8/10/2019 3Com Treinamento
1/79
Configuring and Deploying3Com Enterprise Switches
Version 2.3
3Com University
Version 2.3 October 2006
8/10/2019 3Com Treinamento
2/79
1
Agenda
Chapter 1 - Introduction to the Enterprise Switch Family
Chapter 2 - Installation & Getting Started
Lab Exercises 1 - 2
Chapter 3 - Configuring Ports & Link Aggregation
Lab Exercise 3
Chapter 4 - Configuring Spanning Tree
Lab Exercise 4
Chapter 5 - Configuring VLANs
Lab Exercise 5
Chapter 6 - Basic Layer 3 Configuration
Lab Exercise 6
8/10/2019 3Com Treinamento
3/79
2
Agenda
Chapter 7 - Setting up OSPF
Lab Exercise 7
Chapter 8 - Setting up VRRP
Lab Exercise 8
Chapter 9 - Using ACLs & QoS
Lab Exercise 9
Chapter 10 - Multicast Configuration
Lab Exercise 10
Chapter 11 - Configuring RADIUS & 802.1X Login
Lab Exercise 11
Chapter 12System Maintenance & Troubleshooting
Lab Exercise 12
8/10/2019 3Com Treinamento
4/79
Chapter 1
Introduction to theEnterprise Switch Family
8/10/2019 3Com Treinamento
5/79
4
Introduction to the Enterprise Switch Family
>Chapter Topics
Introduction to Secure Converged Networks
Explain the Positioning of the Enterprise Switches
Introduction to the Switch 5500 Family
Introduction to the Switch 7750 Family
Introduction to the Switch 8800 Family
8/10/2019 3Com Treinamento
6/79
5
Defining Secure, Converged Networks
Secure Network Integrated security Adaptive and dynamic protection Automatic protection Customizable and centrally managed
Converged Network Resilient multi-service network Application-aware traffic classification Core-to-edge coverage Wired and wireless
Customer Benefits Business continuity Improved productivity Capital efficiency and cost reduction Corporate control and visibility
management
security
IP Services: data, voice, video,
music, gaming
IP connectivity
8/10/2019 3Com Treinamento
7/796
3Com Premium Enterprise LAN Switching Portfolio
3Com Switch 5500
Deployment Focus:
3Com Switch 7750
3Com Switch 8800
Key Features:
Modular Core Switching>Advanced Layer 2/3 Switching and Routing
> High-density Gigabit and 10 Gigabit Solutions
> Multilayer QoS for Convergence Networking
> Granular Traffic Management & Holistic Security
>Available Power over Ethernet
> Highly Resilient Modular Architecture
Modular Edge Switching
>Advanced Layer 2/3 Switching and Routing
> High-density 10/100 and Gigabit Solutions
> Multilayer QoS for Convergence Networking
> Granular Traffic Management & Holistic Security
>Available Power over Ethernet
> Highly Resilient Modular Architecture
Premium Stackable Switching
>Advanced Layer 2/3 Switching and Routing
> Multilayer QoS for Convergence Networking
> Granular Traffic Management & Holistic Security
>Available Power over Ethernet
> Disaster Protection with XRN
> Large Enterprise
> Non-Blocking Core, Distribution Layer
> High-Density Edge Access & PoE
> Small/Medium Enterprise Core
> Large Enterprise Distribution Layer
> High-Density Edge Access & PoE
> Small Enterprise Core
> Medium Enterprise Distribution Layer
> High-Density Edge Access & PoE
> Branch Office, Workgroup
8/10/2019 3Com Treinamento
8/797
All Part of 3Coms Secure Converged Networking Solution
Common 3Com Operating System Fully Standards Based Infrastructure
Secur i ty Pol icy Contro l
Automatic User Security Authentication ,
Automated B reach Containment
Best of B reed Core
Next Generation Terabit
Performance
Convergence
Carrier-prov en, scalable,
redundant solut ions
Security
Industry leader in
hardware-based IPS
Total Flexibi l i ty
Comprehensive m edia f lexib i l i ty ;
Wired, wireless, PoE, voice
8/10/2019 3Com Treinamento
9/798
Secure Converged Networks
> The Enterprise Switch Family has been designed to integrate withthe Tipping Point IPS products to quarantine clients to preventundesirable traffic on the network
> Enable an administrator totake actionwhen an infected machine
is found
> Possible actions are:
Log infected machine information
Display remediation web page
Redirect to a URL
Place client in remediation VLAN
Apply access-list to the port on the Switch
Block IP address and or switch port/MAC address (block all traffic)
Works in conjunction with other Quarantine Actions
8/10/2019 3Com Treinamento
10/799
TippingPoint IPS
Clients
SafeZone
5500 Access Switches
SMS
Quarantine Process1. Client Authenticates via SMS2. SMS acts as Radius proxy,
learns MAC/Switch/Port from
Switch via RADARADIUS
Core
Breach to Containment in under 5 seconds
3. EVENT: Illegal Activity4. SMS resolves IP to MAC5. MAC Address is placed into a
blacklist and policy set6. SMS forces re-authentication
of compromised device7. Device is contained within the
set policy at the access switchingress port
1
2
6
5 4
3
7
Secure Converged NetworksQuarantine Protection
8/10/2019 3Com Treinamento
11/7910
The Switch 5500 Family
8/10/2019 3Com Treinamento
12/7911
>Premium XRN stackable Layer 3 switches
>Designed for enterprise wiring closets, keyaggregation points, branch offices and datacenters
>10/100 and Gigabit models 5500 are 10/100
5500G are Gigabit
>SI have standard image
Basic Layer 3 & Stacking
>EI have enhanced image
Advanced Layer 3 & XRN Stacking
>PoE versions of the EI models
>Special FX and SFP versions
3Com Switch 5500Family
Switch 5500 Family
8/10/2019 3Com Treinamento
13/7912
>7 models in the 5500 family:
Switch 5500-SI 28-Port
Switch 5500-SI 52-Port
Switch 5500-EI 28-Port
Switch 5500-EI 52-Port Switch 5500-EI PWR 28-Port
Switch 5500-EI PWR 52-Port
Switch 5500-EI 28-Port FX
>Stacking via SFP Ports
>5500-SI may be upgraded to 5500-EI
Software Upgrade available mid-2006
>Non-PWR models are not upgradeable to PWR
>No module slot in the rear
3Com Switch 5500Family
Switch 5500 10/100 Products
8/10/2019 3Com Treinamento
14/7913
>5 models in the 5500G family: Switch 5500G-EI 24-Port
Switch 5500G-EI 48-Port
Switch 5500G-EI PWR 24-Port
Switch 5500G-EI PWR 48-Port
Switch 5500G-EI 24-Port SFP> On all the last 4 ports are Combo / Dual Personality ports
> Maximum number of active ports is 24 or 48, not 28 or 52
>Non-PWR models are upgradeable to PWR Replace low-power PSU with PoE version
> Different PSUs for 24 & 48 port units
>Stacking ports are built-in at the rear>Module slot is built-in at the rear
8-port 1000 Mbps SFP module
1-port 10 Gbps XENPAK module
2-port 10 Gbps XFP module
Switch 5500G Gigabit Products
8/10/2019 3Com Treinamento
15/7914
What is XRN?
>XRN is eXpandable Resi l ient Netwo rking
>XRN technology allows multiple Layer 3 switches to beinterconnected together to behave as a single logical switchingentity called a Fabric.
>Switch 5500-SI support simple stacking Distributed Device Management
Distributed Link Aggregation
> From Software Version 3.02.00
>Switch 5500-EI variants support XRN stacking
Distributed Device Management
Distributed Link Aggregation
Distributed Resilient Routing
8/10/2019 3Com Treinamento
16/79
15
Key benefits of XRN
>High Availability
Reduce the risk of a single point of failure
Support link aggregation across units to ensure the highestpossible network availability
>High Performance>Scaleable
Add units to the stack to increase port density
>Simple to Administer
All switches in the fabric behave as a single managemententity
8/10/2019 3Com Treinamento
17/79
16
>Distributed Device Management (DDM)
Intelligent management ensures all
switches act as a single logical device
Resilient architecture provides access
to management in the event of ANY
switch failing
Rapid stack-wide feature configuration
Hot-insert and removal of switches
Automatic and Manual stack
configuration
Stack up to 8 units > Stack-Wide Management
Single entity for SNMP, WEB and CLIManagement
Display ALL configurations in one screen
with Device View
Reduces configuration time
Improved monitoring responsiveness
r222# telnet
192.168.0.33r222# configure
terminal
r222(config)#
interface ethernet
0/0
r222(config-if)# ip
address 7.7.7.7
255.255.255.0
r222(config)#
interface pos 4/0/0
3Com Switch 5500XRN Technology Features
192.1
68.
1.
254
8/10/2019 3Com Treinamento
18/79
17
>Distributed Resilient Routing (DRR)
Single Router Entity across XRN Stack with all router interfaces shared
across all units in the fabric
Each unit provides local Layer 3 switching and holds distributed routing
tables
Loss of one unit in the XRN stack will not affect routing in the others No Master device required like other switching vendorsall
commands and data (LSDB) are synchronized across all units
1
2
ROUTER TABLE
VLAN 10.0.0.0
255.255.0.1
Router Interface information issynchronised across all switches
L3 traffic can be handled locally by the
switch and intelligently passed up or downthe XRN stack
Student VLAN
Admin VLAN
3Com Switch 5500XRN Technology Features
8/10/2019 3Com Treinamento
19/79
18
>Distributed Link Aggregation (DLA)
Create incredibly resilient network designs that are highly flexible
Allows ports across the fabric to be Aggregated using IEEE 802.3ad LACP
LACP will then automatically configure the links as aggregated links
Failure in any link will result in the Link Aggregation protocol re-distributing
traffic to compensate resulting in no traffic loss
Switch 5500G-EI
Switch 5500-EI SuperStack 3 Switch4400
4 Gbps LoadBalanced LAG
Multiple links fail without affectingconnectivity back to the aggregation point
Fully compatible withexisting 4400 Family
3Com Switch 5500XRN Technology Features
8/10/2019 3Com Treinamento
20/79
19
> XRN Stacking
Each switch uses the last two Gigabit
SFP ports to provide a 2Gbps FD link
No extra hardware required
Stack up to 8 units
Automatic or manual stackconfiguration
A return link provides rapid fail-over in
the event of a normal link or unit failing
XRN Stack units together over 70km
apart!
Normal Stacking Link:1 Gbps UP / 1 Gbps DOWN
Standby Stacking loop connection:1 Gbps UP / 1 Gbps DOWN
Switch 5500
Use ANYGigabit SFP to linkthe units together
3Com Switch 5500XRN Performance
8/10/2019 3Com Treinamento
21/79
20
>96Gbps XRN Stacking
Each switch has two bi-directional
cascade links providing 96Gbps
full duplex bandwidth
Stack up to 8 units of any variety
Automatic or manual stackconfiguration
A return link provides rapid fail-over
in the event of a normal link or unit
failing
Stacking bandwidth is not shared
with any other resource
50, 150 & 500cm cables Normal Stacking Link:24 Gbps UP / 24 Gbps DOWN
Standby Stacking loop connection:24 Gbps UP / 24 Gbps DOWN
Ultra high-speed
robust Infiniband
12X connectors
and cables
Switch 5500G
3Com Switch 5500GXRN Performance
8/10/2019 3Com Treinamento
22/79
21
>New standards based Power Redundancy
System
Built-In DC power stage for direct
connection to -48V supply
Supports 3 modes for total flexibility: AC; AC
and DC and DC only Instantaneous fail-over from either AC or
DC
System design support direct connect to
batteries for Uninterruptible power
Additional power can be injected into the DC
for high power PoE devices up to 15.4W perport
>3Com Approved and Tested DC supplier
Switch 5500 Family AvailabilityAdvanced Power Redundancy
8/10/2019 3Com Treinamento
23/79
22
New Levels of Power AvailabilityPowerware Datacom Power Solution
Powerware APS3
Powerware APS6
Configuration Tool available
>The Powerware APS
A modular DC Power Supply Unitwith optional integrated standbybattery
Can be configured with N+1
redundancy
Powers 3Com Switch 5500 / 5500Gand other 48VDC devices
Fully scalable to meet your DC powerand standby power needs
> Up to 6 hot-swappable rectifiers> Supports up to 16 separately fused DC
outputs
Built-in supervisor management> Ethernet RJ-45 and serial support
> Full SNMP management with MIB II support
8/10/2019 3Com Treinamento
24/79
23
>Layer 1
IEEE802.3ae 10Gigabit Ethernet
> XENPAK, XFP
IEEE802.3z Fiber Gigabit
IEEE802.3ab Gigabit over Copper
IEEE 802.3u (Fast Ethernet)
Auto MDI/MDI-X
Auto negotiate speed/duplex
IEEE 802.3af (Power overEthernet)
Switch 5500 Feature Overview
>Layer 2
Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
Address Table Learning 802.1d
> User Definable Ageing period
4096 VLAN's
> 802.1Q Port based
> Voice VLAN
>Auto VLAN
> VLAN Q-in-Q
GVRP
Priority Queuing 802.1p
IGMP Snooping
802.3ad Link aggregation
Broadcast Storm Control
Jumbo Frames - 9Kb (not on SI)
8/10/2019 3Com Treinamento
25/79
24
>Layer 3
IPV4 Routing
ECMP with 3 paths
Static Routing
RIP V1/2
OSPF
> onEI models only
Routing Policies
VRRP
PIM DM/SM
> onEI models only
ARP / Proxy ARP
IGMP V1 & V2 Query
DHCP Relay & DHCP Server
UDP Helper
>Quality of Service
8 queues per port
Strict Priority (SP), Weighted RoundRobin (WRR), Weighted FairQueuing (WFQ)
Extensive QoS policies based on
L2, L3 or L4 packet information CoS, ToS, DiffServe Prioritization
Bandwidth Limiting
Bandwidth Guarantee
Auto QoS
Switch 5500 Feature Overview
8/10/2019 3Com Treinamento
26/79
25
>Management
Terminal port
Telnet ( 4 sessions)
Industry-standard CLI
WEB Browser interface
FTP, TFTP Download
NTP
SNMPv1, v2c, v3
RMON (4 groups)
Xmodem
Security (Port/Access)
Switch 5500 Feature Overview
>Security
Hierarchical user management andpassword protection
Packet authentication using ciphertext and MD5 for OSPF and RIPv2
ACL with L2/L3/L4 filtering 802.1X User Authentication
RADA MAC Authentication
Radius Authentication
SNMPv3
SSH V2
8/10/2019 3Com Treinamento
27/79
26
Feature 5500-SI 5500-EI 5500G-EI
StackingArchitecture
Master/Slave Stacking XRN XRN
Distributed LinkAggregation
Yes(from S/W ver 3/02.00)
Yes Yes
No of distributed LinkAggregations
8 per Fabric 8 per fabric 32 per Fabric
Distributed ResilientRouting
No Yes Yes
Distributed DeviceManagement
Yes Yes Yes
AutomaticSplit/Merge onfailure
No Yes Yes
Stack Performance 2Gbps 2Gbps 48Gbps
No of VLANSs 256 4094 4094
Permanent MAC Addr 64 256 1K
ARP table Size 2K 4K 8K
IP Interfaces 4 per stackUp to 4 secondary IPaddresses per interface
32 per stackUp to 4 secondary IPaddresses per interface
64 per stackUp to 9 secondary IP addressesper interface
No of Static Routes 64 256 256
RIP v1 / v2 1K entries4 Networked Interfaces
2K entries8 Networked Interfaces
2K entries64 Networked Interfaces
OSPF No Areas: 2Link State Database size: 6KImported routes: 2K
Areas: 8Link State Database size: 12K
Imported routes: 4K
Multicast Routing No PIM Sparse and PIM Dense PIM Sparse and PIM Dense
Time-based ACLs No Yes Yes
Standard vs. Enhanced Image
8/10/2019 3Com Treinamento
28/79
27
Target use:Enterprise wiringcloset access switch;branch office switch
Availability: Simply power theswitch via a standard -48VDC input for additional
resilience
Scalability: Patented XRNtechnology automaticallycreates a stack of switchesand allows single IPmanagement
Connectivity: Each switch
allows up to 4 active Gigabitports with any combinationof copper and/or fibreaccepted
Application-Aware:Automatically detects,prioritizes and places VoIPtraffic in a separate VLAN
Port Configurations:24 x 10/100 Ports + 4 SFP
48 x 10/100 Ports + 4 SFP
Includes Standard Image (SI) software
> Upgradeable to the Enhanced Image (EI)
XRN: Distributed Device Management
> Scalable to 384 10/100 + 16 SFP
> Mix and match any 5500-SI product in a stack
> Built-in resilient loop stacking via SFP ports
> Distributed Link AggregationAllows up to 8 groups to be spread across any
ports in the stack (8 FE / 4 GE per group)
Features Highlights:
> 64 Static Routes
> Dynamic routing (RIPv1/2)1K entries
> 2K ARP Table
> Intelligent security services including 802.1X
> RADARADIUS Authenticated Device Access
> Full QoS Prioritisation and full classification> 8 Egress Queues
> 256 Port-Based VLANs
> DC -48V inputcan be run off AC or DC
> Rapid Spanning Tree with STP Route Guard
> IGMP Snooping V1/V2
> SSHv1.5 / SNMPv3
> NTP / FTP Server and Client
Swit ch 5500-SI 28-Port
Key Points
Swit ch 5500-SI 52-Port
Switch 5500-SI Summary
8/10/2019 3Com Treinamento
29/79
28
Target use:AdvancedEnterprise wiring closetaccess switch; smallaggregation
Availability: Routing functionsare totally distributed across
all switches in the stackmassively increasingperformance and uptime
Scalability:Extendconnectivity with a mixtureof PoE and fibre switches
Connectivity: Jumbo Frames
are supported on all gigabituplinks for interoperabilitywith equipment downstream
Application-Aware:AdvancedTime-Based ACLs aresupported that can beautomatically executed on aper user or machine basis
Port Configurations:
24 x 10/100 Ports + 4 SFP
48 x 10/100 Ports + 4 SFP
24 x 10/100 PoE + 4 SFP
48 x 10/100 PoE + 4 SFP
24 100BASE FX SFP + 2
10/100/1000 + 2 SFP
Includes Enhanced Image (EI) software
> Includes ALL SI software plus:
XRN
> Distributed Device Management
Mix and match any 5500-EI product in a stack,
including PWR and FX SKUsDistributed Link Aggregation
Allows up to 32 groups to be spread across any
ports in the stack (8 FE / 4 GE per group)
Distributed Resilient Routing
All switches in the stack are actively routing and
sharing LSDB and ARP tables
256 static routes with 2K RIP entries
4K ARP Table
6K LSDB size for OSPFMulticast Routing PIM Sparse Mode / Dense Mode
> 4096 Port-Based VLANs
> Time-based Access Control Lists
> DHCP Tracker
> Traffic Redirection
> Traffic Mirroring
> Syslog
Swit ch 5500-EI 28-Port
Key Points
Swit ch 5500-EI 52-Port
Swit ch 5500-EI 28-Port PWR
Swit ch 5500-EI 52-Port PWR
Swit ch 5500-EI 28-Port FX
Switch 5500-EI Summary
8/10/2019 3Com Treinamento
30/79
29
Target use:AdvancedEnterprise wiring closetaccess switch; Buildingaggregation and serverfarm
Availability: Pluggable Power
Supply for reducing time torepair
Scalability:Instantly enablePower over Ethernet via aplug-in PoE Power Supply
Connectivity: Add up to 448Gigabit ports 16 x 10G links
per stack for ultimateperformance
Application-Aware:Advancedbespoke classificationmasks can be programmedfor any QoS or ACL rule
Port Configurations:
24 x 10/100/1000 Ports + 4 SFP
+ 1 Application Module Slot(PoE Ready)
48 x 10/100/1000 Ports + 4 SFP
+ 1 Application Module Slot
(PoE Ready)
24 x SFP Ports + 10/100/1000+ 1 Application Module Slot
Includes Enhanced Image (EI) software
> Includes ALL SI software plus:
> Hot-swappable Application Module Slot for
expansion cards :
8-Port SFP, 1-Port 10G, 2-Port 10G
> Removable PSU
XRN
> Distributed Device Management
Mix and match any 5500G-EI product in a stack
48 Gigabit Bi-directional stacking link with
redundant loop
> Distributed Link Aggregation
Allows up to 32 groups to be spread across any
ports in the stack (8 GE / 4 10GE per group)
> Distributed Resilient Routing
All switches in the stack are actively routing and
sharing LSDB and ARP tables
100 static routes with 2K RIP entries
8K ARP Table
12K LSDB size for OSPF
Multicast Routing PIM Sparse Mode / Dense Mode
Swit ch 5500G-EI 24-Port
Key Points
Swit ch 5500G-EI 48-Port
Swit ch 5500G-EI 24-Port SFP
Switch 5500G-EI Summary
8/10/2019 3Com Treinamento
31/79
30
3Com Switch 7750 Family
8/10/2019 3Com Treinamento
32/79
31
SWITCH 7750 FAMILY
> 3Com Switch 7750 Family at a glance:Flexible, High Performance Modular Switching Architecture
Ideal for Medium to Large Enterprise
> Distribution, and Edge environments
High Capacity Layer 2/3/4 Switching
> Gigabit and 10/100 Ethernet Solutions
High Resiliency for Business Continuity
> No Single Point of Failure
Robust QoS and Traffic Management
> Guaranteed Service Levels for Real-TimeEnterprise Applications
End-to-end Enterprise Security
> Secure Access Control; Traffic Encryption;Hardened Infrastructure
8/10/2019 3Com Treinamento
33/79
32
> Scalable ArchitectureFlexible Modular Design
8-, 7-, and 4-slot Chassis Models
System Capacity Scalable to 96 Gbps
> Highly ResilientRedundant Switch Fabrics (Switch 7758)
N+1 Power Redundancy
Hot-Swappable Components
> Enterprise-Class Performance
Wire-speed 10/100 and Gigabit Ethernet
System Performance up to 179 Mpps
>Available Power over Ethernet (PoE)
IEEE 802.3af Standard PoE (up to 288 ports)
SWITCH 7750 ARCHITECTURE
Fans
Switch 7758
Power Supplies
Fabrics (2)
I/O Modules
*Other Switch 7750 Models
(Switch 7757 and Switch 7754)Are Similarly Configured
**No Redundant Fabric Option
For Switch 7757 and Switch 7754
8/10/2019 3Com Treinamento
34/79
33
Switch 7750Chassis and Fabric
>Fully Redundant & Hot Swappable Fabric, I/O Modules, Power & Fans
>Choice of Chassis
6 I/O Slots + 2 Fabric
6 I/O Slots + 1 Fabric
3 I/O Slots + 1 Fabric>96 Gig Switch Fabric
Dual Redundant Fabrics for 7758
>Different fan assembly for eachchassis type
>Common Power Supplies Only 2 may be used in 4 slot
chassis
>Based on Original Switch 7700Chassis
Updated to support PoE
I/O Modules
Face PlateFabric
Fan
Switch 7757
Slot 0
Slot 6
I/O Modules
Face Plate
Fabrics
Fan
Switch 7758
Slot 0
Slot 7
I/O Modules
Face PlateFabric
Switch 7704
Slot 0
Slot 3
Fan
PSU PSUPSU
PSU PSUPSU
PSU PSU
8/10/2019 3Com Treinamento
35/79
34
Switch 7750Architecture
>Star-wired backplane between SwitchFabrics and I/O Modules
Multiple Gigabit links between Fabricand each I/O slot
> Layer 2 switching is distributed across I/Omodules and Fabrics
> Layer3 Routing functions are performedby the Switch Fabric
Management channels from Fabric toeach I/O slot
> System management is distributedthroughout the chassis
>DC power rails for all slots
>System software comprises of
Operating system and applicationsrunning on the Switch Fabric
Boot code on the I/O modules
Fabric
I/O
I/O
I/O
I/O
I/O
I/O
8/10/2019 3Com Treinamento
36/79
35
Local Switching
Engine
Local Switching
Engine
Local Switching
Engine
Local Switching
Engine
Local Switching
Engine
Local Switching
Engine
16Gbps
16Gbps
16Gbps
16Gbps
16Gbps
16Gbps
Switch 77588 SlotRedundant Switching Architecture
Secondary
Switch
Fabric
Second Fabric for Sub 1
Second Failover
Primary
Switch
Fabric
8/10/2019 3Com Treinamento
37/79
36
The Switch 7750 Family
>Launched mid-2005
>Superseded the original 7700 Family, which waslaunched in 2003
>Optional Power over Ethernet support
7758 Chassis> High Density Wiring Closet or building aggregator
> Redundant Switch Fabric option
7757 Chassis
> High Density Wiring Closet or building aggregator
7754 Chassis
> Medium Density Wiring Closet or building aggregator
>New higher capacity 96Gbps switch fabric
Built in SFP ports on fabric
>Higher port density modules (48 Port PoE and non-PoE)
8/10/2019 3Com Treinamento
38/79
37
Switch 7750 Chassis Details
>Updated Switch 7700 Chassis
Uses Switch 7700 Chassis enclosure, Fan assembly and AC PSUs
>AC PSU's only used for Data
> PoE Power Rack required to power PoE ports
>All Module slots support PoE
Dual AC Power connections
>Auto-Ranging for AC Input Voltage
Primary and Standby AC Input cords
> PoE DC power input connectors on back of Chassis
Modified Switch 7700 backplane> Same data connections for Modules
>Adds PoE power rails
8/10/2019 3Com Treinamento
39/79
38
Switch 77XX Power Supplies
>For the 7-slot and 8-slot chassis two power supplies are required
Do not try to run with only 1 power supply
N+1 redundancy with the addition of a third power supply
>For the 4-slot chassis one power supply is required
Redundancy is provided by a second power supply.
A third power supply may NOT be installed into the slot marked NULL
> It is not electrically connected and does not operate
>All chassis use the same power supplies.
>The power supplies are load-balancing Each supply always provides some of the current draw
If more current is drawn than can be supplied the voltage drops andthe system shuts down
8/10/2019 3Com Treinamento
40/79
39
External PoE Power Rack
>19 Rack Mount Power SupplyChassis
Ships with 1 x PSU installed
Includes Power managementinterface via management cable
> Management cable connects betweenrear of PoE Power Rack and rear of7754, 7757 or 7758
Power Rack ships with all mountinghardware and cables
>Additional 2500w PoE Power Supply Add 1 for N+1 Redundancy when
powered at 220v AC
2 additional required for N+1Redundancy when powered by 120vAC
8/10/2019 3Com Treinamento
41/79
40
96Gbps Switch Fabric
> Compatible with all Switch 77xx Chassis
Backplane bandwidth in any 7 or 8 slot Chassis:
> 8 x Gig channels to I/O slots 1-5
> 4 x Gig channels to I/O slot 6
Backplane bandwidth in any 4 slot Chassis:> 8 x Gig channels to I/O slots 1-3
> Fabric front panel SFP ports on single-fabric systems:
4 x Gig SFP ports operational
> Fabric SFP ports on dual-fabric systems:
7758 has 2 x SFPs active on EACH Fabric
7700R has 4 x SFPs operational on the Activefabric only
> 256Mb Compact Flash Card for additional file storage
8/10/2019 3Com Treinamento
42/79
41
Switch 7750 Advanced Feature Software
>Provides additional capabilities for more sophisticated Enterprisenetworks
>Ordered as a separate product code
>Enables four additional features
BGP4 (Border Gateway Protocol version 4) IS-IS (Intermediate System-to-Intermediate System)
SSH v1.5 authentication
SNMP v3 (Simple Network Management Protocol version 3)encryption
8/10/2019 3Com Treinamento
43/79
42
Switch 7750 Modules
>48 port 10/100/1000Base-TX - 3C16888
>48 port 10/100/1000Base-TX PoE - 3C16890
Only supported in 775X Chassis
>48 port 10/100Base-TX PoE - 3C16891
Only supported in 775X Chassis
>48 port 10/100Base-TX - 3C16889
Replaces OLD 48 port 10/100Base-TX - 3C16860
>48-Port 100Base-X (SFP) Module - 3C168915
Replaces OLD 24 port 100Base-FX - 3C16861
>20 port 10/100/1000Base-T Advanced Module -3C16863A
Replaces OLD 20 port 10/100/1000Base-T - 3C16863
8/10/2019 3Com Treinamento
44/79
43
Switch 77XX Modules
>20 port 1000Base-X (SFP) Advanced Module - 3C16862A
Replaces OLD 20 port 1000Base-X (SFP) - 3C16862
>16-Port Gigabit Mixed-Media Module (12xRJ45 + 4xSFP) -3C168916
Replaces OLD 8 port 10/100/1000Base-T - 3C16859>16-Port Gigabit Mixed-Media Module (12xSFP + 4xRJ45) -
3C168917
Replaces OLD 8 port 100Base-X (GBIC) - 3C16858
>1 port 10GBase-X (Xenpak) - 3C16875A
Replaces OLD 1 port 10GBase-X (Xenpak) - 3C16875
All the original Switch 7700 modules work in all Chassis with allFabrics
Original modules have been superseded by new modules
8/10/2019 3Com Treinamento
45/79
44
>Layer 1
IEEE802.3ae 10Gigabit Ethernet
> XENPAK
IEEE802.3z Fiber Gigabit
IEEE802.3ab Gigabit over Copper
IEEE 802.3u (Fast Ethernet)
Auto MDI/MDI-X
Auto negotiate speed/duplex
IEEE 802.3af (Power overEthernet)
PoE Profiles
Switch 7750 Feature Overview
>Layer 2
Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
Address Table Learning 802.1d
4096 VLAN's
> 802.1Q Port> Protocol Based VLAN 802.1v
> VLAN Q-in-Q
> Guest VLAN
> Voice VLAN
>Auto VLAN
GVRP
Priority Queuing 802.1p
IGMP Snooping
802.3ad Link aggregation
Broadcast Storm Control
Jumbo Frames - 9Kb
8/10/2019 3Com Treinamento
46/79
45
>Layer 3
IPV4 Routing
ARP / Proxy ARP
RIP V1/2 & OSPF
ECMP with 4 paths
Routing Policies
VRRP
IGMP V1 & V2 Query
PIM DM/SM
MSDP
GMRP
DHCP Relay and DHCP Server
With Advanced License:
> BGP-4
> IS-IS Routing
>Quality of Service 8 queues per port
Strict Priority (SP)
Extensive QoS policies based onL2, L3 or L4 packet information
CoS, ToS, DiffServe Prioritization
Bandwidth Limiting & Shaping
Bandwidth Guarantee
Auto ACL Assignment via 802.1X
Switch 7750 Feature Overview
8/10/2019 3Com Treinamento
47/79
46
>Management
Terminal, Modem ports
Telnet ( 4 sessions)
Out of Band Management port(10/100 Ethernet)
Industry-standard CLI FTP, TFTP Download
NTP
SNMPv1, v3
RMON (4 groups)
Xmodem
Security (Port/Access)
Switch 7750 Feature Overview
>Security
Hierarchical user management andpassword protection
Packet authentication using ciphertext and MD5 for OSPF, RIPv2 andBGP-4
ACLs with L2/L3/L4 Filtering
802.1X User Authentication
Radius Authentication
RADA MAC Authentication
Auto-ACL
SNMPv3
SSH V2
8/10/2019 3Com Treinamento
48/79
47
The Switch 8800 Family
8/10/2019 3Com Treinamento
49/79
48
Introducing the Switch 8800 Family
>A high-end Modular platform
First announced November 2004
Updated with Release 2, December 2005
>3 Chassis sizes
Passive backplanes Redundant, load-sharing fabrics
& power supplies
>High bandwidth
High density Gigabit and 10Gig
>High availability>Extensive layer 2, layer 3
>IPv6-ready
>Future-proofed backplane
up to 1,440 Tbps
S it h 8800
8/10/2019 3Com Treinamento
50/79
49
Switch 8800Chassis and Fabric
> Fully Redundant, allElements Hot Swappable
Fabric, I/O Modules,Power & Fans
> Choice of Chassis
12 I/O Slots + 2 Fabric
8 I/O Slots + 2 Fabric 5 I/O Slots + 2 Fabric
> Dual Redundant Fabrics
360 Gbps per Fabric
Load Sharing Provides720 Gbps
L2 / L3 Switching on
Modules Cross-bar Fabric
> SW8814 and SW8807have a 4-fan assembly
> SW8810 has a 6-fanassembly
I/O
Modules
Face Plate
Fabrics
I/O
Modules
2000W Power Supplies
I/O Modules
1200W Power Supplies
Face Plate
Fabrics
Fan
Switch 8814
Switch 8807
Fans
Switch 8810
Slot 0
Slot 13
Slot 0
Slot 0
Slot 6
Slot 9
8/10/2019 3Com Treinamento
51/79
50
Power Supplies
>SW8807 has a 1200W PSU (output)
Auto ranging 100V-240V, 47-63Hz
One PSU can support a fully loaded chassis
Two PSUs provide redundancy
>SW8810 and SW8814 have a 2000W PSU (output) Auto ranging 100-140V and 200-240V, 47-63Hz
Power output depends on input voltage
> 1200W when running on 110V
> 2000W when running on 220V
>With Release 1 hardware:
In the 8810 and 8814, the 110V mode can support a fully loaded,worst case configuration, but not power redundancy
If power redundancy is required, the system must operate at 220V
8/10/2019 3Com Treinamento
52/79
51
Release 2 Power Considerations
>The 4 port 10G module has greater power consumption than anyRelease 1 module
160W per module
>A SW8814 fully populated with 4 Port 10G modules draws 2100W
Two PSUs are required regardless of input voltage Power redundancy is not possible even at 220V
>It is recommended that the chassis is loaded with modules to atotal of less than one PSUs capacity
A second PSU then provides redundancy
>If an operational system is using only 1 PSU, be careful whenadding additional modules
The system will shutdown if the capacity of the PSU is exceeded
8/10/2019 3Com Treinamento
53/79
52
PoE Power Rack
3C17509
PoE Power Supply
3C16884
2500W (x3)PoE Option Module
3C17529
Switch 8800 Power over Ethernet
> PoE Configuration Requirements:1. PoE Option Modules (ordered separately)
Must Be Installed on 48-port10/100/1000 Modules
2. PoE Entry Module (ordered separately)
Allows External Power Connection to 8800 Backplane
3. External PoE Power Rack (ordered separately)
Different Product Code to Switch 7750
Required for Supplemental Power
Up to (3) 2500W Power Supplies
48 Port 10/100/10003C17528 or 3C17532
1
2
3
PoE Entry Module
3C17510
8/10/2019 3Com Treinamento
54/79
53
Switch 8800 Architecture Overview
Fabric Fabric
IPv4Module
IPv4Module
IPv4Module
IPv4Module
IPv6Module
IPv6Module
MPLSModule
MPLSModule
30 Gbps
Auxiliary 30 Gbps
> Twin Load-sharing Fabricsprovide Redundancy & 360Gbps
Switching Capacity each
> Up to 12 I/O Modules each with
Distributed L2/L3/L4 Switching
> Each I/O Module has Twin30Gbps Connections to Fabrics=> 720 Gbps
>Auxiliary Connections inBackplane double capacity to 1.4Tbps with Enhanced Modules &
Fabrics
> Future Modules support IPv6
8/10/2019 3Com Treinamento
55/79
54
Backplane Architecture
> Each slot has 4 paths, 2 to each fabric
> Each path consists of 6 sets of traces
Initially, only two sets of traces used
CPU
Fabric 1
SW
Line card1
FAFA
Line card2
CPU
Fabric 2
SW
6*3.125G
FAFA
Line card10 Line card12
Crossbar CrossbarCrossbar Crossbar
FA FA FA FA FA
8/10/2019 3Com Treinamento
56/79
55
Architecture
>All Layer 2/ Layer 3 Switching performed by a Packet Processor(PP)
> Communication between PPs inside a module, or through thefabric to other modules is performed by a Fabric Adaptor (FA)
> Communication between FAs uses a 4-128-bytes cell mechanismwith a 9-byte header
> The fabric uses a simple Crossbar
8/10/2019 3Com Treinamento
57/79
56
Switch 8800 Dual Fabric Architecture
>Each fabric has a datachannel to every module
>Each fabric has a managementchannel to every module
>There is a managementchannel between the fabrics
>Managementand datachannels are independent
Fabric Fabric
InterfaceModule
InterfaceModule
8/10/2019 3Com Treinamento
58/79
57
>The management channel provides:
Control
Monitoring
Route calculation and distribution
>The data channel provides High speed data switching and forwarding
>The data channel is implemented as
Central cross-bar on fabric
High-speed passive backplane Independent layer 2/3 switch on each interface module
Switch 8800 Dual Fabric Architecture
8/10/2019 3Com Treinamento
59/79
58
>One switch fabric becomes master May be located in either slot in the chassis
Provides management functions
> Route calculation and distribution
> Management
> Housekeeping
>The other switch fabric becomes slave
Provides
> Hot-swap, standby redundancy for management functions
>Active load-balancing of data switching
>Allocation of master and slave can be
Automatic at switch initialisation
By user command
Load-Balancing Redundant Fabrics
Load Balancing Redundant Fabrics
8/10/2019 3Com Treinamento
60/79
59
>The master fabric
Provides all route calculations
Uses the management channel to send routing updates to
> The slave fabric, so it remains synchronized
> The interface modules, so they can update their local routing tables
Uses the data channel to provide inter-module switching
> The cross-bar on the master is in some data paths
>The slave fabric
Uses the management channel to synchronize with the master
> Ready for fast fail-over
Uses the data channel to provide inter-module switching
> The cross-bar on the slave is in other data paths
Load-Balancing Redundant Fabrics(continued)
Load-Balancing Redundant Fabrics
8/10/2019 3Com Treinamento
61/79
60
>The interface modules
Receive routing updates on the master management channel
> Update their local routing tables
Use local tables for independent local forwarding decisions
Use data channels for inter-module switching
> Cross-bars on both master and slave fabrics can be used
Use Fabric Adaptors to connect to the data channel
> Convert between
Packets on the module
Variable-length cells on the crossbars
Use Packet Processors to
> Process and forward packets
Store and forward architecture
> Handle all intra-module switching
Load-Balancing Redundant Fabrics(continued)
Load-Balancing Redundant Fabrics:
8/10/2019 3Com Treinamento
62/79
61
Load-Balancing Redundant Fabrics:Switch 8800 Architecture
> In load-balancing mode, the slave fabric provides
> Hot-swap, standby redundancy for management functions
> Active load-balancing of data switching
Crossbar
CPU
Fabric 1
SW
FA
PP
Line card1
FAFA
PP PP
Line card2
Crossbar
CPU
Fabric 2
SW
FAFA
PP PP
Line card10
Load-Balancing Redundant Fabrics
8/10/2019 3Com Treinamento
63/79
62
>If the current master fails, the slave becomes the master
Takes over responsibility for route calculation and distribution
Failover is rapid, as routing tables are already up to date
The new master was synchronised with the old one
Traffic on the crossbar of the failed fabric will be lost>Hot-swap is supported
Either fabric may be removed or inserted with the switch running
Load-Balancing Redundant FabricsFailover
Load-Balancing Redundant Fabrics:
8/10/2019 3Com Treinamento
64/79
63
>With no load-balancing, or after a fabric failure
Crossbar
CPU
Fabric 1
SW
FA
PP
Line card1
FAFA
PP PP
Line card2
Crossbar
CPU
Fabric 2
SW
FAFA
PP PP
Line card10
Load Balancing Redundant Fabrics:Switch 8800 Architecture
C fi ti f L d B l i
8/10/2019 3Com Treinamento
65/79
64
Configuration of Load-Balancing
>Load-balancing is enabled by the user command xbar
xbar load-balanceenables load balancing
> This is the default in Release 2 (Software Version 3.01.21)
xbar load-singledisables load balancing
> This was the default in earlier Software versions
>Every other aspect of load-balancing is automatic
Load-balancing algorithm
> By physical port, details depend on the module
> Flow-based, details depend on the module
> Controlled by software, not by user
Interval used by the master for distribution of routing updates
S it h 8800 R l 1 M d l
8/10/2019 3Com Treinamento
66/79
65
Switch 8800 Release 1 Modules
>Modules with a single Fabric Adapter (FA)
1-port 10GBASE-X (XENPAK)
> 3C17511
12-port 1000BASE-X (SFP)
> 3C17513
>Modules with dual Fabric Adapters
2-port 10GBASE-X (XFP)
> 3C17512
24-port 1000BASE-X (SFP)
> 3C17514
24-port 10/100/1000BASE-T (RJ45)
> 3C17516
S it h 8800 R l 2 H d Additi
8/10/2019 3Com Treinamento
67/79
66
Switch 8800 Release 2 Hardware Additions
>New Advanced Modules Support for larger routing tables256K routes
> Requires Switch 1G Memory Upgrade
Support for MPLS (with Advanced Software)
Targeted at very large Enterprise Networks
>New High Density Modules double the port capacity
4-port 10 Gigabit Ethernet module
> 48 x 10 Gigabit ports per system
48-port 10/100/1000 Ethernet modules
> 576 x 10/100/1000 Ethernet ports per system
>Power over Ethernet
Adds PoE support to existing Switch 8800 chassis
S it h 8800 R l 2 Ad d M d l
8/10/2019 3Com Treinamento
68/79
67
Switch 8800 Release 2 Advanced Modules
>Modules with a single Fabric Adapter 1-port 10GBASE-X (XENPAK)
> 3C17525
>Modules with dual Fabric Adapters 2-port 10GBASE-X (XFP)
> 3C17527
24-port 1000BASE-X (SFP)
> 3C17530
24-port 10/100/1000BASE-T (RJ45)
> 3C17531
Switch 8800 Release 2 High Density Modules
8/10/2019 3Com Treinamento
69/79
68
Switch 8800 Release 2 High Density Modules
>Modules with a single Fabric Adapter
Power over Ethernet Ready
> Positioned for Enterprise Edge
48-Port 10/100/1000
> 3C17528 48-Port 10/100/1000 (Access Module)
> 3C17532
Smaller Routing Table
Not compatible with BGP-4 or IS-IS
>Modules with dual Fabric Adapters
4-port 10GBASE-X (XFP)
> 3C17526
Switch 8800 System Capacities
8/10/2019 3Com Treinamento
70/79
69
Switch 8800 System Capacities
Switch 8814 Switch 8810 Switch 8807
Performance
Switching Capacity 428 Mpps 286 Mpps 179 Mpps
Fabric Bandwidth
Single Fabric 360 Gbps 240 Gbps 150 Gbps
Dual Fabrics 720 Gbps 480 Gbps 300 Gbps
Total Port Capacity
10-Gigabit Ethernet [XENPAK] 12 8 5
10-Gigabit Ethernet [XFP] 48 32 20
10-Gigabit Ethernet Advanced [Xenpak] 12 8 5
10-Gigabit Ethernet Advanced [XFP] 24 16 10
Gigabit Ethernet [10/100/1000] 576 384 240Gigabit Ethernet PoE [10/100/1000] 576 384 240
Gigabit Ethernet [SFP] 288 192 120
Gigabit Ethernet Advanced [10/100/1000] 288 192 120
Gigabit Ethernet Advanced [SFP] 288 192 120
8/10/2019 3Com Treinamento
71/79
Overview of Multiprotocol Label Switching (MPLS )
8/10/2019 3Com Treinamento
72/79
71
Overview of Multiprotocol Label Switching (MPLS )
>MPLS is an IETF framework for efficient labeling and forwarding oftraffic flows across Backbone Networks
>MPLS combines the speed of packet switching with the intelligenceof circuit switching
An end to end connection path is established before any traffic is
forwarded
All traffic of the same class flows along the same path
> Different paths may be selected based on various requirements
>MPLS is most often associated with the Carrier/Service Providermarket
There are scenarios in large enterprise environments where MPLScould make sense
> Enterprises with multiple distant sites needing to provide service levelguarantees
> Not beneficial for single site, or even campus environments
The Benefits of MPLS
8/10/2019 3Com Treinamento
73/79
72
The Benefits of MPLS
>MPLS provides the following beneficial applications on large-scale,multi-site Networks:
Virtual Private Networking
> Service Providers can create IP tunnels throughout their network, withoutthe need for encryption or end-user applications
Traffic Engineering (TE)>Allows for the efficient utilization of bandwidth
Put the Traffic where the Bandwidth is
> Provides control over service levels
Crucial for mission critical applications
Quality of Service (QoS)
> Low latency delivery
> Prioritization of business-critical data
> QoS guarantees with user defined policies
Overview of MBGP
8/10/2019 3Com Treinamento
74/79
73
Overview of MBGP
>MBGP stands for Multiprotocol Extensions for BGP-4
Provides support for protocols other than IPv4
> For example IPv6 and Multicast
>BGP4 does not support a Multicast network topology that differsfrom the network's Unicast topology
Multicast Reverse Path Forwarding uses the Unicast Routing Table
A Multicast from a Source to a Destination follows the same path thata Unicast would
>MBGP supports separate Unicast and Multicast topologies
Use one Routing Table to make Unicast routing decisions Use another Routing Table to make Reverse Path Forwarding
decisions
>Allows Multicast traffic to separated from Unicast traffic
> For example dedicate one link for Multicast and another for Unicast
Overview of TACACS+
8/10/2019 3Com Treinamento
75/79
74
Overview of TACACS+
>TACACS+ provides AAA remote access control similar to RADIUS
>TACACS+ separates authentication, authorization and accounting
Could be run on 3 different servers
> You could use RADIUS to Authenticate, and TACACS+ to Authorize
RADIUS always combines authentication and authorization as one>TACACS+ can be used to authorize different users to execute
individual commands on router
Not supported with RADIUS
>TACACS+ is a more secure protocol
TACACS+ encrypts the entire body of the access-request packet
RADIUS encrypts only the password in the packet
>TACACS+ uses reliable TCP connections
RADIUS uses best-effort UDP
Switch 8800 Feature Overview
8/10/2019 3Com Treinamento
76/79
75
>Layer 1 IEEE802.3ae 10Gigabit Ethernet
> XENPAK, XFP
IEEE802.3z Fiber Gigabit
IEEE802.3ab Gigabit over Copper
IEEE 802.3u (Fast Ethernet)
Auto MDI/MDI-X
Auto negotiate speed/duplex
IEEE 802.3af (Power overEthernet)
Switch 8800 Feature Overview
>Layer 2 Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
Address Table Learning 802.1d
4096 VLAN's
> 802.1Q Port> Protocol Based VLAN
> Super VLAN
> VLAN Q-in-Q
GVRP
Priority Queuing 802.1p
IGMP Snooping 802.3ad Link aggregation
Broadcast Storm Control
Jumbo Frames - 9Kb
8/10/2019 3Com Treinamento
77/79
Switch 8800 Feature Overview
8/10/2019 3Com Treinamento
78/79
77
>Management Terminal, Modem ports
Out of Band Management port(10/100 Ethernet)
Telnet ( 4 sessions)
Industry-standard CLI FTP, TFTP Download
NTP
SNMPv1,v3
RMON (4 groups)
Xmodem Security (Port/Access)
Element management through3Com Network Administrator
Switch 8800 Feature Overview
>Security Hierarchical user management and
password protection
Packet authentication using ciphertext and MD5 for OSPF, RIPv2 andBGP-4
ACL with L2/L3/L4 Filtering
802.1X User Authentication
Radius Authentication
With Advanced License:
> TACACS+
> SSH V2
> SNMP v3 encryption
8/10/2019 3Com Treinamento
79/79
End of Chapter
Top Related