Implementation Guide
Page 9
... Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in the release notes. If release notes are shipped with communication protocols that accompanies your product and the information there differs from the information in this guide, follow the instructions in HTML format on the 3Com Web site. Refer to the Management Quick Reference Guide that accompanies your Switch for configuring, using, and managing the Switches...
... Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in the release notes. If release notes are shipped with communication protocols that accompanies your product and the information there differs from the information in this guide, follow the instructions in HTML format on the 3Com Web site. Refer to the Management Quick Reference Guide that accompanies your Switch for configuring, using, and managing the Switches...
Implementation Guide
Page 12
... guide, each Switch documentation set includes the following: ■ SuperStack 3 Switch 3812, Switch 3824, and Switch 3848 Getting Started Guide This guide contains: ■ all the information you may find useful, such as: ■ Documentation accompanying 3Com Network Supervisor. It is supplied on the CD-ROM that accompanies your Switch. ■ SuperStack 3 Switch 3812, Switch 3824, and Switch 3848 Management Quick Reference Guide This guide contains: ■ a list of the features supported by your Switch. ■ a summary of the Web interface and Command Line Interface commands...
... guide, each Switch documentation set includes the following: ■ SuperStack 3 Switch 3812, Switch 3824, and Switch 3848 Getting Started Guide This guide contains: ■ all the information you may find useful, such as: ■ Documentation accompanying 3Com Network Supervisor. It is supplied on the CD-ROM that accompanies your Switch. ■ SuperStack 3 Switch 3812, Switch 3824, and Switch 3848 Management Quick Reference Guide This guide contains: ■ a list of the features supported by your Switch. ■ a summary of the Web interface and Command Line Interface commands...
Implementation Guide
Page 17
... is reset to save and restore the Switch configuration. You must only be restored or saved by a single user at a time. ■ When using the Configuration Save and Restore feature, 3Com recommends that can only be set using the system control initialize CLI command or the System > Control > Initialize Web interface operation. ■ The configuration can be restored onto a device which has the same physical connections and configuration, as a file on the ports that is stored in full duplex mode...
... is reset to save and restore the Switch configuration. You must only be restored or saved by a single user at a time. ■ When using the Configuration Save and Restore feature, 3Com recommends that can only be set using the system control initialize CLI command or the System > Control > Initialize Web interface operation. ■ The configuration can be restored onto a device which has the same physical connections and configuration, as a file on the ports that is stored in full duplex mode...
Implementation Guide
Page 18
..., LACP automatic aggregations with manually defined ports are part of the configuration. 18 CHAPTER 1: SWITCH FEATURES OVERVIEW Parameters such as VLANs and Fast Start may be lost because the restore operation disables the aggregated link ports. LACP automatic aggregations with manual ports. For detailed descriptions of the Configuration Save and Restore Web interface operations and Command Line Interface (CLI) commands, please refer to the Management Interface Reference Guide supplied in each multicast group to only the endstations that accompanies your Switch uses IGMP...
..., LACP automatic aggregations with manually defined ports are part of the configuration. 18 CHAPTER 1: SWITCH FEATURES OVERVIEW Parameters such as VLANs and Fast Start may be lost because the restore operation disables the aggregated link ports. LACP automatic aggregations with manual ports. For detailed descriptions of the Configuration Save and Restore Web interface operations and Command Line Interface (CLI) commands, please refer to the Management Interface Reference Guide supplied in each multicast group to only the endstations that accompanies your Switch uses IGMP...
Implementation Guide
Page 19
... used by the Switch to determine if a packet should be forwarded, and which port should transmit the packet if it is to ensure that high priority data is transmitted with traffic prioritization, ensures that particular port. For more information about rate limiting, see Chapter 6 "Using Traffic Management". Switch Database The Switch Database is an integral part of your network to be forwarded. RSTP is an enhanced version of STP (Spanning Tree Protocol...
... used by the Switch to determine if a packet should be forwarded, and which port should transmit the packet if it is to ensure that high priority data is transmitted with traffic prioritization, ensures that particular port. For more information about rate limiting, see Chapter 6 "Using Traffic Management". Switch Database The Switch Database is an integral part of your network to be forwarded. RSTP is an enhanced version of STP (Spanning Tree Protocol...
Implementation Guide
Page 23
... may wish to your network and end users: ■ Increased bandwidth ■ Quicker connections ■ Faster transfer of data ■ Minimized data errors ■ Reduced network downtime For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that accompanies your network and improve network performance. Port Features The default state for all the features detailed below provides the best configuration for example, if you are...
... may wish to your network and end users: ■ Increased bandwidth ■ Quicker connections ■ Faster transfer of data ■ Minimized data errors ■ Reduced network downtime For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that accompanies your network and improve network performance. Port Features The default state for all the features detailed below provides the best configuration for example, if you are...
Implementation Guide
Page 25
... duplex, the potential maximum bandwidth of the multiple links is 2 Gbps. An aggregation can be set to auto-negotiate. The capacity of the connection is combined into one logical link. ■ They can potentially increase the bandwidth of 32. If both ports on both ends of 12 aggregated links; if one 10/100/1000 port. Your Switch supports aggregated links on all Switch ports. the Switch 3848 supports a maximum of a connection. By default, LACP...
... duplex, the potential maximum bandwidth of the multiple links is 2 Gbps. An aggregation can be set to auto-negotiate. The capacity of the connection is combined into one logical link. ■ They can potentially increase the bandwidth of 32. If both ports on both ends of 12 aggregated links; if one 10/100/1000 port. Your Switch supports aggregated links on all Switch ports. the Switch 3848 supports a maximum of a connection. By default, LACP...
Implementation Guide
Page 29
... to the aggregated link. Manual Configuration Example The example shown in an aggregated link becomes inactive due to link failure, then the Switch will automatically redirect the aggregated link traffic to the remaining ports. b Add ports 47 and 48 to prevent the possible occurrence of the ports in Figure 3 illustrates a 2 Gbps aggregated link between two Switch units To manually set up this configuration on a Switch 3848: 1 Prepare ports 5 and 7 on the core Switch for your network. Aggregated Link - Aggregated Links 29 If...
... to the aggregated link. Manual Configuration Example The example shown in an aggregated link becomes inactive due to link failure, then the Switch will automatically redirect the aggregated link traffic to the remaining ports. b Add ports 47 and 48 to prevent the possible occurrence of the ports in Figure 3 illustrates a 2 Gbps aggregated link between two Switch units To manually set up this configuration on a Switch 3848: 1 Prepare ports 5 and 7 on the core Switch for your network. Aggregated Link - Aggregated Links 29 If...
Implementation Guide
Page 39
... network helps protect critical links against failure, protects against network loops, and reduces network downtime to the Management Interface Reference Guide supplied in HTML format on the surrounding network and is compatible with switches that you require to manage the Switch please refer to a minimum. The Switch provides resilient links using the Rapid Spanning Tree Protocol (RSTP). For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that use either the Spanning Tree Protocol (STP...
... network helps protect critical links against failure, protects against network loops, and reduces network downtime to the Management Interface Reference Guide supplied in HTML format on the surrounding network and is compatible with switches that you require to manage the Switch please refer to a minimum. The Switch provides resilient links using the Rapid Spanning Tree Protocol (RSTP). For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that use either the Spanning Tree Protocol (STP...
Implementation Guide
Page 53
... Management Interface Reference Guide supplied in the profile will be set somewhere else in the network and not in the hardware of the Switch to configure QoS. How Traffic Prioritization Works 53 The 3Com Network Supervisor application supplied on the CD-ROM accompanying your Switch. Configure Class of Service using 3Com Network Supervisor in the QoS feature through the Switch without being delayed by lower priority data. How Traffic Prioritization Works Traffic prioritization ensures that high priority data is forwarded...
... Management Interface Reference Guide supplied in the profile will be set somewhere else in the network and not in the hardware of the Switch to configure QoS. How Traffic Prioritization Works 53 The 3Com Network Supervisor application supplied on the CD-ROM accompanying your Switch. Configure Class of Service using 3Com Network Supervisor in the QoS feature through the Switch without being delayed by lower priority data. How Traffic Prioritization Works Traffic prioritization ensures that high priority data is forwarded...
Implementation Guide
Page 64
..., the traffic must be updated manually. Using VLANs also provides you only need to specify that is far more flexible than any re-cabling. ■ VLANs provide extra security Devices within each endstation must pass through a routing device or Layer 3 Switch. You do not need to carry out any traditional network. 64 CHAPTER 8: SETTING UP VIRTUAL LANS Figure 14 A network setup showing three VLANs Backbone connecting multiple switches Switch A 1 2 3 4 5 6 7 8 Switch...
..., the traffic must be updated manually. Using VLANs also provides you only need to specify that is far more flexible than any re-cabling. ■ VLANs provide extra security Devices within each endstation must pass through a routing device or Layer 3 Switch. You do not need to carry out any traditional network. 64 CHAPTER 8: SETTING UP VIRTUAL LANS Figure 14 A network setup showing three VLANs Backbone connecting multiple switches Switch A 1 2 3 4 5 6 7 8 Switch...
Implementation Guide
Page 68
... VLAN configuration example: Using untagged connections Endstations in VLAN 1 Endstations in VLAN 2 Switch Server in VLAN 1 Server in VLAN 2 To set up the configuration shown in Figure 17 illustrates two Switch units. Using 802.1Q Tagged Connections In a network where the VLANs are distributed amongst more than one Switch, you must use the Switch Web Interface to Switch 2. VLAN configuration can be used if the devices at Bridge > VLAN. All endstations in VLAN 1 need to be able to connect to the server...
... VLAN configuration example: Using untagged connections Endstations in VLAN 1 Endstations in VLAN 2 Switch Server in VLAN 1 Server in VLAN 2 To set up the configuration shown in Figure 17 illustrates two Switch units. Using 802.1Q Tagged Connections In a network where the VLANs are distributed amongst more than one Switch, you must use the Switch Web Interface to Switch 2. VLAN configuration can be used if the devices at Bridge > VLAN. All endstations in VLAN 1 need to be able to connect to the server...
Implementation Guide
Page 72
..., default gateway, lease time, and any time using the automatic configuration process, the Switch continually attempt to contact a DHCP server on the network requesting IP information from a pool of the three options for IP configuration (manual, auto, none) was last configured is dependant on the network. ■ Manual IP Configuration - this is set up for the first time the IP configuration setting is the default setting. In addition, the Switch will not be accessible from a remote management...
..., default gateway, lease time, and any time using the automatic configuration process, the Switch continually attempt to contact a DHCP server on the network requesting IP information from a pool of the three options for IP configuration (manual, auto, none) was last configured is dependant on the network. ■ Manual IP Configuration - this is set up for the first time the IP configuration setting is the default setting. In addition, the Switch will not be accessible from a remote management...
Implementation Guide
Page 75
... passwords or configuration information will be visible in the data. For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that certificate has not been certified. As it is the IP address of your network traffic is the default certificate for the Switch. If your Switch. 10 MAKING YOUR NETWORK SECURE This chapter outlines the Port Security and Switch Management Login features, explains the key benefits of using...
... passwords or configuration information will be visible in the data. For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that certificate has not been certified. As it is the IP address of your network traffic is the default certificate for the Switch. If your Switch. 10 MAKING YOUR NETWORK SECURE This chapter outlines the Port Security and Switch Management Login features, explains the key benefits of using...
Implementation Guide
Page 77
... the current operating system. Access list rules can be used to limit access to certain segments of the network and therefore, are applied to filter traffic on a VLAN. Access Control Lists 77 Access Control Lists Access Control Lists are a set of instructions that can be applied under the rule, it is compared against the VLAN access list. Access Control Lists can be applied and traffic is forwarded at wire speed using layer 3 destination IP addresses and VLANs. When a packet is taken. If...
... the current operating system. Access list rules can be used to limit access to certain segments of the network and therefore, are applied to filter traffic on a VLAN. Access Control Lists 77 Access Control Lists Access Control Lists are a set of instructions that can be applied under the rule, it is compared against the VLAN access list. Access Control Lists can be applied and traffic is forwarded at wire speed using layer 3 destination IP addresses and VLANs. When a packet is taken. If...
Implementation Guide
Page 78
... packets containing a source address not learnt on the port. ■ Network Login When the user has been successfully authorized, all packets. Port Security Your Switch supports the following port security modes, which you can set for an individual port or a range of ports: ■ No Security Port security is disabled and all traffic from the authorized client device is forwarded through the port. The source MAC address in the form of authorized addresses...
... packets containing a source address not learnt on the port. ■ Network Login When the user has been successfully authorized, all packets. Port Security Your Switch supports the following port security modes, which you can set for an individual port or a range of ports: ■ No Security Port security is disabled and all traffic from the authorized client device is forwarded through the port. The source MAC address in the form of authorized addresses...
Implementation Guide
Page 81
... aggregated link. ■ Network Login is stored in the local database on a RADIUS server in your network. If you intend to operate as members of a resilient link. ■ Some client devices that does not match the MAC address for example printers. Failure to enable authentication on ports configured to manage the Switch using the Web interface or the Command Line Interface, you enable RADIUS as the authentication mode of Switch Management Login, the user name and password information is not supported...
... aggregated link. ■ Network Login is stored in the local database on a RADIUS server in your network. If you intend to operate as members of a resilient link. ■ Some client devices that does not match the MAC address for example printers. Failure to enable authentication on ports configured to manage the Switch using the Web interface or the Command Line Interface, you enable RADIUS as the authentication mode of Switch Management Login, the user name and password information is not supported...
Implementation Guide
Page 83
... Switch is configured with "admin" access to login to the Switch via the Web interface or Telnet. ■ The user names and passwords stored in the local Switch database may not be able to log in the local Switch database, and vice versa. When a user account is created on a RADIUS server, an equivalent account is unable to contact the RADIUS server, the Command Line Interface automatically reverts to using RADIUS authentication of port-based access control, and Switch Management Login, used to...
... Switch is configured with "admin" access to login to the Switch via the Web interface or Telnet. ■ The user names and passwords stored in the local Switch database may not be able to log in the local Switch database, and vice versa. When a user account is created on a RADIUS server, an equivalent account is unable to contact the RADIUS server, the Command Line Interface automatically reverts to using RADIUS authentication of port-based access control, and Switch Management Login, used to...
Implementation Guide
Page 97
... Mbps Gigabit Ethernet over fiber-optic cable. Aggregated Links Aggregated links allow a user to increase the bandwidth and resilience between switches by using a group of a network used to the optimum setup. bandwidth The information capacity, measured in bits per second, that allows them to carry traffic between network segments. backbone The part of ports to advertise their capabilities for speed, duplex and flow control. aging The automatic removal of GLOSSARY 3Com Network The 3Com network management application used as...
... Mbps Gigabit Ethernet over fiber-optic cable. Aggregated Links Aggregated links allow a user to increase the bandwidth and resilience between switches by using a group of a network used to the optimum setup. bandwidth The information capacity, measured in bits per second, that allows them to carry traffic between network segments. backbone The part of ports to advertise their capabilities for speed, duplex and flow control. aging The automatic removal of GLOSSARY 3Com Network The 3Com network management application used as...
Implementation Guide
Page 103
... Spanning Tree topology throughout the bridged network. RMON IETF Remote Monitoring MIB. SAP Service Access Point. protocol A set of the Spanning Tree Protocol that a Switch carries out when it to be connected to a network. RADIUS Remote Authentication Dial-In User Service. Repeaters are used to forward IP packets to the rest of a protocol entity. See also main port and standby port. router A router is connected to a remote destination. Rapid Spanning Tree An enhanced version of rules for communication between a network...
... Spanning Tree topology throughout the bridged network. RMON IETF Remote Monitoring MIB. SAP Service Access Point. protocol A set of the Spanning Tree Protocol that a Switch carries out when it to be connected to a network. RADIUS Remote Authentication Dial-In User Service. Repeaters are used to forward IP packets to the rest of a protocol entity. See also main port and standby port. router A router is connected to a remote destination. Rapid Spanning Tree An enhanced version of rules for communication between a network...