Enjoy Networks Communication: 2015-12-06

Dec 10, 2015

エクストリーム・ネットワークス: LACP (XOS)

このポストでは、エクストリーム・スイッチ(XOS) のLACP (Link Aggregation Control Protocol) の設定方法について、ご紹介したいです。

まず今回のトポロジーを説明させてください。

+++++++++++[port 3] <-----> [port 3]+++++++++++
+ SwitchA + + SwitchB +
+++++++++++[port 4] <-----> [port 4]+++++++++++

SwitchA の Port 3 と Port 4 で LACP を実施します。

###### 実行事例 #######
// Switch A と Switch B で、下記のコマンドを実施する //

//Switch A//
* X480-24x(10G4X).4 # enable sharing 3 grouping 3, 4 algorithm address-based lacp

//Switch B//
* X480-24x(10G4X).4 # enable sharing 3 grouping 3, 4 algorithm address-based lacp

//Switch A//
* X480-24x(10G4X).6 # enable ports 3-4

//Switch B//
* X480-24x(10G4X).6 # enable ports 3-4

// 確認するコマンドSwitch A//
* X480-24x(10G4X).7 # show sharing
Load Sharing Monitor
Config Current Agg Ld Share Ld Share Agg Link Link Up
Master Master Control Algorithm Group Mbr State Transitions
==============================================================================
3 3 LACP L2 3 Y A 4
L2 4 Y A 3
==============================================================================
Link State: A-Active, D-Disabled, R-Ready, NP-Port not present, L-Loopback
Load Sharing Algorithm: (L2) Layer 2 address based, (L3) Layer 3 address based
(L3_L4) Layer 3 address and Layer 4 port based
(custom) User-selected address-based configuration
Custom Algorithm Configuration: ipv4 L3-and-L4, xor
Number of load sharing trunks: 1

// 確認するコマンドSwitch B//

* X480-24x.5 # show sharing

Load Sharing Monitor

Config Current Agg Min Ld Share Ld Share Agg Link Link Up

Master Master Control Active Algorithm Group Mbr State Transitions

================================================================================

3 3 LACP 1 L2 3 Y A 2

L2 4 Y A 3

================================================================================

Link State: A-Active, D-Disabled, R-Ready, NP-Port not present, L-Loopback

Minimum Active: (<) Group is down. # active links less than configured minimum

Load Sharing Algorithm: (L2) Layer 2 address based, (L3) Layer 3 address based

(L3_L4) Layer 3 address and Layer 4 port based

(custom) User-selected address-based configuration

Custom Algorithm Configuration: ipv4 L3-and-L4, xor

Number of load sharing trunks: 1

######

Dec 9, 2015

エクストリーム・ネットワークス：診断テスト(XOS)

このポストでは、エクストリーム・ネットワークスのスイッチの診断テスト(Diagnostic Test) についてご紹介したいです。
診断テストのゴールドは、該当機器の故障の減少と適切な故障の報告となります。

下記の機器で、診断テストの実行ができます。
- Summit family Switch
- BlackDiamond
- EXOS

実施する方法
- run diagnostics [extended | normal | stack-port] {slot [ | A | B]}

######## 実施例 #######
X480-48t.1.17.43 # run diagnostics normal

Running Diagnostics will disrupt network traffic. Are you sure you want to continue? (y/N) Yes

Do you want to save configuration changes to currently selected configuration
file (mgmt-labswA.cfg)? (y or n) Yes
Saving configuration on master ........ done!
X480-48t.1.17.44 #
X480-48t.1.17.44 > The system is gSending SIGKILL to all processes
Requesting system reboot

Extreme Networks
Alternate BootStrap Image
Starting CRC of Default image
Using Default image ...

Extreme Networks
Default BootLoader Image
DRAM Post

Press and hold the to enter the bootrom.
Copyright 2003 - 2009 Extreme Networks, Inc.

Loading EXOS Diagnostics ... |/
Running Image ...
Secondary Core Initializing ...
Decompressing diagnostics...

Initializing operational diagnostics...
Running Power On Self Test...(Normal mode)
Test i2cenviron - PASS
Test nvram - PASS
Test internal compact flash - PASS
Test sdram - PASS
Test loopback eth - PASS
Test loopback pci - PASS
Test loopback mac interface - PASS
Test loopback phy copper - PASS
Test loopback phy fiber - PASS
Test snake interface - PASS
Test sync ethernet - PASS
Test external tcam - PASS
Test asic0 reg - PASS
Test asic0 mac - PASS

Storing diagnostics result into EEPROM.
Diagnostics completed.
Waiting for reboot...Restarting system.

Extreme Networks
Alternate BootStrap Image
Starting CRC of Default image
Using Default image ...

Extreme Networks
Default BootLoader Image
DRAM Post
########

参考URL
This information was found in page 409-412 of ExtremeXOS Concepts Guide, Software Version 12.5 Rev. 03

Dec 7, 2015

エクストリーム・ネットワークス：Vlan のSecurity(XOS)

エクストリーム・ネットワークス（XOS)をご利用している場合、デフォルトですべてPort がDefault Vlan 1 にアサインします。つまり、Vlan 1 にアサインされた Active Port は Security hole になる可能性があります。 Best Practice のため、すべてのPort は Default vlan から削除することができます。

### 例 ####

* X480-48t.1.17.36 #

* X480-48t.1.17.36 # show vlan default

VLAN Interface with name Default created by user

Admin State: Enabled Tagging: 802.1Q Tag 1

Description: None

Virtual router: VR-Default

IPv4 Forwarding: Disabled

IPv4 MC Forwarding: Disabled

Primary IP: 172.16.1.103/24

IPv6 Forwarding: Disabled

IPv6 MC Forwarding: Disabled

IPv6: None

STPD: s0(Disabled,Auto-bind)

Protocol: Match all unfiltered protocols

Loopback: Disabled

NetLogin: Disabled

OpenFlow: Disabled

TRILL: Disabled

QosProfile: None configured

Egress Rate Limit Designated Port: None configured

Flood Rate Limit QosProfile: None configured

Ports: 48. (Number of active ports=0)

Untag: !1, !2, !3, !4, !5, !6, !7,

!8, !9, !10, !11, !12, !13, !14,

!15, !16, !17, !18, !19, !20, !21,

!22, !23, !24, !25, !26, !27, !28,

!29, !30, !31, !32, !33, !34, !35,

!36, !37, !38, !39, !40, !41, !42,

!43, !44, !45, !46, !47, !48

Flags: (*) Active, (!) Disabled, (g) Load Sharing port

(b) Port blocked on the vlan, (m) Mac-Based port

(a) Egress traffic allowed for NetLogin

(u) Egress traffic unallowed for NetLogin

(t) Translate VLAN tag for Private-VLAN

(s) Private-VLAN System Port, (L) Loopback port

(x) VMAN Tag Translated port

(G) Multi-switch LAG Group port

(H) Dynamically added by MVRP

(D) TRILL Designated, (A) TRILL Appointed Forwarder

(I) Dynamically added by IDM

(U) Dynamically added uplink port

(V) Dynamically added by VM Tracking

* X480-48t.1.17.37 # config vlan "Default" delete ports all

* X480-48t.1.17.38 # show vlan "Default"