Reference Guide
Page 4
Contents SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Splitting a Stack 24 The Stack Master and Backup Master Units Remain in a Group 24 The Stack Master or the ....1X Properties 67 Defining Port Authentication 68 Defining Multiple Hosts 71 Defining Authenticated Host 74 Defining Access Control 75 Defining MAC Based ACL 75 Defining IP Based ACL 77 Defining ACL Binding 84 Defining DOS Prevention 85 Global Settings 85 Defining Martian Addresses 87 Chapter 5: Configuring Device Interfaces 89 Defining Port Settings 89...
Contents SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Splitting a Stack 24 The Stack Master and Backup Master Units Remain in a Group 24 The Stack Master or the ....1X Properties 67 Defining Port Authentication 68 Defining Multiple Hosts 71 Defining Authenticated Host 74 Defining Access Control 75 Defining MAC Based ACL 75 Defining IP Based ACL 77 Defining ACL Binding 84 Defining DOS Prevention 85 Global Settings 85 Defining Martian Addresses 87 Chapter 5: Configuring Device Interfaces 89 Defining Port Settings 89...
Reference Guide
Page 83
... destination MAC address and denies packet access. 2. based ACL to be added only if the ACL is not bound to an interface. Click the Add ACL button. Click Security Suite >Access Control > MAC Based ACL. Deletes the selected ACL. • Deny Following Destination MAC Addresses - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Defining Access Control...
... destination MAC address and denies packet access. 2. based ACL to be added only if the ACL is not bound to an interface. Click the Add ACL button. Click Security Suite >Access Control > MAC Based ACL. Deletes the selected ACL. • Deny Following Destination MAC Addresses - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Defining Access Control...
Reference Guide
Page 84
Displays the user-defined MAC based ACLs. • New Rule Priority - The possible field values are : 76 Chapter 4: Configuring Device Security Defining Access Control Indicates the source MAC Address wild card mask. A ... of 00.00.00.00.00.00 indicates that no bit is important. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add MAC Based ACL Page The Add MAC Based ACL Page contains the following fields: • ACL Name - Indicates the ACL forwarding action. A wild card mask of a source IP Address. The possible field values...
Displays the user-defined MAC based ACLs. • New Rule Priority - The possible field values are : 76 Chapter 4: Configuring Device Security Defining Access Control Indicates the source MAC Address wild card mask. A ... of 00.00.00.00.00.00 indicates that no bit is important. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add MAC Based ACL Page The Add MAC Based ACL Page contains the following fields: • ACL Name - Indicates the ACL forwarding action. A wild card mask of a source IP Address. The possible field values...
Reference Guide
Page 85
... Security 77 Defining Access Control Select an existing ACL. 2. The Add Rule Page opens: Add Rule Page 3. Deny - Defining IP Based ACL The Defining IP Based ACL page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. 1. Click Apply. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Drops packet...
... Security 77 Defining Access Control Select an existing ACL. 2. The Add Rule Page opens: Add Rule Page 3. Deny - Defining IP Based ACL The Defining IP Based ACL page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. 1. Click Apply. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Drops packet...
Reference Guide
Page 86
...RVSP - Matches the packet to the ReSerVation Protocol (RSVP). - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide IP Based ACL Page The IP Based ACL Page contains the following fields: • ACL Name - Indicates that the Authentication Header (AH) protocol is used to classify ... (IDRP). - Matches the packet to a packet on a specific protocol. - Deletes the selected ACL. • Rule Priority - Displays the user-defined IP based ACLs. • Remove ACL - Matches the protocol to the IP Protocol - Matches the packet to any protocol. -
...RVSP - Matches the packet to the ReSerVation Protocol (RSVP). - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide IP Based ACL Page The IP Based ACL Page contains the following fields: • ACL Name - Indicates that the Authentication Header (AH) protocol is used to classify ... (IDRP). - Matches the packet to a packet on a specific protocol. - Deletes the selected ACL. • Rule Priority - Displays the user-defined IP based ACLs. • Remove ACL - Matches the protocol to the IP Protocol - Matches the packet to any protocol. -
Reference Guide
Page 87
... eight bits are as follows: - The possible field range is used to match packets to ACLs. Either the DSCP value or the IP Precedence value is assigned rate limiting restrictions for filtering ICMP packets. ISIS - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Indicates and ICMP message code for forwarding. In addition...
... eight bits are as follows: - The possible field range is used to match packets to ACLs. Either the DSCP value or the IP Precedence value is assigned rate limiting restrictions for filtering ICMP packets. ISIS - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Indicates and ICMP message code for forwarding. In addition...
Reference Guide
Page 88
Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add IP Based ACL Page The Add IP Based ACL Page contains the following fields: • ACL Name - Defines the TCP/UDP source port to which the ACE is 0 - 65535. • Destination Port - ICMP packets that are ... are permitted on the network. Matches the packet to which rule is 0 65535. • TCP Flags - Displays the user-defined IP based ACLs. • New Rule Priority - Defines the TCP/UDP destination port. Indicates if ICMP packets are either forwarded or dropped. Matches the destination port...
Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add IP Based ACL Page The Add IP Based ACL Page contains the following fields: • ACL Name - Defines the TCP/UDP source port to which the ACE is 0 - 65535. • Destination Port - ICMP packets that are ... are permitted on the network. Matches the packet to which rule is 0 65535. • TCP Flags - Displays the user-defined IP based ACLs. • New Rule Priority - Defines the TCP/UDP destination port. Indicates if ICMP packets are either forwarded or dropped. Matches the destination port...
Reference Guide
Page 89
.... • TCP Flags - Displays the user-defined IP based ACLs. • New Rule Priority - Indicates the action assigned to the ACE. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 • Match IP Precedence - Click Security Suite >Access Control > IP Based ACL. The IP Based ACL Page opens: 2. Indicates the rule priority, which determines which...
.... • TCP Flags - Displays the user-defined IP based ACLs. • New Rule Priority - Indicates the action assigned to the ACE. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 • Match IP Precedence - Click Security Suite >Access Control > IP Based ACL. The IP Based ACL Page opens: 2. Indicates the rule priority, which determines which...
Reference Guide
Page 90
... destination port. Forwards packets which packets are permitted on the network. Click the Add ACL Rule button. Matches the destination port IP address to which meet the ACL criteria. - Packets are reactivated from the Port Management page. Shutdown - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • ICMP - Indicates if ICMP packets are...
... destination port. Forwards packets which packets are permitted on the network. Click the Add ACL Rule button. Matches the destination port IP address to which meet the ACL criteria. - Packets are reactivated from the Port Management page. Shutdown - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • ICMP - Indicates if ICMP packets are...
Reference Guide
Page 91
... the source port IP address to which rule is active only if 800/6-TCP or 800/17-UDP are as follows:. • ICMP Code - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Add IP Based Rule Page The Add IP Based Rule Page contains the following fields: •...; ACL Name - Indicates the rule priority, which determines which packets are either forwarded or dropped. This field is matched to the DSCP tag value. The possible ...
... the source port IP address to which rule is active only if 800/6-TCP or 800/17-UDP are as follows:. • ICMP Code - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Add IP Based Rule Page The Add IP Based Rule Page contains the following fields: •...; ACL Name - Indicates the rule priority, which determines which packets are either forwarded or dropped. This field is matched to the DSCP tag value. The possible ...
Reference Guide
Page 92
... assigned on a port or a LAG flows from that ingress interface that do not match the ACL are applied to ACLs. Indicates the ports/LAGs to the ACE. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • Match IP Precedence - Either the DSCP value or the IP Precedence ...value is Drop unmatched packets. 1. Indicates the action assigned to which the ACL are copied. • To Entry Number(s) -...
... assigned on a port or a LAG flows from that ingress interface that do not match the ACL are applied to ACLs. Indicates the ports/LAGs to the ACE. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • Match IP Precedence - Either the DSCP value or the IP Precedence ...value is Drop unmatched packets. 1. Indicates the action assigned to which the ACL are copied. • To Entry Number(s) -...
Reference Guide
Page 93
.... 4. Indicates the interface to which the ACL is bound. • Select ACL - The ACL Binding Page opens: 2. The Bind ACL Page opens: Bind ACL Page The Bind ACL Page contains the following pages: • Global Settings • Defining Martian Addresses Global Settings 1. Indicates the ACL which is bound. • ACL Name - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide...
.... 4. Indicates the interface to which the ACL is bound. • Select ACL - The ACL Binding Page opens: 2. The Bind ACL Page opens: Bind ACL Page The Bind ACL Page contains the following pages: • Global Settings • Defining Martian Addresses Global Settings 1. Indicates the ACL which is bound. • ACL Name - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide...
Reference Guide
Page 207
...as belonging to different classes, including: Bandwidth Management The Quality of Service section contains the following elements: • Access Control Lists (ACLs) - Applies QoS/CoS mechanisms to a given traffic class, based on an attribute, including: - Traffic shaping The terms Class of... each incoming packet as an aggregate whole, with no per -flow settings, even within a single traffic class. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 12 Configuring Quality of Service Network traffic is usually unpredictable, and the only basic assurance...
...as belonging to different classes, including: Bandwidth Management The Quality of Service section contains the following elements: • Access Control Lists (ACLs) - Applies QoS/CoS mechanisms to a given traffic class, based on an attribute, including: - Traffic shaping The terms Class of... each incoming packet as an aggregate whole, with no per -flow settings, even within a single traffic class. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 12 Configuring Quality of Service Network traffic is usually unpredictable, and the only basic assurance...
Reference Guide
Page 216
...Quality of Service Defining Advanced Mode When CCLs are applied in the sequence they cannot be defined until a valid ACL is defined. In advanced QoS mode, ACLs can be attached to an interface. The rules are set according to bandwidth management. CCLs are defined in classification... control lists (CCL). 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Defining Advanced Mode Advanced QoS mode provides ...
...Quality of Service Defining Advanced Mode When CCLs are applied in the sequence they cannot be defined until a valid ACL is defined. In advanced QoS mode, ACLs can be attached to an interface. The rules are set according to bandwidth management. CCLs are defined in classification... control lists (CCL). 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Defining Advanced Mode Advanced QoS mode provides ...
Reference Guide
Page 218
Both the MAC-based and the IP-based ACL must match a packet. • ACL2 - Or - The Add QoS Class Map Page opens: Add QoS Class Map Page The Add QoS Class Map Page contains ... -Criteria used to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Either the MAC-based or the IP-based ACL must match a packet. - And - Contains a list of the user-defined ACLs. 2. 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Class Mapping Page The Class Mapping...
Both the MAC-based and the IP-based ACL must match a packet. • ACL2 - Or - The Add QoS Class Map Page opens: Add QoS Class Map Page The Add QoS Class Map Page contains ... -Criteria used to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Either the MAC-based or the IP-based ACL must match a packet. - And - Contains a list of the user-defined ACLs. 2. 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Class Mapping Page The Class Mapping...
Reference Guide
Page 219
... Service > Advanced > Aggregate Policer. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 12 • Preferred ACL - Matches packets to IP based ACLs first, then matches packets to MAC based ACLs. - Matches packets to MAC based ACLs first, then matches packets to IP based ACLs. • IP ACL - Matches packets to MAC based ACLs first, then matches packets to...
... Service > Advanced > Aggregate Policer. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 12 • Preferred ACL - Matches packets to IP based ACLs first, then matches packets to MAC based ACLs. - Matches packets to MAC based ACLs first, then matches packets to IP based ACLs. • IP ACL - Matches packets to MAC based ACLs first, then matches packets to...
Software Configuration Guide
Page 15
... flow control is off on all host interfaces. For more information about LLC and quality-of-service, see the Cisco Nexus 7000 Series NX-OS Quality of ingress access control lists (ACLs) that connect each Fabric Extender (one parent switch per FEX) in a vPC domain. OL-25816-02... offload link-level protocol processing to the QoS classes. For more information about VLANs, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide. For more information about ACLs, see the Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide. By default, flow control send is ...
... flow control is off on all host interfaces. For more information about LLC and quality-of-service, see the Cisco Nexus 7000 Series NX-OS Quality of ingress access control lists (ACLs) that connect each Fabric Extender (one parent switch per FEX) in a vPC domain. OL-25816-02... offload link-level protocol processing to the QoS classes. For more information about VLANs, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide. For more information about ACLs, see the Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide. By default, flow control send is ...
Configuration Guide
Page 5
... 5: How to Configure the DNS Settings 5-11 Step 6: How to Configure the RDR Formatter Destination 5-12 Step 7: Configuring Access Control Lists (ACLs) 5-12 How to Configure Access Control Lists (ACLs) 5-13 Step 8: How to Configure SNMP 5-17 Step 9: How to Configure the Topology-Dependent Parameters 5-19 Step 10: How to Complete and... the Line Ports and Completing the Installation 6-1 Connecting the line ports to the network 6-1 Cabling Diagrams 6-1 Single Link: Inline Topology 6-2 Single Link: Receive-only Topology 6-2 Cisco SCE 2000 4xGBE Installation and Configuration Guide v
... 5: How to Configure the DNS Settings 5-11 Step 6: How to Configure the RDR Formatter Destination 5-12 Step 7: Configuring Access Control Lists (ACLs) 5-12 How to Configure Access Control Lists (ACLs) 5-13 Step 8: How to Configure SNMP 5-17 Step 9: How to Configure the Topology-Dependent Parameters 5-19 Step 10: How to Complete and... the Line Ports and Completing the Installation 6-1 Connecting the line ports to the network 6-1 Cabling Diagrams 6-1 Single Link: Inline Topology 6-2 Single Link: Receive-only Topology 6-2 Cisco SCE 2000 4xGBE Installation and Configuration Guide v
Configuration Guide
Page 69
... this a cascade topology, with two SCE 2000 s connected via the cascade ports? In a single- OL-7824-06 Cisco SCE 2000 4xGBE Installation and Configuration Guide 5-5 SNMP Configuration SNMP agent status Enable or disable SNMP management. type of the...the Management Interfaces and Performing Initial System Configuration Initial System Configuration Table 5-1 Setup Command Parameters Parameter Definition Access Control List number How many ACLs will be permitted/denied access for the following: • Any IP access • Telnet access • SNMP GET access •...
... this a cascade topology, with two SCE 2000 s connected via the cascade ports? In a single- OL-7824-06 Cisco SCE 2000 4xGBE Installation and Configuration Guide 5-5 SNMP Configuration SNMP agent status Enable or disable SNMP management. type of the...the Management Interfaces and Performing Initial System Configuration Initial System Configuration Table 5-1 Setup Command Parameters Parameter Definition Access Control List number How many ACLs will be permitted/denied access for the following: • Any IP access • Telnet access • SNMP GET access •...
Configuration Guide
Page 76
...menu? [no]: yEnter RDR-formatter destination's IP address: 10.1.1.230Enter RDR-formatter destination's TCP port number: 33000 Step 7: Configuring Access Control Lists (ACLs) The SCE 2000 can be configured. Type the IP address of the RDR-formatter destination and press Enter. Note that there is a sample DNS ...there is no default for this parameter. The default domain name is pcube.com, and the IP address of the management interfaces. 5-12 Cisco SCE 2000 4xGBE Installation and Configuration Guide OL-7824-06 Would you like to enter the DNS configuration menu? [no]: yEnable IP DNS-based...
...menu? [no]: yEnter RDR-formatter destination's IP address: 10.1.1.230Enter RDR-formatter destination's TCP port number: 33000 Step 7: Configuring Access Control Lists (ACLs) The SCE 2000 can be configured. Type the IP address of the RDR-formatter destination and press Enter. Note that there is a sample DNS ...there is no default for this parameter. The default domain name is pcube.com, and the IP address of the management interfaces. 5-12 Cisco SCE 2000 4xGBE Installation and Configuration Guide OL-7824-06 Would you like to enter the DNS configuration menu? [no]: yEnable IP DNS-based...