected so that the Transmit pair on one end is connected to the Receive pair on the other end, and vice versa. • Hubs and switches are deliberately wired opposite to the way end stations are wired, so that when a hub or switch is connected to an end station, a "straight through" Ethernet cable can be used, and the pairs will match up properly. • When two hubs/switches are connected to each other, or two end stations are connected to each other, a "crossover" cable is used to make sure that the correct pairs are connected. • The standard wiring for end stations is known as MDI (Media Dependent Interface), and the standard wiring for hubs and switches is known as MDIX (Media Dependent Interface with Crossover) Marvell Confidential
  16. 16. MDI/MDIX • The device can automatically correct errors in cable selection, and make the distinction between a "straight through" cable and a "crossover" cable irrelevant. This capability is known as Auto Cross. • Auto MDI/MDIX works only on copper ports. • Port can be set to either MDI, MDIX or automatic crossover • Auto-crossover is the default setting for all ports. • MDI/MDIX setting is separate to that of the speed/Duplex auto-negotiation Marvell Confidential
  17. 17. CLI - MDI/MDIX • Use mdix command to enable cable crossover on a given interface. To disable cable crossover, use the no form of this command. mdix {on | auto} no mdix – on - Manual MDIX – Auto - Auto MDI/MDIX – No – manual MDI console(config-if)# mdix auto Marvell Confidential
  18. 18. Storm Control Marvell Confidential
  19. 19. Storm Control – broadcast Rate Limiting • The device can measure the rate of incoming broadcast frames on each port separately, and discard frames when the rate exceeds a user-set desired rate. • Storm control feature is enabled/disabled separately for each port. • The desired broadcast rate limit in is applied separately to each port. • Rate is set in Kbits/sec. The default is 100Kbps • User can define if storm control will be applied only to Broadcast packets or to multicast (and unknown) as well Marvell Confidential
  20. 20. CLI - Storm Control • Use the following Interface Configuration Mode command to enable broadcast rate limiting on a certain interface. Use the no form of this command to return to default (rate limiting disabled). port storm-control broadcast enable no port storm-control broadcast enable console(config)# interface ethernet 1/e3 console(config-if)# port storm-control broadcast enable console(config-if)# Marvell Confidential
  21. 21. CLI - Storm Control • Use the following Interface Configuration Mode command to set the maximum rate of broadcast. Use the no form of this command to return to default . port storm-control broadcast rate rate no port storm-control broadcast rate console(config)# interface ethernet 1/e5 console(config-if)# port storm-control broadcast rate 70000 • Use the following interface Configuration Mode command to count multicast (and unknown unicast) packets in the port storm- control broadcast rate command. Use the no form the command to disable counting of multicasts port storm-control include-multicast [unknown-unicast] no port storm-control include-multicast console(config-if)# port storm-control include-multicast unknown-unicast Marvell Confidential
  22. 22. Show - Storm Control • Use the following EXEC Mode command to see the storm control configutation on the device . Show ports storm-control console# show ports storm-control Port State Rate [Kbits/Sec] Included -------- -------- ---------------- ------------------------------------- 1/e1 Disabled 100 Broadcast 1/e2 Disabled 100 Broadcast 1/e3 Enabled 100 Broadcast 1/e4 Disabled 100 Broadcast 1/e5 Enabled 70000 Broadcast, Multicast, Unknown unicast 1/e6 Disabled 100 Broadcast 1/e7 Disabled 100 Broadcast 1/e8 Disabled 100 Broadcast Marvell Confidential
  23. 23. Port security Marvell Confidential
  24. 24. Port Security • A control mechanism which monitors received and learned packets on a port. • Packets received on a locked port, whose source address was not found in MAC forwarding table (not learned previously dynamically or not entered statically), are treated in one of the following ways, which can be configured per port – Forward (Frame is forwarded, but its address is not learned) – Discard – Discard and and disable the port – send an SNMP trap (together with one of the previous options) • When a port becomes a locked port, all the current addresses that were learned dynamically by the switch on that specific port, are transformed to a “secure” status. They are kept after reset if running config was copied to Marvell Confidential startup
  25. 25. Port Security – Number of MACs • A port security feature to increase security by limiting access on a specific port to a limited user-defined number of hosts • A frame with a new Source MAC arriving on port after limit is reached invokes the port lock mechanism • Addresses learned on port are still subject to aging. • A port can be defined either with classic port lock or with number of MAC port lock Marvell Confidential
  26. 26. Port security - Configuration • Port security can be enabled only on ports which have been define as dot1x multiple hosts. • Define type of port security – Regular lock – Number of MAC based lock (and the value) • Define the per-port action to be carried out once intrusion detection has been discovered, as defined above. • Set the frequency of SNMP traps sent • To release a port disabled by port security: – Either use the exec mode “set interface active” command, or – Reload (reboot) device Marvell Confidential
  27. 27. CLI - Port Security • Use the following interface configuration mode command to allow multiple hosts on a certain interface. The “no” form of commands disables multiple hosts (the default) dot1x multiple-hosts no dot1x multiple-hosts console(config)# interface ethernet 1/e1 console(config-if)# dot1x multiple-hosts Marvell Confidential
  28. 28. CLI – Basic Port Security • Use the following interface mode command to lock learning of new addresses on an interface. Use the no form of this command to enable learning of new addresses. port security [ forward | discard | discard-shutdown ] [trap seconds] no port security console(config)# interface ethernet 1/e1 console(config-if)# port security discard-shutdown Marvell Confidential
  29. 29. CLI – Lock Port Addresses console# show bridge address-table Aging time is 300 sec Vlan Mac Address Port Type -------- --------------------- ------ ---------- 1 00:00:09:00:00:00 1/e1 secure //locked port addresses 1 00:00:09:00:00:01 1/e1 secure 1 00:00:09:00:00:02 1/e1 secure 1 00:00:09:00:00:03 1/e1 secure 1 00:00:09:00:00:04 1/e1 secure 1 00:00:09:00:00:05 1/e1 secure 1 00:00:09:00:00:06 1/e1 secure 1 00:00:09:00:00:07 1/e1 secure 1 00:00:09:00:00:08 1/e1 secure 1 00:00:09:00:00:09 1/e1 secure g13 00:00:e2:86:f4:f2 1/e13 dynamic //regular learned address Marvell Confidential
  30. 30. CLI – Enabling a Port Shutdown • Use the following Privileged EXEC mode command to enable a port that was shut down by port security feature: set interface active {ethernet interface | port-channel port- channel-number} //sending traffic with new addresses to locked port console# 01-Jan-2000 02:15:43 %LINK-W-Down: 1/e1 console# sh interfaces status Flow Link Back Mdix Port Type Duplex Speed Neg ctrl State Pressure Mode ........ ............ ...... ..... ........ .... ........... ........ ....... 1/e1 100M-Copper -- -- -- -- Down* -- -- 1/e2 100M-Copper Full 100 Enabled Off Up Disabled On … *: The interface was suspended by the system. console# Marvell Confidential
  31. 31. CLI – Enabling a Port Shutdown (cont’) • …Enabling a port that was shut down by port security feature console# set interface active ethernet 1/e1 console# 01-Jan-2000 01:50:27 %LINK-I-Up: 1/e1 console# show interfaces status Flow Link Back Mdix Port Type Duplex Speed Neg ctrl State Pressure Mode ........ ............ ...... ..... ........ .... ........... ........ ....... 1/e1 100M-Copper Full 100 Enabled Off Up Disabled On 1/e2 100M-Copper Full 100 Enabled Off Up Disabled On 1/e3 100M-Copper Full 100 Enabled Off Up Disabled On …… Marvell Confidential
  32. 32. CLI – port security mode • Use the following Interface Configuration mode command to configure the port security mode. • To return to the default configuration, use the no form of this command. port security mode {lock | max-addresses} no port security mode console(config-if)# port security mode max-addresses Marvell Confidential
  33. 33. CLI – port security max • The following Interface Configuration mode command configures the maximum number of addresses that can be learned on the port while the port is in port security mode. • To return to the default configuration, use the no form of this command. port security max max no port security max console(config-if)# port security max 23 Marvell Confidential
  34. 34. CLI – port security routed secure-address • Use the following interface configuration mode command to adds a MAC-layer secure address to a routed port: port security routed secure-address mac-address Console(config)# interface ethernet 1/e1 Console(config-if)# ip address dhcp Console(config-if)# port security routed secure-address 66:66:66:66:66:66 Marvell Confidential
  35. 35. CLI – Show Port Security • Use the following privilege EXEC mode command to view port security settings: show ports security [ethernet interface | port-channel port- channel-number] console# show ports security Port status Learning Action Maximum Trap Frequency ------- -------- ------------- ----------------- --------- -------- --------- 1/e1 Disabled Max-addresses - 23 - - 1/e2 Disabled Lock - 1 - - Marvell Confidential
  36. 36. Port Mirroring Marvell Confidential
  37. 37. Port Mirroring • One session of traffic monitoring is supported system-wide (tx and rx). • User can choose if to mirror only RX traffic, only Tx frames or both. • At ingress - the frames arriving at the target port are copies of the frames passing through the source port at ingress, prior to any in- switch action. • It is possible to specify up to 8 ports to be monitored by a single target port. However, in these cases, any excess traffic will silently be discarded (and user will not know which). • Port Mirroring is only relevant to Physical ports. In LAGs, the member ports have to be specified individually as sources. • It is possible to specify up to 24 source ports to be monitored by a single target port . • The user may set the monitored traffic to be send tagged or untagged. Marvell Confidential
  38. 38. Port Mirroring • Target ports: – Cannot be a member of a LAG. – Cannot be a source of a mirror session. – Cannot be a member of a VLAN (except for default VLAN) – Cannot be GVRP enabled – Cannot be configured with IP address • Port monitor is supported across the stack Marvell Confidential
  39. 39. CLI - Configuring Port Mirroring • Use the following Interface mode command to define port mirroring (interface mode is that of the target port). Use the “no” form of command to remove monitor session(s): port monitor src-interface [rx | tx] no port monitor src-interface • Use the following EXEC mode command to view port monitor settings: show ports monitor Marvell Confidential
  40. 40. CLI - Configuring Port Mirroring • Use the following Interface Configuration mode command to transmit tagged ingress mirrored packets. • To transmit untagged ingress mirrored packets, use the no form of this command. port monitor vlan-tagging no port monitor vlan-tagging Marvell Confidential
  41. 41. Combo ports Marvell Confidential
  42. 42. Combo Ports Overview • A single logical port that has two physical connections: a) RJ45 Connector b) SFP port. • Only one of the two physical connections may be used at a time. • Some port features and port controls available for user are affected by the actual physical connection used. • The system will automatically detect the media that is in use on a combo port, and will utilize this knowledge in all operations and control interfaces. Marvell Confidential
  43. 43. Combo Ports • If both RJ45 and SFP are present (link up in both connections), the SFP will be active, and the RJ45 physical port will be disabled and ignored. • It is possible to switch from the RJ45 to the SFP (or vice- versa) without a system reboot or reset. • When the link changes from copper to fiber and vice-versa, or the SFP module is exchanged, the system attempts to configure the new link as the “old” one was. If this configuration fails for any reason, the ports are configured with factory default values. Marvell Confidential
  44. 44. VCT Virtual Cable Test Marvell Confidential
  45. 45. VCT - Functional description • Virtual Cable Test (VCT) technology provides the mechanism to detect and report potential cabling issues, such as cable open circuit, cable short circuit, Etc. • Cable analysis is available only on Copper Cables. • Cable analysis can only be done when the link is down. • Cable Length, on the other hand, can be measured only when the link is up. • The following parameters are detected: 1) Cable Type/Status 2) Cable length – per cable (50 Meter minimum; 30 meter resolution) 3) Fault–Distance, in case of fault (may deviate 1-2 meters) • Only short circuits across wires within a pair are reported. Marvell Confidential
  46. 46. CLI - VCT Configuration • Use the following EXEC privilege mode command to activate VCT on a certain port: test copper-port tdr interface console(config)# interface ethernet 1/e9 console(config-if)# shutdown 01-Jan-2000 01:48:56 %LINK-W-Down: Vlan 1 console(config-if)# 01-Jan-2000 01:48:56 %LINK-W-Down: 1/e9 console(config-if)# exit console(config)# exit console# test copper-port tdr 1/e9 .. Cable on port 1/e9 is good console# Marvell Confidential
  47. 47. CLI - VCT Show command • Use the following EXEC privilege mode command to show VCT results: Show copper-port tdr interface console# show copper-ports tdr 1/e9 Port Result Length [meters] Date ----------- ----------- ---------------- -------------------------- 1/e9 Open cable 01-Apr-2004 01:57:14 console# Marvell Confidential
  48. 48. Marvell Confidential
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×