Enterasys Enterasys Matrix DFE-Gold Series Guía de usuario Pagina 76
- Pagina / 138
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Configuring Spanguard
5-16 Configuring Spanning Trees
Configuring Spanguard
ThissectionprovidesinformationaboutthefollowingSpanguardtasks:
• OverviewoftheSpanguardFunction
• EnablingandAdjustingSpanguard
Overview of the Spanguard Function
EnterasysNetworks’SpanguardfunctionprovidestheabilityforEnterasysswitchestodetect
unauthorizedbridgesinthenetwork.ItprotectsagainstSpanningTreeDenialofService(DoS)
attacksaswellasunintentional/unauthorizedconnectedbridges.Thisisdonebyintercepting
receivedBPDUsonconfiguredportsandlockingtheseportssotheydonot
processanyreceived
packets—thusprotectingtheintegrityoftheSpanningTreetopology.
Bydefault,Spanguardisgloballydisabled.Whenenabled,receptionofaBPDUonaportthatis
administrativelyconfiguredasaspanningtreeedgeport(adminedge=True)willcausetheport
tobecomelockedandthestate
settoblocking.Whenthisconditionismet,packetsreceivedon
thatportwillnotbeprocessedforaspecifiedtimeou tperiod.Theportwillbecomeunlocked
wheneither:
•Thetimeoutexpires
•Theportismanuallyunlocked
•Theportisnolongeradministrativelyconfiguredasadminedge=True
•TheS pangua rdfunction isdisabled
TheportwillbecomelockedagainshouldanotheroffendingBPDUbereceivedonthatportafter
expirationofthetimeoutormanualunlockingofthatportoccurs.
IntheeventofaDoSattackwithSpanguardenabledandconfigured,nospanningtreetopology
changesortopologyreconfigurationswillbeseen.The
stateofthespanningtreewillbe
completelyunaffectedbythereceptionofanyspoofedBPDUsregardlessoftheBPDUtype,rate
receivedordurationoftheattack.
Bydefault,whenSNMPandSpanguardareenabled,atrapmessagewillbegeneratedwhen
Spanguarddetectsthatanunauthorizedporthastried
tojoinaSp anningTree.
Display the mapping of one or more filtering
database IDs (FIDs) to spanning trees. Since VLANs
are mapped to FIDs, this shows to which SID a
VLAN is mapped.
show spantree mstmap [fid fid]
Display the spanning tree ID(s) assigned to one or
more VLANs.
show spantree vlanlist [vlan-list]
Display MST configuration identifier elements,
including format selector, configuration name,
revision level, and configuration digest.
show spantree mstcfgid
Display protocol-specific MSTP counter information. show spantree debug [port port-string]
[sid sid] [active]
Table 5-4 Commands for Monitoring MSTP (continued)
Task Command
- Matrix DFE Series and N-SA 1
- User’s Guide 1
- Enterasys Networks, Inc 4
- Firmware License Agreement 4
- Contents 7
- Chapter 6: Managing Syslog 9
- Chapter 7: Configuring IP 9
- Chapter 8: Configuring OSPF 10
- Chapter 9: Configuring VRRP 10
- Procedures 12
- Features Overview 13
- Factory Default Settings 14
- 1-2 Features Overview 14
- 1-4 Features Overview 16
- No value applied 17
- Device Management Methods 18
- Getting Started 19
- 2-2 Getting Started 20
- Using a Telnet Connection 21
- Setting System Passwords 22
- Setting Syslog Parameters 23
- 2-6 Getting Started 24
- ]: download 28
- ]: setboot myimage 29
- Resetting the Device 30
- Activating Licensed Features 31
- Using WebView 32
- Using the CLI 33
- Creating Strong Passwords 34
- Setting New System Passwords 36
- Setting Password Policies 38
- Enabling or Disabling Telnet 39
- About Host Keys 40
- Setting CLI Parameters 41
- Displaying Scrolling Screens 42
- Using Context-Sensitive Help 42
- Performing Keyword Lookups 43
- Abbreviating a Command 44
- Console Ports 45
- Switch Ports 46
- Designating Ports in the CLI 46
- 3-16 Using the CLI 48
- 3-18 Using the CLI 50
- 3-20 Using the CLI 52
- Configuring Link Aggregation 53
- LACP Operation 54
- LACP Terminology 54
- Reviewing the Configuration 56
- Configuring Spanning Trees 61
- N‐SAdevice. 62
- Term Definition 62
- Spanning Tree (IEEE 802.1D) 63
- MST Region 64
- Physical Link 66
- Blocked VLANs 66
- Spanning Tree Port States 67
- Configuring STP and RSTP 68
- Setting the Bridge Priority 69
- Setting a Port Priority 70
- Assigning Port Costs 70
- Adjusting Port Hello Times 71
- Adjusting RSTP Parameters 72
- Defining Point-to-Point Links 73
- Defining Edge Port Status 73
- Configuring MSTP 74
- Adjusting MSTP Parameters 75
- Monitoring MSTP 75
- Configuring Spanguard 76
- Managing Syslog 79
- Interpreting Messages 80
- Enabling Syslog Server(s) 82
- Modifying default settings 83
- 6-6 Managing Syslog 84
- Displaying a log file 85
- 6-8 Managing Syslog 86
- Configuring IP 87
- Example Scenario 88
- 7-4 Configuring IP 90
- 7-6 Configuring IP 92
- Assigning an IP Address 93
- Sample Configuration 94
- 7-10 Configuring IP 96
- Displaying the ARP Table 98
- Changing the ARP Timeout 100
- Clearing the ARP Cache 100
- Enabling DHCP/BOOTP Relay 102
- Examples 103
- Configuring ICMP 104
- Using Traceroute 105
- 7-20 Configuring IP 106
- Configuring OSPF 107
- OSPF Terminology 108
- Supported Functions 108
- OSPF Overview 109
- OSPF Areas 110
- Static Multipath Forwarding 111
- Designating an OSPF Instance 111
- Virtual Links 111
- 8-6 Configuring OSPF 112
- 8-8 Configuring OSPF 114
- Activating Advanced Routing 115
- 8-10 Configuring OSPF 116
- Configuring an OSPF NSSA 117
- 8-12 Configuring OSPF 118
- Displaying OSPF Information 119
- Limiting Database Overflow 119
- Resetting OSPF 120
- Debugging OSPF 120
- Configuring VRRP 121
- Basic VRRP Configuration 123
- Router R2 Configuration 124
- Symmetrical Configuration 125
- Router R1 Configuration 126
- Multi-Backup Configuration 128
- 10.0.0.1/16 129
- 10.0.0.2/16 129
- 10.0.0.3/16 129
- 9-10 Configuring VRRP 130
- Router R3 Configuration 132
- Modifying a Configuration 134
- Setting a Critical IP Address 135
- Setting Pre-empt Mode 135
- Setting an Authentication Key 136
- Monitoring VRRP 137
- VRRP Configuration Notes 137
- 9-18 Configuring VRRP 138
Relacionado con productos y manuales para Los conmutadores de red Enterasys Enterasys Matrix DFE-Gold Series
(7 paginas)
(92 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.076 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales