GarrettCom MNS-6K-SECURE 14.1.4 Switch User Manual


  Open as PDF
of 364
 
FIGURE 70 – securing the network using port access ............................................................................ 113
FIGURE 71 Flow chart describing the interaction between local users and TACACS
authorization .......................................................................................................................... 117
FIGURE 72TACACS packet format ............................................................................................. 118
FIGURE 73 – Configuring TACACS+ ............................................................................................. 120
FIGURE 74Enabling port mirroring ............................................................................................... 123
FIGURE 75Port setup ..................................................................................................................... 124
FIGURE 76 Setting up back pressure and flow control on ports.......................................................... 128
FIGURE 77Setting up broadcast storm protection. Also shows how the threshold can be lowered
for a specific port ..................................................................................................................... 130
F
IGURE 78 – VLAN as two separate collision domains. The top part of the figure shows two
“traditional” Ethernet segments. .............................................................................................. 132
FIGURE 79 – Ports can belong to multiple VLANs. In this figure a simplistic view is presented
where some ports belong to VLANs 1, 2 and other ports belong to VLANs 2,3. Ports
can belong to VLANs 1, 2 and 3. This is not shown in the figure. ......................................... 133
FIGURE 80 – routing between different VLANs is performed using a router such as a Magnum
DX device or a Layer 3 switch (L3-switch) ............................................................................. 134
FIGURE 81 – configuring VLANs on Magnum 6K switch................................................................. 135
Figure 82 – STP default values – refer to next section “Using STP” for more detailed
explanation on the variables .................................................................................................... 148
FIGURE 83Viewing STP configuration .......................................................................................... 149
FIGURE 84STP Port status information ......................................................................................... 150
FIGURE 85Enabling STP ............................................................................................................. 152
F
IGURE 86Configuring STP parameters ........................................................................................ 158
FIGURE 87Enabling RSTP and reviewing the RSTP variables ...................................................... 163
FIGURE 88 – Reviewing the RSTP port parameters ............................................................................ 164
Figure 89 – Path cost as defined in IEEE 802.1d (STP) and 802.1w (RSTP) ............................... 165
FIGURE 90 – RSTP information from a network with multiple switches. Note the “show stp
ports” command can be executed from the manager level prompt or from rstp configuration
state as shown in the screen captures earlier. ............................................................................. 166
FIGURE 91Configuring RSTP on MNS-6K .................................................................................. 171
FIGURE 92Normal RSTP/STP operations in a series of switches. Note – this normal status
is designated RING_CLOSED ............................................................................................ 178
FIGURE 93A fault in the ring interrupts traffic. The blocking port now becomes forwarding so
that traffic can reach all switches in the network Note – the mP62 as well as the ESD42
switches support LLL and can participate in S-Ring as an access switch .................................. 179
xiv
 previous next