Management Guide FXC3110 Management Guide FXC3110 Management Guide FXC3110
Transcript of Management Guide FXC3110 Management Guide FXC3110 Management Guide FXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3526F
Management Guide2011幎 3æ Ver.1.0
FXC3110Management Guide
æ¬ããã¥ã¢ã«ã«ã€ããŠ
æ¬ããã¥ã¢ã«ã§ã¯ãFXC3110ã®åçš®èšå®ããã³ã·ã¹ãã ã®ç£èŠæé ã«ã€ããŠèª¬æããŸããæ¬è£œåã®èšå®ããã³ç£èŠã¯ãRS-232Cã·ãªã¢ã«ããŒããŸãã¯ãã€ãŒãµãããããŒãã«èšå®ãç£èŠçšã®ç«¯æ«æ¥ç¶ããŠãCLI ïŒã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ïŒãŸãã¯Webãã©ãŠã¶ã§è¡ããŸãã
æ¬ããã¥ã¢ã«ã«èšèŒããŠããæ©èœã¯ããã¡ãŒã ãŠã§ã¢ããŒãžã§ã³ 1.1.0.11以éã®è£œåã«å¯Ÿå¿ããŠããŸãã
é¢é£ããã¥ã¢ã«
ã€ã³ã¹ãã¬ãŒã·ã§ã³ã¬ã€ãïŒæ¬è£œåã®ç¹åŸŽã泚æäºé ãä»æ§ã«ã€ããŠèšèŒããŠãããŸãã
FXC3110
3FXC3110
補ååãæ±ãæã®ã泚æ
ãã®åºŠã¯ããè²·ãäžãããã ããŸããŠããããšãããããŸãã補åãå®å šã«ã䜿ãããã ããããå¿ ãæåã«ãèªã¿ãã ããã
äžèšäºé ã¯ãå®å šã®ããã«å¿ ããå®ããã ããã
å®å šã®ããã®æ³šæäºé ãå®ã
泚æäºé ããããèªã¿ãã ããã補åå šè¬ã®æ³šæäºé ãèšèŒãããŠããŸãã
æ éããã䜿ããªã
ããã«è²©å£²åºãŸã§ä¿®çããäŸé Œãã ããã
äžäžç°åžžãèµ·ããã
ç ãåºãã
ç°åžžãªé³ãã«ãããããã
å éšã«æ°Žã»ç°ç©ãå ¥ã£ãã
補åãé«æããèœãšããããç Žæãããšã
â é»æºãåãïŒé»æºã³ãŒããæãïŒâ¡æ¥ç¶ã±ãŒãã«ãæãâ¢è²©å£²åºã«ä¿®çãäŸé Œãã
PL-1 FXC3110
補ååãæ±ãæã®ã泚æ
äžèšã®æ³šæäºé ãå®ããªããšãç«çœã»æé»ãªã©ã«ããæ»äº¡ã倧ããã®åå ãšãªããŸãã
é»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãå·ã€ããªã
é»æºã±ãŒãã«ãå·ã€ãããšç«çœãæé»ã®åå ãšãªããŸãã
éããã®ãã®ããããåŒã£åŒµã£ããããªãã
å å·¥ããããå·ã€ãããããªãã
ç±åšå ·ã®è¿ãã«é ç·ããããå ç±ãããããªãã
é»æºã±ãŒãã«ãæããšãã¯ãå¿ ããã©ã°ãæã£ãŠæãã
å éšã«æ°Žãç°ç©ãå ¥ããªã
ç«çœãæé»ã®åå ãšãªããŸãã
äžäžãæ°Žãç°ç©ãå ¥ã£ããšãã¯ãããã«é»æºãåãïŒé»æºã±ãŒãã«ãæãïŒã販売åºã«ç¹æ€ã»ä¿®çããäŸé Œãã ããã
å éšãããã¿ã«éããªã
æ¬äœåã³ä»å±ã®æ©åšïŒã±ãŒãã«å«ãïŒãããã¿ã«éãããæ¹é ããããããšãç«çœãæé»ã®åå ãšãªããŸãã
èœé·ãçºçãããããããªã
æé»ã®åå ãšãªããŸãããŸããèœé·ã®æãããããšãã¯ãé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãäºåã«æããŠãã ãããæ¬æ©ãç Žå£ãããåå ãšãªããŸãã
æ²¹ç ã湯æ°ã湿æ°ãã»ããã®å€ãå Žæã«ã¯èšçœ®ããªã
æ¬æžã«èšèŒãããŠãã䜿çšæ¡ä»¶ä»¥å€ã®ç°å¢ã§ã®ã䜿çšã¯ãç«çœãæé»ã®åå ãšãªããŸãã
PL-2FXC3110
補ååãæ±ãæã®ã泚æ
äžèšã®æ³šæäºé ãå®ããªããšããããããåšèŸºã®ç©åã«æ害ãäžããåå ãšãªããŸãã
ã¬ããæã§é»æºãã©ã°ãã³ãã¯ã¿ã«è§Šããªã
æé»ã®åå ãšãªããŸãã
æå®ãããé»æºã³ãŒããæ¥ç¶ã±ãŒãã«ã䜿ã
ããã¥ã¢ã«ã«èšèŒãããŠããé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ã䜿ããªããšãç«çœãæé»ã®åå ãšãªããŸãã
æå®ã®é»å§ã§äœ¿ã
ããã¥ã¢ã«ã«èšãããŠããé»å§ã®ç¯å²ã§äœ¿ããªããšãç«çœãæé»ã®åå ãšãªããŸãã
ã³ã³ã»ã³ããé ç·åšå ·ã®å®æ Œãè¶ ãããããªæ¥ç¶ã¯ããªã
çºç±ã«ããç«çœã®åå ãšãªããŸãã
é颚åããµãããªã
é颚åããµããã§ããŸããšãå éšã«ç±ãããããç«çœãæ éã®åå ãšãªããŸãããŸãã颚éããããããããã«æ¬¡ã®äºé ããå®ããã ãããæ¯è¶³ã®é·ããžã¥ãŠã¿ã³ãªã©ã®äžã«çŽæ¥èšçœ®ããªãã
åžãªã©ã§ãããŸãªãã
移åããããšãã¯ãé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãæã
æ¥ç¶ãããŸãŸç§»åããããšãé»æºã±ãŒãã«ãå·ã€ããç«çœãæé»ã®åå ãšãªããŸãã
PL-3 FXC3110
補ååãæ±ãæã®ã泚æ
PL-4FXC3110
ç®æ¬¡
ç®æ¬¡
1. ã€ã³ãããã¯ã·ã§ã³ ............................................................................................1
1.1 äž»ãªç¹é· ..................................................................................................................... 1
1.2 ãœãããŠã§ã¢æ©èœ....................................................................................................... 2
2. æ¬æ©ã®ç®¡ç...........................................................................................................6
2.1 æ¬æ©ãžã®æ¥ç¶ .............................................................................................................. 62.1.1 èšå®æ¹æ³ ........................................................................................................................... 6
2.1.2 æ¥ç¶æé ........................................................................................................................... 7
2.1.3 ãªã¢ãŒãæ¥ç¶ .................................................................................................................... 8
2.2 åºæ¬èšå® ..................................................................................................................... 92.2.1 ã³ã³ãœãŒã«æ¥ç¶ ................................................................................................................ 9
2.2.2 ãã¹ã¯ãŒãã®èšå® ............................................................................................................. 9
2.2.3 IPã¢ãã¬ã¹ã®èšå® .......................................................................................................... 10æåèšå® .................................................................................................................................... 10
åçèšå® .................................................................................................................................... 13
2.2.4 SNMP管çã¢ã¯ã»ã¹ãæå¹ã«ãã ................................................................................. 16ã³ãã¥ããã£åïŒCommunity StringsïŒ...................................................................................... 16
ãã©ããã»ã¬ã·ãŒãïŒTrap ReceiversïŒ.................................................................................... 17
2.3 ã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç.......................................................................................... 182.3.1 èšå®æ å ±ã®ä¿åãŸãã¯åŸ©å ............................................................................................ 18
3. Webã€ã³ã¿ãã§ãŒã¹ .........................................................................................20
3.1 Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶ ................................................................................. 20
3.2 Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³.............................................................................. 213.2.1 ããŒã ããŒãž .................................................................................................................. 21
3.2.2 èšå®ãªãã·ã§ã³ .............................................................................................................. 22
3.2.3 ããã«ã®è¡šç€º .................................................................................................................. 22
3.3 åºæ¬èšå® ................................................................................................................... 233.3.1 ã·ã¹ãã æ å ±ã®è¡šç€º ....................................................................................................... 23
3.3.2 ããŒããŠã§ã¢åã³ãœãããŠã§ã¢ããŒãžã§ã³ã®è¡šç€º ........................................................ 24
3.3.3 Jumbo ãã¬ãŒã ã®æå¹å ............................................................................................... 25
3.3.4 ããªããžæ¡åŒµæ©èœã®è¡šç€º ................................................................................................ 26
3.3.5 ãã¡ãŒã ãŠã§ã¢ã®ç®¡ç.................................................................................................... 28FTP/TFTPãHTTPçµç±ã®ãã¡ã€ã«ã³ã㌠................................................................................ 28
çŸåšã®èšå®ãããŒã«ã«ãã¡ã€ã«ãžä¿å ..................................................................................... 30
èµ·åãã¡ã€ã«ã®èšå® .................................................................................................................. 31
i FXC3110
ç®æ¬¡
ã·ã¹ãã ãã¡ã€ã«ã®è¡šç€º ........................................................................................................... 32
ãªãã¬ãŒã·ã§ã³ã³ãŒãã®èªåã¢ããã°ã¬ãŒã........................................................................... 33
3.3.6 ã·ã¹ãã ã¯ããã¯èšå®.................................................................................................... 36æåèšå® .................................................................................................................................... 36
SNTPèšå® ................................................................................................................................. 37
SNTPã¿ã€ã ãµãŒãã®èšå®........................................................................................................ 38
ã¿ã€ã ãŸãŒã³ã®èšå® .................................................................................................................. 39
3.3.7 ã³ã³ãœãŒã«ããŒãã®èšå® ................................................................................................ 40
3.3.8 Telnetã®èšå® .................................................................................................................. 42
3.3.9 CPU䜿çšçã®è¡šç€º ......................................................................................................... 43
3.3.10 ã¡ã¢ãªäœ¿çšçã®è¡šç€º ....................................................................................................... 44
3.3.11 åèµ·å ............................................................................................................................. 45
3.4 ã€ã³ã¿ãã§ãŒã¹èšå® ................................................................................................. 483.4.1 ããŒãèšå®...................................................................................................................... 48
ããŒããªã¹ãã«ããèšå® ........................................................................................................... 48
ããŒãç¯å²ã«ããèšå®............................................................................................................... 50
æ¥ç¶ç¶æ³ã®è¡šç€º ......................................................................................................................... 51
ããŒããã©ãŒãªã³ã°ã®èšå® ....................................................................................................... 52
ãªã¢ãŒãããŒããã©ãŒãªã³ã°ã®èšå® ......................................................................................... 54
ããŒãã»ãã©ã³ã¯çµ±èšæ å ±è¡šç€º ................................................................................................ 58
ã±ãŒãã«èšºæã®å®è¡ .................................................................................................................. 61
3.4.2 ãã©ã³ã¯ã°ã«ãŒãã®èšå® ................................................................................................ 63éçãã©ã³ã¯ã®èšå® .................................................................................................................. 64
åçãã©ã³ã¯èšå®...................................................................................................................... 66
LACPããŒãã«ãŠã³ã¿ã®è¡šç€º .................................................................................................... 70
ããŒã«ã«åŽã® LACPèšå®åã³ã¹ããŒã¿ã¹ã®è¡šç€º....................................................................... 71
ãªã¢ãŒãåŽã® LACPèšå®åã³ã¹ããŒã¿ã¹ã®è¡šç€º....................................................................... 73
3.4.3 ãã¯ãŒã»ãŒãã³ã° ........................................................................................................... 74
3.4.4 ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³.................................................................................. 76ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã®æå¹å .............................................................................. 76
ã¢ãããªã³ã¯ /ããŠã³ãªã³ã¯ããŒãã®èšå® ............................................................................... 77
3.4.5 VLANãã©ã³ãã³ã°........................................................................................................ 78
3.5 VLAN........................................................................................................................ 803.5.1 IEEE802.1Q VLAN ......................................................................................................... 80
VLANã°ã«ãŒãã®èšå® ............................................................................................................... 83
VLANãžã®éçã¡ã³ããŒã®è¿œå ................................................................................................. 86
åç VLANç»é²ã®èšå® .............................................................................................................. 90
3.5.2 802.1Qãã³ããªã³ã°ã®èšå® .......................................................................................... 93QinQãã³ããªã³ã°ã®æå¹ ......................................................................................................... 97
ã€ã³ã¿ãã§ãŒã¹ã QinQãã³ããªã³ã°ãžè¿œå ........................................................................... 98
3.5.3 ãããã³ã« VLAN ........................................................................................................... 99ãããã³ã« VLANã°ã«ãŒãèšå®................................................................................................ 99
ãããã³ã«ã°ã«ãŒããã€ã³ã¿ãã§ãŒã¹ãžãããã³ã°.............................................................. 101
3.5.4 IPãµãããã VLAN..................................................................................................... 103
iiFXC3110
ç®æ¬¡
3.5.5 MACããŒã¹ VLAN........................................................................................................ 105
3.5.6 VLANãã©ãŒãªã³ã°...................................................................................................... 107
3.6 ã¢ãã¬ã¹ããŒãã«................................................................................................... 1083.6.1 åçã¢ãã¬ã¹ããŒãã«ã®èšå® ....................................................................................... 108
3.6.2 éçã¢ãã¬ã¹ã®èšå® ..................................................................................................... 110
3.6.3 ãšãŒãžã³ã°ã¿ã€ã ã®å€æŽ .............................................................................................. 112
3.6.4 åçã¢ãã¬ã¹ããŒãã«ã®è¡šç€º ....................................................................................... 113
3.6.5 åçã¢ãã¬ã¹ããŒãã«ã®æ¶å» ....................................................................................... 114
3.6.6 MACã¢ãã¬ã¹ãã©ãŒãªã³ã°ã®èšå® .............................................................................. 115
3.7 ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã ............................................................................. 1173.7.1 ã«ãŒãããã¯æ€åº ......................................................................................................... 118
3.7.2 ã°ããŒãã«èšå® ............................................................................................................ 120
3.7.3 ã°ããŒãã«èšå®ã®è¡šç€º.................................................................................................. 124
3.7.4 ã€ã³ã¿ãã§ãŒã¹èšå® ..................................................................................................... 125
3.7.5 ã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º .......................................................................................... 128
3.7.6 MSTPèšå® ................................................................................................................... 130
3.7.7 MSTPã€ã³ã¿ãã§ãŒã¹ã®èšå®....................................................................................... 133
3.8 垯åå¶åŸ¡ ................................................................................................................. 1353.8.1 ã¹ããŒã ã³ã³ãããŒã«.................................................................................................. 136
3.9 Class of ServiceïŒCoSïŒ....................................................................................... 1383.9.1 ã¬ã€ã€ 2ãã¥ãŒèšå® ..................................................................................................... 138
ã€ã³ã¿ãã§ãŒã¹ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå® .......................................................... 138
ãã¥ãŒã¢ãŒãã®éžæ ................................................................................................................ 139
Egressãã¥ãŒãžã® CoSå€ã®ãããã³ã°................................................................................. 141
3.9.2 ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®èšå® ................................................................................ 143
CoSå€ãžã®ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®ãããã³ã° ............................................................. 143
åªå åŠçã DSCPãŸã㯠CoSãžèšå® .................................................................................... 143
ã€ã³ã°ã¬ã¹ DSCPå€ãå éš DSCPå€ãžãããã³ã° ............................................................... 145
CoSãã©ã€ãªãªãã£ãå éš DSCPå€ãžãããã³ã°................................................................ 147
3.10 Quality of Service ................................................................................................. 149
3.10.1 Quality of Serviceã®èšå®.............................................................................................. 149ã¯ã©ã¹ãããã®èšå® ................................................................................................................ 150
QoSããªã·ãŒã®äœæ ............................................................................................................... 153
ããªã·ãŒããããããŒããžé©çš .............................................................................................. 160
3.11 VoIPèšå® ............................................................................................................... 161VoIPãã©ãã£ãã¯ã®èšå®........................................................................................................ 161
ãã¬ãã©ã㌠OUIã®èšå® ........................................................................................................ 163
VoIPãã©ãã£ãã¯ããŒãã®èšå®............................................................................................. 165
3.12 ã»ãã¥ãªã㣠.......................................................................................................... 1673.12.1 AAAèš±å¯ãšã¢ã«ãŠã³ãã£ã³ã° ...................................................................................... 167
iii FXC3110
ç®æ¬¡
ããŒã«ã« /ãªã¢ãŒããã°ãªã³èªèšŒèšå® .................................................................................... 169
ãªã¢ãŒããã°ãªã³èªèšŒãµãŒãã®èšå® ....................................................................................... 170
AAAã¢ã«ãŠã³ãã£ã³ã°ã®èšå® ................................................................................................. 174
AAAèªå¯èšå® .......................................................................................................................... 179
3.12.2 ãŠãŒã¶ã¢ã«ãŠã³ãã®èšå® .............................................................................................. 182
3.12.3 WebèªèšŒ ...................................................................................................................... 184WebèªèšŒã®ã°ããŒãã«èšå® .................................................................................................... 184
WebèªèšŒã®èšå®ïŒããŒãïŒ...................................................................................................... 186
3.12.4 ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMACã¢ãã¬ã¹èªèšŒïŒ.............................................................. 187ãããã¯ãŒã¯ã¢ã¯ã»ã¹ã®ã°ããŒãã«èšå®................................................................................ 189
ããŒãã®ãããã¯ãŒã¯ã¢ã¯ã»ã¹èšå® ....................................................................................... 190
ããŒããªã³ã¯æ€åº.................................................................................................................... 192
MACã¢ãã¬ã¹ãã£ã«ã¿ ........................................................................................................... 193
ã»ãã¥ã¢MACã¢ãã¬ã¹æ å ±ã®è¡šç€º ........................................................................................ 195
3.12.5 HTTPSèšå® .................................................................................................................. 196ãµã€ã蚌ææžã®çœ®ãæã ......................................................................................................... 197
3.12.6 Secure Shellèšå® ......................................................................................................... 199SSHãµãŒãèšå® ...................................................................................................................... 201
ãã¹ãããŒãã¢ã®çæ............................................................................................................. 202
ãŠãŒã¶ãããªãã¯ããŒã®ã€ã³ããŒã ....................................................................................... 204
3.12.7 ACL ïŒAccess Control ListsïŒ........................................................................................ 206ã¿ã€ã ã¬ã³ãžã®èšå® ................................................................................................................ 207
TCAM䜿çšçã®è¡šç€º ................................................................................................................ 209
ACLåããã³ã¿ã€ãã®èšå®..................................................................................................... 210
ã¹ã¿ã³ããŒã IPv4 ACLã®èšå® ............................................................................................... 211
æ¡åŒµ IPv4 ACLã®èšå®.............................................................................................................. 213
MAC ACLã®èšå® ..................................................................................................................... 216
ARP ACLã®èšå®...................................................................................................................... 218
ACLãžã®ããŒãã®ãã€ã³ã..................................................................................................... 220
3.12.8 ARPã€ã³ã¹ãã¯ã·ã§ã³ ................................................................................................ 221ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ã°ããŒãã«èšå®............................................................................... 222
ARPã€ã³ã¹ãã¯ã·ã§ã³ VLANèšå® ......................................................................................... 224
ARPã€ã³ã¹ãã¯ã·ã§ã³ã€ã³ã¿ãã§ãŒã¹èšå® ........................................................................... 226
ARPã€ã³ã¹ãã¯ã·ã§ã³çµ±èšå€ã®è¡šç€º ...................................................................................... 227
ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ã®è¡šç€º.......................................................................................... 228
3.12.9 管çã¢ãã¬ã¹ã®ãã£ã«ã¿ãªã³ã° ................................................................................... 229
3.12.10 ããŒãã»ãã¥ãªãã£ã®èšå® .......................................................................................... 231
3.12.11 802.1xããŒãèªèšŒ ........................................................................................................ 233802.1xã°ããŒãã«èšå®............................................................................................................ 234
802.1XèªèšŒããŒãèšå® ........................................................................................................... 235
802.1XããŒããµããªã«ã³ãèšå®............................................................................................. 238
IEEE802.1xçµ±èšæ å ±ã®è¡šç€º.................................................................................................... 240
3.12.12 IPãœãŒã¹ã¬ãŒã............................................................................................................ 242IPãœãŒã¹ã¬ãŒãããŒãèšå®..................................................................................................... 242
IPãœãŒã¹ã¬ãŒãéçãã€ã³ãã£ã³ã°èšå® ............................................................................... 244
ivFXC3110
ç®æ¬¡
åç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°æ å ±ã®è¡šç€º ................................................................... 246
3.12.13 DHCPã¹ããŒãã³ã° ..................................................................................................... 247DHCPã¹ããŒãã³ã°èšå® ......................................................................................................... 248
DHCPã¹ããŒãã³ã° VLANèšå®.............................................................................................. 250
DHCPã¹ããŒãã³ã°ããŒãèšå® .............................................................................................. 251
DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°æ å ±................................................................................ 252
3.13 åºæ¬ç®¡çãããã³ã« ............................................................................................... 2533.13.1 Event Loggingã®èšå® ................................................................................................... 253
syslogã®èšå®........................................................................................................................... 253
ãªã¢ãŒããã°ã®èšå® ................................................................................................................ 255
SMTPïŒSimple Mail Transfer ProtocolïŒ.................................................................................. 256
3.13.2 LLDP............................................................................................................................. 258
3.13.3 LLDPã¿ã€ã å±æ§ã®èšå® ............................................................................................... 258
3.13.4 LLDPã€ã³ã¿ãã§ãŒã¹ã®èšå®........................................................................................ 261
3.13.5 LLDPããŒã«ã«ããã€ã¹æ å ±ã®è¡šç€º ............................................................................. 263
3.13.6 LLDPãªã¢ãŒãããŒãæ å ±ã®è¡šç€º ................................................................................ 266
3.13.7 ããã€ã¹çµ±èšå€ã®è¡šç€º.................................................................................................. 2713.13.8 SNMP ........................................................................................................................... 273
3.13.9 SNMPã°ããŒãã«èšå® ................................................................................................. 275ããŒã«ã«ãšã³ãžã³ IDã®èšå®.................................................................................................... 276
ãªã¢ãŒããšã³ãžã³ IDã®èšå®.................................................................................................... 277
SNMPv3ãã¥ãŒã®èšå® ............................................................................................................ 279
SNMPv3ã°ã«ãŒãã®èšå® ........................................................................................................ 282
3.13.10 ã³ãã¥ããã£åã®èšå®.................................................................................................. 285
SNMPv3ããŒã«ã«ãŠãŒã¶ãŒã®èšå® .......................................................................................... 286
SNMPv3ãªã¢ãŒããŠãŒã¶ãŒã®èšå® .......................................................................................... 288
ãã©ãããããŒãžã£ã®æå® ..................................................................................................... 290
3.13.11 ãªã¢ãŒãã¢ãã¿ãªã³ã°.................................................................................................. 295RMONã¢ã©ãŒã ã®èšå®............................................................................................................ 295
RMONã€ãã³ãã®èšå®............................................................................................................ 298
RMONå±¥æŽãµã³ãã«ã®èšå® .................................................................................................... 300
RMONçµ±èšãµã³ãã«ã®èšå® .................................................................................................... 303
3.13.12 ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã° .............................................................................................. 306ã¯ã©ã¹ã¿èšå® ........................................................................................................................... 306
ã¯ã©ã¹ã¿ã¡ã³ããŒèšå®............................................................................................................. 308
ã¯ã©ã¹ã¿ã¡ã³ããŒã®ç®¡ç ......................................................................................................... 310
3.14 IPèšå® .................................................................................................................... 3113.14.1 PING............................................................................................................................. 311
3.14.2 IPã¢ãã¬ã¹ã®èšå®ïŒIP Version4ïŒ................................................................................ 312
3.14.3 IPã¢ãã¬ã¹ã®èšå® (IP Version6) .................................................................................. 314IPv6ããã©ã«ãã²ãŒããŠã§ã€ã®èšå® ...................................................................................... 314
IPv6ã€ã³ã¿ãã§ãŒã¹èšå® ........................................................................................................ 315
IPv6ã¢ãã¬ã¹ã®èšå® ............................................................................................................... 318
IPv6ã¢ãã¬ã¹ã®è¡šç€º ............................................................................................................... 321
v FXC3110
ç®æ¬¡
IPv6è¿é£ãã£ãã·ã¥ã®è¡šç€º..................................................................................................... 322
IPv6çµ±èšã®è¡šç€º....................................................................................................................... 323
å¿çåŽãã£ã¹ãã£ããŒã·ã§ã³ã®MTUã衚瀺.......................................................................... 328
3.15 IPãµãŒãã¹ ............................................................................................................. 3293.15.1 DNSïŒDomain Name ServiceïŒ..................................................................................... 330
DNS ãµãŒãã¹ã®äžè¬èšå®........................................................................................................ 330
ãã¡ã€ã³ããŒã ãªã¹ãã®èšå®.................................................................................................. 331
ããŒã ãµãŒããªã¹ãã®èšå® ..................................................................................................... 332
3.15.2 éç DNS ãã¹ãã®ã¢ãã¬ã¹ãšã³ããª.......................................................................... 333
3.15.3 DNS ãã£ãã·ã¥ã®è¡šç€º ................................................................................................ 334
3.16 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã° ............................................................................. 3353.16.1 ã¬ã€ã€ 2ãIGMPïŒSnooping and QueryïŒ..................................................................... 335
IGMP Snooping ãšã¯ãšãªãã©ã¡ãŒã¿ã®èšå® ........................................................................... 336
ãã«ããã£ã¹ãã«ãŒã¿ã®éçã€ã³ã¿ãã§ãŒã¹ãèšå®.............................................................. 339
ãã«ããã£ã¹ããµãŒãã¹ãžã€ã³ã¿ãã§ãŒã¹ãã¢ãµã€ã³ .......................................................... 341
ã€ã³ã¿ãã§ãŒã¹æ¯ã® IGMP Snoopingèšå® .............................................................................. 343
IGMP Snoopingã§çºèŠããããã«ããã£ã¹ãã°ã«ãŒãã衚瀺 .............................................. 347
3.16.2 IGMP ãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã° ...................................................................... 348IGMP ãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°ã®æå¹ ...................................................................... 348
IGMPãã£ã«ã¿ãããã¡ã€ã«ã®èšå®........................................................................................ 349
IGMPãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°ã®èšå®ïŒããŒãïŒ...................................................... 352
3.17 MVRïŒMulticast VLAN RegistrationïŒ.................................................................. 354ã°ããŒãã« MVRèšå®.............................................................................................................. 355
MVRã€ã³ã¿ãã§ãŒã¹ã®èšå® .................................................................................................... 356
éçãã«ããã£ã¹ãã°ã«ãŒããã€ã³ã¿ãã§ãŒã¹ãžè¿œå .......................................................... 358
MVRã¬ã·ãŒãã°ã«ãŒãã®è¡šç€º ................................................................................................ 359
4. ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ ......................................................................360
4.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš .................................................................. 3604.1.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãžã®ã¢ã¯ã»ã¹.............................................................. 360
4.1.2 ã³ã³ãœãŒã«æ¥ç¶ ............................................................................................................ 360
4.1.3 Telnetæ¥ç¶ ................................................................................................................... 361
4.2 ã³ãã³ãå ¥å .......................................................................................................... 3624.2.1 ããŒã¯ãŒããšåŒæ° ......................................................................................................... 362
4.2.2 ã³ãã³ãã®çç¥ ............................................................................................................ 362
4.2.3 ã³ãã³ãäžã§ã®ãã«ãã®è¡šç€º ....................................................................................... 363ã³ãã³ãã®è¡šç€º ....................................................................................................................... 363
4.2.4 ããŒã¯ãŒãã®æ€çŽ¢ ......................................................................................................... 364
4.2.5 ã³ãã³ãã®ãã£ã³ã»ã«.................................................................................................. 364
4.2.6 ã³ãã³ãå ¥åå±¥æŽã®å©çš .............................................................................................. 364
4.2.7 ã³ãã³ãã¢ãŒã ............................................................................................................ 365
viFXC3110
ç®æ¬¡
4.2.8 Execã³ãã³ã .............................................................................................................. 365
4.2.9 Configurationã³ãã³ã ................................................................................................. 366
4.2.10 ã³ãã³ãã©ã€ã³ããã»ã¹ .............................................................................................. 367
4.3 ã³ãã³ãã°ã«ãŒã................................................................................................... 368
4.4 GeneralïŒäžè¬ã³ãã³ãïŒ....................................................................................... 370prompt ..................................................................................................................................... 370
reloadïŒGlobal ConfigurationïŒ................................................................................................ 371enable...................................................................................................................................... 372
quit ........................................................................................................................................... 373
show history............................................................................................................................. 374
configure.................................................................................................................................. 375
disable ..................................................................................................................................... 375
reloadïŒPrivileged ExecïŒ........................................................................................................ 376show reload ............................................................................................................................. 376
end........................................................................................................................................... 377
exit ........................................................................................................................................... 377
4.5 ã·ã¹ãã 管ç .......................................................................................................... 3784.5.1 Device Designationã³ãã³ã ....................................................................................... 379
hostname................................................................................................................................. 379
4.5.2 Banner Information ....................................................................................................... 380
banner configure...................................................................................................................... 381
banner configure company ...................................................................................................... 382
banner configure dc-power-info ............................................................................................... 383
banner configure department .................................................................................................. 384
banner configure equipment-info ............................................................................................. 385
banner configure equipment-location ...................................................................................... 386
banner configure ip-lan ............................................................................................................ 387
banner configure lp-number .................................................................................................... 388
banner configure manager-info ............................................................................................... 389
banner configure mux.............................................................................................................. 390
banner configure note.............................................................................................................. 391
show banner ............................................................................................................................ 392
4.5.3 ã·ã¹ãã æ å ±ã®è¡šç€º ..................................................................................................... 393show process cpu.................................................................................................................... 393
show running-config ................................................................................................................ 394
show startup-config ................................................................................................................. 396
show system............................................................................................................................ 397
show users .............................................................................................................................. 398
show version............................................................................................................................ 399
4.5.4 ãã¬ãŒã ãµã€ãºã³ãã³ã .............................................................................................. 400jumbo frame............................................................................................................................. 400
4.5.5 ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ......................................................................................... 401boot system ............................................................................................................................. 402
copy ......................................................................................................................................... 403
vii FXC3110
ç®æ¬¡
delete....................................................................................................................................... 406
dir............................................................................................................................................. 407
whichboot ................................................................................................................................ 408
upgrade opcode auto............................................................................................................... 409
upgrade opcode path............................................................................................................... 411
4.5.6 Line ïŒã©ã€ã³ã³ãã³ãïŒ............................................................................................... 412Line.......................................................................................................................................... 413
databits .................................................................................................................................... 414
exec-timeout ............................................................................................................................ 415
login ......................................................................................................................................... 416
parity........................................................................................................................................ 417
password ................................................................................................................................. 418
password-thresh ...................................................................................................................... 419
silent-time ................................................................................................................................ 420
speed....................................................................................................................................... 421
stopbits .................................................................................................................................... 422
timeout login response ............................................................................................................ 423
disconnect ............................................................................................................................... 424
show line.................................................................................................................................. 425
4.5.7 Event Loggingã³ãã³ã ............................................................................................... 426logging facility .......................................................................................................................... 426
logging history ......................................................................................................................... 427
logging host ............................................................................................................................. 428
logging on ................................................................................................................................ 429
logging trap.............................................................................................................................. 430
clear log ................................................................................................................................... 431
show log .................................................................................................................................. 432
show logging............................................................................................................................ 433
4.5.8 SMTPã¢ã©ãŒãã³ãã³ã .............................................................................................. 435logging sendmail...................................................................................................................... 435
logging sendmail host.............................................................................................................. 436
logging sendmail level ............................................................................................................. 437
logging sendmail destination-email ......................................................................................... 438
logging sendmail source-email ................................................................................................ 439
show logging sendmail ............................................................................................................ 439
4.5.9 Timeã³ãã³ã .............................................................................................................. 440sntp client ................................................................................................................................ 441
sntp poll ................................................................................................................................... 442
sntp server............................................................................................................................... 443
show sntp ................................................................................................................................ 444
clock timezone......................................................................................................................... 445
calendar set ............................................................................................................................. 446
show calendar ......................................................................................................................... 447
4.5.10 ã¿ã€ã ã¬ã³ãž ................................................................................................................ 448time-range ............................................................................................................................... 448
absolute ................................................................................................................................... 449
viiiFXC3110
ç®æ¬¡
periodic .................................................................................................................................... 450
show time-range ...................................................................................................................... 451
4.5.11 ã¹ã€ããã¯ã©ã¹ã¿ ......................................................................................................... 452cluster ...................................................................................................................................... 453
cluster commander .................................................................................................................. 454
cluster ip-pool .......................................................................................................................... 455
cluster member........................................................................................................................ 456
rcommand................................................................................................................................ 457
show cluster............................................................................................................................. 457
show cluster members............................................................................................................. 458
show cluster candidates .......................................................................................................... 458
4.6 SNMP..................................................................................................................... 459snmp-server............................................................................................................................. 460
snmp-server community .......................................................................................................... 461
snmp-server contact ................................................................................................................ 462
snmp-server location ............................................................................................................... 462
show snmp .............................................................................................................................. 463
snmp-server enable traps........................................................................................................ 464
snmp-server host ..................................................................................................................... 465
snmp-server engine-id............................................................................................................. 467
snmp-server group .................................................................................................................. 468
snmp-server user..................................................................................................................... 469
snmp-server view .................................................................................................................... 470
show snmp engine-id............................................................................................................... 471
show snmp group .................................................................................................................... 472
show snmp user ...................................................................................................................... 474
show snmp view ...................................................................................................................... 475
nlm........................................................................................................................................... 476
snmp-server notify-filter ........................................................................................................... 477
show nlm oper-status .............................................................................................................. 477
show snmp notify-filter ............................................................................................................. 478
4.7 ãªã¢ãŒãã¢ãã¿ãªã³ã° ........................................................................................... 479rmon alarm .............................................................................................................................. 480
rmon event............................................................................................................................... 481
rmon collection history............................................................................................................. 482
rmon collection rmon1 ............................................................................................................. 483
show rmon alarms ................................................................................................................... 484
show rmon events ................................................................................................................... 484
show rmon history ................................................................................................................... 485
show rmon statistics ................................................................................................................ 485
4.8 èªèšŒã³ãã³ã .......................................................................................................... 4864.8.1 ãŠãŒã¶ãŒã¢ã«ãŠã³ã ..................................................................................................... 486
enable password ..................................................................................................................... 487
username................................................................................................................................. 488
ix FXC3110
ç®æ¬¡
4.8.2 èªèšŒã·ãŒã±ã³ã¹ ............................................................................................................ 489authentication enable .............................................................................................................. 489
Authentication login ................................................................................................................. 490
4.8.3 Radiusã¯ã©ã€ã¢ã³ãã³ãã³ã ..................................................................................... 491radius-server acct-port............................................................................................................. 491
radius-server auth-port ............................................................................................................ 492
radius-server host .................................................................................................................... 493
radius-server key ..................................................................................................................... 494
radius-server retransmit........................................................................................................... 494
radius-server timeout............................................................................................................... 495
show radius-server .................................................................................................................. 495
4.8.4 TACACS+ã¯ã©ã€ã¢ã³ãã³ãã³ã ................................................................................ 497tacacs-server ........................................................................................................................... 497
tacacs-server host ................................................................................................................... 498
tacacs-server key .................................................................................................................... 498
tacacs-server port .................................................................................................................... 499
show tacacs-server.................................................................................................................. 499
4.8.5 AAAïŒèªèšŒã»èš±å¯ã»ã¢ã«ãŠã³ãã£ã³ã°ïŒã³ãã³ã ...................................................... 500aaa accounting dot1x .............................................................................................................. 501
aaa accounting exec................................................................................................................ 502
aaa accounting update ............................................................................................................ 503
aaa authorization exec ............................................................................................................ 503
aaa group server ..................................................................................................................... 504
server....................................................................................................................................... 504
accounting dot1x ..................................................................................................................... 505
accounting exec....................................................................................................................... 506
authorization exec ................................................................................................................... 507
show accounting...................................................................................................................... 508
4.8.6 Web ãµãŒããŒã³ãã³ã ................................................................................................ 509ip http port................................................................................................................................ 509
ip http server............................................................................................................................ 510
ip http secure-server................................................................................................................ 511
ip http secure-port.................................................................................................................... 512
4.8.7 Telnet ãµãŒããŒã³ãã³ã.............................................................................................. 513ip telnet max-sessions ............................................................................................................. 513
ip telnet port............................................................................................................................. 514
ip telnet server ......................................................................................................................... 514
show ip telnet........................................................................................................................... 515
4.8.8 Secure Shellã³ãã³ã .................................................................................................. 516ip ssh authentication-retries..................................................................................................... 518
ip ssh server ............................................................................................................................ 519
ip ssh server-key size .............................................................................................................. 520
ip ssh timeout .......................................................................................................................... 521
delete public-key...................................................................................................................... 522
ip ssh crypto host-key generate............................................................................................... 523
ip ssh crypto zeroize................................................................................................................ 524
xFXC3110
ç®æ¬¡
ip ssh save host-key ................................................................................................................ 524
show ip ssh.............................................................................................................................. 525
show public-key ....................................................................................................................... 526
show ssh.................................................................................................................................. 527
4.8.9 802.1x ããŒãèªèšŒã³ãã³ã ......................................................................................... 528dot1x default ............................................................................................................................ 529
dot1x eapol-pass-through........................................................................................................ 529
dot1x system-auth-control ....................................................................................................... 530
dot1x intrusion-action .............................................................................................................. 530
dot1x max-req.......................................................................................................................... 531
dot1x operation-mode.............................................................................................................. 532
dot1x port-control..................................................................................................................... 533
dot1x re-authentication ............................................................................................................ 534
dot1x timeout quiet-period ....................................................................................................... 534
dot1x timeout re-authperiod..................................................................................................... 535
dot1x timeout supp-timeout ..................................................................................................... 536
dot1x timeout tx-period ............................................................................................................ 537
dot1x re-authenticate............................................................................................................... 537
dot1x identity profile................................................................................................................. 538
dot1x max-start........................................................................................................................ 539
dot1x pae supplicant................................................................................................................ 540
dot1x timeout auth-period ........................................................................................................ 541
dot1x timeout held-period ........................................................................................................ 542
dot1x timeout start-period ........................................................................................................ 542
show dot1x .............................................................................................................................. 543
4.8.10 管ç IPãã£ã«ã¿ãŒã³ãã³ã......................................................................................... 546management............................................................................................................................ 546
show management .................................................................................................................. 547
4.9 ã»ãã¥ãªã㣠.......................................................................................................... 5484.9.1 ããŒãã»ãã¥ãªãã£ã³ãã³ã ....................................................................................... 548
port security ............................................................................................................................. 549
4.9.2 ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMACã¢ãã¬ã¹èªèšŒïŒ.............................................................. 550network-access aging.............................................................................................................. 551
network-access mac-filter ........................................................................................................ 552
mac-authentication reauth-time ............................................................................................... 553
network-access dynamic-qos .................................................................................................. 554
network-access dynamic-vlan ................................................................................................. 555
network-access guest-vlan ...................................................................................................... 556
network-access link-detection ................................................................................................. 557
network-access link-detection link-down ................................................................................. 557
network-access link-detection link-up ...................................................................................... 558
network-access link-detection link-up-down ............................................................................ 559
network-access max-mac-count .............................................................................................. 560
network-access mode mac-authentication .............................................................................. 561
network-access port-mac-filter ................................................................................................ 562
xi FXC3110
ç®æ¬¡
mac-authentication intrusion-action ......................................................................................... 562
mac-authentication max-mac-count ........................................................................................ 563
show network-access .............................................................................................................. 564
show network-access mac-address-table ............................................................................... 565
show network-access mac-filter .............................................................................................. 566
4.9.3 WebèªèšŒ ...................................................................................................................... 567web-auth login-attempts .......................................................................................................... 568
web-auth quiet-period .............................................................................................................. 569
web-auth session-timeout........................................................................................................ 569
web-auth system-auth-control ................................................................................................. 570
web-auth.................................................................................................................................. 570
web-auth re-authenticate ïŒPortïŒ............................................................................................ 571
web-auth re-authenticate ïŒIPïŒ............................................................................................... 571show web-auth ........................................................................................................................ 572
show web-auth interface.......................................................................................................... 573
show web-auth summary......................................................................................................... 574
4.9.4 DHCPã¹ããŒãã³ã° ..................................................................................................... 575ip dhcp snooping ..................................................................................................................... 576
ip dhcp snooping database flash ............................................................................................. 577
ip dhcp snooping information option ........................................................................................ 578
ip dhcp snooping information policy ........................................................................................ 579
ip dhcp snooping verify mac-address ...................................................................................... 580
ip dhcp snooping vlan.............................................................................................................. 581
ip dhcp snooping trust ............................................................................................................. 582
clear ip dhcp snooping database flash .................................................................................... 583
show ip dhcp snooping ............................................................................................................ 583
show ip dhcp snooping binding ............................................................................................... 584
4.9.5 IPãœãŒã¹ã¬ãŒã............................................................................................................ 585ip source-guard binding ........................................................................................................... 585
ip source-guard........................................................................................................................ 587
show ip source-guard .............................................................................................................. 588
show ip source-guard binding.................................................................................................. 589
4.9.6 ARPã€ã³ã¹ãã¯ã·ã§ã³ ................................................................................................ 590ip arp inspection ...................................................................................................................... 591
ip arp inspection filter............................................................................................................... 592
ip arp inspection log-buffer logs............................................................................................... 593
ip arp inspection validate ......................................................................................................... 594
ip arp inspection vlan............................................................................................................... 595
ip arp inspection limit ............................................................................................................... 596
ip arp inspection trust .............................................................................................................. 597
show ip arp inspection configuration ....................................................................................... 597
show ip arp inspection interface .............................................................................................. 598
show ip arp inspection log ....................................................................................................... 598
show ip arp inspection statistics .............................................................................................. 599
show ip arp inspection vlan ..................................................................................................... 599
xiiFXC3110
ç®æ¬¡
4.10 ACLïŒAccess Control ListsïŒ............................................................................... 6004.10.1 IPv4 ACL ...................................................................................................................... 600
access-list ip ............................................................................................................................ 601
permit,denyïŒStandard IP ACLïŒ............................................................................................. 602
permit,denyïŒExtended IPv4 ACLïŒ........................................................................................ 603ip access-group ....................................................................................................................... 605
show ip access-group.............................................................................................................. 606
show ip access-list................................................................................................................... 606
4.10.2 MAC ACL...................................................................................................................... 607
access-list mac ........................................................................................................................ 607
permit,denyïŒMAC ACLïŒ........................................................................................................ 608mac access-group ................................................................................................................... 610
show mac access-group.......................................................................................................... 610
show mac access-list............................................................................................................... 611
4.10.3 ARP ACL ...................................................................................................................... 612
access-list arp.......................................................................................................................... 612
permit,denyïŒARP ACLïŒ......................................................................................................... 613
4.10.4 ACLæ å ±ã®è¡šç€º............................................................................................................ 614show access-group.................................................................................................................. 614
show access-list ...................................................................................................................... 614
4.11 ã€ã³ã¿ãã§ãŒã¹ ...................................................................................................... 615interface................................................................................................................................... 616
alias ......................................................................................................................................... 617
capabilities............................................................................................................................... 618
description ............................................................................................................................... 619
flow control .............................................................................................................................. 620
media-type............................................................................................................................... 621
negotiation ............................................................................................................................... 622
shutdown ................................................................................................................................. 623
speed-duplex ........................................................................................................................... 624
switchport packet-rate ............................................................................................................. 625
clear counters .......................................................................................................................... 626
show interfaces counters......................................................................................................... 627
show interfaces status ............................................................................................................. 629
show interfaces switchport ...................................................................................................... 630
test cable-diagnostics .............................................................................................................. 632
show cable-diagnostics ........................................................................................................... 633
power-save .............................................................................................................................. 634
show power-save..................................................................................................................... 635
4.12 ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³........................................................................................ 636channel-group.......................................................................................................................... 637
lacp .......................................................................................................................................... 638
lacp admin-keyïŒEthernet InterfaceïŒ...................................................................................... 640lacp port-priority....................................................................................................................... 641
lacp system-priority.................................................................................................................. 642
lacp admin-keyïŒPort ChannelïŒ.............................................................................................. 643
xiii FXC3110
ç®æ¬¡
show lacp................................................................................................................................. 644
4.13 ããŒããã©ãŒãªã³ã° ............................................................................................... 6474.13.1 ããŒã«ã«ããŒããã©ãŒãªã³ã° ....................................................................................... 647
port monitor ............................................................................................................................. 648
show port monitor .................................................................................................................... 649
4.13.2 RSPANãã©ãŒãªã³ã°................................................................................................... 650rspan source............................................................................................................................ 652
rspan destination ..................................................................................................................... 653
rspan remote vlan.................................................................................................................... 654
no rspan session ..................................................................................................................... 655
show rspan .............................................................................................................................. 656
4.14 垯åå¶åŸ¡ ................................................................................................................. 657rate-limit ................................................................................................................................... 657
4.15 èªåãã©ãã£ãã¯å¶åŸ¡ ........................................................................................... 658auto-traffic-control apply-timer................................................................................................. 661
auto-traffic-control release-timer.............................................................................................. 662
auto-traffic-control.................................................................................................................... 663
auto-traffic-control action ......................................................................................................... 664
auto-traffic-control alarm-clear-threshold................................................................................. 665
auto-traffic-control alarm-fire-threshold ................................................................................... 666
auto-traffic-control control-release........................................................................................... 667
auto-traffic-control auto-control-release................................................................................... 667
snmp-server enable port-traps atc broadcast-alarm-clear....................................................... 668
snmp-server enable port-traps atc broadcast-alarm-fire ......................................................... 669
snmp-server enable port-traps atc broadcast-control-apply .................................................... 670
snmp-server enable port-traps atc broadcast-control-release................................................. 671
snmp-server enable port-traps atc multicast-alarm-clear ........................................................ 672
snmp-server enable port-traps atc multicast-alarm-fire ........................................................... 673
snmp-server enable port-traps atc multicast-control-apply...................................................... 674
snmp-server enable port-traps atc multicast-control-release .................................................. 675
show auto-traffic-control .......................................................................................................... 676
show auto-traffic-control interface ........................................................................................... 676
4.16 ã¢ãã¬ã¹ããŒãã«................................................................................................... 677mac-address-table aging-time ................................................................................................. 677
mac-address-table static ......................................................................................................... 678
clear mac-address-table dynamic............................................................................................ 679
show mac-address-table ......................................................................................................... 680
show mac-address-table aging-time........................................................................................ 681
4.17 ã¹ããã³ã°ããªãŒ................................................................................................... 682spanning-tree........................................................................................................................... 684
spanning-tree forward-time...................................................................................................... 685
spanning-tree hello-time .......................................................................................................... 686
spanning-tree max-age............................................................................................................ 687
xivFXC3110
ç®æ¬¡
spanning-tree mode................................................................................................................. 688
spanning-tree pathcost method ............................................................................................... 689
spanning-tree priority............................................................................................................... 690
spanning-tree mst configuration .............................................................................................. 690
spanning-tree transmission-limit .............................................................................................. 691
max-hops................................................................................................................................. 692
mst priority ............................................................................................................................... 693
mst vlan ................................................................................................................................... 694
name........................................................................................................................................ 695
revision .................................................................................................................................... 696
spanning-tree bpdu-filter.......................................................................................................... 697
spanning-tree bpdu-guard ....................................................................................................... 698
spanning-tree cost ................................................................................................................... 699
spanning-tree edge-port .......................................................................................................... 700
spanning-tree link-type ............................................................................................................ 701
spanning-tree loopback-detection ........................................................................................... 702
spanning-tree loopback-detection release-mode .................................................................... 703
spanning-tree loopback-detection trap .................................................................................... 704
spanning-tree mst cost ............................................................................................................ 705
spanning-tree mst port-priority................................................................................................. 706
spanning-tree port-priority ....................................................................................................... 707
spanning-tree root-guard ........................................................................................................ 708
spanning-tree spanning-disabled ............................................................................................ 709
spanning-tree loopback-detection release............................................................................... 710
spanning-tree protocol-migration............................................................................................. 711
show spanning-tree ................................................................................................................. 712
show spanning-tree mst configuration..................................................................................... 714
4.18 VLAN...................................................................................................................... 715
4.18.1 GVRPã®èšå®................................................................................................................ 715bridge-ext gvrp......................................................................................................................... 716
garp timer ................................................................................................................................ 717
switchport forbidden vlan......................................................................................................... 718
switchport gvrp ........................................................................................................................ 719
show bridge-ext ....................................................................................................................... 719
show garp timer ....................................................................................................................... 720
show gvrp configuration........................................................................................................... 721
4.18.2 VLANã°ã«ãŒãã®èšå® .................................................................................................. 722vlan database .......................................................................................................................... 722
vlan .......................................................................................................................................... 723
4.18.3 VLANã€ã³ã¿ãã§ãŒã¹ã®èšå® ....................................................................................... 724interface vlan ........................................................................................................................... 724
switchport acceptable-frame-types.......................................................................................... 725
switchport allowed vlan............................................................................................................ 726
switchport ingress-filtering ....................................................................................................... 727
switchport mode ...................................................................................................................... 728
switchport native vlan .............................................................................................................. 729
xv FXC3110
ç®æ¬¡
vlan-trunking ............................................................................................................................ 730
4.18.4 VLANæ å ±ã®è¡šç€º ......................................................................................................... 732show vlan................................................................................................................................. 732
4.18.5 IEEE802.1Qãã³ããªã³ã°ã®èšå® ................................................................................ 733dot1q-tunnel system-tunnel-control ......................................................................................... 734
switchport dot1q-tunnel mode ................................................................................................. 735
switchport dot1q-tunnel tpid..................................................................................................... 736
show dot1q-tunnel ................................................................................................................... 737
4.18.6 ããŒãããŒã¹ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ .......................................................... 738traffic-segmentation ................................................................................................................. 739
show traffic-segmentation........................................................................................................ 740
4.18.7 ãããã³ã« VLANã®èšå®.............................................................................................. 741protocol-vlan protocol-group (Configuring Groups) ................................................................. 742
protocol-vlan protocol-group (Configuring Interface) ............................................................... 743
show protocol-vlan protocol-group .......................................................................................... 744
show interfaces protocol-vlan protocol-group.......................................................................... 744
4.18.8 IPãµãããã VLAN..................................................................................................... 745subnet-vlan .............................................................................................................................. 746
show subnet-vlan..................................................................................................................... 747
4.18.9 MACããŒã¹ VLAN........................................................................................................ 748mac-vlan .................................................................................................................................. 749
show mac-vlan......................................................................................................................... 750
4.18.10 Voice VLAN .................................................................................................................. 751voice vlan................................................................................................................................. 752
voice vlan aging....................................................................................................................... 752
voice vlan mac-address........................................................................................................... 753
switchport voice vlan ............................................................................................................... 754
switchport voice vlan priority.................................................................................................... 754
switchport voice vlan rule ........................................................................................................ 755
switchport voice vlan security .................................................................................................. 756
show voice vlan ....................................................................................................................... 757
4.19 Class Of Service ................................................................................................... 758
4.19.1 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 2ïŒ............................................................................. 758queue mode............................................................................................................................. 759
queue weight ........................................................................................................................... 760
switchport priority default ......................................................................................................... 761
show queue mode ................................................................................................................... 762
show queue weight.................................................................................................................. 762
4.19.2 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 3 and 4ïŒ................................................................... 763qos map cos-dscp ................................................................................................................... 764
qos map dscp-mutation ........................................................................................................... 766
qos map phb-queue................................................................................................................. 767
qos map trust-mode................................................................................................................. 768
show qos map dscp-mutation .................................................................................................. 769
show qos map phb-queue ....................................................................................................... 770
xviFXC3110
ç®æ¬¡
show qos map cos-dscp .......................................................................................................... 771
show qos map trust-mode ....................................................................................................... 772
4.20 Quality of Service ................................................................................................. 773class-map ................................................................................................................................ 775
description ............................................................................................................................... 776
match....................................................................................................................................... 777
rename .................................................................................................................................... 778
policy-map ............................................................................................................................... 779
class ........................................................................................................................................ 780
police flow................................................................................................................................ 781
police srtcm-color .................................................................................................................... 782
police trtcm-color ..................................................................................................................... 784
set cos ..................................................................................................................................... 786
set phb..................................................................................................................................... 787
service-policy........................................................................................................................... 788
show class-map....................................................................................................................... 789
show policy-map...................................................................................................................... 790
show policy-map interface ....................................................................................................... 791
4.21 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã° ............................................................................. 7924.21.1 IGMP Snooping ã³ãã³ã ............................................................................................. 792
ip igmp snooping ..................................................................................................................... 794
ip igmp snooping proxy-reporting ............................................................................................ 795
ip igmp snooping querier ......................................................................................................... 796
ip igmp snooping router-alert-option-check ............................................................................. 797
ip igmp snooping router-port- expire-time................................................................................ 798
ip igmp snooping tcn-flood....................................................................................................... 799
ip igmp snooping tcn-query-solicit ........................................................................................... 800
ip igmp snooping unregistered-data-flood ............................................................................... 801
ip igmp snooping unsolicited-report-interval ............................................................................ 802
ip igmp snooping version......................................................................................................... 803
ip igmp snooping version-exclusive......................................................................................... 804
ip igmp snooping vlan general-query-suppression .................................................................. 805
ip igmp snooping vlan immediate-leave .................................................................................. 806
ip igmp snooping vlan last-memb-query-count........................................................................ 807
ip igmp snooping vlan last-memb-query-intvl .......................................................................... 808
ip igmp snooping vlan mrd....................................................................................................... 809
ip igmp snooping vlan proxy-address ...................................................................................... 810
ip igmp snooping vlan proxy-query-interval ............................................................................. 811
ip igmp snooping vlan proxy-query-resp-intvl .......................................................................... 812
ip igmp snooping vlan static .................................................................................................... 813
show ip igmp snooping ............................................................................................................ 814
show ip igmp snooping group.................................................................................................. 815
4.21.2 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã³ãã³ã ................................................................. 816ip igmp snooping vlan mrouter ................................................................................................ 816
show ip igmp snooping mrouter............................................................................................... 817
4.21.3 IGMP Filtering/Throttlingã³ãã³ã ............................................................................... 818
xvii FXC3110
ç®æ¬¡
ip igmp filter (Global Configuration) ......................................................................................... 819
ip igmp profile .......................................................................................................................... 820
permit, deny............................................................................................................................. 821
range ....................................................................................................................................... 822
ip igmp filter (Interface Configuration) ..................................................................................... 823
ip igmp max-groups ................................................................................................................. 824
ip igmp max-groups action ...................................................................................................... 825
show ip igmp filter .................................................................................................................... 826
show ip igmp profile................................................................................................................. 827
show ip igmp throttle interface................................................................................................. 828
4.21.4 MVRã®èšå® .................................................................................................................. 829mvr........................................................................................................................................... 830
mvr immediate-leave ............................................................................................................... 831
mvr type................................................................................................................................... 832
mvr vlan group......................................................................................................................... 833
show mvr ................................................................................................................................. 834
4.22 LLDPã³ãã³ã....................................................................................................... 836lldp ........................................................................................................................................... 837
lldp holdtime-multiplier ............................................................................................................. 838
lldp notification-interval ............................................................................................................ 839
lldp refresh-interval .................................................................................................................. 839
lldp reinit-delay ........................................................................................................................ 840
lldp tx-delay ............................................................................................................................. 840
lldp admin-status ..................................................................................................................... 841
lldp basic-tlv management-ip-address ..................................................................................... 841
lldp basic-tlv port-description ................................................................................................... 842
lldp basic-tlv system-capabilities ............................................................................................. 842
lldp basic-tlv system-description .............................................................................................. 843
lldp basic-tlv system-name ...................................................................................................... 844
lldp dot1-tlv proto-ident ............................................................................................................ 844
lldp dot1-tlv proto-vid ............................................................................................................... 845
lldp dot1-tlv pvid....................................................................................................................... 845
lldp dot1-tlv vlan-name ............................................................................................................ 846
lldp dot3-tlv link-agg................................................................................................................. 846
lldp dot3-tlv mac-phy ............................................................................................................... 847
lldp dot3-tlv max-frame ............................................................................................................ 847
lldp notification......................................................................................................................... 848
show lldp config ....................................................................................................................... 849
show lldp info local-device....................................................................................................... 850
show lldp info remote-device ................................................................................................... 851
show lldp info statistics ............................................................................................................ 852
4.23 DNSïŒDomain Name Server) ............................................................................... 853ip domain-list ........................................................................................................................... 854
ip domain-lookup ..................................................................................................................... 855
ip domain-name....................................................................................................................... 856
xviiiFXC3110
ç®æ¬¡
ip host ...................................................................................................................................... 857
ip name-server......................................................................................................................... 858
ipv6 host .................................................................................................................................. 859
clear dns cache ....................................................................................................................... 859
clear host ................................................................................................................................. 860
show dns ................................................................................................................................. 860
show dns cache....................................................................................................................... 861
show hosts............................................................................................................................... 862
4.24 DHCP ..................................................................................................................... 863
4.24.1 DHCPã¯ã©ã€ã¢ã³ã ..................................................................................................... 863ip dhcp client class-id .............................................................................................................. 864
ip dhcp restart client ................................................................................................................ 865
ipv6 dhcp restart client vlan ..................................................................................................... 866
show ipv6 dhcp duid ................................................................................................................ 867
show ipv6 dhcp vlan ................................................................................................................ 867
4.25 IP ã€ã³ã¿ãã§ãŒã¹ .................................................................................................. 8684.25.1 IPv4ã€ã³ã¿ãã§ãŒã¹èšå® ............................................................................................. 868
ip address ................................................................................................................................ 869
ip default-gateway ................................................................................................................... 870
show ip default-gateway .......................................................................................................... 870
show ip interface...................................................................................................................... 871
traceroute ................................................................................................................................ 872
ping.......................................................................................................................................... 873
4.25.2 ARPèšå® ...................................................................................................................... 874arp timeout............................................................................................................................... 874
clear arp-cache........................................................................................................................ 875
show arp .................................................................................................................................. 875
4.25.3 IPv6ã€ã³ã¿ãã§ãŒã¹èšå® ............................................................................................. 876ipv6 default-gateway................................................................................................................ 877
ipv6 address ............................................................................................................................ 878
ipv6 address autoconfig........................................................................................................... 880
ipv6 address eui-64 ................................................................................................................. 881
ipv6 address link-local ............................................................................................................. 883
ipv6 enable .............................................................................................................................. 884
ipv6 mtu ................................................................................................................................... 885
show ipv6 default-gateway ...................................................................................................... 886
show ipv6 interface.................................................................................................................. 887
show ipv6 mtu.......................................................................................................................... 889
show ipv6 traffic....................................................................................................................... 890
clear ipv6 traffic ....................................................................................................................... 895
ping6........................................................................................................................................ 896
ipv6 nd dad attempts ............................................................................................................... 897
ipv6 nd ns-interval ................................................................................................................... 899
ipv6 nd reachable-time ............................................................................................................ 900
clear ipv6 neighbors ................................................................................................................ 900
show ipv6 neighbors................................................................................................................ 901
xix FXC3110
ã€ã³ãããã¯ã·ã§ã³äž»ãªç¹é·
1.1 äž»ãªç¹é·
æ¬æ©ã¯ã¬ã€ã€ 2ã¹ã€ãããšããŠè±å¯ãªæ©èœãæèŒããŠããŸãã
æ¬æ©ã¯ç®¡çãšãŒãžã§ã³ããæèŒããåçš®èšå®ãè¡ãããšãã§ããŸãããããã¯ãŒã¯ç°å¢ã«å¿ããé©åãªèšå®ãè¡ãããšããåçš®æ©èœãæå¹ã«èšå®ããããšã§ãæ©èœãæ倧éã«æŽ»çšã§ããŸãã
1. ã€ã³ ã ããã¯ã· 㧠ã³
æ©èœ 解説
Configuration Backup and Restore
管çã¹ããŒã·ã§ã³ãŸã㯠FTP/TFTPãµãŒãã䜿çš
Authentication Console, Telnet, web ïŒãŠãŒã¶å /ãã¹ã¯ãŒã , RADIUS,TACACS+Web ïŒ HTTPSãTelnet ïŒ SSHãSNMPv1/2c ïŒã³ãã¥ããã£åSNMPv3 ïŒ MD5 ãSHAãã¹ã¯ãŒãPort ïŒ IEEE802.1xèªèšŒãMACã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°
General SecurityMeasures
ãã©ã€ããŒã VLANãããŒãèªèšŒãããŒãã»ãã¥ãªãã£ãDHCPã¹ããŒãã³ã°ãIPãœãŒã¹ã¬ãŒã
Access Control Lists æ倧 512ã«ãŒã«ã64ACLããµããŒãïŒ1ã€ã® ACLã«æ倧 32ã«ãŒã«ïŒ
DHCP ã¯ã©ã€ã¢ã³ã
DNS ã¯ã©ã€ã¢ã³ãããã³ ProxyãµãŒãã¹
Port Configuration ã¹ããŒããéä¿¡æ¹åŒããããŒã³ã³ãããŒã«
Port Trunking Staticåã³ LACPã«ããæ倧 8ãã©ã³ã¯
Port Mirroring 1ã€ã®åæããŒãã«å¯Ÿããã1ã€ãŸãã¯è€æ°ããŒãã®ãã©ãŒãªã³ã°ïŒ10ã»ãã·ã§ã³ïŒ
Congestion Control ããŒãããšã®å ¥åã»åºå垯åå¶åŸ¡ãããŒããã£ã¹ãããã«ããã£ã¹ããæªç¥ã®ãŠããã£ã¹ãã¹ããŒã ã®èª¿ç¯
Address Table æ倧ç»é²å¯èœ MACã¢ãã¬ã¹æ°ïŒ8kã1Kéç MACã¢ãã¬ã¹ã255 L2ãã«ããã£ã¹ãã°ã«ãŒã
IP Version 4 and 6 IPv4ããã³ IPv6ã¢ãã¬ã¹ããã³ç®¡çããµããŒã
IEEE802.1D Bridge åçã¹ã€ããã³ã°åã³ MACã¢ãã¬ã¹åŠç¿
Store-and-ForwardSwitching
ã¯ã€ã€ã¹ããŒãã¹ã€ããã³ã°
Spanning Tree Algorithm
STPãRapid STPïŒRSTPïŒãMultiple STP (MSTP)
Virtual LANs IEEE802.1Qã¿ã°ä» VLAN/ããŒãããŒã¹ VLAN/ãããã³ã« VLAN/ãã©ã€ããŒã VLANãvoiceVLANãQinQãã³ãã«ããµããŒãïŒæ倧256ã°ã«ãŒãïŒ
TrafficPrioritization
ããŒããã©ã€ãªãªãã£ããã©ãã£ãã¯ã¯ã©ã¹ãããã³ã°ããã¥ãŒã¹ã±ãžã¥ãŒãªã³ã°ãIP PrecedenceãDSCPããµããŒã
Quality of Service DiffServãµããŒã
Link Layer Discovery Protocol
é£æ¥ããããã€ã¹ã®åºæ¬æ å ±ãçºèŠããããã«äœ¿çš
Multicast Filtering IGMP SnoopingãQueryãMVR
1FXC3110
ã€ã³ãããã¯ã·ã§ã³ãœãããŠã§ã¢æ©èœ
1.2 ãœãããŠã§ã¢æ©èœ
æ¬æ©ã¯ã¬ã€ã€ 2ã€ãŒãµãããã¹ã€ãããšããŠå€ãã®æ©èœãæããããã«ããå¹æçãªãããã¯ãŒã¯ã®éçšãå®çŸããŸãã
ããã§ã¯ãæ¬æ©ã®äž»èŠæ©èœã玹ä»ããŸãã
èšå®ã®ããã¯ã¢ããåã³åŸ©å
TFTPãµãŒããå©çšããŠçŸåšã®èšå®æ å ±ãä¿åããããšãã§ããŸãããŸããä¿åããèšå®æ å ±ãæ¬æ©ã«åŸ©å ããããšãå¯èœã§ãã
èªèšŒ /Authentication
æ¬æ©ã¯ã³ã³ãœãŒã«ãTelnetãWebãã©ãŠã¶çµç±ã®ç®¡çã¢ã¯ã»ã¹ã«å¯Ÿããæ¬æ©å åã¯ãªã¢ãŒãèªèšŒãµãŒã (RADIUS/TACACS+)ã«ãããŠãŒã¶åãšãã¹ã¯ãŒãããŒã¹ã§ã®èªèšŒãè¡ããŸãããŸããWebãã©ãŠã¶çµç±ã§ã¯ HTTPSããTelnetçµç±ã§ã¯ SSHãå©çšããèªèšŒãªãã·ã§ã³ãæäŸããŠããŸããSNMPãTelnetãWebãã©ãŠã¶ã§ã®ç®¡çã¢ã¯ã»ã¹ã«å¯ŸããŠã¯ IPã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°æ©èœãæããŠããŸãã
åããŒãã«å¯ŸããŠã¯ IEEE802.1xæºæ ã®ããŒãããŒã¹èªèšŒããµããŒãããŠããŸããæ¬æ©èœã§ã¯ãEAPOL(Extensible Authentication Protocol over LANs)ãå©çšããIEEE802.1xã¯ã©ã€ã¢ã³ãã«å¯ŸããŠãŠãŒã¶åãšãã¹ã¯ãŒããèŠæ±ããŸãããã®åŸãèªèšŒãµãŒãã«ãããŠã¯ã©ã€ã¢ã³ãã®ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹æš©ã確èªããŸãã
ãã®ä»ã«ãHTTPSã«ããã»ãã¥ã¢ãªãããŒãžã¡ã³ãã¢ã¯ã»ã¹ããTelnetã¢ã¯ã»ã¹ãå®å šã«è¡ã SSHããµããŒãããŠããŸãããŸããåããŒããžã®ã¢ã¯ã»ã¹ã«ã¯MACã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°æ©èœãæèŒããŠããŸãã
ACL/Access Control Lists
ACL㯠IPã¢ãã¬ã¹ããããã³ã«ãTCP/UDPããŒãçªå·ã«ãã IPãã¬ãŒã ã®ãã£ã«ã¿ãªã³ã°ãããã¯ãMACã¢ãã¬ã¹ãã€ãŒãµãããã¿ã€ãã«ãããã¬ãŒã ã®ãã£ã«ã¿ãªã³ã°ãæäŸããŸããACLã䜿çšããããšã§ãäžèŠãªãããã¯ãŒã¯ãã©ãã£ãã¯ãæå¶ããããã©ãŒãã³ã¹ãåäžãããããšãã§ããŸãã
ãŸãããããã¯ãŒã¯ãªãœãŒã¹ããããã³ã«ã«ããã¢ã¯ã»ã¹ã®å¶éãè¡ãããšã§ã»ãã¥ãªãã£ã®ã³ã³ãããŒã«ãè¡ããŸãã
ããŒãèšå® /Port Configuration
æ¬æ©ã§ã¯ãªãŒãããŽã·ãšãŒã·ã§ã³æ©èœã«ãã察åæ©åšã«å¿ããŠåããŒãã®èšå®ãèªåçã«è¡ããä»ãæåã§åããŒãã®éä¿¡é床ãéä¿¡æ¹åŒåã³ãããŒã³ã³ãããŒã«ã®èšå®ãè¡ãããšãã§ããŸãã
éä¿¡æ¹åŒã Full-Duplexã«ããããšã«ããã¹ã€ããéã®éä¿¡é床ã 2åã«ããããšãã§ããŸããIEEE802.3xã«æºæ ãããããŒã³ã³ãããŒã«æ©èœã§ã¯éä¿¡ã®ã³ã³ãããŒã«ãè¡ãããã±ãããããã¡ãè¶ãããã±ããã®æ倱ãé²ããŸãã
2 FXC3110
ã€ã³ãããã¯ã·ã§ã³ãœãããŠã§ã¢æ©èœ
ããŒããã©ãŒãªã³ã° /Port Mirroring
æ¬æ©ã¯ä»»æã®ããŒãããã¢ãã¿ãŒããŒãã«å¯ŸããŠéä¿¡ã®ãã©ãŒãªã³ã°ãè¡ãããšãã§ããŸããã¿ãŒã²ããããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferçïŒå㯠RMONãããŒããæ¥ç¶ãããã©ãã£ãã¯ã解æããããšãã§ããŸãã
ããŒããã©ã³ã¯ /Port Trunking
è€æ°ã®ããŒãããã³ãå¹ ã®æ¡å€§ã«ããããã«ããã¯ã®è§£æ¶ããé害æã®åé·åãè¡ãããšãã§ããŸããæ¬æ©ã§æååã³ IEEE802.3adæºæ ã® LACPã䜿çšããåçèšå®ã§è¡ãããšãã§ããŸãã
垯åå¶åŸ¡ /Rate Limiting
åã€ã³ã¿ãã§ãŒã¹ã«ãããŠãåä¿¡ãã©ãã£ãã¯ã®æ倧垯åã®èšå®ãè¡ãããšãã§ããŸããèšå®ç¯å²å ã®ãã±ããã¯è»¢éãããŸãããèšå®ããå€ãè¶ ãããã±ããã¯è»¢éãããã«ãã±ãããèœãšãããŸãã
ã¹ããŒã ã³ã³ãããŒã« /Storm Control
ã¹ããŒã ã³ã³ãããŒã«æ©èœã¯ããããŒããã£ã¹ãããã«ããã£ã¹ããæªç¥ã®ãŠããã£ã¹ãéä¿¡ã«ãããããã¯ãŒã¯ã®åž¯åãå æãããããšãé²ããŸããããŒãäžã§æ¬æ©èœãæå¹ã«ããå ŽåãããŒããééãããããŒããã£ã¹ãããã«ããã£ã¹ããæªç¥ã®ãŠããã£ã¹ããã±ãããå¶éããããšãã§ããŸãããã±ãããèšå®ããŠãããããå€ãè¶ ããå Žåããããå€ä»¥äžãšãªãããå¶éãè¡ããŸãã
éçã¢ãã¬ã¹ /Static Addresses
ç¹å®ã®ããŒãã«å¯ŸããŠéç㪠MACã¢ãã¬ã¹ã®èšå®ãè¡ãããšãã§ããŸããèšå®ãããMACã¢ãã¬ã¹ã¯ããŒãã«å¯ŸããŠåºå®ãããä»ã®ããŒãã«ç§»åããããšã¯ã§ããŸãããèšå®ãããMACã¢ãã¬ã¹ã®æ©åšãä»ã®ããŒãã«æ¥ç¶ãããå ŽåãMACã¢ãã¬ã¹ã¯ç¡èŠãããã¢ãã¬ã¹ããŒãã«äžã«åŠç¿ãããŸããã
éç MACã¢ãã¬ã¹ã®èšå®ãè¡ãããšã«ãããæå®ã®ããŒãã«æ¥ç¶ãããæ©åšãå¶éãããããã¯ãŒã¯ã®ã»ãã¥ãªãã£ãæäŸããŸãã
IEEE802.1Dããªããž /IEEE 802.1D Bridge
æ¬æ©ã§ã¯ IEEE802.1Dããªããžæ©èœããµããŒãããŸãã
MACã¢ãã¬ã¹ããŒãã«äžã§ MACã¢ãã¬ã¹ã®åŠç¿ãè¡ãããã®æ å ±ã«åºã¥ããã±ããã®è»¢éãè¡ããŸããæ¬æ©ã§ã¯æ倧 8Kåã® MACã¢ãã¬ã¹ã®ç»é²ãè¡ãããšãå¯èœã§ãã
ã¹ã㢠&ãã©ã¯ãŒã ã¹ã€ããã³ã° /Store-and Forward Switching
æ¬æ©ã§ã¯ã¹ã€ããã³ã°æ¹åŒãšããŠã¹ãã¢ïŒãã©ã¯ãŒãããµããŒãããŸãã
æ¬æ©ã§ã¯ 4Mbitã®ãããã¡ãæãããã¬ãŒã ããããã¡ã«ã³ããŒãããåŸãä»ã®ããŒãã«å¯ŸããŠè»¢éããŸããããã«ãããã¬ãŒã ãã€ãŒãµãããèŠæ Œã«æºæ ããŠãããã確èªããèŠæ Œå€ã®ãã¬ãŒã ã«ãã垯åã®å æãåé¿ããŸãããŸãããããã¡ã«ããéä¿¡ãéäžããå Žåã®ãã±ããã®ãã¥ãŒã€ã³ã°ãè¡ããŸãã
3FXC3110
ã€ã³ãããã¯ã·ã§ã³ãœãããŠã§ã¢æ©èœ
ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã / Spanning Tree Algorithm
æ¬æ©ã¯ 3çš®é¡ã®ã¹ããã³ã°ããªãŒãããã³ã«ããµããŒãããŠããŸãã
Spanning Tree Protocol (STP, IEEE 802.1D) â
æ¬æ©èœã§ã¯ãLANäžã®éä¿¡ã«å¯ŸããŠè€æ°ã®éä¿¡çµè·¯ã確ä¿ããããšã«ããåé·åãè¡ãããšãã§ããŸãã
è€æ°ã®éä¿¡çµè·¯ãèšå®ããå Žåã1ã€ã®éä¿¡çµè·¯ã®ã¿ãæå¹ãšããä»ã®éä¿¡çµè·¯ã¯ãããã¯ãŒã¯ã®ã«ãŒããé²ãããç¡å¹ã«ããŸããäœãã䜿çšããŠããéä¿¡çµè·¯ãäœããã®çç±ã«ããããŠã³ããå Žåã«ã¯ãä»ã®ç¡å¹ãšãããŠããéä¿¡çµè·¯ãæå¹ã«ããŠéä¿¡ãç¶ç¶ããŠè¡ãããšãå¯èœãšããŸãã
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) â
æ¢åã® IEEE802.1Dæºæ ã® STPã«æ¯ã¹çŽ 10åã® 1ã®æéã§ãããã¯ãŒã¯ã®åæ§ç¯ãè¡ãããšãã§ããŸãã
RSTP㯠STPã®å®å šãªåŸç¶ãšãããŠããŸãããæ¢åã® STPã®ã¿ããµããŒãããŠãã補åãšæ¥ç¶ãã STPã«æºæ ããã¡ãã»ãŒãžãåä¿¡ããå Žåã«ã¯ãSTPäºæã¢ãŒããšããŠåäœããããšãã§ããŸãã
Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) â
æ¬æ©èœã¯ RSTPã®æ¡åŒµæ©èœã§ããæ¬æ©èœã«ããå VLANåäœã§ã® STPæ©èœãæäŸããããšãå¯èœãšãªããŸããVLANåäœã«ããããšã«ãããå VLANåäœã§ãããã¯ãŒã¯ã®åé·åãè¡ããã»ãããããã¯ãŒã¯æ§æãåçŽåãã RSTPããããã«æ©ããããã¯ãŒã¯ã®åæ§ç¯ãè¡ãããšãå¯èœãšãªããŸãã
VLAN/Virtual LANs
æ¬æ©ã¯æ倧 256ã°ã«ãŒãã® VLANããµããŒãããŠããŸããVLANã¯ç©ççãªæ¥ç¶ã«é¢ãããåäžã®ã³ãªãžã§ã³ãã¡ã€ã³ãå ±æãããããã¯ãŒã¯ããŒããšãªããŸãã
æ¬æ©ã§ã¯ IEEE802.1Qæºæ ã®ã¿ã°ä» VLANããµããŒãããŠããŸããVLANã°ã«ãŒãã¡ã³ããŒã¯ GVRPãå©çšããåçãªèšå®åã³æåã§ã® VLANèšå®ãè¡ãããšãã§ããŸããVLANã®èšå®ãè¡ãããšã«ããæå®ããéä¿¡ã®å¶éãè¡ãããšãã§ããŸãã
VLANã«ããã»ã°ã¡ã³ããåããäºã§ä»¥äžã®ãããªã¡ãªããããããŸãã
⢠现ãããããã¯ãŒã¯ã»ã°ã¡ã³ãã«ããããšã«ãããããŒããã£ã¹ãã¹ããŒã ã«ããããã©ãŒãã³ã¹ã®æªåãåé¿ããŸãã
⢠ç©ççãªãããã¯ãŒã¯æ§æã«é¢ãããªããVLANã®èšå®ãå€æŽããããšã§ãããã¯ãŒã¯ã®æ§æãç°¡åã«å€æŽããããšãå¯èœã§ãã
⢠éä¿¡ã VLANå ã«å¶éããããšã§ã»ãã¥ãªãã£ãåäžããŸãã
⢠ãã©ã€ããŒã VLANãå©çšããããšã«ããèšå®å¯èœãª VLANæ°ã«å¶éãããäžã§ãåäž VLANå ã®åããŒãéã®éä¿¡ãå¶éããã¢ãããªã³ã¯ããŒããšã®éä¿¡ã®ã¿ãè¡ãããšãå¯èœãšãªããŸãã
⢠ãããã³ã«ããŒã¹ VLANã«ããããããã³ã«ã¿ã€ãã«åºã¥ãããã©ãã£ãã¯ã®å¶éãè¡ãããšãå¯èœã§ãã
4 FXC3110
ã€ã³ãããã¯ã·ã§ã³ãœãããŠã§ã¢æ©èœ
IEEE 802.1Qãã³ããªã³ã° /IEEE 802.1Q TUNNELING (QinQ)
IEEE802.1Qãã³ããªã³ã°ïŒQinQïŒã¯ããããã¯ãŒã¯ã§è€æ°ã®ã«ã¹ã¿ããŒã®ãã©ãã£ãã¯ãäŒéãããµãŒãã¹ãããã€ãã察象ã«èšèšãããæ©èœã§ããQinQãã³ããªã³ã°ã¯ããã¬ãŒã ããµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯ã«å ¥ãæã«ãµãŒãã¹ãããã€ã VLANïŒSPVLANïŒã¿ã°ãã«ã¹ã¿ããŒã®ãã¬ãŒã ã«æ¿å ¥ãããã¬ãŒã ããããã¯ãŒã¯ãå»ãæã¿ã°ãåãå»ãããšã§å®çŸããŸãã
ãã©ã€ãªãªã㣠/Traffic Prioritization
æ¬æ©ã§ã¯ãã¥ãŒãš Strictåã¯WRRãã¥ãŒã€ã³ã°æ©èœã«ãããµãŒãã¹ã¬ãã«ã«å¿ããåãã±ããã«åªå é äœãèšå®ããããšãã§ããŸãããããã¯ãå ¥åãããããŒã¿ã® IEEE802.1påã³ 802.1Qã¿ã°ã«ããåªå é äœä»ããè¡ãããŸãã
æ¬æ©èœã«ãããã¢ããªã±ãŒã·ã§ã³æ¯ã«èŠæ±ãããåªå 床ãåå¥ã«èšå®ããããšãã§ããŸãã
ãŸããæ¬æ©ã§ã¯ IPãã¬ãŒã äžã® ToSãªã¯ãããå ã®ãã©ã€ãªãªãã£ããããå©çšããåªå é äœã®èšå®ãªã©ãããã€ãã®æ¹æ³ã«ãã L3/L4ã¬ãã«ã§ã®åªå é äœã®èšå®ãè¡ãããšãã§ããŸãã
ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã° /Multicast Filtering
æ£åžžãªãããã¯ãŒã¯ã®éä¿¡ã«åœ±é¿ãããããªã¢ã«ã¿ã€ã ã§ã®éä¿¡ã確ä¿ããããã«ãVLANã®ãã©ã€ãªãªãã£ã¬ãã«ãèšå®ãããã«ããã£ã¹ãéä¿¡ãç¹å®ãå VLANã«å¯ŸããŠå²ãåœãŠãããšãã§ããŸãã
æ¬æ©ã§ã¯ IGMP Snoopingåã³ Queryãå©çšãããã«ããã£ã¹ãã°ã«ãŒãã®ç»é²ã管çããŸãã
5FXC3110
æ¬æ©ã®ç®¡çæ¬æ©ãžã®æ¥ç¶
2.1 æ¬æ©ãžã®æ¥ç¶
2.1.1 èšå®æ¹æ³
FXC3110ã¯ããããã¯ãŒã¯ç®¡çãšãŒãžã§ã³ããæèŒã SNMPãRMONãåã³Webã€ã³ã¿ãã§ãŒã¹ã«ãããããã¯ãŒã¯çµç±ã§ã®ç®¡çãè¡ãããšãã§ããŸãããŸããPCããæ¬æ©ã«çŽæ¥æ¥ç¶ãã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ (Command Line Interface/CLI)ãå©çšããèšå®åã³ç£èŠãè¡ãããšãå¯èœã§ãã
[泚æ ]ã åæèšå®ç¶æ ã§ã¯ãDHCPãµãŒããŒãã IP ã¢ãã¬ã¹ã®ååŸãè¡ãããèšå®ãããŠããŸãããã®èšå®ã®å€æŽãè¡ãã«ã¯ 2.2.3é ãIPã¢ãã¬ã¹ã®èšå®ããåç §ããŠäžããã
æ¬æ©ã«ã¯ç®¡ççšã®WebãµãŒããæèŒãããŠããŸããWebãã©ãŠã¶ããèšå®ãè¡ã£ããããããã¯ãŒã¯ã®ç¶æ ãç£èŠããããã®çµ±èšæ å ±ã確èªãããããããšãã§ããŸãããããã¯ãŒã¯ã«æ¥ç¶ããã PCäžã§åäœãããInternet Explorer 5.0以äžãããWebã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸãã
æ¬æ©ã® CLIãžã¯æ¬äœã®ã³ã³ãœãŒã«ããŒããžã®æ¥ç¶åã³ãããã¯ãŒã¯çµç±ã§ã® Telnetã«ããæ¥ç¶ã«ããã¢ã¯ã»ã¹ããããšãã§ããŸãã
æ¬æ©ã«ã¯ SNMP (Simple Network Management Protocol)ã«å¯Ÿå¿ãã管çãšãŒãžã§ã³ããæèŒãããŠããŸãããããã¯ãŒã¯ã«æ¥ç¶ãããã·ã¹ãã ã§åäœãããSNMPã«å¯Ÿå¿ãã管çãœãããããæ¬æ©ã® SNMPãšãŒãžã§ã³ãã«ã¢ã¯ã»ã¹ãèšå®ãªã©ãè¡ãããšãå¯èœã§ãã
æ¬æ©ã® CLIãWebã€ã³ã¿ãã§ãŒã¹åã³ SNMPãšãŒãžã§ã³ãããã¯ä»¥äžã®èšå®ãè¡ãããšãå¯èœã§ãã
⢠ãŠãŒã¶åããã¹ã¯ãŒãã®èšå®
⢠管ç VLANã® IPã€ã³ã¿ãã§ãŒã¹ã®èšå®
⢠SNMPãã©ã¡ãŒã¿ã®èšå®
⢠åããŒãã®æå¹ /ç¡å¹
⢠åããŒãã®éä¿¡é床åã³ Full/Half Duplexã®èšå®
⢠垯åå¶åŸ¡ã«ããåããŒãã®å ¥ååã³åºå垯åã®èšå®
⢠IEEE802.1Xã»ãã¥ãªãã£ãéçã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°ã®ã³ã³ãããŒã«
⢠ACLã䜿çšãããã±ããã®ãã£ã«ã¿
⢠æ倧 256ã® IEEE802.1Q VLANèšå®
⢠GVRPæå¹
⢠IGMPãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°èšå®
2. æ¬æ©ã®ç®¡ç
6 FXC3110
æ¬æ©ã®ç®¡çæ¬æ©ãžã®æ¥ç¶
⢠HTTPãFTP/TFTPçµç±ã®ãã¡ãŒã ãŠã§ã¢ãŸãã¯èšå®ãã¡ã€ã«ã®ã¢ããããŒãåã³ããŠã³ããŒã
⢠ã¹ããã³ã°ããªãŒã®èšå®
⢠Class of Service ïŒCoSïŒã®èšå®
⢠éçãã©ã³ã¯åã³ LACPèšå®ïŒæ倧 8ã°ã«ãŒãïŒ
⢠ããŒããã©ãŒãªã³ã°ã®æå¹
⢠åããŒãã®ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã®èšå®
⢠ã·ã¹ãã æ å ±åã³çµ±èšæ å ±ã®è¡šç€º
2.1.2 æ¥ç¶æé
æ¬æ©ã®ã·ãªã¢ã«ããŒããš PCã RS-232Cã±ãŒãã«ãçšããŠæ¥ç¶ããæ¬æ©ã®èšå®åã³ç£èŠãè¡ãããšãã§ããŸãã
PCåŽã§ã¯ VT100æºæ ã®ã¿ãŒããã«ãœãããŠã§ã¢ãå©çšããŠäžãããPCãæ¥ç¶ããããã®RS-232Cã±ãŒãã«ã¯ãæ¬æ©ã«å梱ãããŠããã±ãŒãã«ã䜿çšããŠäžããã
æé :
ïŒ1ïŒRS-232Cã±ãŒãã«ã®äžæ¹ã PCã®ã·ãªã¢ã«ããŒãã«æ¥ç¶ããã³ãã¯ã¿éšåã®ãããå€ããªãããã«æ¢ããŸãã
ïŒ2ïŒRS-232Cã±ãŒãã«ã®ããäžæ¹ãæ¬æ©ã®ã³ã³ãœãŒã«ããŒãã«æ¥ç¶ããŸãã
ïŒ3ïŒããœã³ã³ã®ã¿ãŒããã«ãœãããŠã§ã¢ã®èšå®ã以äžã®éãè¡ã£ãŠãã ããã
éä¿¡ããŒã ----------- RS-232Cã±ãŒãã«ãæ¥ç¶ãããŠããããŒã
éä¿¡é床 -------------- 115200bps
ããŒã¿ããã -------- 8bit
ã¹ãããããã ----- 1bit
ããªã㣠-------------- ãªã
ãããŒå¶åŸ¡ ----------- ãªã
ãšãã¥ã¬ãŒã·ã§ã³ -- VT100
ïŒ4ïŒäžèšã®æé ãæ£ããå®äºãããšãã³ã³ãœãŒã«ãã°ã€ã³ç»é¢ã衚瀺ãããŸãã
ã³ã³ãœãŒã«æ¥ç¶ã«é¢ããèšå®ã®è©³çŽ°ã¯ P412 ãLine ïŒã©ã€ã³ã³ãã³ãïŒããåç §ããŠäžãããCLIã®äœ¿ãæ¹ã¯ P360 ãã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããåç §ããŠäžããããŸããCLIã®å šã³ãã³ããšåã³ãã³ãã®äœ¿ãæ¹ã¯ P368 ãã³ãã³ãã°ã«ãŒãããåç §ããŠäžããã
7FXC3110
æ¬æ©ã®ç®¡çæ¬æ©ãžã®æ¥ç¶
2.1.3 ãªã¢ãŒãæ¥ç¶
ãããã¯ãŒã¯ãçµç±ããŠæ¬æ©ã«ã¢ã¯ã»ã¹ããå Žåã¯ãäºåã«ã³ã³ãœãŒã«æ¥ç¶å㯠DHCPã«ããæ¬æ©ã® IPã¢ãã¬ã¹ããµãããããã¹ã¯ãããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããå¿ èŠããããŸãã
åæèšå®ã§ã¯æ¬æ©ã¯ DHCPãçšããŠèªåçã« IPã¢ãã¬ã¹ãååŸããŸããæå㧠IPã¢ãã¬ã¹ã®èšå®ãè¡ãå Žåã®èšå®æ¹æ³ã¯ P10 ãIPã¢ãã¬ã¹ã®èšå®ããåç §ããŠäžããã
[泚æ ]ãæ¬æ©ã¯åæã«æ倧 4ã»ãã·ã§ã³ãŸã§ã® TelnetãŸã㯠SSHæ¥ç¶ãè¡ããŸãã
IPã¢ãã¬ã¹ã®èšå®ãå®äºãããšããããã¯ãŒã¯äžã®ã©ã® PCãããæ¬æ©ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããPCäžãã㯠TelnetãWebãã©ãŠã¶ããããã¯ãŒã¯ç®¡çãœããã䜿ãããšã«ããæ¬æ©ã«ã¢ã¯ã»ã¹ããããšãã§ããŸã (察å¿Webãã©ãŠã¶ã¯ Internet Explorer 5.0ãåã¯Netscape Navigator 6.2以äžã§ã )ã
æ¬æ©ã«æèŒããã管çãšãŒãžã§ã³ãã§ã¯ SNMP管çæ©èœã®èšå®é ç®ã«å¶éããããŸãããã¹ãŠã® SNMP管çæ©èœãå©çšããå Žå㯠SNMPã«å¯Ÿå¿ãããããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšããŠäžããã
8 FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
2.2 åºæ¬èšå®
2.2.1 ã³ã³ãœãŒã«æ¥ç¶
CLIã§ã¯ã²ã¹ãã¢ãŒã (normal access level/Normal Exec)ãšç®¡çè ã¢ãŒã (privileged access level/Privileged Exec)ã® 2ã€ã®ç°ãªãã³ãã³ãã¬ãã«ããããŸããã²ã¹ãã¢ãŒã (Normal Exec)ãå©çšããå Žåãå©çšã§ããæ©èœã¯æ¬æ©ã®èšå®æ å ±ãªã©ã®è¡šç€ºãšäžéšã®èšå®ã®ã¿ã«å¶éãããŸããæ¬æ©ã®ãã¹ãŠã®èšå®ãè¡ãããã«ã¯ç®¡çè ã¢ãŒã (Privileged Exec)ãå©çšã CLIã«ã¢ã¯ã»ã¹ããå¿ èŠããããŸãã
2ã€ã®ç°ãªãã³ãã³ãã¬ãã«ã¯ããŠãŒã¶åãšãã¹ã¯ãŒãã«ãã£ãŠåºå¥ãããŠããŸããåæèšå®ã§ã¯ããããã«ç°ãªããŠãŒã¶åãšãã¹ã¯ãŒããèšå®ãããŠããŸãã
管çè ã¢ãŒã (Privileged Exec)ã®åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããæ¥ç¶æ¹æ³ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒã³ã³ãœãŒã«æ¥ç¶ãåæåãã<Enter>ããŒãæŒããŸãããŠãŒã¶èªèšŒãéå§ãããŸãã
ïŒ2ïŒãŠãŒã¶åå ¥åç»é¢ã§ "admin"ãšå ¥åããŸãã
ïŒ3ïŒãã¹ã¯ãŒãå ¥åç»é¢ã§ "admin"ãšå ¥åããŸãã(å ¥åãããã¹ã¯ãŒãã¯ç»é¢ã«è¡šç€ºãããŸãã )
ïŒ4ïŒç®¡çè ã¢ãŒã (Privileged Exec)ã§ã®ã¢ã¯ã»ã¹ãèš±å¯ãããç»é¢äžã« "Console#"ãšè¡šç€ºãè¡ãããŸãã
2.2.2 ãã¹ã¯ãŒãã®èšå®
[泚æ ]ãå®å šã®ãããæåã« CLIã«ãã°ã€ã³ããéã« "username"ã³ãã³ããçšããŠäž¡æ¹ã®ã¢ã¯ã»ã¹ã¬ãã«ã®ãã¹ã¯ãŒããå€æŽããããã«ããŠãã ããã
ãã¹ã¯ãŒãã¯æ倧 32æåã®è±æ°åã§ãã倧æåãšå°æåã¯åºå¥ãããŸãã
ãã¹ã¯ãŒãã®èšå®æ¹æ³ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒã³ã³ãœãŒã«ã«ã¢ã¯ã»ã¹ããåæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒã "admin"ãå ¥åããŠç®¡çè ã¢ãŒã(Privileged Exec)ã§ãã°ã€ã³ããŸãã
ïŒ2ïŒ"configure"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ3ïŒ"username guest password 0 password" ãšå ¥åãã<Enter>ããŒãæŒããŸããPasswordéšåã«ã¯æ°ãããã¹ã¯ãŒããå ¥åããŸãã
ïŒ4ïŒ"username admin password 0 password" ãšå ¥åãã<Enter>ããŒãæŒããŸããPasswordéšåã«ã¯æ°ãããã¹ã¯ãŒããå ¥åããŸãã
Username: adminPassword:
CLI session with the FXC3110 is opened. To end the CLI session, enter [Exit].
Console#configureConsole(config)#username guest password 0 [password]Console(config)#username admin password 0 [password]Console(config)#
9FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
2.2.3 IPã¢ãã¬ã¹ã®èšå®
æ¬æ©ã®ç®¡çæ©èœã«ãããã¯ãŒã¯çµç±ã§ã¢ã¯ã»ã¹ããããã«ã¯ãIPã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãã
IPã¢ãã¬ã¹ã®èšå®ã¯äžèšã®ã©ã¡ããã®æ¹æ³ã§è¡ãããšãã§ããŸãã
æåèšå®
IPã¢ãã¬ã¹ãšãµãããããã¹ã¯ãæåã§å ¥åããèšå®ãè¡ããŸããæ¬æ©ã«æ¥ç¶ãã PCãåããµããããäžã«ãªãå Žåã«ã¯ãããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ãå¿ èŠããããŸãã
åçèšå®
ãããã¯ãŒã¯äžã® BOOTPå㯠DHCPãµãŒãã«å¯ŸããIPã¢ãã¬ã¹ã®ãªã¯ãšã¹ããè¡ãèªåçã« IPã¢ãã¬ã¹ãååŸããŸãã
æåèšå®
IPã¢ãã¬ã¹ãæåã§èšå®ããŸããã»ã°ã¡ã³ãã®ç°ãªã PCããæ¬æ©ã«ã¢ã¯ã»ã¹ããããã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãå¿ èŠãšãªããŸãã
[泚æ ]ãåæèšå®ã§ã¯æ¬æ©ã¯ DHCPãçšããŠèªåçã« IPã¢ãã¬ã¹ãååŸããŸãã
IPv4ã¢ãã¬ã¹
IPã¢ãã¬ã¹ã®èšå®ãè¡ãåã«ãå¿ èŠãªäžèšã®æ å ±ããããã¯ãŒã¯ç®¡çè ããååŸããŠäžãã
â¢ïŒæ¬æ©ã«èšå®ããïŒIPã¢ãã¬ã¹
⢠ããã©ã«ãã²ãŒããŠã§ã€â¢ ãµãããããã¹ã¯
IPv4ã¢ãã¬ã¹ãèšå®ããããã®æé ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒinterfaceã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã管çè ã¢ãŒã (Privileged Exec)㧠"interface vlan 1"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ2ïŒ"ip address ip-address netmask"ãšå ¥åãã<Enter>ããŒãæŒããŸãã"ip-address" ã«ã¯æ¬æ©ã® IPã¢ãã¬ã¹ãã"netmask"ã«ã¯ãããã¯ãŒã¯ã®ãµãããããã¹ã¯ãå ¥åããŸãã
ïŒ3ïŒGlobal Configurationã¢ãŒãã«æ»ãããã«ã"exit"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ4ïŒæ¬æ©ã®æå±ãããããã¯ãŒã¯ã®ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãèšå®ããããã«ã"ip default-gateway gateway"ãšå ¥åãã<Enter>ããŒãæŒããŸãã "gateway"ã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãå ¥åããŸãã
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.5 255.255.255.0Console(config-if)#exitConsole(config)#ip default-gateway 192.168.1.254Console(config)#
10 FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
IPv6ã¢ãã¬ã¹
ããã§ã¯ã"ãªã³ã¯ããŒã«ã« "ã¢ãã¬ã¹ã®èšå®æ¹æ³ããã³ãè€æ°ã»ã°ã¡ã³ãã®ãããã¯ãŒã¯ã§äœ¿çšããããããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ãšãã¢ãã¬ã¹ã®ãã¹ãéšãå«ãã"ã°ããŒãã«ãŠããã£ã¹ã "ã¢ãã¬ã¹ã®èšå®æ¹æ³ã解説ããŸãã
IPv6ãã¬ãã£ãã¯ã¹ãŸãã¯ã¢ãã¬ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã« 1ã€ã®ããã«ã³ãã³ã䜿çšãããŸããIPv6ã¢ãã¬ã¹ãå²ãåœãŠããã®ä»ã®æ¹æ³ã«ã€ããŠã®è©³çŽ°ã¯ P314 ãIPã¢ãã¬ã¹ã®èšå® (IP Version6)ããåç §ããŠãã ããã
ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹
å šãŠã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ FE80ã®ãã¬ãã£ãã¯ã¹ã§èšå®ãããå¿ èŠãããŸãããã®ã¢ãã¬ã¹ã¿ã€ããåãããŒã«ã«ãµããããã«æ¥ç¶ãããŠããå šãŠã®è£ 眮ã«ã®ã¿ IPv6äžã®ã¹ã€ããã¢ã¯ã»ã¹ãå¯èœã«ããŸããã¹ã€ããããèšå®ãããã¢ãã¬ã¹ãšããµããããäžã®ä»ã®è£ 眮ã§äœ¿çšãããŠããç©ã«ççŸãæ€åºããå Žåãããã¯åé¡ã¢ãã¬ã¹ã®äœ¿çšãåæ¢ããèªåã§ããŒã«ã«ãµããããäžã®ä»ã®è£ 眮ãšççŸã®ç¡ããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãçæããŸãã
ã¹ã€ããã® IPv6ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã®èšå®
ïŒ1ïŒGlobal Configurationã¢ãŒãããã³ããã§ã" interface vlan 1"ãšå ¥åãïŒ EnterïŒãæŒããŸããinterface-configurationã¢ãŒããžå ¥ããŸãã
ïŒ2ïŒ"ipv6 enable"ãšå ¥åããïŒ Enter ïŒãæŒããŸãã
ïŒ3ïŒ" ipv6 address"ãšã¿ã€ãããäŸã®ããã«æ倧 8ã€ã®ã³ãã³ã«ãã£ãŠåºåããã 16ããã 16é²æ°å€ãããã«ç¶ã "link-local"ã³ãã³ããã©ã¡ãŒã¿ãå ¥åããïŒ EnterïŒ
ãæŒããŸãã
Console(config)#interface vlan 1Console(config-if)#ipv6 address FE80::260:3EFF:FE11:6700 link-localConsole(config-if)#endConsole#show ipv6 interfaceIPv6 is stale.Link-local address:
ãFE80::260:3EFF:FE11:6700/64Global unicast address(es):(None)Joined group address(es):FF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
11FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
ãã«ãã»ã°ã¡ã³ããããã¯ãŒã¯ã®ã¢ãã¬ã¹
ãã«ãã»ã°ã¡ã³ããããã¯ãŒã¯ãžã®æ¥ç¶ã«äœ¿çšãããã¹ã€ãããž IPv6ã¢ãã¬ã¹ãå²ãåœãŠãåã«ããããã¯ãŒã¯ç®¡çè ãã以äžã®æ å ±ãå ¥æããŠãã ããã
â ãã®ãããã¯ãŒã¯ã®ãã¬ãã£ãã¯ã¹
â ã¹ã€ããã® IPã¢ãã¬ã¹
âãããã¯ãŒã¯ã®ããã©ã«ãã²ãŒããŠã§ã€
ããã€ãã®ç°ãªããµãããããã«ããŒãããããã¯ãŒã¯ã®ããã«ãã¹ã€ããã®ãããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ãšãã¹ãã¢ãã¬ã¹ãå«ãããã«ã¢ãã¬ã¹ãå®çŸ©ããå¿ èŠããããŸãã
ãã« IPv6ã¢ãã¬ã¹ãŸã㯠IPv6ã¢ãã¬ã¹ãšãã¬ãã£ãã¯ã¹é·ãæå®ããããšãå¯èœã§ããIPv6ãããã¯ãŒã¯ã®ãã¬ãã£ãã¯ã¹é·ã¯ãããã¯ãŒã¯ã¢ãã¬ã¹ã圢æããæ¥é èŸã®ãããæ°ã§ããã10é²æ°ãšããŠè¡šçŸãããŸãã
äŸãã°ã73ã®æåã®ãã€ãïŒ16é²æ°ïŒã§å§ãŸãå šãŠã® IPv6ã¢ãã¬ã¹ã 73:0:0:0:0:0:0:0/8ãŸã㯠73::/8ãšããŠè¡šçŸãããŸããã¹ã€ããã®ã°ããŒãã«ãŠããã£ã¹ã IPv6ã¢ãã¬ã¹ãçæããã«ã¯ã以äžã®ã¹ããããå®äºããŠãã ããã
ïŒ1ïŒglobal configurationã¢ãŒãããã³ãããããinterface-configurationã¢ãŒãã«ã¢ã¯ã»ã¹ããããã" interface vlan 1"ãå ¥åãïŒ EnterïŒãæŒããŸãã
ïŒ2ïŒ"ipv6 enable"ãšå ¥åããïŒ Enter ïŒãæŒããŸãã
ïŒ3ïŒinterfaceããã³ããããã" ipv6 address ipv6-address"ãŸã㯠" ipv6 address ipv6-address/prefix-length"ãå ¥åããŸãã"prefix-length"ã¯ã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã®åœ¢æã«äœ¿çšãããã¢ãã¬ã¹ãããã瀺ããŸããïŒãããã¯ãŒã¯ã¢ãã¬ã¹ã¯ãã¬ãã£ãã¯ã¹ã®å·Šããå§ãŸããIPv6ã¢ãã¬ã¹ãããã®è¥å¹²ãã«ããŒããŸãïŒæ®ãã®ãããã¯ãã¹ãã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŸããïŒ EnterïŒãæŒããŸãã
ïŒ4ïŒ"exit"ãå ¥åããglobal configurationã¢ãŒãããã³ããã«æ»ããŸããïŒ EnterïŒãã¯ãªãã¯ããŸãã
ïŒ5ïŒ" ipv6 default-gateway gateway,"ãã¿ã€ãããã¹ã€ãããå±ãããããã¯ãŒã¯ã® IPv6ããã©ã«ãã²ãŒããŠã§ã€ã® IPv6ã¢ãã¬ã¹ãèšå®ããŸãã" gateway"ã¯ããã©ã«ãã²ãŒã
ãŠã§ã€ã® IPv6ã¢ãã¬ã¹ã§ãã<Enter>ãã¯ãªãã¯ããŸãã
Console(config)#interface vlan 1Console(config-if)#ipv6 address 2001:DB8:2222:7272::/64Console(config-if)#exitConsole(config)#ipv6 default-gateway 2001:DB8:2222:7272::254Console(config)endConsole#show ipv6 interfaceVlan 1 is upIPv6 is stale.Link-local address:
ãFE80::260:3EFF:FE11:6700/64Global unicast address(es):
ã2001:DB8:2222:7272::/64, subnet is 2001:DB8:2222:7272::/64Joined group address(es):FF02::1:FF00:0FF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.
Console#show ipv6 default-gatewayipv6 default gateway: 2001:DB8:2222:7272::254Console#
12 FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
åçèšå®
IPv4ã¢ãã¬ã¹
"bootp"å㯠"dhcp" ãéžæããå ŽåãBOOTPå㯠DHCPããã®å¿çãåãåããŸã§ IPã¢ãã¬ã¹ã¯æå¹ã«ãªããŸãããIPã¢ãã¬ã¹ãååŸããããã«ã¯ "ip dhcp restart client"ã³ãã³ãã䜿çšããŠãããŒããã£ã¹ããµãŒãã¹ãªã¯ãšã¹ããè¡ãå¿ èŠããããŸãããªã¯ãšã¹ãã¯IPã¢ãã¬ã¹ãååŸããããã«åšæçã«éä¿¡ãããŸãïŒBOOTPãš DHCPããååŸããå€ã«ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯ããã³ããã©ã«ãã²ãŒããŠã§ã€ãå«ãŸããŸãïŒ
IPã¢ãã¬ã¹ã®ååŸæ¹æ³ãšã㊠"bootp"å㯠"dhcp"ãèµ·åãã¡ã€ã«ã«èšå®ãããŠããå Žåãæ¬æ©ã¯é»æºæå ¥æã«èªåçã«ãããŒããã£ã¹ããªã¯ãšã¹ããéä¿¡ããŸãã
"BOOTP"å㯠"DHCP"ãµãŒããçšããŠåçã« IPã¢ãã¬ã¹ã®ååŸãè¡ãå Žåã¯ãäžèšã®æé ã§èšå®ãè¡ããŸãã
ïŒ1ïŒinterface configurationã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ãglobal configurationã¢ãŒãã§"interface vlan 1"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ2ïŒinterface configurationã¢ãŒãã§ãäžèšã®ã³ãã³ããå ¥åããŸãã
⢠DHCP㧠IPã¢ãã¬ã¹ãååŸããå Žå : "ip address dhcp"ãšå ¥åã <Enter>ããŒãæŒããŸãã
⢠BOOTP㧠IPã¢ãã¬ã¹ãååŸããå Žå : "ip address bootp"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ3ïŒPrivileged Execã¢ãŒãã«æ»ãããã«ã"end"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ4ïŒæ°ååŸ ã£ãåŸãIPèšå®ã確èªããããã«ã"show ip interface"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ5ïŒèšå®ãä¿åããããã«ã"copy running-config startup-config"ãšå ¥åãã<Enter>
ããŒãæŒããŸããèµ·åãã¡ã€ã«åãå ¥åãã<Enter>ããŒãæŒããŸãã
Console(config)#interface vlan 1Console(config-if)#ip address dhcpConsole(config-if)#endConsole#ip dhcp restartConsole#show ip interfaceIP address and netmask: 192.168.1.54 255.255.255.0 on VLAN 1,and address mode: User specified.Console#copy running-config startup-configStartup configuration file name []: startup\Write to FLASH Programming.
\Write to FLASH finish.Success.
13FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
IPv6ã¢ãã¬ã¹
ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹
IPv6ã¢ãã¬ã¹ã®èšå®ã«ã¯ããã€ãã®æ¹æ³ããããŸããäžçªã·ã³ãã«ãªæ¹æ³ã¯ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã®èªåççæã§ããïŒFE80ã®ã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã§èå¥ïŒãã®ã¢ãã¬ã¹ã¿ã€ãã¯ãåãããŒã«ã«ãµããããã«æ¥ç¶ãããå šãŠã®è£ 眮ã®ããã«ãIPv6äžã®ã¢ã¯ã»ã¹ãå¯èœã«ããŸãã
IPv6ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãçæããã«ã¯ã以äžã®ã¹ããããè¡ã£ãŠãã ããã
ïŒ1ïŒGlobal Configurationã¢ãŒãããã³ããã«ãŠã"interface vlan 1"ãå ¥åããinterface-configurationã¢ãŒããžã¢ã¯ã»ã¹ããŸããïŒ EnterïŒãæŒããŸãã
ïŒ2ïŒ"ipv6 enable"ãšå ¥åããïŒ EnterïŒãæŒããŸãã
Console(config)#interface vlan 1Console(config-if)#ipv6 enableConsole(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address:
ãFE80::260:3EFF:FE11:6700/64Global unicast address(es):
ã2001:DB8:2222:7272::/64, subnet is 2001:DB8:2222:7272::/64Joined group address(es):FF02::1:FF00:0FF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
14 FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
ãã«ãã»ã°ã¡ã³ããããã¯ãŒã¯ã®ã¢ãã¬ã¹
1ã€ä»¥äžã®ãµãããããå«ããããã¯ãŒã¯ã§äœ¿çšã§ãã IPv6ã¢ãã¬ã¹ãçæããããã«ãã¹ã€ããã¯èªåçã«ãã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã§åä¿¡ããããããŒã«ã«ãµããããã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ãåºã«ãäžæã®ãã¹ãã¢ãã¬ã¹ãçæããããèšå®ãå¯èœã§ããã¹ã€ããã® IPv6ãã¹ãã¢ãã¬ã¹ãåçã«çæããã«ã¯ã以äžã®ã¹ããããè¡ã£ãŠãã ããã
ïŒ1ïŒGlobal Configurationã¢ãŒãããã³ããã«ãŠã"interface vlan 1" ãå ¥åããinterface-
configurationã¢ãŒããžã¢ã¯ã»ã¹ããŸããïŒ EnterïŒãæŒããŸãã
ïŒ2ïŒinterfaceããã³ããã«ãŠã"ipv6 address autoconfig"ãšå ¥åãïŒ EnterïŒãæŒããŸãã
ïŒ3ïŒ"ipv6 enable"ãšå ¥åããŠïŒ EnterïŒãæŒããIPv6ããæ瀺ç IPv6ã¢ãã¬ã¹ã§èšå®ãããªãã£ãã€ã³ã¿ãã§ãŒã¹ã§æå¹ã«ããŸãã
Console(config)#interface vlan 1Console(config-if)#ipv6 address autoconfigConsole(config-if)#ipv6 enableConsole(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address:
ãFE80::260:3EFF:FE11:6700/64Global unicast address(es):
ã2001:DB8:2222:7272:2E0:CFF:FE00:FD/64, subnet is 2001:DB8:2222:7272::/ã64[AUTOCONFIG]ããvalid lifetime 2591978 preferred lifetime 604778Joined group address(es):FF02::1:FF00:FDFF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
15FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
2.2.4 SNMP管çã¢ã¯ã»ã¹ãæå¹ã«ãã
æ¬æ©ã¯ãSNMP(Simple Network Management Protocol)ãœãããŠã§ã¢çµç±ã§ã®ç®¡çã³ãã³ãã«ããèšå®ãè¡ããŸãã
æ¬æ©ã§ã¯ (1)SNMPãªã¯ãšã¹ããžã®å¿çãåã³ (2)SNMPãã©ããã®çæããå¯èœã§ãã
SNMPãœãããŠã§ã¢ãæ¬æ©ã«å¯Ÿãæ å ±ã®ååŸãèšå®ã®ãªã¯ãšã¹ããåºããå Žåãæ¬æ©ã¯ãªã¯ãšã¹ãã«å¿ããŠæ å ±ã®æäŸãèšå®ãè¡ããŸãããŸãããããããèšå®ããããšã«ãããªã¯ãšã¹ãããªããŠã決ããããåºæ¥äºãçºçããå Žåã«ãã©ããæ å ±ã SNMPãœãããŠã§ã¢ã«éãããšãå¯èœã§ãã
ã³ãã¥ããã£åïŒCommunity StringsïŒ
ã³ãã¥ããã£å (Community Strings)ã¯ãæ¬æ©ãããã©ããæ å ±ãåãåã SNMPãœãããŠã§ã¢ã®èªèšŒãšãSNMPãœãããŠã§ã¢ããã®ã¢ã¯ã»ã¹ãã³ã³ãããŒã«ããããã«äœ¿çšãããŸããæå®ããããŠãŒã¶ãããã¯ãŠãŒã¶ã°ã«ãŒãã«ã³ãã¥ããã£åãèšå®ããã¢ã¯ã»ã¹ã¬ãã«ã決å®ããããšãã§ããŸãã
åæèšå®ã§ã®ã³ãã¥ããã£åã¯ä»¥äžã®ãšããã§ãã
⢠public â èªã¿åãå°çšã®ã¢ã¯ã»ã¹ãå¯èœã§ããpublicã«èšå®ããã SNMP管çãœãããŠã§ã¢ãã㯠MIBãªããžã§ã¯ãã®é²èŠ§ã®ã¿ãè¡ããŸãã
⢠private â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ãã§ããŸããprivateã«èšå®ããã SNMP管çãœãããŠã§ã¢ããã¯MIBãªããžã§ã¯ãã®é²èŠ§åã³å€æŽãããããšãå¯èœã§ãã
SNMPçµç±ã§ã®äžæ£ãªã¢ã¯ã»ã¹ãé²ããããã³ãã¥ããã£åã¯åæèšå®ããå€æŽããŠäžãããã³ãã¥ããã£åã®å€æŽã¯ä»¥äžã®æé ã§è¡ããŸãã
ïŒ1ïŒç®¡çè ã¢ãŒã (Privileged Exec)ã® global configurationã¢ãŒããã "snmp-server
community string mode"ãšå ¥åã <Enter>ããŒãæŒããŸãã"string"ã«ã¯ã³ãã¥ããã£å "mode"ã«ã¯ rwïŒread/wirteãèªã¿æžãå¯èœïŒãroïŒread
onlyãèªã¿åãå°çšïŒã®ãããããå ¥åããŸãïŒåæèšå®ã§ã¯ read onlyãšãªããŸãïŒ
ïŒ2ïŒïŒåæèšå®ãªã©ã®ïŒç»é²æžã¿ã®ã³ãã¥ããã£åãåé€ããããã«ã"no snmp-server
community string"ãšå ¥åã <Enter>ããŒãæŒããŸãã"string"ã«ã¯åé€ããã³ãã¥ããã£åãå ¥åããŸãã
[泚æ ]ãSNMPãå©çšããªãå Žåã«ã¯ãåæèšå®ã®ã³ãã¥ããã£åãåé€ããŠäžãããã³ãã¥ããã£åãèšå®ãããŠããªãå Žåã«ã¯ãSNMP管çã¢ã¯ã»ã¹æ©èœã¯ç¡å¹ãšãªããŸãã
Console(config)#snmp-server community admin rwConsole(config)#snmp-server community privateConsole(config)#
16 FXC3110
æ¬æ©ã®ç®¡çåºæ¬èšå®
ãã©ããã»ã¬ã·ãŒãïŒTrap ReceiversïŒ
æ¬æ©ããã®ãã©ãããåãã SNMPã¹ããŒã·ã§ã³ïŒãã©ããã»ã¬ã·ãŒãïŒãèšå®ããããšãã§ããŸãã
ãã©ãããèšå®ããã«ã¯ã管çè ã¢ãŒã (Privileged Exec)ã® global configurationã¢ãŒããã以äžã®ã³ãã³ããå ¥ååŸãEnterãæŒããŠãã ããã
âsnmp-server host host-address community-stringã[version {1 | 2c | 3 {auth | noauth | priv}}]â
"host-address"ã«ã¯ãã©ããã»ã¬ã·ãŒãã® IPã¢ãã¬ã¹ãã"community-string"ã«ã¯ããŒãžã§ã³ 1/2cãã¹ãã®ã¢ã¯ã»ã¹æš©ããããŒãžã§ã³ 3ã®ãŠãŒã¶åãå ¥åããŸãã"version"ã§ã¯ãSNMPã¯ã©ã€ã¢ã³ãããŒãžã§ã³ãæå®ããŸãã"auth | noauth | priv"ã¯ãv3ã¯ã©ã€ã¢ã³ãã§äœ¿çšããã "èªèšŒ /èªèšŒç¡ã /èªèšŒãšãã©ã€ãã·"ãæå³ããŸãããããã®ãã©ã¡ãŒã¿ã®è©³çŽ°ã«ã€ããŠã¯ P465 ãsnmp-server hostããåç §ããŠãã ããã以äžã®äŸã¯ãSNMPã¯ã©ã€ã¢ã³ãã®ããããã®ã¿ã€ãã«ãã©ãããã¹ããäœæããŠããŸãã
Console(config)#snmp-server host 10.1.19.23 batmanConsole(config)#snmp-server host 10.1.19.98 robin version 2cConsole(config)#snmp-server host 10.1.19.34 barbie version 3 authConsole(config)#
17FXC3110
æ¬æ©ã®ç®¡çã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç
2.3 ã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç
æ¬æ©ã®ãã©ãã·ã¥ã¡ã¢ãªäžã« CLIãWebã€ã³ã¿ãã§ãŒã¹ãSNMPãã管çå¯èœãª 3çš®é¡ã®ã·ã¹ãã ãã¡ã€ã«ããããŸãããããã®ãã¡ã€ã«ã¯ãã¡ã€ã«ã®ã¢ããããŒããããŠã³ããŒããã³ããŒãåé€ãåã³èµ·åãã¡ã€ã«ãžã®èšå®ãè¡ãããšãã§ããŸãã
3çš®é¡ã®ãã¡ã€ã«ã¯ä»¥äžã®éãã§ãã
⢠Configuration(èšå®ãã¡ã€ã« ) â ãã®ãã¡ã€ã«ã¯ã·ã¹ãã ã®èšå®æ å ±ãä¿åãããŠãããèšå®æ å ±ãä¿åããéã«çæãããŸããä¿åãããã·ã¹ãã èµ·åãã¡ã€ã«ã«èšå®ããããšãã§ããä»ããµãŒãã« TFTPçµç±ã§ã¢ããããŒããããã¯ã¢ãããåãããšãã§ããŸãã"Factory_Default_Config.cfg"ãšãããã¡ã€ã«ã¯ã·ã¹ãã ã®åæèšå®ãå«ãŸããŠãããåé€ããããšã¯ã§ããŸããã詳现ã«é¢ããŠã¯ 28 ããŒãžã®ããã¡ãŒã ãŠã§ã¢ã®ç®¡çããåç §ããŠäžããã
⢠Operation Code(ãªãã¬ãŒã·ã§ã³ã³ãŒã ) â èµ·ååŸã«å®è¡ãããã·ã¹ãã ãœãããŠã§ã¢ã§ã©ã³ã¿ã€ã ã³ãŒããšãåŒã°ããŸãããªãã¬ãŒã·ã§ã³ã³ãŒãã¯æ¬æ©ã®ãªãã¬ãŒã·ã§ã³ãè¡ãªãä»ãCLIãWebã€ã³ã¿ãã§ãŒã¹ãæäŸããŸãã詳现ã«é¢ããŠã¯ 28 ããŒãžã®ããã¡ãŒã ãŠã§ã¢ã®ç®¡çããåç §ããŠäžããã
⢠Diagnostic Code(蚺æã³ãŒã ) â POST(ãã¯ãŒã»ãªã³ã»ã»ã«ããã¹ã )ãšããŠç¥ãããŠãããœãããŠã§ã¢ (ã·ã¹ãã ã»ããŒãã¢ããæã®å®è¡ããã°ã©ã )ã
æ¬æ©ã§ä¿åå¯èœãªãªãã¬ãŒã·ã§ã³ã³ãŒã㯠1ã€ã®ã¿ãšãªããŸãã蚺æã³ãŒããšèšå®ãã¡ã€ã«ã«é¢ããŠã¯ããã©ãã·ã¥ã¡ã¢ãªã®å®¹éã®ç¯å²å ã§ç¡å¶éã«ä¿åããããšãã§ããŸãã
ãã©ãã·ã¥ã¡ã¢ãªã§ã¯ãåçš®é¡ã®ãããã 1ã€ã®ãã¡ã€ã«ãèµ·åãã¡ã€ã«ãšãªããŸãã
ã·ã¹ãã èµ·åæã«ã¯èšºæã³ãŒããã¡ã€ã«ãšãªãã¬ãŒã·ã§ã³ã³ãŒããã¡ã€ã«ãå®è¡ãããŸãããã®åŸèšå®ãã¡ã€ã«ãããŒããããŸããèšå®ãã¡ã€ã«ã¯ããã¡ã€ã«åãæå®ããŠããŠã³ããŒããããŸãã
å®è¡äžã®èšå®ãã¡ã€ã«ãããŠã³ããŒãããå Žåãæ¬æ©ã¯åèµ·åãããŸããå®è¡äžã®èšå®ãã¡ã€ã«ãä¿åçšãã¡ã€ã«ã«ä¿åããŠããå¿ èŠããããŸãã
2.3.1 èšå®æ å ±ã®ä¿åãŸãã¯åŸ©å
configuration commandã䜿çšããŠã®èšå®å€æŽã¯ãå®è¡äžã®èšå®ãã¡ã€ã«ãå€æŽãããã ããšãªããŸããæ¬æ©ã®åèµ·åãè¡ã£ãå Žåã«ã¯èšå®æ å ±ãä¿åãããŸããã
å€æŽããèšå®ãä¿åããããã«ã¯ "copy"ã³ãã³ãã䜿ããå®è¡äžã®èšå®ãã¡ã€ã«ãèµ·åèšå®ãã¡ã€ã«ã«ã³ããŒããå¿ èŠããããŸãã
æ°ããèµ·åèšå®ãã¡ã€ã«ã«ã¯æå®ãããååãä»ããããªããã°ãªããŸããããã¡ã€ã«å㯠1ïœ 31æåã§èšå®ã§ãã倧æåå°æåãåºå¥ãããŸããïŒ"ï¿¥"ãŸã㯠"/"ã¯äœ¿çšåºæ¥ããæåã®æåã "."ã«ã¯åºæ¥ãŸãããïŒ
ã¹ã€ããå ã«ã¯ 1ã€ä»¥äžã®ãŠãŒã¶å®çŸ©ã®èšå®ãã¡ã€ã«ãä¿åã§ããŸãããã¹ã€ããããŒãæã«äœ¿çšããã "startup"ãšããŠæå®ã§ããã®ã¯ 1ãã¡ã€ã«ã®ã¿ã§ãã
" copy running-config startupconfig"ã³ãã³ãã¯åžžã«æ°ãããã¡ã€ã«ãèµ·åãã¡ã€ã«ãšããŠèšå®ããŸãã以åã«ä¿åãããèšå®ãã¡ã€ã«ãèµ·åã·ã¹ãã ã«äœ¿çšããã«ã¯ "config:<filename>"ã³ãã³ãã䜿çšããŠãã ããã
18 FXC3110
æ¬æ©ã®ç®¡çã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç
ä¿åãããèšå®ãã¡ã€ã«ã®æ倧æ°ã¯ãå©çšå¯èœãªãã©ãã·ã¥ã¡ã¢ãªã®å®¹éã«äŸåããŸããå©çšå¯èœã¯ãã©ãã·ã¥ã¡ã¢ãªã®åèšé㯠"dir"ã³ãã³ãã䜿çšããŠç¢ºèªåºæ¥ãŸãã
çŸåšã®èšå®ãä¿åããã«ã¯ä»¥äžã®æé ãè¡ã£ãŠãã ããã
ïŒ1ïŒPrivileged Execã¢ãŒãã«ãŠã"copy running-config startup-config"ãšå ¥åã "Enter"
ãæŒããŸãã
ïŒ2ïŒèµ·åãã¡ã€ã«ã®ååãå ¥åãã"Enter"ãæŒããŸãã
ããã¯ã¢ãããµãŒãããèšå®ã埩å ããã«ã¯ä»¥äžã®æé ãè¡ã£ãŠäžããã
ïŒ1ïŒPrivileged Execã¢ãŒãã«ãŠã"ccopy tftp startup-config"ãšå ¥åã "Enter"ãæŒããŸãã
ïŒ2ïŒTFTPãµãŒãã®ã¢ãã¬ã¹ãå ¥åãã"Enter"ãæŒããŸãã
ïŒ3ïŒãµãŒãã«ä¿åãããŠããèµ·åãã¡ã€ã«ã®ååãå ¥åã "Enter"ãæŒããŸãã
ïŒ4ïŒã¹ã€ããã®èµ·åãã¡ã€ã«ã®ååãå ¥åã "Enter"ãæŒããŸãã
Console#copy running-config startup-configStartup configuration file name []: startup\Write to FLASH Programming.
\Write to FLASH finish.Success.
Console#
Console#copy file startup-configConsole#copy tftp startup-configTFTP server IP address: 192.168.0.4Source configuration file name: startup-rd.cfgStartup configuration file name [startup1.cfg]:
Success.Console#
19FXC3110
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶
3.1 Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶
æ¬æ©ã«ã¯ç®¡ççšã®WebãµãŒããæèŒãããŠããŸããWebãã©ãŠã¶ããèšå®ãè¡ã£ããããããã¯ãŒã¯ã®ç¶æ ãç£èŠããããã®çµ±èšæ å ±ã確èªãããããããšãã§ããŸãã
ãããã¯ãŒã¯ã«æ¥ç¶ããã PCäžã§åäœãããInternet Explorer 5.0ãå㯠Netscape Navigator 6.2以äžãããWebã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸãã
[ 泚æ ]ãWeb ã€ã³ã¿ãã§ãŒã¹ä»¥å€ã«ããããã¯ãŒã¯çµç±ã§ã® Telnet åã³ã·ãªã¢ã«ããŒãçµç±ã®ã³ã³ãœãŒã«æ¥ç¶ã§ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ (CLI) ã䜿çšãæ¬æ©ã®èšå®ãè¡ãããšãã§ããŸããCLIã®äœ¿çšã«é¢ãã詳现㯠4ç« ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãåç §ããŠäžããã
Webã€ã³ã¿ãã§ãŒã¹ã䜿çšããå Žåã¯ãäºåã«äžèšã®èšå®ãè¡ã£ãŠäžããã
ïŒ1ïŒå¿ èŠã«å¿ããã³ã³ãœãŒã«æ¥ç¶ãBOOTPå㯠DHCPãããã³ã«ã䜿çšããŠæ¬æ©ã« IP
ã¢ãã¬ã¹ããµãããããã¹ã¯ãããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããŸããïŒè©³çŽ°ã¯P312 ããŒãžã®ãIPã¢ãã¬ã¹ã®èšå®ïŒIP Version4ïŒããåç §ããŠäžããïŒ
ïŒ2ïŒã³ã³ãœãŒã«æ¥ç¶ã§ããŠãŒã¶åãšãã¹ã¯ãŒããèšå®ããŸããWebã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶ã¯ã³ã³ãœãŒã«æ¥ç¶ã®å ŽåãšåããŠãŒã¶åãšãã¹ã¯ãŒã䜿çšããŸãã
ïŒ3ïŒWebãã©ãŠã¶ãããŠãŒã¶åãšãã¹ã¯ãŒããå ¥åãããšãã¢ã¯ã»ã¹ãèš±å¯ãããæ¬æ©ã®ããŒã ããŒãžã衚瀺ãããŸãã
[泚æ ]ããã¹ã¯ãŒã㯠3åãŸã§åå ¥åããããšãã§ããŸãã3å倱æãããšæ¥ç¶ã¯åæãããŸãã
[泚æ ]ã ã²ã¹ãã¢ãŒãïŒNormal ExecïŒã§Webã€ã³ã¿ãã§ãŒã¹ã«ãã°ã€ã³ããå ŽåãããŒãžæ å ±ã®é²èŠ§ãšãã²ã¹ãã¢ãŒãã®ãã¹ã¯ãŒãã®å€æŽã®ã¿è¡ããŸãã管çè ã¢ãŒãïŒPrivileged ExecïŒã§ãã°ã€ã³ããå Žåã¯å šãŠã®èšå®å€æŽãè¡ããŸãã
[泚æ ]ã 管ççš PCãšæ¬æ©ã®éã§ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã ïŒSTAïŒã䜿çšãããŠããªãå Žåã管ççšPCã«æ¥ç¶ãããããŒãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã«ããïŒAdminEdge Portã®æå¹åïŒããšã«ãããWebã€ã³ã¿ãã§ãŒã¹ããã®èšå®ã«å¯Ÿããæ¬æ©ã®å¿çé床ãåäžãããããšãã§ããŸãïŒè©³çŽ°ã¯ P125 ãã€ã³ã¿ãã§ãŒã¹èšå®ããåç §ããŠäžããïŒ
3. Web ã€ã³ã¿ã ã§ãŒã¹
20 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
3.2 Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
Webã€ã³ã¿ãã§ãŒã¹ãžã¢ã¯ã»ã¹ããéã¯ãåãã«ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããå¿ èŠããããŸãã管çè ã¢ãŒã (Privileged Exec)ã§ã¯å šãŠã®èšå®ãã©ã¡ãŒã¿ã®è¡šç€º /å€æŽãšçµ±èšæ å ±ã®è¡šç€ºãå¯èœã§ãã管çè ã¢ãŒã (Privileged Exec)ã®åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒãã¯"admin"ã§ã
3.2.1 ããŒã ããŒãž
Webã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããéã®æ¬æ©ã®ç®¡çç»é¢ã®ããŒã ããŒãžã¯ä»¥äžã®éã衚瀺ãããŸããç»é¢ã®å·ŠåŽã«ã¡ã€ã³ã¡ãã¥ãŒãå³åŽã«ã¯ã·ã¹ãã æ å ±ã衚瀺ãããŸããã¡ã€ã³ã¡ãã¥ãŒããã¯ãä»ã®ã¡ãã¥ãŒãèšå®ãã©ã¡ãŒã¿ãçµ±èšæ å ±ã®è¡šç€ºãããããŒãžãžãªã³ã¯ããŠããŸãã
21FXC3110
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
3.2.2 èšå®ãªãã·ã§ã³
èšå®ãã©ã¡ãŒã¿ã«ã¯ãã€ã¢ãã°ããã¯ã¹ãšããããããŠã³ãªã¹ãããããŸãã
ããŒãžäžã§èšå®å€æŽãè¡ã£ãéã¯ãå¿ ãæ°ããèšå®ãåæ ãããããã«ã[Apply]ãã¿ã³ãã¯ãªãã¯ããŠãã ããã
次ã®è¡šã¯WebããŒãžã«è¡šç€ºãããèšå®ãã¿ã³ã®å 容ã解説ããŠããŸãã
[泚æ ]ãããŒãžå 容ã®æŽæ°ã確å®ã«è¡ããããInternet Explorer 5.xã§ã¯ã¡ãã¥ãŒãã [ããŒã« ]â [ã€ã³ã¿ãŒããããªãã·ã§ã³ ] â [å šè¬ ]â [ ã€ã³ã¿ãŒãããäžæãã¡ã€ã« ]ãéžæãã[èšå®ã§ä¿åããŠããããŒãžã®æ°ããããŒãžã§ã³ã®ç¢ºèª ]ã® [ããŒãžã衚瀺ããããšã«ç¢ºèªãã ]ããã§ãã¯ããŠäžããã
3.2.3 ããã«ã®è¡šç€º
Webã€ã³ã¿ãã§ãŒã¹ã§ã¯ããŒãã®ç¶æ ãç»åã§è¡šç€ºãããŸããåããŒãã®ãªã³ã¯ç¶æ ãDuplexããããŒã³ã³ãããŒã«ãªã©ã®ç¶æ ã確èªããããšãã§ããŸãããŸããåããŒããã¯ãªãã¯ããããšã§ P48 ãããŒãèšå®ãã§è§£èª¬ããŠããåããŒãã®èšå®ããŒãžã衚瀺ãããŸãã
ãã¿ã³ æäœ
Revert å ¥åããå€ããã£ã³ã»ã«ãã[Apply]å㯠[Apply Changes]ãã¯ãªãã¯ããåã«è¡šç€ºãããŠããå ã®å€ã«æ»ã
Apply å ¥åããå€ãæ¬æ©ã«åæ ããã
Help Webãã«ãã«ãªã³ã¯ããŠããŸã
22 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3 åºæ¬èšå®
3.3.1 ã·ã¹ãã æ å ±ã®è¡šç€º
System>GeneralããŒãžã䜿çšããæ¬æ©ã®ååãèšçœ®å Žæåã³ã³ã³ã¿ã¯ãæ å ±çã衚瀺ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
System Description
ããã€ã¹ã¿ã€ãã®èª¬æ
System Object ID
æ¬æ©ã®ãããã¯ãŒã¯ç®¡çãµãã·ã¹ãã ã®MIBIIãªããžã§ã¯ã ID
System Up Time
管çã·ã¹ãã ãèµ·åããŠããã®æé
System Name
æ¬æ©ã«èšå®ããåå
System Location
æ¬æ©ã®èšçœ®å Žæ
System Contact
管çè ã®ã³ã³ã¿ã¯ãæ å ±
èšå®æ¹æ³
ïŒ1ïŒ[System]â [General]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒã·ã¹ãã 管çè ã® System NameãLocationãContactæ å ±ãæå®ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
23FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.2 ããŒããŠã§ã¢åã³ãœãããŠã§ã¢ããŒãžã§ã³ã®è¡šç€ºSystem>SwitchããŒãžã䜿çšããã¡ã€ã³ããŒããšç®¡çãœãããŠã§ã¢ã®ããŒããŠã§ã¢ /ãã¡ãŒã ãŠã§ã¢ããŒãžã§ã³ãã·ã¹ãã ã®é»æºã¹ããŒã¿ã¹ã確èªã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Main BoardïŒããŒããŠã§ã¢æ¬äœïŒ
Serial Number
ã¹ã€ããåºç€ã®ã·ãªã¢ã«ãã³ããŒNumber of Ports
æèŒããã RJ-45ããŒãã®æ°
Hardware Version
ããŒããŠã§ã¢ã®ããŒãžã§ã³Internal Power Status
å éšé»æºã®ã¹ããŒã¿ã¹ã衚瀺
Management SoftwareïŒç®¡çãœãããŠã§ã¢ïŒ
Role
æ¬æ©ã MasterãSlaveã©ã¡ãã§åäœããŠãããã衚瀺
EPLD Version
EPLDïŒElectronically Programmable Logic DeviceïŒã³ãŒãã®ããŒãžã§ã³
Loader Version
Loaderã³ãŒãã®ããŒãžã§ã³
Diagnostics Code Version
Power-On Self-Test (POST)åã³ bootã³ãŒãã®ããŒãžã§ã³
Operation Code Version
runtime ã³ãŒãã®ããŒãžã§ã³
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Switch]ãã¯ãªãã¯ããŸãã
24 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.3 Jumbo ãã¬ãŒã ã®æå¹å
Jumboãã¬ãŒã ãæå¹ãæå¹åããããšã«ãããã®ã¬ãããã€ãŒãµããã䜿çšæã«ãæ倧9216byteã® Jumboãã¬ãŒã ãã±ããããµããŒãã§ããŸãã
æ©èœè§£èª¬
⢠Jumboãã¬ãŒã ã䜿çšããããã«ã¯ããœãŒã¹ã»ãã£ã¹ãã£ããŒã·ã§ã³äž¡æ¹ã®çµç«¯ããŒãïŒPCãŸãã¯ãµãŒãïŒããã®æ©èœããµããŒãããŠããå¿ èŠããããŸããåãããæ¥ç¶ãå šäºéã§çšŒåããŠããéã«ã¯ã2ã€ã®çµç«¯ã®ããŒãéã®ãããã¯ãŒã¯ã«ããå šãŠã®ã¹ã€ãããæ¡åŒµãã¬ãŒã ãµã€ãºãåãåããªããŠã¯ãªããŸãããåäºéæ¥ç¶æã¯ãã³ãªãžã§ã³ãã¡ã€ã³ã®å šãŠã®ããã€ã¹ã Jumboãã¬ãŒã ããµããŒãããŠããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Jumbo Frame
Jumboãã¬ãŒã ãµããŒããèšå®ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Capability]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒJumbo FrameãµããŒãã®ãEnableããã§ãã¯ããŒã¯ã«ãã§ãã¯ãå ¥ããŸãããã§ãã¯ãå€ãããšã§ç¡å¹ã«åºæ¥ãŸãã
25FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.4 ããªããžæ¡åŒµæ©èœã®è¡šç€º
ããªããž MIBã«ã¯ããã©ãã£ãã¯ã¯ã©ã¹ããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãVLANã«å¯Ÿå¿ãã管çè£ çœ®çšã®æ¡åŒµæ å ±ãå«ãŸããŸããSystemïŒ CapabilityããŒãžã䜿çšããããšã§ããããã®èšå®ã確èªããããšãåºæ¥ãŸãã
èšå®ã»è¡šç€ºé ç®
Extended Multicast Filtering Services
GARP Multicast Registration Protocol(GMRP)ã䜿çšããåã ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã®ãã£ã«ã¿ãªã³ã°ãè¡ãããªãããšãè¡šããŸãïŒçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯äœ¿çšã§ããŸããïŒ
Traffic Classes
ãŠãŒã¶ãã©ã€ãªãªãã£ãè€æ°ã®ãã©ãã£ãã¯ã¯ã©ã¹ã«ãããã³ã°ãããŠããããšãè¡šããŸãã(詳现ã¯ãP138 ãClass of ServiceïŒCoSïŒããåç §ããŠäžãã )
Static Entry Individual Port
ãŠããã£ã¹ãåã³ãã«ããã£ã¹ãã¢ãã¬ã¹ã®éçãã£ã«ã¿ãªã³ã°ãè¡ãªãããŠããããšãè¡šããŸãã
VLAN Version Number
"1"㯠1ã€ã®ã¹ããã³ã°ããªãŒïŒSSTïŒã"2"ããã«ããã«ã¹ããã³ã°ããªãŒïŒMSTïŒã瀺ããŸãã
VLAN Learning
æ¬æ©ã¯åããŒããç¬èªã®ãã£ã«ã¿ãªã³ã°ããŒã¿ããŒã¹ãä¿æãã Independent VLAN Learning(IVL)ã䜿çšããŠããããšãè¡šããŠããŸãã
Local VLAN Capable
æ¬æ©ã¯è€æ°ã®ããŒã«ã«ããªããž (ãã«ããã«ã¹ããã³ã°ããªãŒ )ããµããŒãããŠããããšãè¡šããŠããŸãã
Configurable PVID Tagging
æ¬æ©ã¯åããŒãã«å¯ŸããŠåæããŒã VLAN IDïŒãã¬ãŒã ã¿ã°ã§äœ¿çšããã PVIDïŒãšããã®åºå圢åŒïŒã¿ã°ä»åã¯ã¿ã°ãªã VLANïŒãèšå®å¯èœã§ããããšãè¡šããŠããŸãïŒP80 ãVLANããåç §ããŠäžããïŒ
Max Supported VLAN Numbers
æ¬æ©ã§ãµããŒãããã VLANã®æ倧æ°
Max Supported VLAN ID
æ¬æ©ã§ãµããŒããããèšå®å¯èœãª VLANèå¥å
GMRP
GMRPã䜿çšããããšã§ããã«ããã£ã¹ãã°ã«ãŒãå ã®çµç«¯ç«¯æ«ããããã¯ãŒã¯æ©åšã«ç»é²ããããšãã§ããŸããæ¬æ©ã§ã¯ GMRPã«å¯Ÿå¿ããŠããŸãããæ¬æ©ã¯èªåçãªãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãè¡ã Internet Group Management Protocol (IGMP)ã䜿çšããŠããŸãã
26 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Capability]ãã¯ãªãã¯ããŸãã
27FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.5 ãã¡ãŒã ãŠã§ã¢ã®ç®¡ç
æ¬é ã§ã¯ãæ¬æ©ã®ãªãã¬ãŒãã£ã³ã°ãœãããŠã§ã¢ãŸãã¯èšå®ãã¡ã€ã«ã®ã¢ããã°ã¬ãŒãæ¹æ³ããã³ãã·ã¹ãã èµ·åãã¡ã€ã«ã®èšå®æ¹æ³ã«ã€ããŠè§£èª¬ããŸãã
FTP/TFTPãHTTPçµç±ã®ãã¡ã€ã«ã³ããŒ
System>FileïŒCopyïŒããŒãžã«ãŠãFTP/TFTPãHTTPã䜿çšããŠãã¡ãŒã ãŠã§ã¢ãŸãã¯èšå®ãã¡ã€ã«ã®ã¢ããããŒã /ããŠã³ããŒããè¡ãããšãåºæ¥ãŸãã
ãã¡ã€ã«ãããŠã³ããŒãããéãä¿åå ãã¡ã€ã«åã¯ãçŸåšã®ãã¡ã€ã«ãšçœ®ãæããããã«èšå®ããããšãå¯èœã§ãããŸãã¯ããã¡ã€ã«ãçŸåšã® Run-timeã³ãŒããã¡ã€ã«ãšç°ãªãååã䜿çšããŠããŠã³ããŒããè¡ãããã®åŸã«æ°ãããã¡ã€ã«ãã¹ã¿ãŒãã¢ãããã¡ã€ã«ãšããŠèšå®ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Copy Type
ãã¡ãŒã ãŠã§ã¢ã³ããŒã®æäœæ¹æ³ãäžèšã®ãªãã·ã§ã³ããããŸãã
ïŒ FTP Upgrade â FTPãµãŒãããã¹ã€ãããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ FTP Download â ã¹ã€ãããã FTPãµãŒããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ TFTP Upgrade â TFTPãµãŒãããã¹ã€ãããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ TFTP Download â ã¹ã€ãããã FTPãµãŒããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ HTTP Upgrade â 管çã¹ããŒã·ã§ã³ããã¹ã€ãããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ HTTP Download â ã¹ã€ãããã管çã¹ããŒã·ã§ã³ãžãã¡ã€ã«ãã³ããŒããŸãã
FTP/TFTP Server IP Address
FTP/TFTPãµãŒãã® IPã¢ãã¬ã¹
User Name
FTPãµãŒãã¢ã¯ã»ã¹ã®ããã®ãŠãŒã¶å
Password
FTPãµãŒãã¢ã¯ã»ã¹ã®ããã®ãã¹ã¯ãŒã
File Type
ãã¡ãŒã ãŠã§ã¢ã³ããŒã®ããã® opcode (ãªãã¬ãŒã·ã§ã³ã³ãŒã )
File Name
ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã䜿çšããããšã¯ã§ããŸããããŸãããã¡ã€ã«åã®é æåã«ã¯ããªãªã (.)ã¯äœ¿çšã§ããŸãããTFTPãµãŒãäžã®ãã¡ã€ã«åã¯æé· 127æåãæ¬æ©å ã§ã¯æé· 31æåã§ãïŒå©çšã§ããæå :A-Z, a-z,0-9, ".", "-", "_"ïŒ
[泚æ ]ãã¹ã€ããã®ãã¡ã€ã«ãã£ã¬ã¯ããªã«ä¿åã§ããã·ã¹ãã ãœãããŠã§ã¢ïŒã©ã³ã¿ã€ã ãã¡ãŒã ãŠã§ã¢çïŒã®æ倧æ°ã¯ 2ã€ã§ãã
[泚æ ]ããŠãŒã¶å®çŸ©èšå®ãã¡ã€ã«ã®æ倧æ°ã¯äœ¿çšå¯èœãªãã©ãã·ã¥ã¡ã¢ãªã¹ããŒã¹ã«äŸåããŸãã
[泚æ ]ã"Factory_Default_Config.cfg"ãã¡ã€ã«ã¯ãTFTPãµãŒããŸãã¯ç®¡çã¹ããŒã·ã§ã³ã«ã³ããŒããããšãå¯èœã§ãããã¹ã€ããã®å®å ãã¡ã€ã«åãšããŠäœ¿çšããããšã¯åºæ¥ãŸããã
28 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èšå®æ¹æ³
ãã¡ãŒã ãŠã§ã¢ã®ã³ããŒ
ïŒ1ïŒ[System]â [File]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããCopyããéžæããŸãã
ïŒ3ïŒãã©ã³ã¹ãã¡ã¡ãœãããšããŠãFTP Upgradeããã HTTP Upgradeãã ã TFTP Upgradeãã®ãããããéžæããŸãã
ïŒ4ïŒFTPãŸã㯠TFTPã¢ããã°ã¬ãŒãã䜿çšããéããã¡ã€ã«ãµãŒãã® IPã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ5ïŒFTPã¢ããã°ã¬ãŒãã䜿çšããéãFTPãµãŒãã¢ã«ãŠã³ãã®ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããŸãã
ïŒ6ïŒãFile TypeãããOperation Codeãã«èšå®ããŸãã
ïŒ7ïŒããŠã³ããŒããããã¡ã€ã«ã®ååãå ¥åããŸããïŒ8ïŒã¹ã€ããäžã®ãã¡ã€ã«ãäžæžããéžæããããæ°ãããã¡ã€ã«åãå ¥åããŸããïŒ9ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
çŸåšäœ¿çšããŠãããã¡ã€ã«ã眮ãæããæ°ãããã¡ã€ã«ã䜿çšãããå Žå㯠System>Resetã¡ãã¥ãŒã§ã·ã¹ãã ã®åèµ·åãè¡ã£ãŠãã ããã
29FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
çŸåšã®èšå®ãããŒã«ã«ãã¡ã€ã«ãžä¿å
System > File (Copy) ããŒãžã䜿çšããã¹ã€ããäžã®ããŒã«ã«ãã¡ã€ã«ãžçŸåšã®èšå®ãä¿åããããšãåºæ¥ãŸãããã®èšå®ã¯ãã¹ã€ãããªããŒãæã«ã·ã¹ãã ã«ããèªåä¿åã¯ãããŸããããããã®èšå®ã¯ãçŸåšã®èµ·åãã¡ã€ã«ãŸãã¯ãèµ·åãã¡ã€ã«ãšããŠèšå®å¯èœãªãã®ä»ã®ãã¡ã€ã«ãžä¿åããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Copy Type
ã³ããŒã®æäœæ¹æ³ãäžèšã®ãªãã·ã§ã³ããããŸãã
ïŒ Running-ConfigïŒçŸåšã®èšå®ãã¹ã€ããäžã®ããŒã«ã«ãã¡ã€ã«ãžã³ããŒ
Destination File Name
ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã䜿çšããããšã¯ã§ããŸããããŸãããã¡ã€ã«åã®é æåã«ã¯ããªãªã (.)ã¯äœ¿çšã§ããŸãããTFTPãµãŒãäžã®ãã¡ã€ã«åã¯æé· 127æåãæ¬æ©å ã§ã¯æé· 31æåã§ãïŒå©çšã§ããæå :A-Z, a-z,0-9, ".", "-", "_"ïŒ
[泚æ ]ããŠãŒã¶å®çŸ©èšå®ãã¡ã€ã«ã®æ倧æ°ã¯äœ¿çšå¯èœãªãã©ãã·ã¥ã¡ã¢ãªã¹ããŒã¹ã«äŸåããŸãã
èšå®æ¹æ³
çŸåšã®èšå®ãã¡ã€ã«ãä¿å
ïŒ1ïŒ[System]â [File]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããCopyããéžæããŸãã
ïŒ3ïŒãCopy TypeããããRunning-ConfigããéžæããŸãã
ïŒ4ïŒã¹ã€ããäžã®ãã¡ã€ã«ãäžæžããéžæããããæ°ãããã¡ã€ã«åãå ¥åããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
çŸåšäœ¿çšããŠãããã¡ã€ã«ã眮ãæããæ°ãããã¡ã€ã«ã䜿çšãããå Žå㯠System>Resetã¡ãã¥ãŒã§ã·ã¹ãã ã®åèµ·åãè¡ã£ãŠãã ããã
30 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èµ·åãã¡ã€ã«ã®èšå®
System > File (Set Start-Up)ã䜿çšããã·ã¹ãã åææã«äœ¿çšãããã¡ãŒã ãŠã§ã¢ãŸãã¯èšå®ãã¡ã€ã«ãæå®ããããšãåºæ¥ãŸãã
èšå®æ¹æ³
ïŒ1ïŒ[System]â [File]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããSet Start-UpããéžæããŸãã
ïŒ3ïŒã¹ã¿ãŒãã¢ããã«äœ¿çšãããªãã¬ãŒã·ã§ã³ã³ãŒããŸãã¯èšå®ãã¡ã€ã«ã«ããŒã¯ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
æ°ãããã¡ãŒã ãŠã§ã¢ãŸãã¯èšå®ãã¡ã€ã«ã䜿çšããã«ã¯ System > Resetã¡ãã¥ãŒããã·ã¹ãã ãåèµ·åããŠãã ããã
31FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ã·ã¹ãã ãã¡ã€ã«ã®è¡šç€º
System > File (Show)ããŒãžã䜿çšããã·ã¹ãã ãã£ã¬ã¯ããªã®ãã¡ã€ã«ã衚瀺ãŸãã¯åé€ãè¡ãããšãåºæ¥ãŸãã
[泚æ ]ãã¹ã¿ãŒãã¢ããã«æå®ããããã¡ã€ã«ãšãFactory_Default_Config.cfg ãã¡ã€ã«ã¯åé€ããããšãåºæ¥ãŸããã
èšå®æ¹æ³
ã·ã¹ãã ãã¡ã€ã«ã衚瀺
ïŒ1ïŒ[System]â [File]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããShowããéžæããŸãã
ïŒ3ïŒãã¡ã€ã«ãåé€ããã«ã¯ããã¡ã€ã«ãªã¹ãã®ãã¡ã€ã«åã«ããŒã¯ããïŒ DeleteïŒãã¯ãªãã¯ããŸãã
32 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ãªãã¬ãŒã·ã§ã³ã³ãŒãã®èªåã¢ããã°ã¬ãŒã
æ¬ã·ã¹ãã ã¯ãªãã¬ãŒã·ã§ã³ã³ãŒãã®èªåããŠã³ããŒããèšå®ã§ããŸããçŸåšã€ã³ã¹ããŒã«ãããŠãããã¡ã€ã«ããããæ°ããããŒãžã§ã³ã®ãã¡ã€ã«ããµãŒããŒã«çºèŠãããæã«ããªãã¬ãŒã·ã§ã³ã³ãŒããã¡ã€ã«ã®èªåããŠã³ããŒããè¡ããŸãããã¡ã€ã«ããµãŒããŒãã転éããããã¡ã€ã«ã·ã¹ãã ãžã®æžã蟌ã¿ãæåããåŸãæ°ãããã¡ã€ã«ãèªåçã«ã¹ã¿ãŒãã¢ãããã¡ã€ã«ãšããŠèšå®ããã¹ã€ããã®åèµ·åãè¡ããŸãã
æ©èœè§£èª¬
⢠ãã®æ©èœãæå¹ã®éãã¹ã€ããã¯ããŒãã¢ããã·ãŒã±ã³ã¹ã®éã«äžåºŠãå®çŸ©ãããURLãæ€çŽ¢ããŸãã
⢠ã¢ããã°ã¬ãŒããã¡ã€ã«ãã±ãŒã·ã§ã³ã® URLã®ãã¹ãéšåã¯ãæå¹ãª IPv4 IPã¢ãã¬ã¹ã«èšå®ããŠãã ãããDNSãã¹ãåã¯èªèãããŸãããæå¹ãª IPã¢ãã¬ã¹ã¯ãããªãªãã§åãããã 0-255ã® 4ã€ã®æ°ããæããŸãã
⢠ãã£ã¬ã¯ããªãžã®ãã¹ãåããå®çŸ©ããŠãã ããããããã¡ã€ã«ã TFTP/FTPãµãŒãã¹ã®ã«ãŒããã£ã¬ã¯ããªã«ä¿ååºãããŠããå Žåã"/"ã䜿çšããŠæå®ããŠãã ãããïŒäŸïŒftp://192.168.0.1/ïŒ
⢠ãã¡ã€ã«åã¯ãã¢ããã°ã¬ãŒããã¡ã€ã«ãã±ãŒã·ã§ã³ URLã«å«ãŸããªããŠã¯ãªããŸããããªã¢ãŒããµãŒãã«ä¿åãããã³ãŒãã®ãã¡ã€ã«å㯠FXC3110.bixã«ãªããŸãã
⢠TFTPæ¥ç¶ã¯ ,PASVã¢ãŒããæå¹æã«ç¢ºç«ãããŸããPASVã¢ãŒãã¯ãFTPãã©ãã£ãã¯ããããã¯ãããªããšããŠãããã¡ã€ã¢ãŠã©ãŒã«ã暪æããããã«å¿ èŠãšãªããŸããPASVã¢ãŒãã¯ç¡å¹ã«ã§ããŸããã
⢠倧æåãããã¯å°æåã®ãã¡ã€ã«åãåãå ¥ãããšããç¹ã§ïŒäŸïŒæ¬æ©ã¯ãµãŒããŒãž"FXC3110.bix"ãèŠæ±ããŠãã"FXC3110.bix"ãåãåãããšãã§ããŸãïŒãã¹ã€ããããŒã¹ã®æ€çŽ¢æ©èœã¯å€§æåå°æåã®åºå¥ãç¡èŠããŸããããããªãããUnixçã®å€ãã® Unixã©ã€ã¯ã·ã¹ãã (FreeBSDãNetBSDãOpenBSDç )ãã倧æåå°æåã®éããèå¥ããåããã£ã¬ã¯ããªã® 2ã€ã®ãã¡ã€ã«ãFXC3110.bixãš FXC3110.bixãå¥ã®ååã§ãããšèªèãããšããããšã念é ã«çœ®ããŠãã ããããã FXC3110.bix(ãŸãã¯Fxc3110.bix)ãšããŠä¿åãããã¢ããã°ã¬ãŒããã¡ã€ã«ã倧æåå°æåã®éããèå¥ãããµãŒãã«çœ®ãããŠããå Žåãã¹ã€ããïŒFXC3110.bixãèŠæ±ïŒã¯ã¢ããã°ã¬ãŒããè¡ããŸããããµãŒãã¯ãªã¯ãšã¹ãããããã¡ã€ã«åãšä¿åãããŠãããã¡ã€ã«ãåãç©ã ãšèªèãåºæ¥ãªãããã§ãã倧æåå°æåã®éããèå¥ãã Unixã©ã€ã¯ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã®é¡èãªäŸå€ã¯Mac OS Xã§ããMAC OS Xã¯å€§æåå°æåã®éããç¡èŠããŸããããããµãŒãã®ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã®ä»æ§ãäžç¢ºããªå Žåã¯ãããã¥ã¢ã«çã§ãã§ãã¯ãããŠãã ããã
⢠èªåã¢ããã°ã¬ãŒãããã»ã¹ã¯ãããã¯ã°ã©ãŠã³ãã§è¡ãããæ¬æ©ã®éåžžã®ãªãã¬ãŒã·ã§ã³ã劚ããŸããã
⢠èªåæ€çŽ¢ãšè»¢éã®ããã»ã¹ã®éã管çè ã¯ä»ã®ãªãã¬ãŒã·ã§ã³ã³ãŒãã€ã¡ãŒãžãèšå®ãã¡ã€ã«ããããªãã¯ããŒãHTTPS蚌ææžçã®è»¢éãŸãã¯ã¢ããã°ã¬ãŒããè¡ãããšãã§ããŸããã
⢠ã¢ããã°ã¬ãŒããªãã¬ãŒã·ã§ã³ã³ãŒãã€ã¡ãŒãžã¯ããã¡ã€ã«ã·ã¹ãã ãžã®æžã蟌ã¿ãæåããåŸãã¹ã¿ãŒãã¢ãããã¡ã€ã«ãšããŠèšå®ãããŸãã
â¢ å šãŠã®ã¢ããã°ã¬ãŒãã®æå /倱æåŸãã¹ã€ãã㯠SNMPãã©ãããéä¿¡ãããã°ãšã³ããªãäœæããŸãã
33FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
⢠ã¢ããã°ã¬ãŒããã¡ã€ã«ã®ãã¡ã€ã«ã·ã¹ãã ãžã®æžã蟌ã¿ã«æåããã¹ã¿ãŒãã¢ããã€ã¡ãŒãžãžèšå®ãããåŸãã¹ã€ããã¯ãã ã¡ã«åèµ·åãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Automatic Opcode Upgrade
ã¹ã€ããããŒãã¢ããããã»ã¹æã«ãã¢ããã°ã¬ãŒããªãã¬ãŒã·ã§ã³ã³ãŒããã¡ã€ã«ã®æ€çŽ¢ãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Automatic Upgrade Location URL
ã¹ã€ããããŒãã¢ããããã»ã¹æã«ã¹ã€ããããªãã¬ãŒã·ã§ã³ã³ãŒãã¢ããã°ã¬ãŒããã¡ã€ã«ãæ€çŽ¢ããå Žæãå®çŸ©ããŸããURLã®æåŸã®æåã¯ïŒ"/"ïŒã«ãªããŸããã¹ã€ããã«ãã£ãŠèªåçã«ä»å ãããçºãFXC3110.bixãã¡ã€ã«åã¯å«ã¿ãŸãããïŒãªãã·ã§ã³ïŒftpãtftpïŒ
tftp://host[/filedir]/tftp://ã-ããµãŒãæ¥ç¶ã® TFTPãããã³ã«ãå®çŸ©ããŸããhostã-ãTFTPãµãŒãã® IPã¢ãã¬ã¹ãå®çŸ©ããŸããæå¹ãª IPã¢ãã¬ã¹ã¯ãããªãªãã§åãããã 0-255ã® 4ã€ã®æ°ããæããŸããDNSãã¹ãåã¯èªèãããŸãããfiledirã-ããã£ã¬ã¯ããªãå®çŸ©ããŸãã/ã-ãURLã®æåŸã®æåã§ããããšã瀺ããŸãã
ftp://[username[:password@]]host[/filedir]/tftp://ã-ããµãŒãæ¥ç¶ã® FTPãããã³ã«ãå®çŸ©ããŸããUsernameã-ãFTPæ¥ç¶ã®ãŠãŒã¶åãå®çŸ©ããŸããå ¥åãçç¥ããå Žåãä»®ãŠãŒã¶å㯠" anonymous"ã«ãªããŸããPasswordã-ãFTPæ¥ç¶ã®ãã¹ã¯ãŒããå®çŸ©ããŸãããã¹ã¯ãŒãããURLã®ãã¹ãéšåãšãŠãŒã¶åããåºå¥ããããã«ããã¹ã¯ãŒãã®åã«ã¯ã³ãã³ïŒ:ïŒãä»ããŠäžããããŸãããã¹ã¯ãŒãã®åŸã«ã¯ã¢ããããŒã¯ïŒïŒ ïŒãä»ããŠäžãããhostã-ãFTPãµãŒãã® IPã¢ãã¬ã¹ãå®çŸ©ããŸããæå¹ãª IPã¢ãã¬ã¹ã¯ãããªãªãã§åãããã 0-255ã® 4ã€ã®æ°ããæããŸããDNSãã¹ãåã¯èªèãããŸãããfiledirã-ããã£ã¬ã¯ããªãå®çŸ©ããŸãã/ã-ãURLã®æåŸã®æåã§ããããšã瀺ããŸãã
äŸ
⢠次ã®äŸã¯ãæ§ã ãªå Žæã«ä¿åããããªãã¬ãŒã·ã§ã³ã³ãŒãã€ã¡ãŒãžãšãIPã¢ãã¬ã¹192.168.0.1ã® TFTPãµãŒãã瀺ã URLæ§æã§ãã
ïŒ tftp://192.168.0.1/ã€ã¡ãŒãžãã¡ã€ã«ã¯ TFTPã«ãŒããã£ã¬ã¯ããªã«ãããŸãã
ïŒ tftp://192.168.0.1/switch-opcode/ã€ã¡ãŒãžãã¡ã€ã«ã¯ TFTP ã«ãŒãã«çžå¯Ÿç㪠"switch-opcode"ãã£ã¬ã¯ããªã«ãããŸãã
ïŒ tftp://192.168.0.1/switches/opcode/ã€ã¡ãŒãžãã¡ã€ã«ã¯ "opcode"ãã£ã¬ã¯ããªã«ããããã㯠TFTPã«ãŒãã«çžå¯Ÿç㪠"switches"芪ãã£ã¬ã¯ãã®äžã«ãããŸãã
⢠次ã®äŸã¯ãæ§ã ãªãŠãŒã¶åããã¹ã¯ãŒãããã±ãŒã·ã§ã³ãš IPã¢ãã¬ã¹ 192.168.0.1ã®FTPãµãŒãã瀺ã URLæ§æã§ãã
34 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ïŒ ftp://192.168.0.1/ãŠãŒã¶åãšãã¹ã¯ãŒãã¯ç©ºã§ãããŠãŒã¶å㯠"anonymous"ããã¹ã¯ãŒãã¯ãã©ã³ã¯ã«ãªããŸããã€ã¡ãŒãžãã¡ã€ã«ã¯ FTPã«ãŒããã£ã¬ã¯ããªã«ãããŸãã
ïŒ ftp://switches:[email protected]/ãŠãŒã¶å㯠"switches"ããã¹ã¯ãŒã㯠"upgrade"ã§ããã€ã¡ãŒãžãã¡ã€ã«ã¯FTPã«ãŒã«ã«ãããŸãã
ïŒ ftp://switches:[email protected]/switches/opcode/ãŠãŒã¶å㯠"switches"ããã¹ã¯ãŒã㯠"upgrade"ã§ããã€ã¡ãŒãžãã¡ã€ã«ã¯"opcode"ãã£ã¬ã¯ããªã«ããããã㯠TFTPã«ãŒãã«çžå¯Ÿç㪠"switches"芪ãã£ã¬ã¯ãã®äžã«ãããŸãã
[泚æ ]ãèªåã¢ããã°ã¬ãŒãã®å®è¡åŸãæ¬æ©ã¯èªåçã«åèµ·åãããŸãã
èšå®æ¹æ³
ã·ã¹ãã ãã¡ã€ã«ã衚瀺
ïŒ1ïŒ[System]â [File]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããAutomatic Operation Code UpgradeããéžæããŸãã
ïŒ3ïŒãAutomatic Opcode Upgradeãã® Enableãã§ãã¯ããã¯ã¹ã«ãã§ãã¯ãå ¥ããŸãã
ïŒ4ïŒFTPãŸã㯠TFTPãµãŒãã® URLãšãªãã¬ãŒãã£ã³ã°ã³ãŒãããããã¹ãšãã£ã¬ã¯ããªãå ¥åããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
35FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.6 ã·ã¹ãã ã¯ããã¯èšå®
SNTP(Simple Network Time Protocol)æ©èœã¯ãã¿ã€ã ãµãŒã (SNTP/NTP)ããã®åšæçãªã¢ããããŒãã«ããæ¬æ©å éšã®æå»èšå®ãè¡ãããšãã§ããŸããæ¬æ©ã®å éšæå»ã®èšå®ãæ£ç¢ºã«ä¿ã€ããšã«ãããã·ã¹ãã ãã°ã®ä¿åã®éã«æ¥æãæ£ç¢ºã«èšé²ããããšãã§ããŸãããŸããæåã§æå»ã®èšå®ãè¡ãããšãã§ããŸããæå»ã®èšå®ããããŠããªãå Žåãåæèšå®ã®æå»ãèšé²ããæ¬æ©èµ·åæããã®æéãšãªããŸããæ¬æ©ã¯ SNTPã¯ã©ã€ã¢ã³ããšããŠæå¹ãªå Žåãèšå®ããŠããã¿ã€ã ãµãŒãã«å¯ŸããŠæå»ã®ååŸãèŠæ±ããŸããæ倧 3ã€ã®ã¿ã€ã ãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããããšãã§ããŸããåãµãŒãã«å¯ŸããŠæå»ã®ååŸãèŠæ±ããŸãã
æåèšå®
æ¬æ©ã§ã¯ãSNTPã䜿çšããæåã§ã·ã¹ãã ãæéãèšå®ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Current Time
ã¹ã€ããã«èšå®ããããçŸåšã®æå»ã衚瀺Hours
æãèšå®ïŒç¯å²ïŒ0-23ãåæèšå®ïŒ0ïŒ
Minutes
åãèšå®ïŒç¯å²ïŒ0-59ãåæèšå®ïŒ0ïŒSeconds
ç§ãèšå®ïŒç¯å²ïŒ0-59ãåæèšå®ïŒ0ïŒ
Month
æãèšå®ïŒç¯å²ïŒ1-12ãåæèšå®ïŒ1ïŒDay
æ¥ãèšå®ïŒç¯å²ïŒ1-31ãåæèšå®ïŒ1ïŒ
Year
幎ãèšå®ïŒç¯å²ïŒ2001-2100ãåæèšå®ïŒ2001ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Time]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããããConfigure GeneralããéžæããŸããïŒ3ïŒãMaintain Typeããªã¹ããããMaintain TypeããéžæããŸããïŒ4ïŒæå»ãšæ¥ä»ãèšå®ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
36 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
SNTPèšå®
æ¬æ©ã§ã¯ãç¹å®ã®ã¿ã€ã ãµãŒãã«å¯ŸããŠæéã®åæãªã¯ãšã¹ããéä¿¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Current Time
ã¹ã€ããã«èšå®ããããçŸåšã®æå»ã衚瀺
SNTP Poll Interval
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã®ã¿ã€ã ãµãŒãã«å¯Ÿããæå»æŽæ°ãªã¯ãšã¹ãã®éä¿¡ééãèšå®ããŸãïŒç¯å²ïŒ16-16384ç§ãåæèšå®ïŒ16ç§ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Time]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããConfigure GeneralããéžæããŸãã
ïŒ3ïŒãMaintain Typeããªã¹ããããSNTPããéžæããŸãã
ïŒ4ïŒå¿ èŠã®å¿ãããpolling intervalããç·šéããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
37FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
SNTPã¿ã€ã ãµãŒãã®èšå®
System > Time (Configure Time Server)ããŒãžã䜿çšããæ倧 3ã€ã®ã¿ã€ã ãµãŒãã¢ãã¬ã¹ãæå®åºæ¥ãŸãã
èšå®ã»è¡šç€ºé ç®
SNTP Server IP Address
æ倧 3ã€ã®ã¿ã€ã ãµãŒãã¢ãã¬ã¹ãèšå®ã§ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Time]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããConfigure Time ServerããéžæããŸãã
ïŒ3ïŒæ倧 3ã€ã®ã¿ã€ã ãµãŒã IPã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
38 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ã¿ã€ã ãŸãŒã³ã®èšå®
SNTPã§ã¯ UTC(Coordinated Universal Time:åå®äžçæéãå¥åïŒGMT/Greenwich Mean Time)ã䜿çšããŸããæ¬æ©ãèšçœ®ããŠããçŸå°æéã«å¯Ÿå¿ããããã« UTCããã®æå·®ïŒã¿ã€ã ãŸãŒã³ïŒã®èšå®ãè¡ãå¿ èŠããããŸãã80ã®æ¢å®çŸ©ã¿ã€ã ãŸãŒã³ãã 1ã€ãéžæããããã¯æåã§ããŒã«ã«ã¿ã€ã ã®ãã©ã¡ãŒã¿ãèšå®ããããšãåºæ¥ãŸãã
èšå®ã»è¡šç€ºé ç®
Direction
UTCããã®ã¿ã€ã ãŸãŒã³ã®å·®ããã©ã¹ããã€ãã¹ããèšå®ããŸãã
Name
UTCããã®ã¿ã€ã ãŸãŒã³ã®å·®ããã©ã¹ããã€ãã¹ããèšå®ããŸãã
Hours (0-13)
UTCããã®æéã®å·®ãèšå®ããŸãã
Minutes (0-59)
UTCããã®æéïŒåæ°ïŒã®å·®ãèšå®ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Time]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããããConfigure Time ZoneããéžæããŸãã
ïŒ3ïŒã¿ã€ã ãŸãŒã³ãšãªãã»ãããèšå®ããŠãã ãããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
39FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.7 ã³ã³ãœãŒã«ããŒãã®èšå®
VT100端æ«ãæ¬æ©ã®ã·ãªã¢ã«ïŒã³ã³ãœãŒã«ïŒããŒãã«æ¥ç¶ããæ¬æ©ã®èšå®ãè¡ãããšãã§ããŸããã³ã³ãœãŒã«çµç±ã§ã®ç®¡çæ©èœã®å©çšã¯ããã¹ã¯ãŒããã¿ã€ã ã¢ãŠãããã®ä»ã®åºæ¬çãªéä¿¡æ¡ä»¶ãªã©ãæ°ã ã®ãã©ã¡ãŒã¿ã«ããå¯èœãšãªããŸããCLIãŸãã¯Webã€ã³ã¿ãã§ãŒã¹ãããã©ã¡ãŒã¿å€ã®èšå®ãè¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Login Timeout
CLIã§ã®ãã°ã€ã³ã¿ã€ã ã¢ãŠãæéãèšå®æéå ã«ãã°ã€ã³ãè¡ãããªãå Žåããã®æ¥ç¶ã¯åæãããŸãïŒç¯å²ïŒ0-300ç§ãåæèšå®ïŒ0ç§ïŒ
Exec Timeout
ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠãæéãèšå®æéå ã«å ¥åãè¡ãããªãå Žåããã®æ¥ç¶ã¯åæãããŸãïŒç¯å²ïŒ0-65535ç§ãåæèšå®ïŒ600ç§ïŒ
Password Threshold
ãã°ã€ã³æã®ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€åæ°ããªãã©ã€æ°ãèšå®å€ãè¶ ããå Žåãæ¬æ©ã¯äžå®æéïŒSilent Timeãã©ã¡ãŒã¿ã§æå®ããæéïŒããã°ã€ã³ã®ãªã¯ãšã¹ãã«å¿çããªããªããŸãïŒç¯å²ïŒ0-120åãåæèšå®ïŒ3åïŒ
Quiet Period
ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€æ°ãè¶ ããå Žåã«ãã³ã³ãœãŒã«ãžã®ã¢ã¯ã»ã¹ãã§ããªããªãæéïŒç¯å²ïŒ0-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Data Bits
ã³ã³ãœãŒã«ããŒãã§çæãããåæåãããã®ããŒã¿ãããã®å€ãããªãã£ãçæãããŠããå Žå㯠7ããŒã¿ãããããããªãã£ãçæãããŠããªãå Žå (no parity)㯠8ããŒã¿ããããæå®ããŠäžããïŒåæèšå®ïŒ8ãããïŒ
Stop Bits
éä¿¡ããã¹ããããããã®å€ïŒç¯å²ïŒ1-2ãåæèšå®ïŒ1ã¹ãããããã )
Parity
ããªãã£ããããæ¥ç¶ããã¿ãŒããã«ã«ãã£ãŠã¯åã ã®ããªãã£ãããã®èšå®ãèŠæ±ããå ŽåããããŸããEven(å¶æ° )ãOdd(å¥æ° )ãNone(ãªã )ããèšå®ããŸãïŒåæèšå®ïŒNoneïŒ
Speed
ã¿ãŒããã«æ¥ç¶ã®éä¿¡ (ã¿ãŒããã«ãžã® )/åä¿¡ (ã¿ãŒããã«ããã® )ããŒã¬ãŒããã·ãªã¢ã«ããŒãã«æ¥ç¶ãããæ©åšã§ãµããŒããããŠããããŒã¬ãŒããæå®ããŠäžãããïŒç¯å²ïŒ9600ã19200ã38400baudãåæèšå®ïŒ115200 baud)
[ 泚æ ]ãã³ã³ãœãŒã«æ¥ç¶ã®ãã¹ã¯ãŒã㯠CLI ããã®ã¿èšå®åºæ¥ãŸããïŒP418 ãpasswordããåç §ïŒ
[ 泚æ ]ãã³ã³ãœãŒã«æ¥ç¶ãã°ã€ã³ã®ãã¹ã¯ãŒããã§ãã¯ã¯æå¹ãŸãã¯ç¡å¹ã«åºæ¥ãŸããïŒP416 ãloginããåç §ïŒ
[泚æ ]ã"password" ã³ãã³ãã§èšå®ãããã·ã³ã°ã«ã°ããŒãã«ãã¹ã¯ãŒãã«ããèªèšŒãŸãã¯ããŠãŒã¶ããŒã ã¢ã«ãŠã³ãã®ããã«èšå®ããããã¹ã¯ãŒãã«ããèªèšŒããéžæãå¯èœã§ããã¹ã€ããäžã«èšå®ãããŠããåæèšå®ã¯ããŒã«ã«ãã¹ã¯ãŒãã§ãã
40 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Console]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒå¿ èŠãªæ¥ç¶ãã©ã¡ãŒã¿ãæå®ããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
41FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.8 Telnetã®èšå®
ãããã¯ãŒã¯çµç±ãTelnet (ä»®æ³ã¿ãŒããã« )ã§æ¬æ©ã®èšå®ãè¡ãããšãã§ããŸããTelnetçµç±ã§ã®ç®¡çæ©èœå©çšã®å¯ /äžå¯ããŸã㯠TCPããŒãçªå·ãã¿ã€ã ã¢ãŠãããã¹ã¯ãŒããªã©æ°ã ã®ãã©ã¡ãŒã¿ã®èšå®ãå¯èœã§ããCLIãŸãã¯Webã€ã³ã¿ãã§ãŒã¹ãããã©ã¡ãŒã¿å€ã®èšå®ãè¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Telnet Status
æ¬æ©ãžã® Telnetæ¥ç¶ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
TCP Port
æ¬æ©ãž Telnetæ¥ç¶ããå Žåã® TCPããŒãçªå·ïŒåæèšå®ïŒ23ïŒ
Login Timeout
CLIã§ã®ãã°ã€ã³ã¿ã€ã ã¢ãŠãæéãèšå®æéå ã«ãã°ã€ã³ãè¡ãããªãå Žåããã®æ¥ç¶ã¯åæãããŸãïŒç¯å²ïŒ0-300ç§ãåæèšå®ïŒ300ç§ïŒ
Exec Timeout
ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠãæéãèšå®æéå ã«å ¥åãè¡ãããªãå Žåããã®æ¥ç¶ã¯åæãããŸãïŒç¯å²ïŒ0-65535ç§ãåæèšå®ïŒ600ç§ïŒ
Password Threshold
ãã°ã€ã³æã®ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€åæ°ã
ïŒç¯å²ïŒ0-120åãåæèšå®ïŒ3åïŒ
Quiet Period
ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€æ°ãè¶ ããå Žåã«ã管çã€ã³ã¿ãã§ãŒã¹ãžã®ã¢ã¯ã»ã¹ãã§ããªããªãæéïŒç¯å²ïŒ0-65535ç§ãåæèšå®ïŒ30ç§ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Telnet]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒå¿ èŠãªæ¥ç¶ãã©ã¡ãŒ 23ã¿ãæå®ããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
42 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.9 CPU䜿çšçã®è¡šç€º
System > CPU UtilizationããŒãžã䜿çšããCPU䜿çšçã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Time Interval
衚瀺ãã䜿çšçãæŽæ°ããééãïŒãªãã·ã§ã³ïŒ1ã5ã10ã30ã60ç§ãåæèšå®ïŒ1ç§ïŒ
CPU Utilization
æå®ããééã® CPU䜿çšç
èšå®æ¹æ³
ïŒ1ïŒ[System]â [CPU Utilization]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒå¿ èŠã«å¿ãããTime Intervalããå€æŽããŸãã
43FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.10 ã¡ã¢ãªäœ¿çšçã®è¡šç€º
System > Memory StatusããŒãžã䜿çšããã¡ã¢ãªäœ¿çšçãã©ã¡ãŒã¿ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Free Size
çŸåšã®ç©ºãã¡ã¢ãªå®¹é
Used Size
ã¢ã¯ãã£ããªåŠçã«å²ãåœãŠãããã¡ã¢ãªã®å®¹é
Total
ã·ã¹ãã ã¡ã¢ãªã®åèšå®¹é
èšå®æ¹æ³
ïŒ1ïŒ[System]â [Memory Status]ãã¯ãªãã¯ããŸãã
44 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
3.3.11 åèµ·å
System > Resetã¡ãã¥ãŒã䜿çšããã¹ã€ãããå³åº§ã«ããŸãã¯æå®ããæå»ãæå®ããæéçµéåŸãå®æçãªééã§åèµ·åããããšãåºæ¥ãŸãã
æ©èœè§£èª¬
⢠æ¬ã³ãã³ãã¯å šãŠã®ã·ã¹ãã ããªã»ããããŸãã
⢠ã·ã¹ãã åèµ·åå®è¡æãåžžã« Power-On Selfãã¹ããå®è¡ãããŸãã"copy running-config startup-config"ã³ãã³ãã«ãã£ãŠãéæ®çºæ§ã¡ã¢ãªã«ä¿åãããå šãŠã®èšå®æ å ±ã¯ç¶æãããŸãïŒP403 ãcopyããåç §ïŒã
èšå®ã»è¡šç€ºé ç®
ã·ã¹ãã åèµ·åèšå®Reset Mode
ã¹ã€ããããã ã¡ã«ããŸãã¯æå®ããæéã«åèµ·åããŸãã
⢠ImmediatelyïŒã·ã¹ãã ããã ã¡ã«åèµ·åããŸãã
⢠InïŒã¹ã€ããã®åèµ·åãè¡ããŸã§ã®æéãæå®ããŸããïŒæéã®æå®ã¯ 24æ¥ããã以äžã«ããŠãã ããïŒ
⢠hoursïŒæéïŒæïŒãæå®ãïŒåïŒãšçµã¿åãããŠã¹ã€ããåèµ·åãŸã§ã®æéïŒç¯å²ïŒ0-576ïŒ
⢠minutesïŒæéïŒåïŒãæå®ãïŒæïŒãšçµã¿åãããŠã¹ã€ããåèµ·åãŸã§ã®æéïŒç¯å²ïŒ0-59ïŒ
⢠AtïŒã¹ã€ããã®åèµ·åãè¡ãæ¥æãæå®ããŸãã
⢠DDïŒæ¥ä»ãæå®ïŒç¯å²ïŒ1-31ïŒ
⢠MMïŒæãæå®ïŒç¯å²ïŒjanuary ... decemberïŒ
⢠YYYYïŒå¹Žãæå®ïŒç¯å²ïŒ2001-2050ïŒ
⢠HHïŒæéïŒæïŒãæå®ãïŒç¯å²ïŒ0-23ïŒ
⢠MMïŒæéïŒåïŒãæå®ãïŒç¯å²ïŒ0-59ïŒ
⢠RegularlyïŒã¹ã€ããã®åèµ·åãè¡ãééãæå®ããŸãã
⢠æé
ã»HHïŒåèµ·åãè¡ãæéïŒæïŒïŒç¯å²ïŒ0-23ïŒ
ã»MMïŒåèµ·åãè¡ãæéïŒåïŒïŒç¯å²ïŒ0-59ïŒ
⢠éé
ã»DailyïŒæ¯æ¥
ã»WeeklyïŒåèµ·åãè¡ãææ¥ãæå®ïŒSunday ïŒ SaturdayïŒ
ã»MonthlyïŒåèµ·åãè¡ãæïŒç¯å²ïŒ1-31ïŒ
45FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èšå®æ¹æ³
ã¹ã€ããã®åèµ·åïŒå³æïŒ
ïŒ1ïŒ[System]â [Restart]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãªã»ããã¢ãŒããéžæããŸããïŒ3ïŒãreset immediatelyã以å€ã®å Žåã¯å¿ èŠãªãªãã·ã§ã³ãã©ã¡ãŒã¿ãå ¥åããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ïŒ5ïŒããã³ããã衚瀺ãããã®ã§ã確èªåŸãOKããã¯ãªãã¯ããŠãã ããã
ã¹ã€ããã®åèµ·åïŒåèµ·åãŸã§ã®æéãæå®ïŒ
46 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ã¹ã€ããã®åèµ·åïŒæå»ãæå®ïŒ
ã¹ã€ããã®åèµ·åïŒå®æçã«å®è¡ïŒ
47FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
3.4 ã€ã³ã¿ãã§ãŒã¹èšå®
3.4.1 ããŒãèšå®
ããŒãæ¥ç¶ãïŒã€ã®ããŒãããä»ã®ããŒããžã®ãã©ãã£ãã¯ãã©ãŒãã±ãŒãã«è§£æã®èšå®ã«ã€ããŠè§£èª¬ããŸãã
ããŒããªã¹ãã«ããèšå®
Interface > Port > General (Configure by Port ListããŒãžã䜿çšããã€ã³ã¿ãã§ãŒã¹ã®æå¹ /ç¡å¹ããªãŒãããŽã·ãšãŒã·ã§ã³ããã³ã€ã³ã¿ãã§ãŒã¹ãã£ãããªãã£ã®ã¢ããã¿ã€ãºãžã®èšå®ãæååºå®ã¹ããŒãããã¥ãã¬ãã¯ã¹ã¢ãŒãããããŒã³ã³ãããŒã«ã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠ããŒãã®èšå®ãæåã§è¡ãªããSpeed/Duplex ã¢ãŒã åã³ Flow Control ã®èšå®ãåæ ãããããã«ã¯ãAutonegotiationïŒãªãŒãããŽã·ãšãŒã·ã§ã³ïŒã¯ DisabledïŒç¡å¹ïŒã«ããå¿ èŠããããŸãã
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³äœ¿çšæããªã³ã¯ããŒãããŒãšã®éã§ããããã®ã¢ããã¿ã€ãºèœåãããŒã¹ã«æé©ãªèšå®ã亀æžãããŸããã¹ããŒãããã¥ãã¬ãã¯ã¹ã¢ãŒãããªãŒãããŽã·ãšãŒã·ã§ã³äžã®ãããŒã³ã³ãããŒã«ãèšå®ããããã«ãå¿ èŠãªãªãã¬ãŒã·ã§ã³ã¢ãŒããã€ã³ã¿ãã§ãŒã¹ã®ãã£ãããªãã£ãªã¹ãã§æå®ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Type
ããŒãã®çš®é¡ (100Base-TXå㯠1000BASE-T, SFP)ã®è¡šç€º
Name
ããŒãåïŒç¯å²ïŒ1-64æåïŒ
Admin
ã€ã³ã¿ãã§ãŒã¹ã®æå¹ /ç¡å¹
Media Type
ã¡ãã£ã¢ã¿ã€ãïŒããŒã 9-10ïŒ
⢠Copper-ForcedïŒåžžã« RJ-45ããŒãã䜿çšã
⢠SFP-ForcedïŒåžžã« SFPããŒãã䜿çšããããããããïŒã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ãããŠããªããŠãïŒ
⢠SFP-Preferred-AutoïŒäž¡æ¹ãäœçšããŠãããSFPããŒãã®ãªã³ã¯ã確ç«ããŠããã°ãããããããããSFPã䜿çšãïŒåæèšå®ïŒ
AutonegotiationïŒPort CapabilitiesïŒ
ãªãŒãããŽã·ãšãŒã·ã§ã³ã®æå¹ /ç¡å¹ãèšå®ããªãŒãããŽã·ãšãŒã·ã§ã³ã䜿çšå¯èœæãã¢ããã¿ã€ãºããããã£ãããªãã£ãæå®ããå¿ èŠããããŸãããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹æãã¹ããŒããã¢ãŒãããã³ãããŒã³ã³ãããŒã«ãåºå®ã§èšå®ããããšãåºæ¥ãŸãã
⢠10halfïŒ 10 Mbps half-duplexããµããŒã
⢠10fullïŒ 10 Mbps full-duplexããµããŒã
48 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
⢠100halfïŒ 100 Mbps half-duplexããµããŒã
⢠100fullïŒ 100 Mbps full-duplexããµããŒã
⢠1000fullïŒ 1000 Mbps full-duplexããµããŒã
⢠SymïŒGigabitã®ã¿ïŒïŒããŒãºãã¬ãŒã ã®éåä¿¡ãè¡ããã§ãã¯
⢠FCïŒãããŒã³ã³ãããŒã«ã¯ããããã¡ãæºæ¯ã«ãªã£ãæã«ããšã³ãã¹ããŒã·ã§ã³ãŸãã¯ã¹ã€ããã«çŽæ¥æ¥ç¶ãããã»ã°ã¡ã³ãããã® "blocking"ãã©ãã£ãã¯ã«ãã£ãŠãã¬ãŒã æ倱ãæé€ããããšãå¯èœã§ããæå¹æããã¬ãã·ã£ãŒã¯ half-duplexãªãã¬ãŒã·ã§ã³ãš Ifulldu-plexãªãã¬ãŒã·ã§ã³ã® EEE 802.3-2005 (formally IEEE 802.3x)ã«äœ¿çšãããŸããåé¡ã解決ããå¿ èŠãããå Žå以å€ããããžæ¥ç¶ãããããŒãã§ãããŒã³ã³ãããŒã«ã䜿çšããã®ã¯é¿ããŠãã ããããããªããã°ãããã¯ãã¬ãã·ã£ãŒã®ãžã£ã ä¿¡å·ã¯ãããã«æ¥ç¶ãããã»ã°ã¡ã³ãã®å šäœçãªããã©ãŒãã³ã¹ãèœããããããŸãããåæèšå®ïŒãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã¢ããã€ãºãèœåãã»100Base-TX=10halfã10fullã100halfã100fullã»1000Base-SX/LX/LH=1000fullïŒ
Speed/Duplex
ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå Žåã«ãããŒãã®éä¿¡é床åã³éä¿¡æ¹åŒãæåã§èšå®ã§ããŸããFlow Control
ãããŒã³ã³ãããŒã«ãèªåèšå®åã¯æåèšå®ã§è¡ãããšãã§ããŸã
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Port]â [General]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure by Port ListããéžæããŸããïŒ3ïŒå¿ èŠãªèšå®ãç·šéããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
49FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒãç¯å²ã«ããèšå®
Interface > Port > General (Configure by Port Range)ããŒãžã䜿çšããã€ã³ã¿ãã§ãŒã¹ã®æå¹ / ç¡å¹ããªãŒãããŽã·ãšãŒã·ã§ã³ããã³ã€ã³ã¿ãã§ãŒã¹ãã£ãããªãã£ã®ã¢ããã¿ã€ãºãžã®èšå®ãæååºå®ã¹ããŒãããã¥ãã¬ãã¯ã¹ã¢ãŒãããããŒã³ã³ãããŒã«ã®èšå®ãè¡ããŸããã³ãã³ã䜿çšã«é¢ããæ å ±ãšãã©ã¡ãŒã¿ã®è§£èª¬ã®è©³çŽ°ã¯ P48 ãããŒããªã¹ãã«ããèšå®ããåç §ããŠãã ããã
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Port]â [General]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure by Port RangeããéžæããŸãã
ïŒ3ïŒèšå®å€æŽãè¡ãããŒãã®ç¯å²ãå ¥åããŸããïŒ4ïŒå¿ èŠãªèšå®ãç·šéããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
50 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
æ¥ç¶ç¶æ³ã®è¡šç€º
æ¥ç¶ç¶æ ã®æ å ±ã»é床åã³éä¿¡æ¹åŒã»ãããŒå¶åŸ¡ãããŠããªãŒãããŽã·ãšãŒã·ã§ã³ãå«ãçŸåšã®æ¥ç¶æ å ±ã衚瀺ããããã« InterfaceïŒ PortïŒ GeneralããŒãžã䜿çšããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãèå¥åType
ããŒãã®çš®é¡ (100Base-TXå㯠1000BASE-T, SFP)ã®è¡šç€º
Name
ã€ã³ã¿ãã§ãŒã¹ã©ãã«ã®è¡šç€ºAdmin
ã€ã³ã¿ãã§ãŒã¹ã®æå¹ /ç¡å¹ã®è¡šç€º
Oper Status
ãªã³ã¯ã¢ãã /ãªã³ã¯ããŠã³ã®è¡šç€º
Media Type
ã¡ãã£ã¢ã¿ã€ãã®è¡šç€ºïŒãªãã·ã§ã³ïŒ RJ-45 - Copper-ForcedãSFP -Copper-ForcedãSFP-Forcedã SFP-Preferred-Autoãåæèšå®ïŒRJ-45 - Copper-ForcedãSFP-Preferred-AutoïŒ
Autonegotiation
ãªãŒãããŽã·ãšãŒã·ã§ã³ã®æå¹ /ç¡å¹ã®è¡šç€º
Oper Speed Duplex
çŸåšã®ã¹ããŒããšéä¿¡ã¢ãŒãã衚瀺Oper Flow Control
ãããŒã³ã³ãããŒã«ã®æå¹ /ç¡å¹ã衚瀺
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Port]â [General]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸãã
51FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒããã©ãŒãªã³ã°ã®èšå®
ãªã¢ã«ã¿ã€ã ã§éä¿¡ã®è§£æãè¡ãããã«ããœãŒã¹ããŒãããã¿ãŒã²ããããŒããžéä¿¡ã®ãã©ãŒãªã³ã°ãããäºãã§ããŸããããã«ãããã¿ãŒã²ããããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferçïŒå㯠RMONãããŒããæ¥ç¶ããéä¿¡ã«åœ±é¿ãäžããã«ãœãŒã¹ããŒãã®ãã©ãã£ãã¯ã解æããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ãã©ãã£ãã¯ã¯ãåãã¹ã€ãã 1ã€ä»¥äžã®ãœãŒã¹ããŒããããã£ã¹ãã£ããŒã·ã§ã³ããŒããžã®ãã©ãŒ (ããŒã«ã«ããŒããã©ãŒãªã³ã°ã«ã€ããŠã¯æ¬é ã«ãŠèª¬æããŠããŸã )ããŸãã¯ãªã¢ãŒãã¹ã€ããäžã® 1ã€ä»¥äžã®ãœãŒã¹ããŒãããæ¬æ©ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒããžãã©ãŒãè¡ãããšãå¯èœã§ã (ãªã¢ãŒãããŒããã©ãŒãªã³ã°ã«ã€ããŠã¯ P54 ããªã¢ãŒãããŒããã©ãŒãªã³ã°ã®èšå®ããåç § )ã
⢠ãœãŒã¹ããŒããšã¿ãŒã²ããããŒãã®éä¿¡é床ã¯åãã§ãªããã°ãããŸãããéä¿¡é床ãç°ãªãå Žåã«ã¯ãéä¿¡ãã¿ãŒã²ããããŒãåŽã§èœãšãããŸãã
⢠VLANãã©ãã£ãã¯ïŒP107 ãVLANãã©ãŒãªã³ã°ããåç §ïŒããŸãã¯ãœãŒã¹ MACã¢ãã¬ã¹ãåºã«ãããã±ããã®ãã©ãŒæïŒP115 ãMACã¢ãã¬ã¹ãã©ãŒãªã³ã°ã®èšå®ããåç §ïŒãã¿ãŒã²ããããŒãã¯ããã®ã³ãã³ãã«ãã£ãŠããŒããã©ãŒãªã³ã°ã«äœ¿çšãããŠããã¿ãŒã²ããããŒãã«èšå®ããããšã¯åºæ¥ãŸããã
⢠ãã©ãã£ãã¯ãããŒããã©ãŒãªã³ã°ãš VLANãã©ãã£ãã¯ãŸãã¯MACã¢ãã¬ã¹ããŒã¹ãã±ããã®ãã©ãŒãªã³ã°ã®äž¡æ¹ã«ãããããéãããããããã±ããã¯ããŒããã©ãŒãªã³ã°ã§æå®ãããã¿ãŒã²ããããŒãã«éä¿¡ãããŸããã
èšå®ã»è¡šç€ºé ç®
Source Port
éä¿¡ãã¢ãã¿ãŒããããœãŒã¹ããŒã
Target Port
ãœãŒã¹ããŒãã®éä¿¡ã®ãã©ãŒãªã³ã°ããããã¿ãŒã²ããããŒã
Type
ã¢ãã¿ãŒãè¡ãéä¿¡ã®çš®é¡ã
RxïŒåä¿¡ïŒãTxïŒéä¿¡ïŒãBothïŒéã»åä¿¡ïŒïŒåæèšå®ïŒRxïŒ
Singletargetport
Singlesourceport (s)
52 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®æ¹æ³
ããŒã«ã«ãã©ãŒã»ãã·ã§ã³ã®èšå®
ïŒ1ïŒ[Interface] â [Port]â [Mirror]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒå¿ èŠãªèšå®ãç·šéããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒã«ã«ãã©ãŒã»ãã·ã§ã³ã®èšå®ã衚瀺
ïŒ1ïŒ[Interface] â [Port]â [Mirror]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
53FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ãªã¢ãŒãããŒããã©ãŒãªã³ã°ã®èšå®
Interface > Port > RSPANããŒãžã䜿çšããåæã®çºãããŒã«ã«ã¹ã€ããã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã§ãªã¢ãŒãã¹ã€ããã®ãã©ãã£ãã¯ããã©ãŒããããšãåºæ¥ãŸãã
ãã®æ©èœã¯ Remote Switched Port Analyzer (RSPAN)ãšãåŒã°ããå šãŠã®åå ã¹ã€ããã®RSPANã»ãã·ã§ã³ãå°çšãããŠãŒã¶æå® VLANäžã®ãæå®ããããœãŒã¹ããŒãã§çæããããã©ãã£ãã¯ãéã³ãŸããäžã®å³ã§ç€ºãããããã«ã1ã€ãŸãã¯ãã以äžã®ãœãŒã¹ããŒãã®è¢«ç£èŠãã©ãã£ãã¯ã¯ãRSPANãã¢ãã¿ãããRSPANãã£ã¹ãã£ããŒã·ã§ã³ããŒããžéã°ãã IEEE802.1Qãã©ã³ã¯ãŸãã¯ãã€ããªããããŒããéã㊠RSPAN VLANäžã«ã³ããŒãããŸãã
æ©èœè§£èª¬
⢠ãã©ãã£ãã¯ã¯ 1ã€ãŸãã¯ãã以äžã®ãœãŒã¹ããŒãããåãã¹ã€ããã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãïŒ52 ããŒãžã®ãããŒããã©ãŒãªã³ã°ã®èšå®ããåç §ïŒãžããŸãã¯ãªã¢ãŒãã¹ã€ããã® 1ã€ãŸãã¯ãã以äžã®ãœãŒã¹ããŒãããæ¬æ©ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãïŒãªã¢ãŒãããŒããã©ãŒãªã³ã°ãšããŠæ¬é ã§è§£èª¬ïŒãžãã©ãŒãåºæ¥ãŸãã
èšå®ã¬ã€ãã©ã€ã³
RSPANã»ãã·ã§ã³ãèšå®ããã«ã¯ã以äžã®ã¹ããããå®è¡ããŠãã ããã
ïŒ1ïŒVLAN Static ListïŒ83 ããŒãžã®ãVLANã°ã«ãŒãã®èšå®ããåç §ïŒã䜿çšããRSPANã§äœ¿çšãã VLANã確ä¿ããŠãã ãããïŒãã®ããŒãžã§ "Remote VLAN"ã«ããŒã¯ããŸããïŒããã©ã«ã VLAN 1ã¯çŠæ¢ã§ãã
ïŒ2ïŒ"RSPAN configurationâããŒãžã§ãã©ãŒã»ãã·ã§ã³ãæå®ããã¹ã€ããã®ããŒã«ïŒSourceïŒãRSPAN VLANãã¢ãããªã³ã¯ããŒãçãœãŒã¹ã¹ã€ãããã»ããã¢ããããŸãããã®åŸããœãŒã¹ããŒããšã¢ãã¿ãè¡ããã©ãã£ãã¯ã¿ã€ãïŒRx, Tx or BothïŒãæå®ããŸãã
ïŒ3ïŒâRSPAN configurationâããŒãžã§ãã©ãŒã»ãã·ã§ã³ãå ¥åããã¹ã€ããããŒã«ïŒIntermediateïŒãRSPAN VLANãã¢ãããªã³ã¯ããŒãçå šãŠã®äžéã¹ã€ããã®ã»ããã¢ãããè¡ããŸãã
ïŒ4ïŒâRSPAN configurationâ ããŒãžã§ãã©ãŒã»ãã·ã§ã³æå®ããã¹ã€ããããŒã«ïŒDestinationïŒããã£ã¹ãã£ããŒã·ã§ã³ããŒãããã®ããŒããåºããã©ãã£ãã¯ã«ã¿ã°ãä»ãããããåŠããRSPAN VRANçãã£ã¹ãã£ããŒã·ã§ã³ã¹ã€ããã®ã»ããã¢ãããããŸãããã®åŸããã©ãŒããããã©ãã£ãã¯ãåä¿¡ãããããããã®ã¢ãããªã³ã¯ããŒããæå®ããŸãã
Source Port Uplink Port Destination Port
Intermediate Switch
Source Switch Destination Switch
Uplink Port Uplink Port
Uplink Port
RSPAN VLAN
54 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
RSPANå¶éäºé
æ¬æ©ã® RSPANæ©èœã«ã¯ä»¥äžã®å¶éããããŸãã
⢠RSPAN PortsïŒããŒãã®ã¿ã RSPANãœãŒã¹ããã£ã¹ãã£ããŒã·ã§ã³ãŸãã¯ã¢ãããªã³ã¯ã«èšå®ã§ããŸããéçãŸãã¯åçãã©ã³ã¯ã¯èš±å¯ãããŸããããŸãããœãŒã¹ããŒããšãã£ã¹ãã£ããŒã·ã§ã³ã¯åãã¹ã€ããäžã§èšå®ããããšã¯åºæ¥ãŸããã
⢠Local/Remote MirrorïŒããŒã«ã«ã¢ãã¿ã»ãã·ã§ã³ã®ãã£ã¹ãã£ããŒã·ã§ã³ïŒInterface > Port > MirrorããŒãžã§äœæãããïŒã¯ RSPANãã©ãã£ãã¯ã®ãã£ã¹ãã£ããŒã·ã§ã³ã«ã¯äœ¿çšã§ããŸããã
⢠Spanning TreeïŒã¹ããã³ã°ããªãŒç¡å¹æãBPDU㯠RSPAN VLANäžã«ã¯ãã©ãããããŸããã
⢠MAC address learningïŒ RSPANãã¹ã€ããã§æå¹æãMACã¢ãã¬ã¹åŠç¿ã¯ RSPANã¢ãããªã³ã¯ããŒãã§ã¯ãµããŒããããŸããããã®ãããããšã RSPANãèšå®ãããåŸã«ã¹ããã³ã°ããªãŒãæå¹ã«ãªã£ãŠã MACã¢ãã¬ã¹åŠç¿ã¯ RSPANã¢ãããªã³ã¯ããŒãäžã§åéãããŸããã
⢠IEEE 802.1XïŒ RSPANãš 802.1Xã¯çžäºã«æä»çãªæ©èœã§ãã802.1Xãã°ããŒãã«ã§æå¹æãRSPANãœãŒã¹ããã³ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã¯èšå®å¯èœã§ãããRSPANã¢ãããªã³ã¯ããŒãã¯èšå®ã§ããŸãããRSPANã¢ãããªã³ã¯ããŒããã¹ã€ããã§æå¹æã802.1Xã¯ã°ããŒãã«ã§æå¹ã«åºæ¥ãŸããã
⢠Port Security ïŒããŒãã§ããŒãã»ãã¥ãªãã£ãæå¹æãRSPANãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒããšããŠèšå®ã¯åºæ¥ãŸãããRSPANã¢ãããªã³ã¯ããŒããšããŠèšå®ã§ããŸããããŸããããŒãã RSPANã¢ãããªã³ã¯ããŒããšããŠèšå®ãããŠããæããã®ããŒãã§ããŒãã»ãã¥ãªãã£ã¯æå¹ã«ã§ããŸããã
èšå®ã»è¡šç€ºé ç®
Session
RSPANã»ãã·ã§ã³ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸããããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æïŒP52ïŒãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
Operation Status
RSPANãçŸåšæ©èœããŠãããã©ããã瀺ããŸãã
Switch Role
æ¬æ©ããã©ãŒãªã³ã°ãã©ãã£ãã¯ã§è¡ã圹å²ãæå®ããŸãã
⢠NoneïŒã¹ã€ãã㯠RSPANã«åå ããŸããã
⢠SourceïŒããã€ã¹ããªã¢ãŒããã©ãŒãã©ãã£ãã¯ã®ãœãŒã¹ãšããŠæå®
⢠IntermediateïŒããã€ã¹ãã1ã€ãŸãã¯ãã以äžã®ãœãŒã¹ãã 1ã€ãŸãã¯ãã以äžã®ãã£ã¹ãã£ããŒã·ã§ã³ãžããã©ãŒãã©ãã£ãã¯ãééçã«æž¡ãäžéã¹ã€ãããšããŠæå®ããŸãã
⢠DestinationïŒããã€ã¹ããã®ã»ãã·ã§ã³ã§ãã©ãŒãã©ãã£ãã¯ãåä¿¡ãããã£ã¹ãã£ããŒã·ã§ã³ãšããŠèšå®ããŸãã.
Remote VLAN
55FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ãœãŒã¹ããŒããããã©ãŒããããã©ãã£ãã¯ããã©ããããã VLANããã®ãã£ãŒã«ãã§æå®ããã VLANã¯æåã« VLAN > StaticããŒãžïŒP86ïŒã§ RSPANã¢ããªã±ãŒã·ã§ã³çšã«ç¢ºä¿ããŸãã
Uplink Port
ã¢ãããªã³ã¯ããŒããæå®ããŸãããœãŒã¹ã¹ã€ããã«ã¯ 1ã€ã®ã¢ãããªã³ã¯ããŒãã®ã¿èšå®ã§ããŸãããäžéãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¹ã€ããã§èšå®ãããã¢ãããªã³ã¯ããŒãã®æ°ã«ã¯å¶éããããŸããããã£ã¹ãã£ããŒã·ã§ã³ããã³ã¢ãããªã³ã¯ããŒãã®ã¿ãã¹ã€ããã«ãã£ãŠ RSPAN VLANã®ã¡ã³ããŒãšããŠå²ãåœãŠãããŸããããŒãã VLAN > StaticããŒãžã«ãŠãæäœæ¥ã§ RSPAN VLANã«å²ãåœãŠããããšã¯åºæ¥ãŸãããåæ§ã«ãGVRPã¯åçã« RSPAN VLANã«ããŒãã¡ã³ããè¿œå ããããšã¯åºæ¥ãŸããããŸããVLAN > Static (Show)ããŒãžã¯ RSPAN VLANã®ã¡ã³ããŒã衚瀺ããŸããããèšå®ããã RSPAN VLANèå¥åã®ã¿è¡šç€ºããŸãã
Type
ãªã¢ãŒãã§ãã©ãŒããããã©ãã£ãã¯ã®ã¿ã€ããæå®ããŸããïŒãªãã·ã§ã³ïŒRxãTxãBothïŒ
Destination Port
ãœãŒã¹ããŒããããã©ãŒããããã©ãã£ãã¯ãã¢ãã¿ãããã£ã¹ãã£ããŒã·ã§ã³ããŒããæå®ããŸãã1ã€ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã®ã¿åãã¹ã€ããã®ã»ãã·ã§ã³ããšã«èšå®ã§ããŸããããã£ã¹ãã£ããŒã·ã§ã³ããŒãã¯åãã»ãã·ã§ã³ã® 1ã€ä»¥äžã®ã¹ã€ããã«ã¯èšå®ã§ããŸããããŸãããã£ã¹ãã£ããŒã·ã§ã³ããŒãã¯äŸç¶ã¹ã€ããããããã©ãã£ãã¯ã®éåä¿¡ãšãã¢ãµã€ã³ãããã¬ã€ã€ 2ãããã³ã«ã«åå ãå¯èœã§ãã
Tag
ãã£ã¹ãã£ããŒã·ã§ã³ããŒããåºãŠã管çããã€ã¹ãžè¡ããã©ãã£ãã¯ã« RSPAN VLANã¿ã°ãä»å ããããã©ãããæå®ããŸãã
èšå®æ¹æ³
ãªã¢ãŒããã©ãŒã»ãã·ã§ã³ã®èšå®ïŒãœãŒã¹ïŒ
ïŒ1ïŒ[Interface]â [RSPAN]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãSwitch RoleãããNoneãããSourceãããIntermediateãããDestinationãã®ããããã«èšå®ããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
56 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ãªã¢ãŒããã©ãŒã»ãã·ã§ã³ã®èšå®ïŒäžéïŒ
ãªã¢ãŒããã©ãŒã»ãã·ã§ã³ã®èšå®ïŒãã£ã¹ãã£ããŒã·ã§ã³ïŒ
57FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒãã»ãã©ã³ã¯çµ±èšæ å ±è¡šç€º
RMON MIBãããŒã¹ãšããéä¿¡ã®è©³çŽ°æ å ±ã®ä»ãEthernet-like MIBãã€ã³ã¿ãã§ãŒã¹ã°ã«ãŒãããã®ãããã¯ãŒã¯éä¿¡ã®æšæºçãªçµ±èšæ å ±ã®è¡šç€ºãè¡ãããšãã§ããŸãã
ã€ã³ã¿ãã§ãŒã¹åã³ Ethernet-likeçµ±èšæ å ±ã¯åããŒãã®éä¿¡ãšã©ãŒæ å ±ã衚瀺ããŸãããããã®æ å ±ã¯ããŒãäžè¯ããéè² è·ãªã©ã®åé¡ç¹ãæ確ã«ããããšãã§ããŸãã
RMONçµ±èšæ å ±ã¯åããŒãã®ãã¬ãŒã ã¿ã€ãæ¯ã®éä¿¡éãå«ãå¹ åºãçµ±èšæ å ±ãæäŸããŸãããã¹ãŠã®å€ã¯ã·ã¹ãã ãåèµ·åãããæããã®çŽ¯ç©æ°ãšãªããæ¯ç§åäœ (per second)ã§è¡šç€ºãããŸããåæèšå®ã§ã¯çµ±èšæ å ±ã¯ 60ç§ããšã«æŽæ°ãããŸãã
[泚æ]ã RMONã°ã«ãŒã2ã3ã9ã¯ãSNMP管çãœãããŠã§ã¢ã䜿çšããªããšå©çšã§ããŸããã
ãã©ã¡ãŒã¿ 解説
ã€ã³ã¿ãã§ãŒã¹çµ±èšReceived Octets ãã¬ãŒã æåãå«ãã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ããããªã¯ãããã®æ°
Transmitted Octets ãã¬ãŒã æååãå«ãã€ã³ã¿ãã§ãŒã¹ããéä¿¡ããããªã¯ãããã®æ°ã
Received Errors åä¿¡ãã±ããã§ãäžå±€äœãããã³ã«ãžå±ããããšã劚ãããšã©ãŒãå«ãã§ãããã±ããã®æ°ã
Transmitted Errors ãšã©ãŒã«ããéä¿¡ãããªãã£ãã¢ãŠãããŠã³ããã±ããã®æ°Received Unicast Packets
å±€äœãããã³ã«ã§åä¿¡ãããµããããã¯ãŒã¯ãŠããã£ã¹ããã±ããã®æ°
Transmitted Unicast Packet
äžå±€äœãããã³ã«ããµããããã¯ãŒã¯ãŠããã£ã¹ãã¢ãã¬ã¹ã«éä¿¡ããããèŠæ±ãããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Received Discarded Packets
ã©ãŒä»¥å€ã®çç±ã§åé€ãããåä¿¡ãã±ããã®æ°ããã±ãããåé€ãããçç±ã¯ããããã¡ã¹ããŒã¹ã空ããããã§ã
Transmitted Discarded Packets
ãšã©ãŒä»¥å€ã®çç±ã§åé€ãããã¢ãŠãããŠã³ããã±ããã®æ°ããã±ãããåé€ãããçç±ã¯ããããã¡ã¹ããŒã¹ã空ããããã§ãã
Received Multicast Packets
ãã®ãµãã¬ã€ã€ããéä¿¡ãããé«å±€ã®ã¬ã€ã€ã§åä¿¡ããããã±ããã§ããã®ãµãã¬ã€ã€ã®ãã«ããã£ã¹ãã¢ãã¬ã¹å®ãŠã®ãã±ããã®æ°
Transmitted Multicast Packets
äžå±€äœãããã³ã«ãèŠæ±ãããã±ããã§ããã®ãµãã¬ã€ã€ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã«å®ãŠããããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Received Broadcast Packets
ãã®ãµãã¬ã€ã€ããéä¿¡ãããé«å±€ã®ã¬ã€ã€ã§åä¿¡ããããã±ããã§ããã®ãµãã¬ã€ã€ã®ãããŒããã£ã¹ãã¢ãã¬ã¹å®ãŠã®ãã±ããã®æ°
Transmitted Broadcast Packets
äžå±€äœãããã³ã«ãèŠæ±ãããã±ããã§ããã®ãµãã¬ã€ã€ã®ãããŒããã£ã¹ãã¢ãã¬ã¹ã«å®ãŠããããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Received Unknown Packets
ã€ã³ã¿ãã§ãŒã¹ããåä¿¡ãããã±ããã§ãæªç¥åã¯æªå¯Ÿå¿ãããã³ã«ã®ããã«åé€ããããã±ããã®æ°ã
Etherlikeçµ±èš
Single Collision Frames 1ã€ã®ã³ãªãžã§ã³ã§è»¢éã劚ãããããã¬ãŒã ã§ãéä¿¡ã«æåãããã¬ãŒã æ°
Multiple Collision Frames 2ã€ä»¥äžã®ã³ãªãžã§ã³ã§è»¢éã劚ãããããã¬ãŒã ã§ãéä¿¡ã«æåãããã¬ãŒã æ°
Late Collisions 512ãããã¿ã€ã ããåŸã«ã³ãªãžã§ã³ãæ€åºãããåæ°
58 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
Excessive Collisions ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§ã³ãªãžã§ã³ã®å€çºã«ãããšã©ãŒãèµ·ããããã±ããæ°ãfull-duplexã¢ãŒãã§ã¯åäœããŸããã
Deferred Transmissions ã¡ãã£ã¢ã䜿çšäžã®ãããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹äžã§æåã®éä¿¡è©Šã¿ãé 延ãããã¬ãŒã æ°
Frames Too Long ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã¬ãŒã ã§èš±å®¹æ倧ãã¬ãŒã ãµã€ãºãè¶ ãããã¬ãŒã ã®æ°
Alignment Errors æŽåæ§ãšã©ãŒæ° (åæãã¹ããŒã¿ãã±ãã )
FCS Errorsç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã¬ãŒã ã§ãå®å šãªãªã¯ãããã®é·ãã§ãFCSãã§ãã¯ã«ãã¹ããªãã£ããã¬ãŒã ã®æ°ãframe-too-long frame-too-shortãšã©ãŒãšå ±ã«åä¿¡ãããã¬ãŒã ã¯é€ããŸãã
SQE Test Errors ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã® PLSãµãã¬ã€ã€ã§ SQE TEST ERRORã¡ãã»ãŒãžãçæãããåæ°
Carrier Sense Errors ã¬ãŒã ãéä¿¡ããããšããéããã£ãªã¢ã»ã³ã¹ã®ç¶æ³ã倱ãããããæ©èœããªãã£ãåæ°
Internal MAC Receive Errors
å éšã® MACãµãã¬ã€ã€ãŒãšã©ãŒã«ããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ãžã®åä¿¡ã«å€±æãããã¬ãŒã æ°
Internal MAC Transmit Errors
å éšã® MACãµãã¬ã€ã€ãŒãšã©ãŒã«ããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ãžã®éä¿¡ã«å€±æãããã¬ãŒã æ°
RMON çµ±èšDrop Events ãœãŒã¹ã®äžè¶³ã«ãããã±ãããããããããæ°
Jabbersãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )1518 ãªã¯ãããããé·ããã¬ãŒã ã§ãFCS åã¯é åãšã©ãŒãå«ãåä¿¡ãã¬ãŒã æ°ã§
Fragmentsãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )64ãªã¯ããããããå°ããé·ã㧠FCSãããã¯é åãšã©ãŒããã£ãåä¿¡ãã¬ãŒã æ°
Collisions æ¬ Ethernetã»ã°ã¡ã³ãäžã®ã³ãªãžã§ã³ã®ç·æ°ã®æè¯æšå®æ°
Received Octets ãããã¯ãŒã¯äžã§åä¿¡ããããŒã¿ã®ãªã¯ãããã®åèšæ°
Received Packetsåä¿¡ãããã±ããã®åèšæ° (äžè¯ããããŒããã£ã¹ãããã«ããã£ã¹ã )
Broadcast Packets åä¿¡ããæ£åžžãªãã±ããã®ãã¡ãããŒããã£ã¹ãã¢ãã¬ã¹ã«è»¢éãããã±ããæ°ããã«ããã£ã¹ããã±ããã¯å«ãŸãªãã
Multicast packets ä¿¡ããæ£åžžãªãã±ããã®ãã¡ããã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã«è»¢éãããã±ããæ°
Undersize Packetsãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )64ãªã¯ãããããçãé·ãã®åä¿¡ãã±ããæ°ã§ããã®ä»ã®ç¹ã§ã¯æ£åžžãªåä¿¡ãã±ããæ°
Oversize Packetsãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )1518ãªã¯ããããããé·ãåä¿¡ãã±ããã§ããã®ä»ã®ç¹ã§ã¯æ£åžžãªåä¿¡ãã±ããæ°
64 Bytes Packetsäžè¯ãã±ãããå«ãéåä¿¡ããŒã¿ã«ãã±ããæ° (ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã¿ãŸãã)
65-127 Byte Packets128-255 Byte Packets256-511 Byte Packets512-1023 Byte Packets1024-1518 Byte Packets1519-1536 Byte Packets
äžè¯ãã±ãããå«ãéåä¿¡ããŒã¿ã«ãã±ããæ°ã§ãåãªã¯ãããæ°ã®ç¯å²ã«å«ãŸãããã® (ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã¿ãŸãã)
59FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®æ¹æ³
ããŒãçµ±èšã®è¡šç€ºïŒããŒãã«ïŒ
ïŒ1ïŒ[Interface] â [Port]â [Statistics]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒè¡šç€ºããçµ±èšã¢ãŒããéžæããŸããïŒInterfaceãEtherlikeãRMONïŒ
ïŒ3ïŒããããããŠã³ãªã¹ãããããŒããéžæããŸããïŒ4ïŒïŒ RefreshïŒãã¿ã³ã䜿çšããŠè¡šç€ºã®æŽæ°ãè¡ããŸãã
ããŒãçµ±èšã®è¡šç€ºïŒãã£ãŒãïŒ
ïŒ1ïŒ[Interface] â [Port]â [Chart]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒè¡šç€ºããçµ±èšã¢ãŒããéžæããŸããïŒ(InterfaceãEtherlikeãRMONãAllïŒ
ïŒ3ïŒInterfaceãEtherlikeãRMONãéžæããå ŽåãããããããŠã³ãªã¹ãããããŒããéžæããŸããAllçµ±èšã¢ãŒããéžæãããŠããéã«ã¯è¡šç€ºããçµ±èšã¿ã€ããéžæããŠãã ããã
60 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ã±ãŒãã«èšºæã®å®è¡
Interface > Port > Cable TestããŒãžã䜿çšããããŒãã«æ¥ç¶ãããŠããã±ãŒãã«ã®ãã¹ããè¡ããŸããã±ãŒãã«ãã¹ãã¯ã±ãŒãã«ã®æ¬ é¥ïŒã·ã§ãŒãããªãŒãã³ä»ïŒããã§ãã¯ããŸããæ¬ é¥ãèŠã€ãã£ãéãã¹ã€ããã¯æ¬ é¥ãŸã§ã®ã±ãŒãã«é·ãããã¯ã±ãŒãã«ã®å®é·ãå ±åããŸããããã¯ã±ãŒãã«ãã³ãã¯ã¿ã端åã®å質ã決å®ããããã«äœ¿çšãããŸãããªãŒãã³ãã·ã§ãŒããã±ãŒãã«ã€ã³ããŒãã³ã¹äžæŽåã®ãããªåé¡ã¯ããã®ãã¹ãã§èšºæãããããšãå¯èœã§ãã
æ©èœè§£èª¬
⢠ã±ãŒãã«èšºæ㯠Time Domain ReflectometryïŒTDRïŒãã¹ãã¡ãœããã䜿çšããŠå®è¡ãããŸããTDRã¯ãã«ã¹ã·ã°ãã«ãã±ãŒãã«ã«éãããã®ãã«ã¹ã®ãªãã¬ã¯ã·ã§ã³ã調ã¹ãããšã§ã±ãŒãã«ãåæããŸãã
⢠æ¬ãã¹ã㯠7-140mã®ã±ãŒãã«ã§ã®ã¿æ£ç¢ºã§ãã
⢠ãã¹ãã«ã¯çŽ 5ç§ãããããŸããã¹ã€ããã¯ããã«ãã¹ããŒã¿ã¹ãæ¬ é¥ãŸã§ã®ãããã®ã±ãŒãã«é·ãã±ãŒãã«èšºæãéåžžã®ã±ãŒãã«æ¬ é¥çã®çµæã衚瀺ããŸãã
⢠蚺æã«ãã£ãŠãªã¹ããããæœåšçãªç¶æ
ã»OKïŒæ£ç¢ºã«çµç«¯ããããã¢
ã»OpenïŒãªãŒãã³ãã¢ããªã³ã¯ããŒããç¡ã
ã»ShortïŒã·ã§ãŒããããã¢
ã»Not SupportedïŒ1000Mbps以äžã®ã¹ããŒãã§ãªã³ã¯ã¢ããããŠãã Fast EthernetããŒããŸã㯠Gigabit Ethernetã«è¡šç€ºãããŸãã
ã»Impedance mismatchïŒã¿ãŒãããŒãã£ã³ã°ã€ã³ããŒãã³ã¹ããªãã¡ã¬ã³ã¹ã¬ã³ãžã§ãããŸããã
⢠ã±ãŒãã«èšºæã®å®è¡äžãããŒãã¯ãªã³ã¯ããŠã³ããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ã¹ã€ããããŒãèå¥å
Type
ã¡ãã£ã¢ã¿ã€ãã衚瀺ïŒFE-Fast EthernetãGE-Gigabit EthernetïŒ
Link Status
ããŒãã®ãªã³ã¯ã¢ãããŸãã¯ãªã³ã¯ããŠã³ã衚瀺
Test Result
éåžžã®ã±ãŒãã«æ¬ é¥ãã¹ããŒã¿ã¹ãæ¬ é¥ãŸã§ã®è·é¢ãŸãã¯ãããã®ã±ãŒãã«é·ã衚瀺
Last Updated
ãã®ããŒãã§ååãã¹ããè¡ãããæã衚瀺
61FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®æ¹æ³
ã±ãŒãã«ãã¹ãã®å®è¡
ïŒ1ïŒ[Interface] â [Port] â [Cable Test]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãã¹ããè¡ãããŒãã®ãTestããã¯ãªãã¯ããŠãã ããã
62 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
3.4.2 ãã©ã³ã¯ã°ã«ãŒãã®èšå®
ãããã¯ãŒã¯æ¥ç¶ã«ããããã³ãå¹ ã®æ¡å€§ã«ããããã«ããã¯ã®è§£æ¶ãé害ã®åé¿ã®ããã«è€æ°ã®ããŒãã¯æãããã©ã³ã¯æ©èœãå©çšããããšãã§ããŸããæ倧 5ãã©ã³ã¯ãåæã«èšå®ããããšãã§ããŸãã
æ¬æ©ã¯ãéçãã©ã³ã¯åã³åç㪠Link Aggregation Control Protocol (LACP)ã®äž¡æ¹ããµããŒãããŠããŸããéçãã©ã³ã¯ã§ã¯ãæ¥ç¶ã®äž¡ç«¯ã«ãããŠæåã§èšå®ããå¿ èŠãããããŸãCisco EtherChannelã«æºæ ããŠããå¿ èŠããããŸããäžæ¹ LACPã§ã¯ LACPã«èšå®ããããŒããã察åã® LACPèšå®ããŒããšé£æºããèªåçã«ãã©ã³ã¯ã®èšå®ãè¡ãªããŸããéçãã©ã³ã¯ããŒããšããŠèšå®ããŠããªãå Žåã«ã¯ããã¹ãŠã®ããŒãã LACPããŒãã«èšå®ããããšãã§ããŸããããã8ã€ä»¥äžã®ããŒãã«ãã LACPãã©ã³ã¯ã圢æããŠããå Žåã8ã€ã®ããŒã以å€ã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããŸãããã©ã³ã¯ããŠãã 1ã€ã®ããŒãã«é害ãçºçããå Žåã«ã¯ãã¹ã¿ã³ãã€ã¢ãŒãã®ããŒãã® 1ã€ãèªåçã«é害ããŒããšçœ®ãæãããŸãã
æ©èœè§£èª¬
ãã©ã³ã¯å ã®åããŒãã§éä¿¡ãåæ£ããããšåã³ããã©ã³ã¯å ã®ããŒãã§é害ãçºçããå Žåã«ä»ã®ããŒãã䜿çšãéä¿¡ãç¶ç¶ãããæ©èœãæäŸããŸãã
ãªããèšå®ãè¡ãªãå Žåã«ã¯ãããã€ã¹éã®ã±ãŒãã«æ¥ç¶ãè¡ãªãåã«äž¡ç«¯ã®ããã€ã¹ã«ãããŠãã©ã³ã¯ã®èšå®ãè¡ãªã£ãŠäžããã
ãã©ã³ã¯ã®èšå®ãè¡ãªãå Žåã«ã¯ä»¥äžã®ç¹ã«æ³šæããŠäžãã :
⢠ã«ãŒããåé¿ãããããã¹ã€ããéã®ãããã¯ãŒã¯ã±ãŒãã«ãæ¥ç¶ããåã«ããŒããã©ã³ã¯ã®èšå®ãè¡ãªã£ãŠäžããã
⢠1ãã©ã³ã¯æ倧 8ããŒããæ倧 5ãã©ã³ã¯ãäœæããããšãã§ããŸãã
⢠䞡端ã®ããã€ã¹ã®ããŒãããã©ã³ã¯ããŒããšããŠèšå®ããå¿ èŠããããŸãã
⢠ç°ãªãæ©åšå士ã§éçãã©ã³ã¯ãè¡ãªãå Žåã«ã¯ãCisco EtherChannelãšäºææ§ããªããã°ãªããŸããã
⢠ãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯éä¿¡é床ãéä¿¡æ¹åŒãåã³ãããŒå¶åŸ¡ã®éä¿¡ã¢ãŒããVLANèšå®ãåã³ CoSèšå®çã«é¢ããŠåãèšå®ãè¡ãªãå¿ èŠããããŸãã
⢠ãã©ã³ã¯ã®å šãŠã®ããŒã㯠VLANã®ç§»åãè¿œå åã³åé€ãè¡ãªãéã« 1ã€ã®ã€ã³ã¿ãã§ãŒã¹ãšããŠèšå®ããå¿ èŠããããŸãã
⢠STPãVLANåã³ IGMPã®èšå®ã¯ãã©ã³ã¯å šäœãžã®èšå®ã®ã¿ãå¯èœã§ãã
63FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
éçãã©ã³ã¯ã®èšå®
Interface > Trunk > StaticããŒãžã䜿çšãããã©ã³ã¯ã®äœæãããŒãã¡ã³ããŒã®å²ãåœãŠãæ¥ç¶ãã©ã¡ãŒã¿ã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠ã¡ãŒã«ãŒç¬èªã®æ©èœã®å®è£ ã«ãããç°ãªãæ©çš®éã§ã¯ãã©ã³ã¯æ¥ç¶ãã§ããªãå¯èœæ§ããããŸãã æ¬æ©ã®éçãã©ã³ã¯ã¯ Cisco EtherChannelã«å¯Ÿå¿ããŠããŸãã
⢠ãããã¯ãŒã¯ã®ã«ãŒããåé¿ãããããããŒãæ¥ç¶åéçãã©ã³ã¯ãèšå®ããéçãã©ã³ã¯ã解é€ããåã«ããŒãã®åæãè¡ãªã£ãŠäžããã
èšå®ã»è¡šç€ºé ç®
Trunk ID
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
Member
ãã©ã³ã¯ã®åæã¡ã³ããŒïŒAdd MemberããŒãžã䜿çšããŠè¿œå ã¡ã³ããŒãç·šéã§ããŸãïŒ
ïŒ Unit â ãŠãããèå¥åïŒç¯å²ïŒ1ïŒ
ïŒ Port â ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
èšå®æ¹æ³
éçãã©ã³ã¯ã®äœæ
ïŒ1ïŒ[Interface] â [Trunk] â [Static]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrunkããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãã©ã³ã¯èå¥åãå ¥åããŸããïŒ5ïŒãã©ã³ã¯ã®åæã¡ã³ããŒãšãªãããŒãã®ããŠãããããã³ããŒãçªå·ãèšå®ããŸããïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
64 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
éçãã©ã³ã¯ãžã¡ã³ããŒãè¿œå
ïŒ1ïŒ[Interface] â [Trunk] â [Static]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrunkããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd MemberããéžæããŸãã
ïŒ4ïŒãã©ã³ã¯èå¥åãéžæããŸããïŒ5ïŒè¿œå ããããŒãã®ãŠãããããã³ããŒãçªå·ãèšå®ããŸããïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
65FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
åçãã©ã³ã¯èšå®
Interface > Trunk > Dynamic (Configure Aggregator)ããŒãžã䜿çšããã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãã®ç®¡çããŒã®èšå®ãããŒãäžã§ LACPãæå¹ãããŒã«ã«ããã³ããŒããããŒãã®ãããã³ã«ãã©ã¡ãŒã¿ã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠ãããã¯ãŒã¯ã®ã«ãŒããåé¿ãããããããŒãæ¥ç¶åã« LACPãæå¹ã«ããLACPãç¡å¹ã«ããåã«ããŒãã®åæãè¡ã£ãŠäžããã
⢠察åã®ã¹ã€ããã®ããŒãã LACPãæå¹ã«èšå®ããŠããå Žåããã©ã³ã¯ã¯èªåçã«ã¢ã¯ãã£ãã«ãªããŸãã
⢠LACPã«ãã察åã®ã¹ã€ãããšæ§æããããã©ã³ã¯ã«ã¯ãèªåçã«æ¬¡ã®çªå·ã®ãã©ã³ã¯ IDãå²ãåœãŠãããŸãã
⢠8ã€ä»¥äžã®ããŒãã«ãã LACPãã©ã³ã¯ãæå¹ã«ããå Žåã8ã€ã®ããŒã以å€ã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããŸãããã©ã³ã¯ããŠãã 1ã€ã®ããŒãã«é害ãçºçããå Žåã«ã¯ãã¹ã¿ã³ãã€ã¢ãŒãã®ããŒãã® 1ã€ãèªåçã«é害ããŒããšçœ®ãæãããŸãã
⢠LACPãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯åºå®åã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ã«ãã full duplexã«èšå®ããå¿ èŠããããŸãã
[ 泚æ ]ã ãã£ã³ãã«ã°ã«ãŒãã圢æãããport channel admin keyãèšå®ãããŠããªãå Žåããã®ããŒã¯ã°ã«ãŒãã«åå ããŠããã€ã³ã¿ãã§ãŒã¹ã®ããŒãã¢ããã³ããŒãšåãå€ã«èšå®ãããŸãã
èšå®ã»è¡šç€ºé ç®
ã¢ã°ãªã²ãŒã¿èšå®
Admin Key
LACP管çããŒã¯ãåã LAGã«å±ããããŒããšåã䟡ã«èšå®ããå¿ èŠããããŸãïŒç¯å²ïŒ0-65535ïŒ
ã¢ã°ãªã²ãŒã·ã§ã³ããŒãèšå® - éåžž
Port
ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
LACP Status
ããŒãã® LACPãæå¹ /ç¡å¹
ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®èšå® - Actor/Partner
Port
ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
Admin Key
LACP管çããŒã¯ãåã LAGã«å±ããããŒããšåã䟡ã«èšå®ããå¿ èŠããããŸãïŒç¯å²ïŒ0-65535ãåæèšå®ïŒ1ïŒ
66 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
System Priority
LACPã·ã¹ãã ãã©ã€ãªãªãã£ã¯ããªã³ã¯éåã°ã«ãŒã (LAG)ã¡ã³ããŒã決å®ããäžã€LAGéã§ã®èšå®ã®éã«ãä»ã®ã¹ã€ãããæ¬æ©ãèå¥ããããã«äœ¿çšãããŸãïŒç¯å²ïŒ0-65535ãåæèšå®ïŒ32768ïŒ
ïŒåãLAGã«åå ããããŒãã¯åãã·ã¹ãã ãã©ã€ãªãªãã£ãèšå®ããå¿ èŠããããŸãã
ïŒã·ã¹ãã ãã©ã€ãªãªãã£ã¯ã¹ã€ããã®MACã¢ãã¬ã¹ãšçµåããLAGã® IDãšãªããŸãããã® ID 㯠LACPãä»ã®ã·ã¹ãã ãšããŽã·ãšãŒã·ã§ã³ãããéã«ç¹å®ã® LAGã瀺ã IDãšãªããŸãã
Port Priority
ãªã³ã¯ãèœã¡ãå ŽåãLACPããŒããã©ã€ãªãªãã£ã¯ããã¯ã¢ãããªã³ã¯ãéžæããããã«äœ¿çšãããŸãïŒç¯å²ïŒ0-65535ãåæèšå®ïŒ32768ïŒ
[泚æ ]ãããŒãã® LACPèšå®ã¯ããã®ç®¡çã¹ããŒããžã®ã¿é©çšãããæ©èœã¹ããŒããžã¯é©çšãããŸããããŸãã次ã«ããŒããšã¢ã°ãªã²ãŒããªã³ã¯ã確ç«ããæã®ã¿å¹æãçºããŸãã
èšå®æ¹æ³
åçãã©ã³ã¯ã® Admin keyãèšå®
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure AggregatorããéžæããŸãã
ïŒ3ïŒå¿ èŠãšããã LACPã°ã«ãŒãã« Admin keyãèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
67FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒã㧠LACPãæå¹å
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Aggregation PortããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒãGeneralããã¯ãªãã¯ããŸãã
ïŒ5ïŒå¿ èŠãšãããããŒã㧠LACPãæå¹ã«ããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã°ã«ãŒãã¡ã³ããŒã® LACPãã©ã¡ãŒã¿ãèšå®
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Aggregation PortããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ã®ç·šéãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
68 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
åçãã©ã³ã¯ã®ã¢ã¯ãã£ãã¡ã³ããŒã衚瀺
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrunkããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãã©ã³ã¯ãéžæããŸãã
åçãã©ã³ã¯ã®æ¥ç¶ãã©ã¡ãŒã¿ãèšå®
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrunkããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ã®ç·šéãè¡ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
åçãã©ã³ã¯ã®æ¥ç¶ãã©ã¡ãŒã¿ã衚瀺
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrunkããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
69FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
LACPããŒãã«ãŠã³ã¿ã®è¡šç€º
LACPãããã³ã«ã¡ãã»ãŒãžã®çµ±èšæ å ±ã®è¡šç€ºãè¡ãªããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Aggregation PortããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
ïŒ4ïŒãCountersããã¯ãªãã¯ããŸãã
ïŒ5ïŒããŒããªã¹ãããã°ã«ãŒãã¡ã³ããŒãéžæããŸãã
ã«ãŠã³ã¿æ å ±
é ç® è§£èª¬
LACPDUs Sent ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãª LACPDUã®æ°
LACPDUs Received ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãª LACPDUã®æ°
Marker Sent æ¬ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãª Marker PDUã®æ°
Marker Received æ¬ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãª Marker PDUã®æ°
Marker Unknown Pkts
以äžã®ãã¬ãŒã ã®åä¿¡æ°(1) ã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéã³ãæªç¥ã® PDUãå«ãã§ãããã¬ãŒã (2) ã¹ããŒãããã³ã«ã°ã«ãŒã MACã¢ãã¬ã¹ã«å±ããã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéãã§ããªããã¬ãŒã
Marker Illegal Pkts äžæ£ãª PDUåã¯ãããã³ã«ãµãã¿ã€ããäžæ£ãªå€ãå«ãã¹ããŒãããã³ã«ã€ãŒãµããããã±ãããéã¶ãã¬ãŒã æ°
70 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒã«ã«åŽã® LACPèšå®åã³ã¹ããŒã¿ã¹ã®è¡šç€º
Interface > Trunk > Dynamic ïŒConfigure Aggregation Port - Show Information - InternalïŒããŒãžã䜿çšããLACPã®ããŒã«ã«åŽã®èšå®åã³ã¹ããŒã¿ã¹ã®è¡šç€ºãè¡ãªãããšãã§ããŸãã
å éšèšå®æ å ±
é ç® è§£èª¬
LACP System Priority
æ¬ããŒããã£ã³ãã«ã°ã«ãŒãã«å²ãåœãŠããã LACPã·ã¹ãã ãã©ã€ãªãªãã£
LACP Port Priority æ¬ããŒããã£ã³ãã«ã°ã«ãŒãã«å²ãåœãŠããã LACPããŒããã©ã€ãªãªãã£
Admin Key çŸåšã®ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ããŒã®ç®¡çå€Oper Key çŸåšã®ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ããŒã®éçšå€
LACPDUs Interval åä¿¡ãã LACPDUæ å ±ãç¡å¹ã«ãããŸã§ã®ç§æ°
Admin State,Oper State
Actorã®ç®¡çå€åã¯éçšå€ã®ç¶æ ã®ãã©ã¡ãŒã¿ã Expired â Actorã®åä¿¡æ©åšã¯å€±å¹ç¶æ ã§ã
Defaulted â Actorã®åä¿¡æ©åšã¯åæèšå®ã®éçš partnerã®æ å ±ã䜿çšããŠããŸã Distributing â 誀ãã®å Žåããã®ãªã³ã¯äžã®åºåãã¬ãŒã ã®é ä¿¡ã¯ç¡å¹ã«ãªããŸããé ä¿¡ã¯çŸåšç¡å¹ç¶æ ã§ãåä¿¡ãããã³ã«æ å ±ã®ç®¡çäžã®å€æŽãåã¯å€æŽããªãç¶æ ã§æå¹ã«ã¯ãªããŸããã
Collecting â ãã®ãªã³ã¯äžã®å ¥åãã¬ãŒã ã®åéã¯å¯èœãªç¶æ ã§ããåéã¯çŸåšå¯èœãªç¶æ ã§ãåä¿¡ãããã³ã«æ å ±ã®ç®¡çäžã®å€åãåã¯å€åããªãç¶æ ã§ç¡å¹ã«ã¯ãªããŸããã
Synchronization â ã·ã¹ãã ã¯ãªã³ã¯ã IN_SYNCãšèªèããŸããããã«ããæ£ãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãã«å±ãããšãã§ããŸããã°ã«ãŒãã¯äºææ§ã®ãã Aggregatorã«é¢ä¿ããŸãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãã® IDã¯ã·ã¹ãã IDãšéä¿¡ããããªãã¬ãŒã·ã§ãã«ããŒæ å ±ãã圢æãããŸãã
Aggregation â ã·ã¹ãã ã¯ãã¢ã°ãªã²ãŒã·ã§ã³å¯èœãªãªã³ã¯ãšèªèããŠããŸããã¢ã°ãªã²ãŒã·ã§ã³ã®ååšçãªåè£ã§ãã
Long timeout â LACPDUã®åšæçãªéä¿¡ã«ã¹ããŒè»¢éã¬ãŒãã䜿çšããŸãã
LACP-Activity â æ¬ãªã³ã¯ã«é¢ããã¢ã¯ãã£ãã³ã³ãããŒã«å€ ïŒ0ïŒPassiveã1ïŒActiveïŒ
71FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Aggregation PortããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
ïŒ4ïŒãInternalããã¯ãªãã¯ããŸãã
ïŒ5ïŒããŒããªã¹ãããã°ã«ãŒãã¡ã³ããŒãéžæããŸãã
72 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ãªã¢ãŒãåŽã® LACPèšå®åã³ã¹ããŒã¿ã¹ã®è¡šç€º
Interface > Trunk > Dynamic (Configure Aggregation Port - Show Information - Neighbors)ããŒãžã䜿çšããLACPã®ãªã¢ãŒãåŽã®èšå®åã³ã¹ããŒã¿ã¹ã®èšå®ãè¡ãªãããšãã§ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Trunk] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Aggregation PortããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
ïŒ4ïŒãPartnerããã¯ãªãã¯ããŸãã
ïŒ5ïŒããŒããªã¹ãããã°ã«ãŒãã¡ã³ããŒãéžæããŸãã
LACPå éšèšå®æ å ±
é ç® è§£èª¬
Partner Admin System ID ãŠãŒã¶ã«ããæå®ããã LAG partnerã®ã·ã¹ãã ID
Partner Oper System ID LACPãããã³ã«ã«ããæå®ããã LAG partnerã®ã·ã¹ãã ID
Partner AdminPort Number ãããã³ã« partnerã®ããŒãçªå·ã®çŸåšã®ç®¡çå€
Partner OperPort Number
ããŒãã®ãããã³ã« partnerã«ããã¢ã°ãªã²ãŒã·ã§ã³ããŒãã«æå®ãããéçšããŒãçªå·
Port Admin Priority ãããã³ã« partnerã®ããŒããã©ã€ãªãªãã£ã®çŸåšã®ç®¡çå€
Port Oper Priority partnerã«ããæå®ãããæ¬ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ãã©ã€ãªãªãã£
Admin Key ãããã³ã« partnerã®ããŒã®çŸåšã®ç®¡çå€
Oper Key ãããã³ã« partnerã®ããŒã®çŸåšã®éçšå€
Admin State partnerã®ãã©ã¡ãŒã¿ã®ç®¡çå€ïŒåã®è¡šãåç §ïŒ
Oper State partnerã®ãã©ã¡ãŒã¿ã®éçšå€ïŒåã®è¡šãåç §ïŒ
73FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
3.4.3 ãã¯ãŒã»ãŒãã³ã°
Interface > Green EthernetããŒãžã䜿çšããéžæãããããŒãã®ãã¯ãŒã»ãŒãã³ã°ã¢ãŒããæå¹ã«ããŸãã.
æ©èœè§£èª¬
⢠IEEE802.3㯠100mã§çšŒåããŠããã±ãŒãã«æ¥ç¶ã«åºã¥ããã€ãŒãµãããã¹ã¿ã³ããŒããšç¶ãé»æºæ¡ä»¶ãå®çŸ©ããŠããŸãããã¯ãŒã»ãŒãã³ã°ã¢ãŒãã®æå¹ã¯ 60mãŸãã¯ãã以äžã®é·ãã®ã±ãŒãã«äœ¿çšæã®é»åãåæžã20mãŸãã¯ãã以äžã®ã±ãŒãã«äœ¿çšæã«ã¯æŽã«åæžããä¿¡å·ä¿å šæ§ã®ä¿èšŒã¯ç¶æãããŸãã
⢠ãªã³ã¯ããŒãããŒãç¡ãç¶æ ã§ã®ãã¯ãŒã»ãŒãã³ã°æšæºçãªãªãã¬ãŒã·ã§ã³äžã§ã¯ããªã³ã¯ããŒãããŒãèŠã€ããããã¹ã€ããã¯ç¶ç¶ããŠãªãŒãããŽã·ãšãŒããè¡ããæ¥ç¶ãååšããªãå Žåã«ã MACã€ã³ã¿ãã§ãŒã¹ã¯ãã¯ãŒã¢ãããç¶æãç¶ããŸãããã¯ãŒã»ãŒãã³ã°ã¢ãŒãã®äœ¿çšæãã¹ã€ããã¯ãªã³ã¯ããŒãããŒã®æç¡ããµãŒãããã®ãšãã«ã®ãŒããã§ãã¯ããããšã§æ±ºå®ããŸããããäœãæ€åºãããªãå Žåãã¹ã€ããã¯èªåçã«çºä¿¡æ©ãšåä¿¡åè·¯ã®å€§éšåããªãã«ããŸããïŒã¹ãªãŒãã¢ãŒããžå ¥ããŸãïŒãã®ã¢ãŒãã§ã¯ãããŒãã¯ãŒãšãã«ã®ãŒæ€çŽ¢åè·¯ã¯ã±ãŒãã«äžã®ãšãã«ã®ãŒããã§ãã¯ãç¶ããŸãããªã«ãæ€åºãããªãå ŽåãMACã€ã³ã¿ãã§ãŒã¹ããŸãäœåãªãšãã«ã®ãŒãç¯çŽããããã«ãã¯ãŒãããŠã³ããŸãããšãã«ã®ãŒãæ€åºãããå Žåãã¹ã€ããã¯ãã ã¡ã«çºä¿¡æ©ãšåä¿¡æ©èœçšæ³ã§ã¿ãŒã³ãªã³ãããMACã€ã³ã¿ãã§ãŒã¹ããã¯ãŒã¢ããããŸãã
⢠ãªã³ã¯ããŒãããŒãæãç¶æ ã§ã®ãã¯ãŒã»ãŒãã³ã°åŸæ¥ã®ã€ãŒãµãããæ¥ç¶ã¯ãäžè¬ã«å°ãªããšã 100ïœã±ãŒãã«ã®å åãªé»åããµããŒãããŠçšŒåããŸããããããã¯ãŒã¯ã±ãŒãã«ã®é·ãã®å¹³åã¯ããããçãã§ããã±ãŒãã«ãçãå Žåãä¿¡å·æžè¡°ã¯ã±ãŒãã«ã®é·ãã«æ¯äŸããã®ã§ãé»åæ¶è²»éãæžå°ããããšãå¯èœã§ãããã¯ãŒã»ãŒãã³ã°ã¢ãŒããæå¹ã®éãã¹ã€ããã¯ç¹å®ã®ãªã³ã¯ã«äœ¿çšãããä¿¡å·åºåã¬ãã«ãæžããããšãåºæ¥ããåŠã決å®ããããã«ãã±ãŒãã«ã®é·ããåæããŸãã
[泚æ ]ããã¯ãŒã»ãŒãã³ã°ã¯ãã€ã¹ããã¢é ç·äœ¿çšæã®ã®ã¬ãããã€ãŒãµãããããŒãã§ã®ã¿å®è¡ãããŸããã¢ã¯ãã£ããªã³ã¯ã®ãã¯ãŒã»ãŒãã³ã°ã¢ãŒãã¯æ¥ç¶ã¹ããŒãã1Gbpsã§ãããã©ã€ã³ã®é·ãã 60m以äžã®å Žåã«ã®ã¿åäœããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ãã¯ãŒã»ãŒãã³ã°ã¢ãŒãã¯é ã¡ãã£ã¢ã䜿çšããã®ã¬ãããã€ãŒãµãããããŒãã«ã®ã¿é©çšãããŸãã
Power Saving Status
ä»ã®ããã€ã¹ãžã®æ¥ç¶ã«äœ¿çšãããã±ãŒãã«ã®é·ãã«åºã¥ããããŒãã«æäŸãããé»åã調æŽããŸããïŒåæèšå®ïŒã®ã¬ããã RJ-45ããŒãã§æå¹ïŒ
74 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Green Ethernet] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒæå¹ã«ããããŒãã®ãã§ãã¯ããã¯ã¹ãã¯ãªãã¯ããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
75FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
3.4.4 ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³
ããŒã«ã«ãããã¯ãŒã¯ããã³ãµãŒãã¹ãããã€ããžã®ã¢ãããªã³ã¯ããŒãäžã§ãç°ãªãã¯ã©ã€ã¢ã³ãããããŠã³ãªã³ã¯ããŒããééãããã©ãã£ãã¯ã«ãããå³ããã»ãã¥ãªãã£ãå¿ èŠãšãããéãåã ã®ã¯ã©ã€ã¢ã³ãã»ãã·ã§ã³ã®ãã©ãã£ãã¯ãéé¢ããããã«ããŒãããŒã¹ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã䜿çšã§ããŸãã
ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã®æå¹å
InterfaceïŒ Traffic Segmentation ïŒConfigure GlobalïŒããŒãžã䜿çšããŠããã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãæå¹ã«ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Status
ããŒãããŒã¹ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãæå¹ã«ããŸãïŒåæèšå®ïŒç¡å¹ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Traffic Segmentation] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãEnableããã§ãã¯ããã¯ã¹ã«ãã§ãã¯ãå ¥ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
76 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
ã¢ãããªã³ã¯ /ããŠã³ãªã³ã¯ããŒãã®èšå®
ã¢ãããªã³ã¯ããŒããã¢ãµã€ã³ããŸããããŠã³ãªã³ã¯ããŒããšããŠæå®ãããããŒãã¯ã¢ãããªã³ã¯ããŒããé€ããã¹ã€ããã®ä»ã®ããŒããšã®ã³ãã¥ãã±ãŒãã§ããŸãããã¢ãããªã³ã¯ããŒãã¯ãã®ä»ã®ã¹ã€ããäžã®ããŒãããã³ãããŠã³ãªã³ã¯ããŒãã«æå®ãããããŒããšã³ãã¥ãã±ãŒããå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺
Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åâïŒç¯å²ïŒ1-5ïŒ
Direction
ã€ã³ã¿ãã§ãŒã¹ãã¢ãããªã³ã¯ãŸãã¯ããŠã³ãªã³ã¯ã«èšå®ãããã°ã«ãŒãã«è¿œå
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [Traffic Segmentation] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure SessionããéžæããŸãã
ïŒ3ïŒãã£ã¬ã¯ã·ã§ã³ãªã¹ããããã°ã«ãŒãã¡ã³ããŒã«è¿œå ããã¢ãããªã³ã¯ãŸãã¯ããŠã³ãªã³ã¯ãéžæããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
77FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
3.4.5 VLANãã©ã³ãã³ã°
Interface > VLAN TrunkingããŒãžã䜿çšããæªç¥ã® VLANã°ã«ãŒããæå®ãããã€ã³ã¿ãã§ãŒã¹ãééããããšãèš±å¯ããŸãã
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãããããå±ããªã VLANã°ã«ãŒãã®ãã©ãã£ãã¯ãæž¡ã 1ã€ä»¥äžã®äžéã¹ã€ããã暪åããã³ãã«ãèšå®ããŸãã以äžã®å³ã¯ VLAN1ãš 2ãã¹ã€ãã Aãš Bãž VLANãã©ã³ãã³ã°ãšå ±ã«èšå®ããã¹ã€ãã C,Dããã³ Eã暪æãããããã® VLANã°ã«ãŒãããã©ãã£ãã¯ãæž¡ãããã«äœ¿çšãããŸãã .
VLANãã©ã³ãã³ã°ãç¡ãå Žåãå šãŠã®äžéã¹ã€ãããž VLAN1ãš 2ãèšå®ããå¿ èŠããããŸãããããªããã°ãããã®ã¹ã€ããã¯æªç¥ã® VLANã°ã«ãŒãã¿ã°ã®ã€ãããã¬ãŒã ãç Žæ£ããŸããVLANãã©ã³ãã³ã°ãæå¹ã«ããã°ãã¹ã€ãã Aãš Bãžã®ã¿ããããã® VLANã°ã«ãŒããäœæããã ãã§äžéã¹ã€ããããŒãã¯çµè·¯ã«æ²¿ã£ãŠ VLAN1ãš VLAN2ã®æ¥ç¶ãè¡ããŸããDãš Eã¯ãVLANã°ã«ãŒãã¿ã° 1ãš 2ãä»ãããã¬ãŒã ãèªåçã«èš±å¯ããVLANãã©ã³ãã³ã°ããŒããééããããšãå¯èœã«ãªããŸãã
⢠VLANãã©ã³ãã³ã°ã¯ "access"ã¹ã€ããããŒãã¢ãŒãïŒ728 ããŒãžã®ãswitchport modeããåç §ïŒãšçžäºã«æä»çã§ãããã VLANãã©ã³ãã³ã°ãã€ã³ã¿ãã§ãŒã¹ã§æå¹ã®å Žåããã®ã€ã³ã¿ãã§ãŒã¹ã¯ã¢ã¯ã»ã¹ã¢ãŒãã«ã¯èšå®ããããšãåºæ¥ãŸããããã®éããŸãåæ§ã§ãã
⢠ã¹ããã³ã°ããªãŒæ§æããã®ã«ãŒããé²ãçºãå šãŠã®æªç¥ã® VLANã¯äžã€ã®ã€ã³ã¹ã¿ã³ã¹ïŒSTP/RSTPãŸã㯠MSTPã€ã³ã¹ã¿ã³ã¹ãéžæããã STAã¢ãŒãã«äŸåïŒãžãã€ã³ããããŸãã
⢠ããŒãã§ãVLANãã©ã³ãã³ã°ãšã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã®äž¡æ¹ãç¡å¹ã®å Žåãæªç¥ã®ã¿ã°ãä»ãããã±ããã¯ãã®ã€ã³ã¿ãã§ãŒã¹ãžå ¥ãããšãèš±å¯ãããVLANãã©ã³ãã³ã°ãæå¹ã§ãããã®ä»å šãŠã®ããŒããžãã©ãããããŸããïŒVLANãã©ã³ãã³ã°ã®å¹æã¯æªç¥ã® VLANã§äŸç¶æå¹ã§ããïŒ
V1 V2
A
C
D
E
B
V1 V2
78 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹èšå®
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺
Port
ããŒãèå¥åïŒç¯å²ïŒ9-10ïŒ
[泚æ ]ãVLANãã©ã³ãã³ã°ã¯ã®ã¬ãããããŒãã§ã®ã¿æå¹ã«åºæ¥ãŸãã
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
VLAN Trunking Status
éžæãããã€ã³ã¿ãã§ãŒã¹ã§ VLANãã©ã³ãã³ã°ãæå¹å
èšå®æ¹æ³
ïŒ1ïŒ[Interface] â [VLAN Trunking]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒããŒããŸãã¯ãã©ã³ã¯ãã¯ãªãã¯ããã€ã³ã¿ãã§ãŒã¹ã¿ã€ããæå®ããŸããïŒ3ïŒã®ã¬ãããããŒããŸãã¯ã®ã¬ãããããŒããå«ããã©ã³ã¯ã® VLANãã©ã³ãã³ã°ãæ
å¹ã«ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
79FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5 VLAN
3.5.1 IEEE802.1Q VLAN
倧èŠæš¡ãªãããã¯ãŒã¯ã§ã¯ããããŒããã£ã¹ããã©ãã£ãã¯ãåæ£ãããããã«ã«ãŒã¿ã«ããåãµãããããç°ãªããã¡ã€ã³ã«åå²ããŸããæ¬æ©ã§ã¯åæ§ã®ãµãŒãã¹ãã¬ã€ã€ 2ã®VLANæ©èœã«ãããããŒããã£ã¹ããã¡ã€ã³ãåå²ããããããã¯ãŒã¯ã®ã°ã«ãŒããäœæãããããšãã§ããŸããVLANã¯åã°ã«ãŒãã§ãããŒããã£ã¹ããã©ãã£ãã¯ãå¶éãã倧èŠæš¡ãããã¯ãŒã¯ã«ããããããŒããã£ã¹ãã¹ããŒã ãåé¿ããŸãã
ãŸããVLANã«ããå®å šã§å¿«é©ãªãããã¯ãŒã¯ç°å¢ã®æ§ç¯ãè¡ãªãããšãã§ããŸãã
IEEE 802.1Q VLANã¯ããããã¯ãŒã¯äžã©ãã«ã§ãé 眮ããããšãã§ããç©ççã«é¢ããŠããŠãåãç©ççãªã»ã°ã¡ã³ãã«å±ããããã«éä¿¡ãè¡ãããšãã§ããŸãã
VLANã¯ç©ççãªæ¥ç¶ãå€æŽããããšãªãæ°ãã VLANãžããã€ã¹ãè¿œå ããããšãããããã¯ãŒã¯ç®¡çãç°¡åã«è¡ãããšãã§ããŸããVLANã¯ããŒã±ãã£ã³ã°ãR&Dçã®éšéå¥ã®ã°ã«ãŒããe-mailããã«ãã¡ãã£ã¢ã¢ããªã±ãŒã·ã§ã³ãªã©ã®äœ¿çšæ¹æ³ããšã«ã°ã«ãŒãåããè¡ãããšãã§ããŸãã
VLANã¯ãããŒããã£ã¹ãéä¿¡ã軜æžããããšã«ãã巚倧ãªãããã¯ãŒã¯èœåå¹çãå®çŸããIPã¢ãã¬ã¹å㯠IPãµãããããå€æŽããããšãªããããã¯ãŒã¯æ§æã®å€æŽãå¯èœã«ããŸããVLANã¯æ¬è³ªçã«ç°ãªã VLANãžã®éä¿¡ã«ãèšå®ãããã¬ã€ã€ 3ã«ãã転éãå¿ èŠãšãªããããé«æ°Žæºã®ãããã¯ãŒã¯ã»ãã¥ãªãã£ãæäŸããŸãã
æ¬æ©ã§ã¯ä»¥äžã® VLANæ©èœããµããŒãããŠããŸãã
⢠EEE802.1Qæºæ ã®æ倧 256VLANã°ã«ãŒã
⢠GVRPãããã³ã«ãå©çšãããè€æ°ã®ã¹ã€ããéã§ã®åç㪠VLANãããã¯ãŒã¯æ§ç¯
⢠è€æ°ã® VLANã«åå ã§ãããªãŒãã©ããããŒãã®èšå®ãå¯èœãªãã«ããã« VLAN
⢠ãšã³ãã¹ããŒã·ã§ã³ã¯è€æ°ã® VLANãžæå±å¯èœ
⢠VLAN察å¿ãš VLANé察å¿ããã€ã¹éã§ã®éä¿¡ãå¯èœ
⢠ãã©ã€ãªãªãã£ã¿ã®ã³ã°
VLANãžããŒãã®å²ãåœãŠ
VLANãæå¹ã«ããåã«ãåããŒããåå ãã VLANã°ã«ãŒãã«å²ãåœãŠãå¿ èŠããããŸããåæèšå®ã§ã¯å šãŠã®ããŒãã VLAN 1ã«ã¿ã°ãªãããŒããšããŠå²ãåœãŠãããŠããŸãã1ã€åã¯è€æ°ã® VLANã§éä¿¡ãè¡ãå ŽåããVLANã«å¯Ÿå¿ãããããã¯ãŒã¯æ©åšããã¹ããšéä¿¡ãè¡ãå Žåã«ã¯ãã¿ã°ä»ããŒããšããŠèšå®ãè¡ããŸãããã®åŸãæåå㯠GVRPã«ããåçãªèšå®ã«ãããåã VLANäžã§éä¿¡ãè¡ãããä»ã® VLAN察å¿ããã€ã¹äžã§ããŒããå²ãåœãŠãŸãã
ãããã1ã€åã¯è€æ°ã® VLANã«ããŒããåå ããéã«ã察åã®ãããã¯ãŒã¯æ©åšããã¹ãã VLANã«å¯Ÿå¿ããŠãªãå Žåã«ã¯ããã®ããŒããã¿ã°ãªãããŒããšããŠèšå®ãè¡ãå¿ èŠããããŸãã
80 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
[泚æ ]ã ã¿ã°ä» VLANãã¬ãŒã 㯠VLAN察å¿åã³ VLANé察å¿ã®ãããã¯ãŒã¯æ©åšãéãããšãã§ããŸãããVLANã¿ã°ã«å¯Ÿå¿ããŠããªãçµç«¯ããã€ã¹ã«å°éããåã«ã¿ã°ãå€ãå¿ èŠããããŸãã
VLANã®åé¡ â ãã¬ãŒã ãåä¿¡ããéãã¹ã€ãã㯠2çš®é¡ã®ãã¡ 1çš®é¡ã®ãã¬ãŒã ãšããŠèªèããŸããã¿ã°ãªããã¬ãŒã ã®å Žåãåä¿¡ããããŒãã® PVIDã«åºã¥ãã VLANã«ãã¬ãŒã ãå²ãåœãŠãŸããã¿ã°ä»ãã¬ãŒã ã®å ŽåãVLAN IDã¿ã°ã䜿çšããŠãã¬ãŒã ã®ããŒããããŒããã£ã¹ããã¡ã€ã³ãå²ãåœãŠãŸãã
ããŒãã®ãªãŒãã©ãã â ããŒãã®ãªãŒãã©ããã¯ããã¡ã€ã«ãµãŒãåã¯ããªã³ã¿ã®ããã«ç°ãªã£ã VLANã°ã«ãŒãéã§å ±æããããããã¯ãŒã¯ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããããã«äœ¿çšããŸãã
ãªãŒãã©ãããè¡ããªã VLANãèšå®ããVLANéã§ã®éä¿¡ãè¡ãå¿ èŠãããå Žåã«ã¯ã¬ã€ã€ 3ã«ãŒã¿åã¯ã¹ã€ããã䜿çšããããšã«ããéä¿¡ãè¡ããŸãã
ã¿ã°ãªã VLAN â ã¿ã°ãªãåã¯éç VLANã¯ãããŒããã£ã¹ããã©ãã£ãã¯ã®è»œæžåã³ã»ãã¥ãªãã£ã®ããã䜿çšãããŸãã
VLANã«å²ãåœãŠããããŠãŒã¶ã°ã«ãŒãããä»ã® VLANãšåãããããããŒããã£ã¹ããã¡ã€ã³ãšãªããŸãããã±ããã¯åã VLANå ã®æå®ãããããŒãéã§ã®ã¿éä¿¡ãããŸããã¿ã°ãªã VLANã¯æåã§ã®ãŠãŒã¶ã°ã«ãŒãåã¯ãµããããã®åå²ãè¡ããŸãããŸããGVRPã䜿çšãã IEEE802.3ã¿ã° VLANã«ãããå®å šã«èªååãã VLANç»é²ãè¡ãããšãå¯èœãšãªããŸãã
èªå VLANç»é² â GVRP (GARP VLAN Registration Protocol)ã¯åçµç«¯è£ 眮ã VLANãå²ãåœãŠãããå¿ èŠãããå Žåã«ãVLANãèªåçã«åŠç¿ãèšå®ãè¡ããŸããçµç«¯è£ 眮ïŒåã¯ãã®ãããã¯ãŒã¯ã¢ããã¿ïŒã IEEE802.1Q VLANãããã³ã«ã«å¯Ÿå¿ããŠããå Žåãåå ããã VLANã°ã«ãŒããæ瀺ããã¡ãã»ãŒãžããããã¯ãŒã¯ã«éä¿¡ããããã®èšå®ãè¡ãããšãã§ããŸããæ¬æ©ããããã®ã¡ãã»ãŒãžãåä¿¡ããéãæå®ããã VLANã®åä¿¡ããŒããžèªåçã«è¿œå ããã¡ãã»ãŒãžãä»ã®å šãŠã®ããŒããžè»¢éããŸãã
ã¡ãã»ãŒãžãä»ã® GVRP察å¿ã®ã¹ã€ããã«å±ãããšãã«ããåæ§ã«æå®ããã VLANã®åä¿¡ããŒããžè¿œå ãããä»ã®å šãŠã®ããŒããžã¡ãã»ãŒãžãéãããŸããVLANã®èŠæ±ã¯ãããã¯ãŒã¯ãéããŠéãããŸããGVRP察å¿ããã€ã¹ã¯ãçµç«¯è£ 眮ã®èŠæ±ã«åºã¥ãèªåçã«VLANã°ã«ãŒãã®æ§æãè¡ãããšãå¯èœãšãªããŸãã
ãããã¯ãŒã¯ã§ GVRPã䜿çšããããã«ãæåã«èŠæ±ããã VLANãžïŒOSåã¯ã¢ããªã±ãŒã·ã§ã³ã䜿çšããŠïŒãã¹ãããã€ã¹ãè¿œå ããŸãããã®åŸããã® VLANæ å ±ããããã¯ãŒã¯äžãžäŒéãããŸãããã¹ãã«çŽæ¥æ¥ç¶ããããšããžã¹ã€ããããã³ãããã¯ãŒã¯ã®ã³ã¢ã¹ã€ããã«ãã㊠GVRPãæå¹ã«ããŸãããŸãããããã¯ãŒã¯ã®ã»ãã¥ãªãã£å¢çç·ã決ããéç¥ã®äŒéãé²ãããããŒãã® GVRPãç¡å¹ã«ããããããŒãã® VLANãžã®åå ãçŠæ¢ããå¿ èŠããããŸãã
[ 泚æ ]ãGVRP ã«å¯Ÿå¿ããŠããªããã¹ãããã€ã¹ã§ã¯ãããã€ã¹ãžæ¥ç¶ããããŒãã§éçVLANãèšå®ããå¿ èŠããããŸãããŸããã³ã¢ã¹ã€ãããšãšããžã¹ã€ããã«ãããŠGVRPãæå¹ã«ããå¿ èŠããããŸãã
81FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ã¿ã°ä»ãã»ã¿ã°ãªããã¬ãŒã ã®éä¿¡ïŒ 1å°ã®ã¹ã€ããã§ããŒãããŒã¹ã® VLANãæ§æããå Žåãåãã¿ã°ãªã VLANã«ããŒããå²ãåœãŠãããšã§æ§æã§ããŸããããããè€æ°ã®ã¹ã€ããéã§ã® VLANã°ã«ãŒãã«åå ããããã«ã¯ãå šãŠã®ããŒããã¿ã°ä»ããŒããšããVLANãäœæããå¿ èŠããããŸãã
åããŒãã¯è€æ°ã®ã¿ã°ä»åã¯ã¿ã°ãªã VLANã«å²ãåœãŠãããšãã§ããŸãããŸããåããŒãã¯ã¿ã°ä»åã³ã¿ã°ãªããã¬ãŒã ãééãããããšãã§ããŸãã
VLAN察å¿æ©åšã«éããããã¬ãŒã ã¯ãVLANã¿ã°ãä»ããŠéä¿¡ãããŸããVLANæªå¯Ÿå¿æ©åšïŒç®çãã¹ããå«ãïŒã«éããããã¬ãŒã ã¯ãéä¿¡åã«ã¿ã°ãåãé€ããªããã°ãªããŸãããã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåã¯ããã®ãã¬ãŒã ããã¬ãŒã ã¿ã°ã«ããæ瀺ãããVLANãžéããŸããVLANé察å¿æ©åšããã¿ã°ãªããã¬ãŒã ãåä¿¡ããå Žåã¯ããã¬ãŒã ã®è»¢éå ã決ããé²å ¥ããŒãã®ããã©ã«ã VIDã衚瀺ãã VLANã¿ã°ãæ¿å ¥ããŸãã
3 5 7 8
1013
1416
1215
1711
64
18
21
9
Port-based VLAN
82 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
VLANã°ã«ãŒãã®èšå®
VLAN > Static (Add) ããŒãžã䜿çšããVLANã®äœæãšåé€ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Add
VLAN ID
VLAN IDãŸã㯠VLANç¯å²ïŒ1-4093ïŒæ倧 256VLANã°ã«ãŒããå®çŸ©ã§ããŸããVLAN1ã¯ããã©ã«ãã¿ã°ç¡ã VLANã«ãªããŸãã
Status
æå®ãã VLANãæå¹ /ç¡å¹ã«ããŸãã
Remote VLAN
ãã® VLANã RSPANçšã«ç¢ºä¿ããŸããïŒè©³çŽ°ã¯ P54 ããªã¢ãŒãããŒããã©ãŒãªã³ã°ã®èšå®ããåç §ããŠãã ããïŒ
Modify
VLAN ID
èšå®ããã VLAN IDïŒ1-4093ïŒVLAN Name
VLANåïŒ1-32æåïŒ
Status
æå®ãã VLANãæå¹ /ç¡å¹ã«ããŸãã
show
VLAN ID
èšå®ããã VLAN IDVLAN Name
VLANå
Status
èšå®ããã VLANã®ã¹ããŒã¿ã¹
Remote VLAN
ãã® VLAN㧠RSPANãæå¹æã«è¡šç€ºïŒè©³çŽ°ã¯ P54 ããªã¢ãŒãããŒããã©ãŒãªã³ã°ã®èšå®ããåç §ããŠãã ããïŒ
83FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
VLANã®äœæ
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒVLAN IDãŸã㯠IDã®ç¯å²ãå ¥åããŸããïŒ4ïŒ"Enable"ã«ãã§ãã¯ãå ¥ã VLANãåäœãããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
VLANã®ç·šé
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒèšå®ããã VLANã® IDãéžæããŸããïŒ4ïŒå¿ èŠã«å¿ããVLANåãã¹ããŒã¿ã¹çã®ç·šéãè¡ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
VLANèšå®ã®è¡šç€º
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸãã
84 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
85FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
VLANãžã®éçã¡ã³ããŒã®è¿œå
VLAN > StaticããŒãžã䜿çšããéžæãã VLANã®ããŒãã¡ã³ããŒã®èšå®ãè¡ãªããŸãã
IEEE802.1Q VLANæºæ ã®æ©åšãšæ¥ç¶ããå Žåã«ã¯ããŒãã¯ã¿ã°ä»ãšããŠèšå®ããVLANé察å¿æ©åšãšæ¥ç¶ããå Žåã«ã¯ã¿ã°ãªããšããŠèšå®ããŸãããŸããGVRPã«ããèªå VLANç»é²ããåé¿ããããããŒãã®èšå®ãè¡ãªããŸãã
èšå®ã»è¡šç€ºé ç®
VLANã«ããã¡ã³ããŒç·šé
VLAN
èšå®ããã VLAN IDïŒ1-4093ïŒ
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺
Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
Mode
ããŒãã® VLANã¡ã³ããŒã·ããã¢ãŒãã衚瀺ããŸãïŒ(åæèšå® :Hybrid)
⢠Access â ããŒããã¿ã°ç¡ãã€ã³ã¿ãã§ãŒã¹ãšããŠåäœããããã«èšå®ããŸããå šãŠã®ãã¬ãŒã ã¯ã¿ã°ç¡ãã«ãªããŸãã
⢠Hybrid â ãã€ããªãã VLANã€ã³ã¿ãã§ãŒã¹ãæå®ããŸããããŒãã¯ã¿ã°ä»åã¯ã¿ã°ãªããã¬ãŒã ãéåä¿¡ããŸãã
⢠1Q Trunk â VLANãã©ã³ã¯ã®çµç«¯ãšãªã£ãŠããããŒããæå®ããŸãããã©ã³ã¯ã¯ 2å°ã®ã¹ã€ããã®çŽæ¥æ¥ç¶ãšãªããããŒãã¯çºä¿¡å VLANã®ã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸããããããããŒãã®ããã©ã«ã VLANã«å±ãããã¬ãŒã ã¯ã¿ã°ãªããã¬ãŒã ãéä¿¡ãããŸãã
PVID
ã¿ã°ãªããã¬ãŒã ãåä¿¡ããéã«ä»ãã VLAN IDïŒåæèšå® : 1ïŒ
ã€ã³ã¿ãã§ãŒã¹ã VLAN 1ã®ã¡ã³ããŒã§ãªãå Žåã«ããã® VLANãž PVID â1âãå²ãåœãŠãå Žåãã€ã³ã¿ãã§ãŒã¹ã¯èªåçã«ã¿ã°ãªãã¡ã³ããŒãšã㊠VLAN 1ã«åå ããŸãããã®ä»ã®VLANã«é¢ããŠã¯ããŸããStatic tableãïŒ86 ããŒãžã®ãVLANãžã®éçã¡ã³ããŒã®è¿œå ããåç §ïŒã«ãŠãå VLANã«æå±ããŠããããŒãããšã« Tagä»ããTagãªãã®èšå®ãè¡ãå¿ èŠããããŸãã
Acceptable Frame Type
å šãŠã®ãã¬ãŒã åã¯ã¿ã°ä»ãã¬ãŒã ã®ã¿ã®ã©ã¡ããåãå ¥ãå¯èœãªãã¬ãŒã ã®çš®é¡ãèšå®ããŸããå šãŠã®ãã¬ãŒã ãéžæããå Žåã«ã¯ãåä¿¡ããã¿ã°ãªããã¬ãŒã ã¯ããã©ã«ã VLANã«å²ãåœãŠãããŸãã(éžæè¢ :å šãŠåã¯ã¿ã°ä»ããåæèšå® :å šãŠ (all))
Ingress Filtering
å ¥åããŒããã¡ã³ããŒã§ãªã VLANã®ã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåã®åŠçãèšå®ããŸãïŒåæèšå®ïŒæå¹ (Enabled)ïŒ
86 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ã¿ã°ä»ãã¬ãŒã ã§ã®ã¿æ©èœããŸãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã§ãããŒããã¡ã³ããŒã§ãªã VLANã®ã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåãåä¿¡ãã¬ãŒã ãç Žæ£ããŸãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ GVRPå㯠STPçã® VLANãšé¢é£ããªã BPDUãã¬ãŒã ã«æ©èœããŸãããããããGMRPã®ãã㪠VLANã«é¢é£ãã BPDUãã¬ãŒã ã«ã¯æ©èœããŸãã
Membership Type
ã©ãžãªãã¿ã³ãããŒã¯ããããšã«ãããåã€ã³ã¿ãã§ãŒã¹ãžã® VLANã¡ã³ããŒã·ãããéžæããŸãã
⢠Tagged âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒãšãªããŸããããŒãããéä¿¡ãããå šãŠã®ãã±ããã«ã¿ã°ãã€ããããŸããã¿ã°ã«ãã VLANåã³ CoSæ å ±ãéã°ããŸãã
⢠Untagged âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒãšãªããŸããããŒããã転éãããå šãŠã®ãã±ããããã¿ã°ãã¯ããããŸããã¿ã°ã«ãã VLANåã³ CoSæ å ±ã¯éã°ããŸãããåã€ã³ã¿ãã§ãŒã¹ã¯ã¿ã°ãªãããŒããšããŠæäœ 1ã€ã®ã°ã«ãŒãã«å²ãåœãŠãªããã°ãããŸããã
⢠Forbidden âGVRPã䜿çšãã VLANãžã®èªåçãªåå ãçŠæ¢ããŸãã詳现㯠P80ãåç §ããŠäžããã
⢠None âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒã§ã¯ãããŸããããã® VLANã«é¢é£ãããã±ããã¯ãã€ã³ã¿ãã§ãŒã¹ããéä¿¡ãããŸããã
[ 泚æ ]ãVLAN1 ã¯ã¢ã¯ã»ã¹ã¢ãŒãã䜿çšããã¹ã€ããäžã®å šãŠã®ããŒããå«ããããã©ã«ãã¿ã°ç¡ã VLANã§ãã
ã€ã³ã¿ãã§ãŒã¹ã«ããã¡ã³ãç·šé
å šãŠã®ãã©ã¡ãŒã¿ã¯ãåã®é ãVLANã«ããã¡ã³ããŒç·šéãã§è§£èª¬ãããŠããå 容ãšåãã§ãã
ã€ã³ã¿ãã§ãŒã¹ç¯å²ã«ããã¡ã³ãç·šé
以äžã® 2é ç®ä»¥å€ã®å šãŠã®ãã©ã¡ãŒã¿ã¯ãåã®é ãVLANã«ããã¡ã³ããŒç·šéãã§è§£èª¬ãããŠããå 容ãšåãã§ãã
â Port Range ïŒããŒãã®ãªã¹ãã衚瀺ïŒç¯å²ïŒ1-10ïŒ
â Trunk Range . ããŒãã®ãªã¹ãã衚瀺ïŒç¯å²ïŒ1-5ïŒ
87FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
VLANã€ã³ããã¯ã¹ã§éçã¡ã³ããŒãèšå®
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããEdit Member by VLANããéžæããŸãã
ïŒ3ïŒããŒããŸãã¯ãã©ã³ã¯ãšããŠè¡šç€ºããã€ã³ã¿ãã§ãŒã¹ã¿ã€ããèšå®ããŸããïŒ4ïŒãã®ä»å¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã€ã³ã¿ãã§ãŒã¹ã§éçã¡ã³ããŒãèšå®
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããEdit Member by InterfaceããéžæããŸãã
ïŒ3ïŒããŒããŸãã¯ãã©ã³ã¯èšå®ãéžæããŸããïŒ4ïŒãã®ä»å¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
88 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ã€ã³ã¿ãã§ãŒã¹ã®ç¯å²ã§éçã¡ã³ããŒãèšå®
ïŒ1ïŒ[VLAN] â [Satic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããEdit Member by Interface RangeããéžæããŸãã
ïŒ3ïŒããŒããŸãã¯ãã©ã³ã¯èšå®ãéžæããŸããïŒ4ïŒãã®ä»å¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
89FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
åç VLANç»é²ã®èšå®
VLANïŒ DynamicããŒãžã䜿çšããŠãGVRPãã¹ã€ããã®ã°ããŒãã«ã§æå¹ã«ããŸãããŸããã€ã³ã¿ãã§ãŒã¹æ¯ã§ã® GVRPã®æå¹ããããã³ã«ã¿ã€ããŒã®èª¿æŽãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
äžè¬èšå®GVRP Status
GVRPã¯ãããã¯ãŒã¯å šäœã®ããŒãã®ç»é² VLANã¡ã³ããŒã®ããã«ãVLANæ å ±ã亀æããæ¹æ³ãå®çŸ©ããŸããVLANã¯ããã¹ãããã€ã¹ããçºè¡ãããããã¯ãŒã¯å šäœã«äŒãããã joinã¡ãã»ãŒãžãåºã«ãåçã«èšå®ãããŸããïŒåæèšå®ïŒç¡å¹ïŒ
ã€ã³ã¿ãã§ãŒã¹èšå®Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
GVRP Status
ã€ã³ã¿ãã§ãŒã¹ GVRPãæå¹åã¯ç¡å¹ã«ããŸããGVRPã¯ãã®èšå®ãå®æœãããåã«ã¹ã€ãããå šäœçã«æå¹ã«ããå¿ èŠããããŸãïŒ26 ããŒãžã®ãããªããžæ¡åŒµæ©èœã®è¡šç€ºããåç §ããŠäžããïŒãç¡å¹ãªæããã®ããŒãã§åä¿¡ããã GVRPãã±ããã¯æŸæ£ããã©ã® GVRPç»é²ãä»ã®ããŒãããäŒæ¬ãããªããªããŸãïŒåæèšå®ïŒç¡å¹ïŒGVRP Timersã¿ã€ããŒèšå®ã¯ä»¥äžã®ã«ãŒã«ã«åŸã£ãŠãã ããã2 x (join timer) < leave timer < leaveAll timer
⢠JoinïŒ VLANã°ã«ãŒãã«åå ããããã«éä¿¡ãããèŠæ±ãŸãã¯ã¯ãšãªã®éä¿¡ééïŒç¯å²ïŒ20-1000ã»ã³ãã»ã«ã³ããåæèšå®ïŒ20ïŒ
⢠LeaveïŒ VLANã°ã«ãŒããå€ããåã«ããŒããåŸ æ©ããééããã®æé㯠Join Timerã® 2å以äžã®æéãèšå®ããå¿ èŠããããŸããããã«ãããLeaveå㯠LeaveAllã¡ãã»ãŒãžãçºè¡ãããåŸãããŒããå®éã«ã°ã«ãŒããå€ããåã«åã³ VLANã«åå ã§ããŸãïŒç¯å²ïŒ60-3000ã»ã³ãã»ã«ã³ããåæèšå®ïŒ60ïŒ
⢠Leave AllïŒ VLANã°ã«ãŒãåå è ãžã® LeaveAllã¯ãšãªã¡ãã»ãŒãžã®éä¿¡ããããŒããã°ã«ãŒããå€ãããŸã§ã®ééããã®ééã¯ããŒããåã³åå ããããšã«ãããã©ãã£ãã¯ã®çºçéãæå°éã«ããããã® Leave Timerãããå€§å¹ ã«å€§ããå€ãèšå®ããå¿ èŠããããŸãïŒç¯å²ïŒ500-18000ã»ã³ãã»ã«ã³ããåæèšå®ïŒ1000ïŒ
åç VLANã®è¡šç€ºïŒ Show VLAN
VLAN IDGVRPãéããŠå å ¥ãã VLANã®èå¥åã
VLAN NameGVRPãéããŠå å ¥ãã VLANã®ååã
Statusãã® VLANãçŸåšçšŒåäžãåŠãã瀺ããŸããïŒEnable/DisableïŒ
åç VLANã®è¡šç€ºïŒ Show VLAN Member
VLANGVRPãéããŠå å ¥ãã VLANã®èå¥åã
InterfaceããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã
90 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
ã¹ã€ããã® GVRPãèšå®
ïŒ1ïŒ[VLAN] â [Dynamic]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure GeneralããéžæããŸããïŒ3ïŒGVRPãæå¹ /ç¡å¹ã«èšå®ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒããŸãã¯ãã©ã³ã¯ã® GVRPã¹ããŒã¿ã¹ãšã¿ã€ããŒã®èšå®
ïŒ1ïŒ[VLAN] â [Dynamic]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸããïŒ3ïŒããŒããŸãã¯ãã©ã³ã¯ãšããŠè¡šç€ºããã€ã³ã¿ãã§ãŒã¹ã¿ã€ããæå®ããŸããïŒ4ïŒããããã®ã€ã³ã¿ãã§ãŒã¹ã® GVRPã¹ããŒã¿ã¹ãŸãã¯ã¿ã€ããç·šéããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
91FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
åç VLANã®è¡šç€º
ïŒ1ïŒ[VLAN] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow Dynamic VLANããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow VLANããéžæããŸãã
åç VLANã®ã¡ã³ããŒã衚瀺
ïŒ1ïŒ[VLAN] â [Dynamic]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow Dynamic VLANããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow VLAN MembersããéžæããŸãã
92 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5.2 802.1Qãã³ããªã³ã°ã®èšå®
IEEE802.1Qãã³ããªã³ã°ïŒQinQïŒã¯ããããã¯ãŒã¯ã§è€æ°ã®ã«ã¹ã¿ããŒã®ãã©ãã£ãã¯ãäŒéãããµãŒãã¹ãããã€ãã察象ã«èšèšãããæ©èœã§ãããµãŒãã¹ãããã€ãã¯ãä»ã®ã«ã¹ã¿ããŒã®ãã©ãã£ãã¯ã«åœ±é¿ãäžããã«ãåã«ã¹ã¿ããŒã®VLANããã³ã¬ã€ã€ 2ãããã³ã«èšå®ãç¶æããå¿ èŠããããŸããQinQãã³ããªã³ã°ã¯ããããããµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯ã«å ¥ãæã«ãµãŒãã¹ãããã€ã VLANïŒSPVLANïŒã¿ã°ãã«ã¹ã¿ããŒã®ãã¬ãŒã ã«æ¿å ¥ãããã¬ãŒã ããããã¯ãŒã¯ãå»ãæã¿ã°ãåãå»ãããšã§å®çŸããŸãã
å€ãã®å ŽåããµãŒãã¹ãããã€ãã®ã«ã¹ã¿ããŒã«ã¯ãVLAN IDãšããµããŒãã®å¯Ÿè±¡ãšãªãVLANæ°ã«ã€ããŠã®ç¹å®ã®èŠä»¶ããããŸããåããµãŒãã¹ãããã€ããããã¯ãŒã¯å ã®æ§ã ãªã«ã¹ã¿ããŒãå¿ èŠãšãã VLANã®ç¯å²ã¯éè€ããå Žåããããã€ã³ãã©ã¹ãã©ã¯ãã£ãä»ããã«ã¹ã¿ããŒã®ãã©ãã£ãã¯ãæ··åšããå ŽåããããŸããåã«ã¹ã¿ããŒã«ãåºæã®ç¯å²ã® VLAN IDãå²ãåœãŠããšãã«ã¹ã¿ããŒã®èšå®ãå¶éããããšã«ãªããIEEE802.1Qä»æ§ã® 4096ãšãã VLANã®å¶éã容æã«è¶ ããå¯èœæ§ããããŸãã
IEEE802.1Qãã³ããªã³ã°æ©èœã䜿çšããããšã«ããããµãŒãã¹ãããã€ãã¯è€æ°ã® VLANãèšå®ããŠããã«ã¹ã¿ããŒãã1ã€ã® VLANã䜿çšããŠãµããŒãã§ããŸããã«ã¹ã¿ããŒã®VIDã¯ä¿æããããããæ§ã ãªã«ã¹ã¿ããŒããã®ãã©ãã£ãã¯ã¯ãåã VLANå ã«ååšããããã«èŠããå Žåã§ãããµãŒãã¹ãããã€ãã®ã€ã³ãã©ã¹ãã©ã¯ãã£å ã§ã¯åé¢ãããŠããŸããIEEE802.1Qãã³ããªã³ã°ã§ã¯ãVLANå VLANéå±€ã䜿çšããŠãã¿ã°ä»ããã±ããã«å床ã¿ã°ä»ããè¡ãããšã«ãã£ãŠãVLANã¹ããŒã¹ãæ¡åŒµããŸãã
ããŒãã« QinQãã³ããªã³ã°ããµããŒããããã«ã¯ããã³ãã«ããŒãã¢ãŒãã«èšå®ããå¿ èŠããããŸããç¹å®ã®ã«ã¹ã¿ããŒã®ãµãŒãã¹ãããã€ã VLANïŒSPVLANïŒIDã¯ãã«ã¹ã¿ããŒãã©ãã£ãã¯ããµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯ãžå ¥ããšããžã¹ã€ããã® QinQãã³ãã«ã¢ã¯ã»ã¹ããŒãã«ã¢ãµã€ã³ããŸããããããã®ã«ã¹ã¿ããŒã¯å¥ã ã® SPVLANãå¿ èŠãšããŸãããVLANã¯å šãŠã®ã«ã¹ã¿ããŒã®å éš VLANããµããŒãããŸãããšããžã¹ã€ãããããµãŒãã¹ãããã€ãã®ã¡ãããããã¯ãŒã¯ãžãã©ãã£ãã¯ãæž¡ã QinQãã³ããªã³ã°ã¢ãããªã³ã¯ããŒãã¯ãåãããã® SPVLANãžå ããããªããŠã¯ãªããŸãããã¢ãããªã³ã¯ããŒãã¯ãã€ã³ããŠã³ããã©ãã£ãã¯ããµãŒãã¹ãããã€ããããã¯ãŒã¯ãžã®ç°ãªãã«ã¹ã¿ãã«éã¶çºã«ãè€æ°ã® VLANãžä»å ãããããšãå¯èœã§ãã
äºéã¿ã°ä»ãïŒããã«ã¿ãã³ã°ïŒãã±ãããããµãŒãã¹ãããã€ãã®æ¬æ©ã«ããã®å¥ã®ãã©ã³ã¯ããŒãã«å ¥ããšãã¹ã€ããå ã§ãã±ãããåŠçãããæã«ãå€åŽã®ã¿ã°ãå€ãããŸããåãã³ã¢ã¹ã€ããã®å¥ã®ãã©ã³ã¯ããŒããããã±ãããéåºãããæã«ã¯ãåã SPVLANã¿ã°ããã±ããã«å床远å ãããŸãã
ãã±ããããµãŒãã¹ãããã€ãåºåã¹ã€ããã®ãã©ã³ã¯ããŒãã«å ¥ããšãã¹ã€ããã§ãã±ãããå éšåŠçãããæã«ãå€åŽã®ã¿ã°ãå床é€å»ãããŸãããã ãããã±ããããšããžã¹ã€ããã®ãã³ãã«ããŒãããã«ã¹ã¿ããŒãããã¯ãŒã¯ã«éä¿¡ãããæã«ã¯ãSPVLANã¿ã°ã¯è¿œå ãããŸãããã«ã¹ã¿ããŒãããã¯ãŒã¯å ã®å ã® VLANçªå·ãä¿æããããã«ããã±ããã¯éåžžã® IEEE802.1Qã¿ã°ä»ããã¬ãŒã ãšããŠéä¿¡ãããŸãã
93FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ãã³ãã«ã¢ã¯ã»ã¹ããŒããžå ¥ããã±ããã®ã¬ã€ã€ 2ãããŒ
QinQãã³ãã«ããŒãã¯ã¿ã°ä»ããŸãã¯ã¿ã°ç¡ããã±ããã®ãããããåä¿¡ããŸããå ¥åãã±ãããããã€ã®ã¿ã°ãæã€ãã«ã¯é¢ããããã¿ã°ä»ãããŒããšããŠæ±ãããŸããå ¥åããã»ã¹ã¯ãœãŒã¹ãšãã£ã¹ãã£ããŒã·ã§ã³ãæ€çŽ¢ããŸããäž¡æ¹ã®æ€çŽ¢ãæåããããå ¥åããã»ã¹ã¯ãã±ãããã¡ã¢ãªãžæžã蟌ã¿ãåºåããã»ã¹ãžãã±ãããäŒããŸãã
QinQãã³ãã«ããŒããžå ¥ã£ããã±ããã¯ä»¥äžã®æ¹æ³ã§åŠçãããŸãã
ïŒ1ïŒæ¢ã«ããã€ã®ã¿ã°ãä¿æããŠãããã«é¢ããããæ°ãã SPVLANã¿ã°ã¯å šãŠã®å ¥åãã±ããã«ä»å ãããŸãããã®å ¥åããã»ã¹ã¯å€ã®ã¿ã°ïŒSPVLANïŒãçµã¿ç«ãŠãããã©ã«ã VLAN IDãšã¿ã°èå¥åã«åºã¥ãæ¿å ¥ããŸãããã®å€åŽã®ã¿ã°ã¯ãã±ããã®åŠç¿ãšã¹ã€ããã³ã°ã«äœ¿çšãããŸãããããããã¿ã°ä»ããŸãã¯ãã©ã€ãªãªãã£ã¿ã°ä»ããã±ããã§ããå Žåãå åŽã®ã¿ã°ã®ãã©ã€ãªãªãã£ã¯å€åŽã®ã¿ã°ã«ã³ããŒãããŸãã
ïŒ2ïŒãœãŒã¹ããã£ã¹ãã£ããŒã·ã§ã³æ€çŽ¢ãæåããåŸãå ¥åããã»ã¹ã¯ã2ã€ã®ã¿ã°ãšå ±ã«ã¹ã€ããã³ã°ããã»ã¹ãžãã±ãããéããŸããããå ¥åãã±ãããã¿ã°ç¡ãã®å Žåãå€åŽã®ã¿ã°ã¯ SPVLANã¿ã°ãšãªããå åŽã®ã¿ã°ã¯ãããŒãšãªããŸãã(8100 0000)ããå ¥åãã±ãããã¿ã°ä»ãã§ããå Žåãå€åŽã®ã¿ã°ã¯ SPVLANã¿ã°ã«ãªããå åŽã®ã¿ã°ã¯ CVLANã¿ã°ãšãªããŸãã
ïŒ3ïŒã¹ã€ããã³ã°ããã»ã¹ãéããã±ããåé¡ã®åŸããã±ãã㯠1ã€ã®ã¿ã°ïŒå€åŽã®ã¿ã°ïŒãŸã㯠2ã€ã®ã¿ã°ãšå ±ã«ã¡ã¢ãªãžæžã蟌ãŸããŸãã
ïŒ4ïŒã¹ã€ããã¯ãã±ãããé©åãªåºåããŒããžéããŸãã
ïŒ5ïŒããåºåããŒãã SPVLANã®ã¿ã°ç¡ãã¡ã³ããŒã§ããå Žåãå€åŽã®ã¿ã°ã¯åãå€ãããŸããã¿ã°ä»ãã¡ã³ããŒã§ããå Žåãçºä¿¡ãã±ãã㯠2ã€ã®ã¿ã°ãæã¡ãŸãã
Service Provider(edge switch A)
Service Provider(edge switch B)
Customer B(VLANs 1-50)
Customer B(VLANs 1-50)
Customer A(VLANs 1-10)
Customer A(VLANs 1-10)
VLAN 10Tunnel Access Port
Tunnel Access PortVLAN 20
Tunnel Access PortVLAN 20
VLAN 10Tunnel Access Port
Tunnel Uplink PortsDouble Tagged PacketsOuter Tag - Service Provider VIDInnter Tag - Customer VID
QinQ Tunneling
94 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ãã³ãã«ã¢ãããªã³ã¯ããŒããžå ¥ããã±ããã®ã¬ã€ã€ 2ãããŒ
ã¢ãããªã³ã¯ããŒãã¯ä»¥äžã®ãã±ããã® 1ã€ãåãåããŸãã
⢠ã¿ã°ç¡ã
⢠1ã€ã®ã¿ã°ä»ãïŒCVLANãŸã㯠SPVLANïŒ
⢠2ã€ã®ã¿ã°ä»ãïŒCVLAN+SPVLANïŒ
å ¥åããã»ã¹ã¯ãœãŒã¹ãšãã£ã¹ãã£ããŒã·ã§ã³ãæ€çŽ¢ããŸããäž¡æ¹ã®æ€çŽ¢ãæåããããå ¥åããã»ã¹ã¯ãã±ãããã¡ã¢ãªãžæžã蟌ã¿ãåºåããã»ã¹ãžãã±ãããäŒããŸãã
QinQã¢ãããªã³ã¯ããŒããžå ¥ã£ããã±ããã¯ä»¥äžã®æ¹æ³ã§åŠçãããŸãã
ïŒ1ïŒå ¥åãã±ãããã¿ã°ç¡ãã§ããå ŽåãPVID VLANãã€ãã£ãã¿ã°ãä»å ãããŸãã
ïŒ2ïŒå ¥åãã±ããïŒ1ã€ãŸã㯠2ã€ã®ã¿ã°ä»ãïŒã€ãŒãµã¿ã€ããã¢ãããªã³ã¯ããŒãã®TPIDãšäžèŽããªãå ŽåãVLANã¿ã°ã¯ã«ã¹ã¿ã VLANïŒCVLANïŒã¿ã°ã§ãããšæ±ºå®ãããŸããã¢ãããªã³ã¯ããŒãã® PVID VLANãã€ãã£ãã¿ã°ããã±ããã«ä»å ãããŸãããã®å€åŽã®ã¿ã°ã¯ããµãŒãã¹ãããã€ããããã¯ãŒã¯ã§ããã±ããã®åŠç¿ãšã¹ã€ããã³ã°ã«äœ¿ãããŸããTPIDã¯ããŒãããŒã¹ã§èšå®ãããæ€èšŒã¯ç¡å¹ã«ããããšãã§ããŸããã
ïŒ3ïŒå ¥åãã±ããïŒ1ã€ãŸã㯠2ã€ã®ã¿ã°ã€ãïŒã®ã€ãŒãµã¿ã€ããã¢ãããªã³ã¯ããŒãã® TPIDãšäžèŽããå Žåãæ°ãã VLANã¿ã°ã¯ä»å ãããŸãããã¢ãããªã³ã¯ããŒããå ¥ã£ãŠãããã±ããã®å€åŽã® VLANã®ã¡ã³ããŒã§ãªãå Žåãã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°æå¹æã§ããã°ãã±ããã¯ç Žæ£ãããŸããã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã§ãªãå Žåããã±ããã¯ãã©ã¯ãŒããããŸããVLANã VLANããŒãã«äžã«ç¡ãå Žåããã±ããã¯ç Žæ£ãããŸãã
ïŒ4ïŒãœãŒã¹ããã£ã¹ãã£ããŒã·ã§ã³æ¢çŽ¢ã«æååŸããã±ãã㯠2ã€ã®ã¿ã°ãä»ããããŸããã¹ã€ããã¯ã0x8100ã® TPIDããå ¥åãã±ããã«äºéã®ã¿ã°ãä»ããããŠããããšã瀺ãçºã«äœ¿çšããŸããäºéã¿ã°ä»ãå ¥åãã±ããã®å€åŽã®ã¿ã°ãããŒãã® TPIDãšäžèŽããå åŽã®ã¿ã°ã0x8100ã§ããå Žåãããã¯äºéã¿ã°ä»ããã±ãããšããŠåãæ±ãããŸããã·ã³ã°ã«ã¿ã°ä»ããã±ããããTPIDãšã㊠0x8100ãæã¡ãããŒã TPIDã 0x8100
ã§ã¯ãªãå Žåãæ°ãã VLANã¿ã°ãä»å ãããããããŸãäºéã¿ã°ä»ããã±ãããšããŠåãæ±ãããŸãã
ïŒ5ïŒãã£ã¹ãã£ããŒã·ã§ã³æ€çŽ¢ã倱æããå Žåããã±ããã¯ãå€ã¿ã°ã® VLANã®å šãŠã®ã¡ã³ããŒããŒããžéä¿¡ãããŸãã
ïŒ6ïŒãã±ããåé¡ã®åŸããã±ããã¯ãã·ã³ã°ã«ã¿ã°ä»ããŸãã¯äºéã¿ã°ä»ããã±ãããšããŠåŠçãããããã«ãã¡ã¢ãªãžæžã蟌ãŸããŸãã
ïŒ7ïŒã¹ã€ããã¯ãã±ãããé©åãªåºåããŒããžéä¿¡ããŸãã
ïŒ8ïŒåºåããŒãã SPVLANã®ã¿ã°ç¡ãã¡ã³ããŒã§ããå Žåãå€åŽã®ã¿ã°ã¯åãå€ãããŸããã¿ã°ä»ãã¡ã³ããŒã§ããå ŽåãåºãŠè¡ããã±ãã㯠2ã€ã®ã¿ã°ãæã¡ãŸãã
95FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
QinQã®èšå®å¶é
⢠ã¢ãããªã³ã¯ããŒãã®ãã€ãã£ã VLAN㯠SPVLANãšããŠã¯äœ¿çšã§ããŸãããSPVLANãã¢ãããªã³ã¯ããŒãã®ãã€ãã£ã VLANã§ããå Žåãã¢ãããªã³ã¯ããŒã㯠SPVLANã®ã¿ã°ç¡ãã¡ã³ããŒã«ãªããŸãããã±ãããéä¿¡ãããæãå€åŽã®SPVLANã¿ã°ã¯åãå€ãããŸãã
⢠QinQèšå®ããã©ã³ã¯ããŒãã°ã«ãŒããšæŽåæ§ãããéããéçãã©ã³ã¯ããŒãã°ã«ãŒãã¯ãQinQãã³ãã«ããŒããšäž¡ç«ã§ããŸãã
⢠ãã€ãã£ã VLANïŒVLAN1ïŒã¯éåžžã転éããããã¬ãŒã ã«ä»å ãããŸãããèšå®äžè¯ã®å±éºãæžå°ããçºãã«ã¹ã¿ããã©ãã£ãã¯ã® SPVLANã¿ã°ã VLAN1ã«ããã®ã¯é¿ããŠãã ããããµãŒãã¹ãããã€ããããã¯ãŒã¯ã®ããŒã¿ VLANã®ä»£ããã«ãVLANïŒã管ç VLANãšããŠäœ¿çšããŠãã ããã
⢠ã¬ã€ã€ 2ãšã¬ã€ã€ 3ã¹ã€ããã³ã°ã«ã¯è¥å¹²ã®åºæäºææ§ããããŸãã
ïŒãã³ãã«ããŒã㯠IPã¢ãã¬ã¹ã³ã³ãããŒã«ãªã¹ãããµããŒãããŸããã
ïŒã¬ã€ã€ 3 Quality of ServiceïŒQoSïŒACLãšã¬ã€ã€ 3æ å ±ã«é¢é£ãããã®ä»ã® QoSæ©èœã¯ãã³ãã«ããŒãã§ãµããŒããããŸããã
ïŒããŒãã IEEE802.1Qãã©ã³ã¯ããŒããšããŠèšå®ãããŠããå Žåãã¹ããã³ã°ããªãŒã® BPDU ãã£ã«ã¿ãªã³ã°ã¯ãã€ã³ã¿ãã§ãŒã¹ã§èªåçã«ç¡å¹ãšãªããŸãã
QinQã®äžè¬çãªèšå®ã¬ã€ãã©ã€ã³
ïŒ1ïŒãã³ãã«ã¹ããŒã¿ã¹ãæå¹ã«ãããã³ãã«ã¢ã¯ã»ã¹ããŒãã® Tag Protocol Identifier
ïŒTPIDïŒå€ãèšå®ããŸãããã®ã¹ãããã¯æ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ãã 802.1Qã¿ã°ä»ããã¬ãŒã ã®èå¥ã«ãéæšæº 2ãã€ãã€ãŒãµã¿ã€ãã䜿çšããŠããå Žåã«å¿ èŠãšãªããŸããããã©ã«ãã€ãŒãµã¿ã€ãå€ã¯ 0x8100ã§ããïŒP97ãåç §ïŒ
ïŒ2ïŒSPVLANãšããŠå®çŸ©ãããã«ã¹ã¿ããµãŒãã¹ãããã€ã VLANãäœæããŸããïŒP83ãåç §ïŒ
ïŒ3ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒãã 802.1Qãã³ãã«ã¢ãŒãã«èšå®ããŸããïŒP98ãåç §ïŒ
ïŒ4ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒããã¿ã°ç¡ããšã㊠SPVLANã«å å ¥ãããŸãïŒP86ãåç §ïŒ
ïŒ5ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒãã« SPVLAN IDããã€ãã£ã VIDãšããŠèšå®ããŸããïŒP86ãåç §ïŒ
ïŒ6ïŒQinQãã³ãã«ã¢ãããªã³ã¯ããŒãã 802.1Qãã³ãã«ã¢ãããªã³ã¯ã¢ãŒãã«èšå®ããŸããïŒP98ãåç §ïŒ
ïŒ7ïŒQinQãã³ãã«ã¢ãããªã³ã¯ããŒããã¿ã°ä»ãã¡ã³ããŒãšã㊠SPVLANã«å å ¥ãããŸããïŒP86ãåç §ïŒ
96 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
QinQãã³ããªã³ã°ã®æå¹
ã¹ã€ããã¯éåžžã® VLANãããµãŒãã¹ãããã€ãã®ã¡ããããªã¿ã³ãšãªã¢ãããã¯ãŒã¯äžã®ã¬ã€ã€ 2ãã©ãã£ãã¯ãééãããããã« IEEE802.1QïŒQinQïŒãã³ããªã³ã°ã§åäœããããæ§æããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Tunnel Status
ã¹ã€ããã QinQã¢ãŒãã«èšå®ããŸãã
802.1Q Ethernet Type
ã¿ã°ãããã³ã«èå¥åïŒTPIDïŒïŒç¯å²ïŒ16é² 0800-FFFFãåæèšå®ïŒ8100ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[VLAN â [Tunnel] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãã³ãã«ã¹ããŒã¿ã¹ãæå¹ã«ããTPIDãæå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
97FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ã€ã³ã¿ãã§ãŒã¹ã QinQãã³ããªã³ã°ãžè¿œå
åã®ã»ã¯ã·ã§ã³ã«åŸããQinQãã³ãã«ã®æºåãè¡ã£ãŠãã ããã
æ©èœè§£èª¬
⢠VLANããŒãèšå®ãŸã㯠VLANãã©ã³ã¯èšå®ç»é¢ã䜿çšãããšããžã¹ã€ããã®ã¢ã¯ã»ã¹ããŒãã 802.1Qãã³ãã«ã¢ãŒãã«èšå®ããŠãã ããã
⢠ãã³ãã«ããŒãã®èšå®ãè¡ãåã« 802.1Qãã³ãã«èšå®ç»é¢ã䜿çšããã¹ã€ããã QinQã¢ãŒãã«èšå®ããŠãã ãããïŒP97 ãQinQãã³ããªã³ã°ã®æå¹ããåç §ïŒ
èšå®ã»è¡šç€ºé ç®
Interaface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
Mode
ããŒãã® VLANã¢ãŒããèšå®ããŸãïŒåæèšå® : ç¡å¹ïŒ
ïŒ NoneïŒéåžž VLANã¢ãŒãã§åäœ
ïŒ TunnelïŒãµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯ã暪æããã«ã¹ã¿ããŒã® VLAN IDããããããããåé¢ããä¿ã€ããã«ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ããŒãã« IEEE802.1Qããããããããã³ããªã³ã°ïŒQinQïŒãèšå®ããŸãã
ïŒTunnel UplinkïŒãµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯å ã®ãã1ã€ã®ããã€ã¹ã«åããã¢ãããªã³ã¯ããŒããšã㊠IEEE802.1Qãã³ããªã³ã°ïŒQinQïŒãèšå®ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[VLAN â [Tunnel] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãã³ãã«ã¢ã¯ã»ã¹ããŒãã«ã¢ãŒããèšå®ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
98 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5.3 ãããã³ã« VLAN
å€æ°ã®ãããã³ã«ããµããŒãããããšãèŠæ±ããããããã¯ãŒã¯è£ 眮ã¯ãéåžžã® VLANã§ã¯å®¹æã«ã°ã«ãŒãåãããããªãããšãã§ããŸãããããã«ã¯ãéæšæºã®ããã€ã¹ãç¹å®ã®ãããã³ã«ã«åå ããå šãŠã®ããã€ã¹ãã«ããŒããããã«ãç°ãªã£ã VLANéãžãã©ãã£ãã¯ãæž¡ãããšãèŠæ±ãããŸãããã®çš®é¡ã®èšå®ã¯ã»ãã¥ãªãã£ãã¢ã¯ã»ã·ããªãã£ãšãã£ã VLANã®åºæ¬çãªå©çããŠãŒã¶ãã奪ããŸãã
ãããã®åé¡ãé¿ããããã«ãæ¬æ©ã§ã¯ãããã³ã«ããŒã¹ VLANãèšå®ã§ããŸããããã«ããç©ççãããã¯ãŒã¯ãããããå¿ èŠãšããããããã³ã«ã®è«ç VLANã°ã«ãŒããžåããŸããããŒãã§ãã¬ãŒã ãåä¿¡ãããæããã® VLANã¡ã³ããŒã·ããã¯ã€ã³ããŠã³ããã±ããã§äœ¿ãããŠãããããã³ã«ã¿ã€ãã«ãã£ãŠæ±ºå®ãããŸãã
æ©èœè§£èª¬
ãããã³ã«ããŒã¹ VLANã®èšå®ã¯ä»¥äžã®ã¹ãããã§ãããªã£ãŠãã ããã
ïŒ1ïŒæåã«äœ¿çšããããããã³ã«ã® VLANã°ã«ãŒããèšå®ããŸããïŒP722åç §ïŒããããã®äž»èŠãªãããã³ã«ããããã¯ãŒã¯äžã§éåä¿¡ããã VLANã¯å¥åã®VLANèšå®ããããªãããšãæšå¥šããŸããïŒããã¯å¿ é ã§ã¯ãªãã§ãïŒãã®æ®µéã§ã¯ããŒãã¡ã³ããŒã®è¿œå ãè¡ããªãã§äžããã
ïŒ2ïŒ "Configure Protocol ïŒAddïŒ"ããŒãžã§ã VLANãžå²ãåœãŠãããããã³ã«ããããã®ãããã³ã«ã°ã«ãŒããäœæããŸãã
ïŒ3ïŒ "Configure Interface ïŒAddïŒ"ããŒãžã䜿çšããããããã®ã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ãé©å㪠VLANãžãããããŸãã
ãããã³ã« VLANã°ã«ãŒãèšå®
VLAN > Protocol (Configure Protocol - Add)ããŒãžã䜿çšãããããã³ã«ã°ã«ãŒããäœæããŸãã
èšå®ã»è¡šç€ºé ç®
Frame Type
ãã®ãããã³ã«ã§äœ¿çšããããã¬ãŒã ã¿ã€ããéžæããŠãã ãããïŒç¯å²ïŒ EthernetãRFC1042ã ãLLC OtherïŒ
Protocol Type
ããããããããã³ã«ã¿ã€ããæå®ããŸããïŒå©çšå¯èœãªãªãã·ã§ã³ïŒIPãARPãRARPãIPv6ïŒãã¬ãŒã ã¿ã€ãã« LLC Otherãéžæãããå Žåãå©çšå¯èœãªãããã³ã«çš®å¥ã¯ IPX Rawã®ã¿ã§ãã
Protocol Group ID
ãããã³ã« VLANã°ã«ãŒãã«å²ãåœãŠãããããããã³ã«ã°ã«ãŒã IDïŒç¯å²ïŒ1-2147483647ïŒ
99FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
ãããã³ã«ã°ã«ãŒãã®èšå®
ïŒ1ïŒ[VLAN â [Protocol] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ProtocolããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãã¬ãŒã ã¿ã€ããªã¹ããããšã³ããªãéžæããŸããïŒ5ïŒãããã³ã«ã¿ã€ããªã¹ããããšã³ããªãéžæããŸããïŒ6ïŒãããã³ã«ã°ã«ãŒãã®èå¥åãå ¥åããŸããïŒ7ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãããã³ã«ã°ã«ãŒãã®è¡šç€º
ïŒ1ïŒ[VLAN â [Protocol] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ProtocolããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
100 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
ãããã³ã«ã°ã«ãŒããã€ã³ã¿ãã§ãŒã¹ãžãããã³ã°
ãããã³ã«ã°ã«ãŒãã VLANã«ãããã³ã°ããŸãã
æ©èœè§£èª¬
⢠ãããã³ã«ããŒã¹ VLANãäœæããéããã®èšå®ç»é¢ã䜿çšããŠã®ã¿ã€ã³ã¿ãã§ãŒã¹ã®å²ãåœãŠãè¡ããŸããããã"VLAN Static Table"ã "VLAN Static Membership "(P86åç § )çä»ã® VLANã¡ãã¥ãŒã䜿çšããŠã€ã³ã¿ãã§ãŒã¹ãå²ãåœãŠãå Žåããããã€ã³ã¿ãã§ãŒã¹ã¯é¢é£ä»ãããã VLANã®å šãŠã®ãã©ãã£ãã¯ã¿ã€ããåãå ¥ããŸãã
⢠ãããã³ã« VLANãžã¢ãµã€ã³ãããããŒããžãã¬ãŒã ãå ¥ã£ãŠããæã次ã®æ¹æ³ã§åŠçãããŸãã
ïŒãã¬ãŒã ãã¿ã°ä»ãã®å Žåãã¿ã°ãã¬ãŒã ã«é©çšãããæšæºã«ãŒã«ã«åŸãåŠçãããŸãã
ïŒãã¬ãŒã ãã¿ã°ç¡ãã§ããããã³ã«ã¿ã€ããäžèŽããå Žåããã¬ãŒã ã¯é©åãªVLANãžè»¢éãããŸãã
ïŒãã¬ãŒã ãã¿ã°ç¡ãã§ããããã³ã«ã¿ã€ããäžèŽããªãå Žåããã¬ãŒã ã¯ã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ã VLANãžè»¢éãããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ãªã¹ããŸãã¯ããŒãã®ãªã¹ãã衚瀺
Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
Protocol Group ID
ãããã³ã« VLANã°ã«ãŒãã«å²ãåœãŠããããããã³ã«ã°ã«ãŒã IDïŒç¯å²ïŒ1-2147483647ïŒ
VLAN ID
äžèŽãããããã³ã«ãã©ãã£ãã¯ããã©ã¯ãŒãããã VLANïŒç¯å²ïŒ1-4093ïŒ
101FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
ãããã³ã«ã°ã«ãŒãã VLANãžãããã³ã°
ïŒ1ïŒ[VLAN â [Protocol] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒããŒããŸãã¯ãã©ã³ã¯ãéžæããŸããïŒ5ïŒãããã³ã«ã°ã«ãŒãã®èå¥åãå ¥åããŸããïŒ6ïŒå¯Ÿå¿ãã VLAN IDãå ¥åããŸãã
ïŒ7ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒããŸãã¯ãã©ã³ã¯ãžãããã³ã°ããããããã³ã«ã°ã«ãŒãã衚瀺
ïŒ1ïŒ[VLAN â [Protocol] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
102 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5.4 IPãµãããã VLAN
ããŒãããŒã¹ã®åé¡ã䜿çšããéãããŒãã§åä¿¡ãããå šãŠã®ã¿ã°ç¡ããã¬ãŒã ã¯ãã® VIDïŒPVIDïŒãããŒããšçµã³ä»ãããã VLAN ã«å±ããŠãããšããŠåé¡ãããŸããIPãµããããããŒã¹ VLANåé¡ãæå¹ã§ããæãã¿ã°ç¡ãå ¥åãã¬ãŒã ã®ãœãŒã¹ã¢ãã¬ã¹ã¯ãIPãµãããããã VLANãžã®ãããã³ã°ããŒãã«ãšç §ããåããããŸãã ãµããããã®ãšã³ããªãçºèŠãããå Žåããããã®ãã¬ãŒã ã¯ãšã³ããªã§ç€ºããã VLANã«å²ãåœãŠãããŸããIPãµããããããããããªãå Žåãã¿ã°ç¡ããã¬ãŒã ã¯åä¿¡ããŒãã® VLAN IDïŒPVIDïŒã«å±ãããšåé¡ãããŸãã
æ©èœè§£èª¬
⢠ããããã®ãµãããã㯠1ã€ã® VLAN IDã«ã®ã¿ããããããããšãå¯èœã§ããIPãµãããã㯠IPã¢ãã¬ã¹ãšãã¹ã¯ããæããŸãã
⢠ããŒãã§ã¿ã°ç¡ããã¬ãŒã ãåä¿¡ãããå ŽåããœãŒã¹ IPã¢ãã¬ã¹ã¯ IPãµãããããã VLANãžã®ãããã³ã°ããŒãã«ãšç §ããåãããããšã³ããªãèŠã€ãããšå¯Ÿå¿ããVLAN IDããã¬ãŒã ã«å²ãåœãŠãããŸãããããã³ã°ãèŠã€ãããªãå Žåãåä¿¡ããŒãã® PVIDããã¬ãŒã ã«å²ãåœãŠãããŸãã
⢠IPãµããããã¯ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ã IPã¢ãã¬ã¹ã«ã¯ãªããŸããã
⢠MACããŒã¹ãIPãµããããããŒã¹ããããã³ã« VLANãåæã«ãµããŒããããæããã®ã·ãŒã±ã³ã¹ã§ã¯ãã©ã€ãªãªãã£ãé©çšãããæåŸã«ããŒãããŒã¹ VLANã«ãªããŸãã
èšå®ã»è¡šç€ºé ç®
IP Address
ãµããããã® IPã¢ãã¬ã¹ã
Subnet Mask
IPãµããããã®ãã¹ãã¢ãã¬ã¹ããããèå¥ããŸãã
VLAN
IPãµãããããšããããããã©ãã£ãã¯ã¯ VLANã¯è»¢éãããŸããïŒç¯å²ïŒ1-4093ïŒ
Priority
ã¿ã°ç¡ãã€ã³ã°ã¬ã¹ãã©ãã£ãã¯ã«å²ãåœãŠããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ã7ãæé«ãã©ã€ãªãªãã£ããåæèšå®ïŒ0ïŒ
103FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
IPãµããããã VLANãžããã
ïŒ1ïŒ[VLAN â [IP Subnet] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒIPã¢ãã¬ã¹ãã£ãŒã«ãã«ã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ4ïŒãµãããããã¹ã¯ãã£ãŒã«ãã«ãã¹ã¯ãå ¥åããŸããïŒ5ïŒVLANãã£ãŒã«ãã«èå¥åãå ¥åããŸãã
ïŒ6ïŒãã©ã€ãªãªãã£ãã£ãŒã«ãã«ãã¿ã°ç¡ããã¬ãŒã ã«å²ãåœãŠãå€ãå ¥åããŸããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
IPãµãããã VLANèšå®ã®è¡šç€º
ïŒ1ïŒ[VLAN â [IP Subnet] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
104 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5.5 MACããŒã¹ VLAN
MACããŒã¹ VLANæ©èœã¯ããœãŒã¹ MACã¢ãã¬ã¹ã«åŸã£ãŠ VLAN IDãå ¥åã¿ã°ç¡ããã¬ãŒã ãžå²ãåœãŠãŸããMACããŒã¹ VLANåé¡ãæå¹ã§ããå ŽåãããŒãã§åä¿¡ãããã¿ã°ç¡ããã¬ãŒã ã¯ããã¬ãŒã ã®ãœãŒã¹ MACã¢ãã¬ã¹ã«ãããããã VLANãžå²ãåœãŠãããŸããMACã¢ãã¬ã¹ãäžèŽããªãæãã¿ã°ç¡ããã¬ãŒã ã¯åä¿¡ããŒãã®ãã€ãã£ã VLAN IDïŒPVIDïŒãå²ãåœãŠãããŸãã
æ©èœè§£èª¬
⢠MAC-to-VLANãããã³ã°ã¯æ¬æ©ã®å šãŠã®ããŒããžé©çšãããŸãã
⢠ãœãŒã¹ MACã¢ãã¬ã¹ã¯ 1ã€ã® VLAN IDãžã®ã¿ããããããããšãå¯èœã§ãã
⢠èšå®ããã MACã¢ãã¬ã¹ã¯ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ãã¢ãã¬ã¹ã«ã¯ãªããŸããã
⢠MACããŒã¹ãIPãµããããããŒã¹ããããã³ã« VLANãåæã«ãµããŒããããæããã®ã·ãŒã±ã³ã¹ã§ã¯ãã©ã€ãªãªãã£ãé©çšãããæåŸã«ããŒãããŒã¹ VLANã«ãªããŸãã
èšå®ã»è¡šç€ºé ç®
MAC Address
ç¹å®ã® VLANã«ãããããããœãŒã¹ MACã¢ãã¬ã¹
VLAN
æå®ããããœãŒã¹ MACã¢ãã¬ã¹ãšäžèŽããå ¥åãã©ãã£ãã¯ã転éããã VLANïŒç¯å²ïŒ1-4093ïŒ
Priority
ã¿ã°ç¡ãã€ã³ã°ã¬ã¹ãã©ãã£ãã¯ã«å²ãåœãŠããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ã7ãæé«ãã©ã€ãªãªãã£ããåæèšå®ïŒ0ïŒ
105FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
MACã¢ãã¬ã¹ã VLANãžããã
ïŒ1ïŒ[VLAN] â [MAC-Based] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒMACã¢ãã¬ã¹ãã£ãŒã«ãã«ã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ4ïŒVLANãã£ãŒã«ãã«èå¥åãå ¥åããŸãã
ïŒ5ïŒãã©ã€ãªãªãã£ãã£ãŒã«ãã«ãã¿ã°ç¡ããã¬ãŒã ã«å²ãåœãŠãå€ãå ¥åããŸããïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
VLANãžãããããã MACã¢ãã¬ã¹ã®è¡šç€º
ïŒ1ïŒ[VLAN] â [MAC-Based] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
106 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VLAN
3.5.6 VLANãã©ãŒãªã³ã°
ãªã¢ã«ã¿ã€ã 解æã®ããã1ã€ãŸãã¯ãã以äžã®ãœãŒã¹ VLANãããã¿ãŒã²ããããŒããžãã©ãã£ãã¯ããã©ãŒãªã³ã°ãè¡ãããšãåºæ¥ãŸããã¿ãŒã²ããããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferçïŒå㯠RMONãããŒããæ¥ç¶ãããœãŒã¹ VLANã®ãã©ãã£ãã¯ã調æ»ããããšãå¯èœã§ãã
æ©èœè§£èª¬
⢠ãœãŒã¹ VLANã®å šãŠã®ã¢ã¯ãã£ãããŒãã¯å ¥åãã©ãã£ãã¯ã®ã¿ã¢ãã¿ãããŸãã
â¢ å šãŠã® VLANãã©ãŒã»ãã·ã§ã³ã¯ãåäžã®ã¿ãŒã²ããããŒãããå ±æããŸãã
⢠VLANãã©ãŒãªã³ã°ãšããŒããã©ãŒãªã³ã°ã®äž¡æ¹ãæå¹ã§ããå Žåããããã¯åäžã®ã¿ãŒã²ããããŒãã䜿çšããŸãã
⢠VLANãã©ãŒãªã³ã°ãšããŒããã©ãŒãªã³ã°ã®äž¡æ¹ãæå¹ã§ããå Žåãã¿ãŒã²ããããŒãã¯ã2åã®ãã©ãŒããããã±ãããåä¿¡ããŸãã1ã€ã¯ãœãŒã¹ãã©ãŒããŒãã§ããœãŒã¹ãã©ãŒVLANãããå床åä¿¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Source VLANãã©ãã£ãã¯ã®ã¢ãã¿ããããªããã VLANïŒç¯å²ïŒ1ïŒ 4093ïŒ
Target PortãœãŒã¹ VLANãããã©ãŒãã©ãã£ãã¯ãåä¿¡ããè¡å ããŒãïŒç¯å²ïŒ1-10ïŒ
èšå®æ¹æ³
VLANãã©ãŒãªã³ã°ã®èšå®
ïŒ1ïŒ[VLAN] â [Mirror] ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒãœãŒã¹ VLANãã¿ãŒã²ããããŒããéžæããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã©ãŒããã VLANã®è¡šç€º
ïŒ1ïŒ[VLAN] â [Mirror] ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
107FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6 ã¢ãã¬ã¹ããŒãã«
æ¬æ©ã«ã¯èªç¥ãããããã€ã¹ã® MACã¢ãã¬ã¹ãä¿åãããŠããŸãããã®æ å ±ã¯åéä¿¡ããŒãéã§ã®éä¿¡ã®éä¿¡ã«äœ¿çšãããŸããéä¿¡ã®ç£èŠã«ããåŠç¿ãããå šãŠã®MACã¢ãã¬ã¹ã¯åçã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŸãããŸããæåã§ç¹å®ã®ããŒãã«éä¿¡ããéçãªã¢ãã¬ã¹ãèšå®ããããšãã§ããŸãã
3.6.1 åçã¢ãã¬ã¹ããŒãã«ã®èšå®
MAC Address > Learning StatusããŒãžã䜿çšããã€ã³ã¿ãã§ãŒã¹ã® MACã¢ãã¬ã¹åŠç¿ãæå¹ /ç¡å¹ã«åºæ¥ãŸãã
æ©èœè§£èª¬
⢠MACã¢ãã¬ã¹åŠç¿ãç¡å¹ã«ãªã£ãæãã¹ã€ããã¯æå®ãããã€ã³ã¿ãã§ãŒã¹ã§ããã ã¡ã«æ°ããïŒïŒ¡Cã¢ãã¬ã¹ã®åŠç¿ãåæ¢ããŸããéçã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŠããïŒ110 ããŒãžã®ãéçã¢ãã¬ã¹ã®èšå®ããåç §ïŒ ãœãŒã¹ã¢ãã¬ã¹ãæã€å ¥åãã©ãã£ãã¯ã®ã¿ãããã®ã€ã³ã¿ãã§ãŒã¹ãéããŠãããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ããèªèšŒãèªããããŸãã
⢠éçã¢ãã¬ã¹ã¯æ¬æ©ã®æå®ãããã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããšãã§ããŸããéçã¢ãã¬ã¹ã¯æå®ããã€ã³ã¿ãã§ãŒã¹ã«éä¿¡ãããä»ãžã¯éãããŸãããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã§èŠã€ãã£ãå Žåã¯ãã¢ãã¬ã¹ã¯ç¡èŠããã¢ãã¬ã¹ããŒãã«ã«ã¯ç»é²ãããŸããã
⢠MACã¢ãã¬ã¹åŠç¿ã®ç¡å¹æã«ãã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŠããåçã¢ãã¬ã¹ã¯ã·ã¹ãã ããæ¶å»ãããMACã¢ãã¬ã¹åŠç¿ãå床æå¹ã«ãªããŸã§åçã¢ãã¬ã¹ã®åŠç¿ã¯è¡ãããŸãããMACåŠç¿ãç¡å¹ã«ãªã£ãåŸã«ãã€ã³ã¿ãã¿ãã§ãŒã¹ã®äœ¿çšãè©Šã¿ãã¢ãã¬ã¹ããŒãã«ã«ãªã¹ããããªãããã€ã¹ã¯ãã¹ã€ãããžã®ã¢ã¯ã»ã¹ãé»æ¢ãããŸãã
⢠以äžã®ç¶æ ã®ãããããååšããå ŽåãMACã¢ãã¬ã¹åŠç¿ãç¡å¹ã«åºæ¥ãªãããšã«ã泚æãã ããã
⢠ã¹ã€ããã®ã°ããŒãã«ã§ 802.1XããŒãèªèšŒãæå¹
⢠åãã€ã³ã¿ãã§ãŒã¹ã§ãã»ãã¥ãªãã£ã¹ããŒã¿ã¹ ïŒ231 ããŒãžã®ãããŒãã»ãã¥ãªãã£ã®èšå®ããåç §ïŒ ãæå¹
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺
Port
ããŒãèå¥åïŒç¯å²ïŒ1-10ïŒ
Trunk
ãã©ã³ã¯èå¥åïŒç¯å²ïŒ1-5ïŒ
Status
MACã¢ãã¬ã¹åŠç¿ã®ã¹ããŒã¿ã¹ïŒåæèšå®ïŒæå¹ïŒ
108 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
èšå®æ¹æ³
MACã¢ãã¬ã¹åŠç¿ã®æå¹ /ç¡å¹
ïŒ1ïŒ[MAC Address] â [Learning Status] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒããããã®ã€ã³ã¿ãã§ãŒã¹ã®ã¹ããŒã¿ã¹ãèšå®ããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
109FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6.2 éçã¢ãã¬ã¹ã®èšå®
éçã¢ãã¬ã¹ã¯æ¬æ©ã®æå®ãããã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããšãã§ããŸããéçã¢ãã¬ã¹ã¯æå®ããã€ã³ã¿ãã§ãŒã¹ã«éä¿¡ãããä»ãžã¯éãããŸãããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã§èŠã€ãã£ãå Žåã¯ãã¢ãã¬ã¹ã¯ç¡èŠããã¢ãã¬ã¹ããŒãã«ã«ã¯ç»é²ãããŸããã
æ©èœè§£èª¬
⢠ãã¹ãããã€ã¹ã®éçã¢ãã¬ã¹ã¯ãç¹å®ã® VLANã®ç¹å®ã®ããŒãã«å²ãåœãŠãããããšãå¯èœã§ãããã®ã³ãã³ãã MACã¢ãã¬ã¹ãžã®éçã¢ãã¬ã¹ã®è¿œå ã«äœ¿çšã§ããŸããéçã¢ãã¬ã¹ã¯ä»¥äžã®ç¹åŸŽãæã¡ãŸãã
⢠éçã¢ãã¬ã¹ã¯æãåœãŠãããåããããŠããªãã€ã³ã¿ãã§ãŒã¹ã«ããŠã³ãããŸããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã§èŠã€ãã£ãæãã¢ãã¬ã¹ã¯ç¡èŠããã¢ãã¬ã¹ããŒãã«ãžã¯æžã蟌ãŸããŸããã
⢠æå®ã®ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ãããŠã³ããŠããæãéçã¢ãã¬ã¹ãã¢ãã¬ã¹ããŒãã«ããåé€ããããšã¯ã§ããŸãã
⢠éçã¢ãã¬ã¹ã¯ããŒãã«ããåé€ããããŸã§ãä»ã®ããŒãã§åŠç¿ãããããšã¯ã§ããŸããã
èšå®ã»è¡šç€ºé ç®
VLAN
VLAN ID(1-4093)
Interface
éçã¢ãã¬ã¹ãšé¢é£ããããŒãåã¯ãã©ã³ã¯
MAC Address
ã€ã³ã¿ãã§ãŒã¹ã® MACã¢ãã¬ã¹
Static Status
æå®ãããã¢ãã¬ã¹ãç¶æããæé
⢠Delete-on-resetïŒã¹ã€ããããªã»ããããããŸã§å²ãåœãŠãç¶æ
⢠PermanentïŒæä¹ ã«å²ãåœãŠãç¶æïŒåæèšå®ïŒ
110 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
èšå®æ¹æ³
éç MACã¢ãã¬ã¹ã®èšå®
ïŒ1ïŒ[MAC Address] â [Static] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
MACã¢ãã¬ã¹ããŒãã«ã®éçã¢ãã¬ã¹ã衚瀺
ïŒ1ïŒ[MAC Address] â [Static] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
111FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6.3 ãšãŒãžã³ã°ã¿ã€ã ã®å€æŽ
åçã¢ãã¬ã¹ããŒãã«ã«åŠç¿ãããã¢ãã¬ã¹ãåé€ããããŸã§ã®æéïŒãšãŒãžã³ã°ã¿ã€ã ïŒãèšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Aging Status
ãšãŒãžã³ã°ã¿ã€ã ã®æ©èœã®æå¹ /ç¡å¹
Aging Time
MACã¢ãã¬ã¹ãšãŒãžã³ã°ã¿ã€ã ïŒç¯å²ïŒ10-844ç§ãåæèšå®ïŒ300ç§ïŒ
èšå®æ¹æ³
ãšãŒãžã³ã°ã¿ã€ã ã®èšå®
ïŒ1ïŒ[MAC Address] â [Dynamic] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure AgingããéžæããŸãã
ïŒ3ïŒå¿ èŠã«å¿ãããšãŒãžã³ã°ã¿ã€ã ãç·šéããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
112 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6.4 åçã¢ãã¬ã¹ããŒãã«ã®è¡šç€º
åçã¢ãã¬ã¹ããŒãã«ã«ã¯ãå ¥åãããéä¿¡ã®éä¿¡å ã¢ãã¬ã¹ã®ç£èŠã«ããåŠç¿ãã MACã¢ãã¬ã¹ãä¿åãããŠããŸããå ¥åãããéä¿¡ã®éä¿¡å ã¢ãã¬ã¹ãã¢ãã¬ã¹ããŒãã«å ã§çºèŠãããå Žåããã±ããã¯ã¢ãã¬ã¹ããŒãã«ã«ç»é²ãããé¢é£ããããŒããžçŽæ¥è»¢éãããŸããã¢ãã¬ã¹ããŒãã«ã«èŠã€ãããªãã£ãå Žåã«ã¯å šãŠã®ããŒãã«éä¿¡ãããŸãã
èšå®ã»è¡šç€ºé ç®
Sort Key
ãªã¹ãã®äžŠã³ã MACã¢ãã¬ã¹ãVLANãã€ã³ã¿ãã§ãŒã¹ããéžæ
MAC Address
ã€ã³ã¿ãã§ãŒã¹ã® MACã¢ãã¬ã¹
VLAN
VLAN ID ïŒ1-4093ïŒ
Interface
ããŒãåã¯ãã©ã³ã¯
Type
ãã®ããŒãã«ã®åŠç¿ããããšã³ããªã衚瀺
Life Time
æå®ããã¢ãã¬ã¹ãç¶æãããæéã衚瀺
èšå®æ¹æ³
ãšãŒãžã³ã°ã¿ã€ã ã®èšå®
ïŒ1ïŒ[MAC Address] â [Dynamic] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow Dynamic MACããéžæããŸãã
ïŒ3ïŒãœãŒãããŒãéžæããŸããïŒ4ïŒããããã®ãã©ã¡ãŒã¿ãå ¥åããŸããïŒ5ïŒïŒ QueryïŒãã¯ãªãã¯ããŸãã
113FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6.5 åçã¢ãã¬ã¹ããŒãã«ã®æ¶å»
MAC Address > Dynamic (Clear Dynamic MAC)ããŒãžã䜿çšãã転éããŒã¿ããŒã¹ããåŠç¿ããããšã³ããªãæ¶å»ããããšãåºæ¥ãŸãã
èšå®ã»è¡šç€ºé ç®
Clear by
å šãŠã®ãšã³ããªãŸãã¯ãæå®ããMACã¢ãã¬ã¹ãVLANã®å šãŠã®ãšã³ããªãããŒããŸãã¯ãã©ã³ã¯ã«é¢é£ä»ããããå šãŠã®ãšã³ããªãã¯ãªã¢ããããšãã§ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[MAC Address] â [Dynamic] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããClear Dynamic MACããéžæããŸãã
ïŒ3ïŒæ¶å»ãè¡ãã¡ãœãããéžæããŸããïŒAllãMAC AddressãVLANãInterfaceïŒ
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
114 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.6.6 MACã¢ãã¬ã¹ãã©ãŒãªã³ã°ã®èšå®
æ¬æ©ã§ã¯ããªã¢ã«ã¿ã€ã åæã®çºã«ãã¹ã€ããã®ã¿ãŒã²ããããŒã以å€ã®å šãŠã®ããŒããããæå®ããç¹å®ã®ãœãŒã¹ã¢ãã¬ã¹ã®ãã©ãã£ãã¯ãã¿ãŒã²ããããŒããžãã©ãŒãªã³ã°ããããšãå¯èœã§ããã¿ãŒã²ããããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferçïŒå㯠RMONãããŒããæ¥ç¶ããéä¿¡ã«åœ±é¿ãäžããã«ãœãŒã¹ããŒãã®ãã©ãã£ãã¯ã解æããããšãã§ããŸãã
æ©èœè§£èª¬
⢠MACã¢ãã¬ã¹ããã®ãã©ãã£ãã¯ã®ãã©ãŒãªã³ã°ãè¡ãéãã¿ãŒã²ããããŒã以å€ã®ã¹ã€ããã®å šãŠã®ããŒããžå ¥ããæå®ãããœãŒã¹ã¢ãã¬ã¹ãæã€å ¥åãã©ãã£ãã¯ã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒããžãã©ãŒãããŸãã
â¢ å šãŠã®ãã©ãŒã»ãã·ã§ã³ã¯åããã£ã¹ãã£ããŒã·ã§ã³ããŒããå ±æããŸãã
⢠ã¹ããã³ã°ããªãŒ BPDUãã±ããã¯ã¿ãŒã²ããããŒããžãã©ãŒãããŸããã
⢠ããŒããã©ãã£ãã¯ã®ãã©ãŒãªã³ã°æã«MSTPã䜿çšããéãã¿ãŒã²ããããŒãã¯ãœãŒã¹ããŒããšåã VLANã«å«ãŸããªããŠã¯ãªããŸãããïŒè©³çŽ°ã¯ P117ãåç §ããŠãã ããïŒ
èšå®ã»è¡šç€ºé ç®
Source MAC
éä¿¡ãã¢ãã¿ãŒããã MACã¢ãã¬ã¹ãæå®ããŸããxx-xx-xx-xx-xx-xxãŸã㯠xxxxxxxxxxxxã®åœ¢åŒã§å ¥åããŠãã ããã
Target Port
ãœãŒã¹ããŒããããã©ãã£ãã¯ã®ãã©ãŒãè¡ãããŒããæå®ããŸããïŒç¯å²ïŒ1-10ïŒ
èšå®æ¹æ³
MACã¢ãã¬ã¹ããŒã¹ã®ãã±ãããã©ãŒ
ïŒ1ïŒ[MAC Address] â [Mirror] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒãœãŒã¹ MACã¢ãã¬ã¹ãšãã£ã¹ãã£ããŒã·ã§ã³ããŒããæå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
115FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
ãã©ãŒãããMACã¢ãã¬ã¹ã®è¡šç€º
ïŒ1ïŒ[MAC Address] â [Mirror] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
116 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7 ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
ã¹ããã³ã°ããªãŒãããã³ã« STPã¯ãããã¯ãŒã¯ã®ã«ãŒããé²ãããŸããã¹ã€ãããããªããžåã³ã«ãŒã¿éã®ããã¯ã¢ãããªã³ã¯ã確ä¿ããããã«äœ¿çšããŸãã
STPæ©èœãæããã¹ã€ãããããªããžåã³ã«ãŒã¿éã§äºãã«é£æºããåæ©åšéã®ãªã³ã¯ã§ 1ã€ã®ã«ãŒããã¢ã¯ãã£ãã«ãªãããã«ããŸãããŸããå¥éããã¯ã¢ããçšã®ãªã³ã¯ãæäŸããã¡ã€ã³ã®ãªã³ã¯ãããŠã³ããå Žåã«ã¯èªåçã«ããã¯ã¢ãããè¡ããŸãã
æ¬æ©ã¯ã以äžã®èŠæ Œã«æºæ ãã STPã«å¯Ÿå¿ããŠããŸãã
⢠STP â Spanning Tree Protocol (IEEE 802.1D)
⢠RSTP â Rapid Spanning Tree Protocol (IEEE 802.1w)
⢠MSTPâ Multiple Spanning Tree Protocol (IEEE 802.1s)
STPã¯ã¹ããã³ã°ããªãŒãããã¯ãŒã¯ã®çµè·¯ãšãªã STP察å¿ã¹ã€ããã»ããªããžåã¯ã«ãŒã¿ãéžæããããã«åæ£ã¢ã«ãŽãªãºã ã䜿çšããŸããããã«ãããããã€ã¹ããã«ãŒãããã€ã¹ã«ãã±ãããéä¿¡ããéã«æå°ã®ãã¹ã³ã¹ããšãªãããã«ã«ãŒãããã€ã¹ãé€ãåããã€ã¹ã®ã«ãŒãããŒãã®èšå®ãè¡ããŸããããã«ãããã«ãŒãããã€ã¹ãã LANã«å¯Ÿãæå°ã®ãã¹ã³ã¹ãã«ããå LANã®æå®ãããããã€ã¹ã«å¯ŸããŠãã±ããã転éãããŸãããã®åŸãæå®ã®ããŒããšããŠåé¢é£ãã LANåã¯ãã¹ãããã€ã¹ãšéä¿¡ããæå®ããªããžäžã®ããŒããéžæããŸãã
æå°ã³ã¹ãã®ã¹ããã³ã°ããªãŒã決å®ããåŸããã¹ãŠã®ã«ãŒãããŒããšæå®ããŒããæå¹ãšãªããä»ã®ããŒãã¯ç¡å¹ãšãªããŸããããã«ãããã±ããã¯ã«ãŒãããŒãããæå®ããŒãã«ã®ã¿éä¿¡ããããããã¯ãŒã¯ã®ã«ãŒããåé¿ãããŸãã
å®å®ãããããã¯ãŒã¯ããããžãŒã確ç«ãããåŸãã«ãŒãããªããžããéä¿¡ããã Hello BPDU(Bridge Protocol Data Units)ããã¹ãŠã®ããªããžãåä¿¡ããŸããå®ããããééïŒæ倧å€ïŒä»¥å ã«ããªããžã Hello BPDUã確èªã§ããªãå Žåãã«ãŒãããªããžãžã®æ¥ç¶ãè¡ã£ãŠãããªã³ã¯ãåæããŸãããããŠããã®ããªããžã¯ãããã¯ãŒã¯ã®åèšå®ãè¡ãªãæå¹ãªãããã¯ãŒã¯ããããžãŒãå埩ããããã«ãä»ã®ããªããžãšããŽã·ãšãŒã·ã§ã³ãéå§ããŸãã
RSTPã¯æ¢åã®é ã STPã«ä»£ããæ©èœãšãããŠããŸããRSTP㯠MSTPã«ãçµã¿èŸŒãŸããŠããŸããRSTPã¯ãããããé害æã®ä»£æ¿ã«ãŒããå®ããããªãŒæ§é ã«é¢é£ã®ãªã転éæ å ±ãåºå¥ããããšã«ãããSTPã«æ¯ã¹çŽ 10åã® 1ã®éãã§ãããã¯ãŒã¯ã®åæ§ç¯ãè¡ããŸãã
STPå㯠RSTPãå©çšããå Žåããã¹ãŠã® VLANã¡ã³ããŒéã§ã®å®å®çãªãã¹ã®æäŸãé£ãããªããŸããããªãŒæ§é ã®é »ç¹ãªå€æŽã«ããäžéšã®ã°ã«ãŒãã¡ã³ããŒãå€ç«ããŠããŸãããšããããŸããïŒRSTPã®æ¡åŒµã§ããïŒMSTPã§ã¯ãVLANã°ã«ãŒãæ¯ã«ç¬ç«ããã¹ããã³ã°ããªãŒãæäŸããããšãã§ããŸããç¹å®ã® VLANã Multiple Spanning Treeã€ã³ã¹ã¿ã³ã¹(MSTI)ã«å«ãããã«æå®ãããšãMSTIããªãŒãèªåçã«æ§æãããå VLANã®æ¥ç¶ç¶æ³ãç¶æãããŸãã
åã€ã³ã¹ã¿ã³ã¹ã¯ãCommon Spanning Tree (CST)å ã® RSTPããŒããšããŠæ±ãããã®ã§ãMSTPã¯ããããã¯ãŒã¯å šäœãšã®æ¥ç¶ãè¡ãªãããšãã§ããŸãã
DesignatedRoot
DesignatedBridge
DesignatedPort
RootPort
117FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.1 ã«ãŒãããã¯æ€åº
ããŒãã«ãŒãããã¯æ€åºãæå¹ã§ãããããŒããããèªèº«ã® BPUDãåä¿¡ããéããã£ãã¯ã·ã§ã³ãšãŒãžã§ã³ãã¯ã«ãŒããã㯠BPDUãç Žæ£ãSNMPãã©ãããéä¿¡ããããŒããDiscardïŒãã±ããç Žæ£ïŒã¢ãŒãã«ããŸãããã®ã«ãŒãããã¯ã¹ããŒãã¯èªåãŸãã¯æåã§ãªãªãŒã¹ããããšãã§ããŸãã
ããŒããèªåã«ãŒãããã¯ãªãªãŒã¹ã«èšå®ãããŠããå Žåã以äžã®æ¡ä»¶ã®å 1ã€ãæºãããããšããŒãã¯è»¢éç¶æ ã«æ»ããŸãã
⢠ããŒããããŒãèªèº«ä»¥å€ã® BPUDãåä¿¡ããã
⢠ããŒãã®ãªã³ã¯ã¹ããŒããäžæŠãªã³ã¯ããŠã³ã«ãªã£ãåŸãåã³ãªã³ã¯ã¢ããã«ãªãã
⢠ããŒãããã©ã¯ãŒãé 延ã€ã³ã¿ãŒãã«ã§ããŒãèªèº«ã® BPUDã®åä¿¡ãçµäºã
[泚æ ]ãããŒãã«ãŒãããã¯ãã£ãã¯ã·ã§ã³ãæå¹ã§ãªããããŒããèªèº«ã® BPUDãåä¿¡ããå ŽåãããŒã㯠IEEEæºæ ã® 802.1w-2001 9.3.4ã«åŸã£ãŠã«ãŒããã㯠BPDUãç Žæ£ããŸãã
[泚æ ]ãã¹ããã³ã°ããªãŒãã¹ã€ããã§ç¡å¹ã«ãªã£ãŠããå ŽåãããŒãã«ãŒãããã¯ãã£ãã¯ã·ã§ã³ã¯ã¢ã¯ãã£ãã«ãªããŸããã
[ 泚æ ]ãæåãªãªãŒã¹ã¢ãŒãã«èšå®æãLink down/Upã€ãã³ãã¯ããŒãããªãªãŒã¹ããŸããã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺ã
Status
ãã®ã€ã³ã¿ãã§ãŒã¹ã§ã«ãŒãããã¯ãã£ãã¯ã·ã§ã³ãæå¹åãïŒåæèšå®ïŒæå¹ïŒ
Trap
ãã®ã€ã³ã¿ãã§ãŒã¹ã§ã«ãŒãããã¯ã€ãã³ãã® SNTPãã©ããéç¥ãæå¹åãïŒåæèšå®ïŒç¡å¹ïŒ
Release Mode
ããŒããèªåãŸãã¯æåã«ãŒãããã¯ãªãªãŒã¹ã«èšå®ã
Release
ããŒãã Discardã¢ãŒãããæåã§ãªãªãŒã¹ãããããšãèš±å¯ãããŒããæåãªãªãŒã¹ã¢ãŒãã«èšå®æã®ã¿å©çšå¯èœã
118 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
ïŒ1ïŒ[Spanning Tree]â [Loopback Detection]ãã¯ãªãã¯ããŸããïŒ2ïŒå¿ èŠãªã€ã³ã¿ãã§ãŒã¹ã¿ã€ãã衚瀺ãããããããŒããŸãã¯ãã©ã³ã¯ãã¯ãªãã¯ããŸããïŒ3ïŒå¿ èŠã«å¿ããèšå®ãä¿®æ£ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
119FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.2 ã°ããŒãã«èšå®
Spanning Tree ïŒ STAããŒãžã䜿çšããã¹ããã³ã°ããªãŒã®ã°ããŒãã«èšå®ãè¡ããŸããããã§ã®èšå®ã¯æ¬æ©å šäœã«é©çšãããŸãã
æ©èœè§£èª¬
⢠Spanning Tree Protocolæ¬æ©ã®åæèšå®ã§ã¯ RSTPã«æå®ãããŠããŸãããSTPã«èšå®ã IEEE802.1Dã«æºæ ãã BPDUã®ã¿ãéä¿¡ããããšãã§ããŸãããã®å Žåããããã¯ãŒã¯å šäœã«å¯Ÿã㊠1ã€ã® SpanningTreeã®ã¿ã®èšå®ãè¡ãªããŸãããããããã¯ãŒã¯äžã«è€æ°ã® VLANãèšå®ããå Žåãäžéšã® VLANã¡ã³ããŒéã¯ãããã¯ãŒã¯ã®ã«ãŒããåé¿ããããç¡å¹ãšãªãå ŽåããããŸããè€æ°ã® VLANãæ§æããå Žåã«ã¯ MSTPã䜿çšããããšãæšå¥šããŸãã
⢠Rapid Spanning Tree ProtocolRSTPã¯ã以äžã®ããããã®çä¿¡ãããã³ã«ã¡ãã»ãŒãžãç£èŠãåçã«åãããã³ã«ã¡ãã»ãŒãžã«é©åãããããšã«ãããSTPãš RSTPããŒãã®ã©ã¡ããžã®æ¥ç¶ããµããŒãããŸãã
ïŒ STP Mode â ããŒãã®ç§»åé 延ã¿ã€ããŒãåããåŸã« IEEE802.1D BPDUãåãåããšãæ¬æ©ã¯ IEEE802.1Dããªããžãšæ¥ç¶ããŠãããšå€æããIEEE802.1D BPDUã®ã¿ã䜿çšããŸãã
ïŒ RSTP Mode â RSTPã«ãããŠãããŒã㧠IEEE802.1D BPDUã䜿çšãããŒã移åé 延ã¿ã€ããŒãåããåŸã« RSTP BPDUãåãåããšãRSTPã¯ç§»åé 延ã¿ã€ããŒãåã¹ã¿ãŒããããã®ããŒãã«å¯Ÿã RSTP BPDUã䜿çšããŸãã
⢠Multiple Spanning Tree ProtocolMSTPã¯ããããã®ã€ã³ã¹ã¿ã³ã¹ã®ããã«ãŠããŒã¯ãªã¹ããã³ã°ããªãŒãçæããŸããããã¯ãããã¯ãŒã¯äžã«è€æ°ã®ãã¹ãŠã§ã€ãæäŸããããã«ãã£ãŠãã©ãã£ãã¯ä»å ã®ãã©ã³ã¹ãåãã1ã€ã®ã€ã³ã¹ã¿ã³ã¹ã®ããªããžããŒãã§äžå ·åãçºçããæã«åºç¯å²ã®äžæãé²ããŸãããŸãã倱æããã€ã³ã¹ã¿ã³ã¹ã®ãããæ°ããããããžã®ããæ©ã茻茳ãå¯èœã«ããŸãã
ïŒ ãããã¯ãŒã¯äžã§ MSTPãæå¹ã«ããã«ã¯ãæ¥ç¶ãããé¢é£ããããªããžã«ãããŠãåæ§ã®MSTPã®èšå®ãè¡ãªããã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã«åå ããããšãèš±å¯ããå¿ èŠããããŸãã
ïŒã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã¯äºææ§ã®ããVLANã€ã³ã¹ã¿ã³ã¹å²ãåœãŠãæã€ããªããžäžã«ã®ã¿ååšåºæ¥ãŸãã
ïŒ ã¹ããã³ã°ããªãŒã¢ãŒããå€æŽããå Žåãå€æŽåã®ã¢ãŒãã®ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ããã¹ãŠæ¢ãããã®åŸæ°ããã¢ãŒãã«ãããŠéä¿¡ãåéããŸããã¹ããã³ã°ããªãŒã®ã¢ãŒãå€æŽæã«ã¯éä¿¡ãäžæçã«é®æãããã®ã§æ³šæããŠäžããã
èšå®ã»è¡šç€ºé ç®
åºæ¬èšå®Spanning Tree Status
ã¹ããã³ã°ããªãŒãæå¹åã¯ç¡å¹ã«ããŸãã (åæèšå® :æå¹ )
Spanning Tree Type
䜿çšãããã¹ããã³ã°ããªãŒãããã³ã«ã®çš®é¡ãæå®ããŸãã(åæèšå® :RSTP)
120 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
ïŒ STP â Spanning Tree ProtocolïŒIEEE 802.1DãSTPãéžæãããšãæ¬æ©ã¯ RSTPã®STPããã äºæã¢ãŒããšãªããŸãïŒ
ïŒ RSTP â Rapid Spanning Stree Protocol(IEEE 802.1w)
ïŒ MSTP âMultiple Spanning Stree Protocol(IEEE 802.1s)
Priority
ã«ãŒãããã€ã¹ãã«ãŒãããŒããæå®ããŒãã®èå¥ã«äœ¿çšããããããã€ã¹ãã©ã€ãªãªãã£ãèšå®ã§ããŸããæäžäœã®ãã©ã€ãªãªãã£ãæã€æ©åšã STPã«ãŒãæ©åšã«ãªããŸãïŒå€ãå°ããã»ã©ãã©ã€ãªãªãã£ãé«ããªããŸãïŒããã¹ãŠã®æ©åšã®ãã©ã€ãªãªãã£ãåãå Žåã¯ãæå°ã®MACã¢ãã¬ã¹ãæã€æ©åšãã«ãŒãæ©åšã«ãªããŸããïŒåæèšå® :32768ãç¯å² : 0-61440ã®å€ã§ 4096ã〠(0ã4096ã8192ã12288ã16384ã20480ã24576ã28672ã32768ã36864ã40960ã45056ã49152ã53248ã57344ã61440) ïŒ
ã¢ããã³ã¹ãPath Cost Method
ãã¹ã³ã¹ãã¯ããã€ã¹éã®æé©ãªãã¹ã決å®ããããã«äœ¿çšãããŸãããã¹ã³ã¹ãæ¹åŒã¯åã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããšã®ã§ããå€ã®ç¯å²ã決å®ããã®ã«äœ¿çšãããŸãã
ïŒ Long â 32ãããã® 1-200,000,000ã®å€ (åæå€ïŒ
ïŒ Short â 16ãããã® 1-65535ã®å€
Transmission Limit
ç¶ç¶çãªãããã³ã«ã¡ãã»ãŒãžã®æå°éä¿¡ééã®èšå®ã«ãã BPDUã®æ倧転éã¬ãŒãã®èšå®ãè¡ããŸãïŒç¯å² :1-10ïŒç§ïŒãåæèšå® :3ïŒ
ã«ãŒãæHello Time
ã«ãŒãããã€ã¹ãèšå®ã¡ãã»ãŒãžãéä¿¡ããééïŒç§ïŒãèšå®ã§ããŸãïŒåæèšå® :2(ç§ )ãæå°å€ :1ãæå€§å€ :10å㯠[(Maximum Age/2)-1]ã®å°ããæ¹ã®å€ïŒ
Maximum Age
æ©åšãåèšå®ãããåã«èšå®ã¡ãã»ãŒãžãåŸ ã¡åãããæ倧ã®æéãç§ã§èšå®ã§ããŸããæå®ããŒããé€ãå šæ©åšã®ããŒãã§ãéåžžã®ã€ã³ã¿ãŒãã«å ã«èšå®ã¡ãã»ãŒãžãåä¿¡ãããå¿ èŠããããŸããSTPæ å ±ããšãŒãžã¢ãŠãããããŒãã¯æ¥ç¶ãããŠãã LANã®æå®ããŒãã«å€æŽãããŸããã«ãŒãããŒãã®å Žåããããã¯ãŒã¯ã«æ¥ç¶ãããŠããæ©åšã®ããŒãããæ°ããªã«ãŒãããŒããéžæãããŸããïŒåæèšå® :20ïŒç§ïŒãæå°å€ :6å㯠[2à (Hello Time+1)]ã®å€§ããæ¹ã®å€ãæå€§å€ :40ããã㯠[2à (Forward Delay-1)]å°ããæ¹ã®å€ïŒ
Forward Delay
æ©åšç¶æ ã®é·ç§»ã«å¯ŸããŠã«ãŒãæ©åšãåŸ æ©ããæ倧ã®æéïŒç§ïŒãèšå®ã§ããŸãããã¬ãŒã ã®è»¢éãéå§ãããåã«ãããããžã®å€æŽãæ©åšã«èªèããããããé 延ãèšå®ããå¿ èŠããããŸããããã«åããŒãã§ã¯ãäžæçãªããŒã¿ã®ã«ãŒããé²ããããããŒãããããã¯ç¶æ ã«æ»ã競åæ å ±ã®ãªã¹ãã³ã°ãè¡ãæéãå¿ èŠã«ãªããŸãïŒåæèšå® :15ïŒç§ïŒãæå°å€:4å㯠[(Maximum Age/2)+1]ã®å€§ããæ¹ã®å€ãæå€§å€ :30ïŒ
MSTPèšå®
Max Instance Numbers
æ¬æ©ã§èšå®å¯èœãª MSTã€ã³ã¹ã¿ã³ã¹ã®æ倧æ°
Configuration Digest
VLAN IDãã MST IDãžã®ãããã³ã°ããŒãã«ãå«ã MD5眲åããŒãã€ãŸããã®ããŒã¯å šãŠã® VLANãã CISTãžã®ãããã³ã°ã§ãã
121FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Region Revision*
MSTã€ã³ã¹ã¿ã³ã¹ã®ãªããžã§ã³ïŒèšå®ç¯å²ïŒ0-65535ãåæèšå®ïŒ0ïŒ
Region Name*
MSTã€ã³ã¹ã¿ã³ã¹åïŒæ倧å€ïŒ32æåãã¹ã€ããã® MACã¢ãã¬ã¹ïŒ
Maximum Hop Count
BPDUãç Žæ£ãããåã® MSTå ã§ã®æ倧ãããæ°ïŒèšå®ç¯å²ïŒ1-40ãåæèšå®ïŒ20ïŒ
* MST nameåã³ revision number㯠MSTã®ç¹å®ãè¡ãªããããã©ã¡ããå¿ èŠãšãªããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Spanning Tree]â [STA]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒå¿ èŠãªèšå®é ç®ãå€æŽããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ïŒSTPïŒ
122 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
ïŒRSTPïŒ
ïŒMSTPïŒ
123FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.3 ã°ããŒãã«èšå®ã®è¡šç€º
Spanning Tree > STA (Configure Global - Show Information)䜿çšããçŸåšã® STPã®æ å ±ã確èªããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Bridge ID
STPã§æ¬æ©ãèªèããããã®äžæã® IDã衚瀺ããŸããIDã¯æ¬æ©ã® STPãã©ã€ãªãªãã£ãšMACã¢ãã¬ã¹ããç®åºãããŸãã
Designated Root
ã«ãŒãããã€ã¹ã«èšå®ããããã¹ããã³ã°ããªãŒå ã®æ©åšã®ãã©ã€ãªãªãã£åã³MACã¢ãã¬ã¹ã衚瀺ãããŸãã
Root Port
ã«ãŒãã®æãè¿ããã¹ã€ããäžã®ããŒãã®çªå·ãã¹ã€ããã¯ãã®ããŒããéããŠãã«ãŒãããã€ã¹ãšã³ãã¥ãã±ãŒããå¯èœã§ããã«ãŒãããŒããç¡ãå Žåããã®ã¹ã€ãããã¹ããã³ã°ããªãŒã®ã«ãŒãããã€ã¹ãšããŠã¢ã¯ã»ãããããŸãã
Root Path Cost
ã¹ã€ããäžã®ã«ãŒãããŒãããã«ãŒãããã€ã¹ãžã®ãã¹ã³ã¹ãã
Configuration Changes
ã¹ããã³ã°ããªãŒãåèšå®ãããåæ°ã衚瀺ãããŸãã
Last Topology Change
æåŸã«ã¹ããã³ã°ããªãŒãåèšå®ãããŠããçµéããæéã衚瀺ãããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Spanning Tree]â [STA]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
124 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.4 ã€ã³ã¿ãã§ãŒã¹èšå®
Spanning Tree > STA (Configure Interface - Configure)ããŒãžã«ãŠãããŒããã©ã€ãªãªãã£ããã¹ã³ã¹ãããªã³ã¯ã¿ã€ãåã³ãšããžããŒããå«ãåã€ã³ã¿ãã§ãŒã¹ã® RSTPåã³ MSTPå±æ§ãèšå®ããããšãã§ããŸãããããã¯ãŒã¯ã®ãã¹ãæå®ããããã«åãã¡ãã£ã¢ã¿ã€ãã®ããŒãã«å¯Ÿãç°ãªããã©ã€ãªãªãã£åã¯ãã¹ã³ã¹ããèšå®ããäºç¹éæ¥ç¶ãŸãã¯å ±æã¡ãã£ã¢æ¥ç¶ã瀺ããããªã³ã¯ã¿ã€ããèšå®ããŸãããŸãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ããµããŒãããæ©åšãæ¥ç¶ããå Žåã«ã¯ãšããžããŒãã®æå®ãè¡ããŸãã(æ¬é ã§ã® "ããŒã "ãšã¯ "ã€ã³ã¿ãã§ãŒã¹ "ãæå³ãããããããŒããšãã©ã³ã¯ã®äž¡æ¹ã瀺ããŸã )
èšå®ã»è¡šç€ºé ç®
以äžã®èšå®ã¯å€æŽããããšã¯ã§ããŸãããInterface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺ãSpanning Tree
ã€ã³ã¿ãã§ãŒã¹ã® STAã®æå¹ /ç¡å¹ãèšå®ããŸãïŒåæèšå®ïŒæå¹ïŒ
Priority
STPã§ã®åããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸããæ¬æ©ã®å šãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãæãé«ããã©ã€ãªãªãã£ïŒæãäœãèšå®å€ïŒãã¹ããã³ã°ããªãŒã®ã¢ã¯ãã£ããªãªã³ã¯ãšãªããŸããããã«ãããSTPã«ãããŠãããã¯ãŒã¯ã®ã«ãŒããåé¿ããå Žåã«ãé«ããã©ã€ãªãªãã£ã®ããŒãã䜿çšãããããã«ãªããŸãã2ã€ä»¥äžã®ããŒããæãé«ããã©ã€ãªãªãã£ã®å Žåã«ã¯ãããŒãçªå·ãå°ããããŒããæå¹ã«ãªããŸãïŒåæèšå® : 128ãç¯å² : 0-240ã® 16ãã€ïŒ
Admin Path Cost
ãã®ãã©ã¡ãŒã¿ã¯ STPã«ãããŠããã€ã¹éã§ã®æé©ãªãã¹ã決å®ããããã«èšå®ããŸããäœãå€ãã¹ããŒãã®æ©ãã¡ãã£ã¢ã®ããŒãã«å²ãåœãŠãããããé«ãå€ãããé ãã¡ãã£ã¢ã«å²ãåœãŠãããå¿ èŠããããŸãïŒãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãïŒ
æšå¥š STAãã¹ã³ã¹ãç¯å²
ããŒãã¿ã€ã IEEE802.1D-1998 IEEE802.1w-2001
Ethernet 50-600 200,000-20,000,000
Fast Ethernet 10-60 20,000-2,000,000
Gigabit Ethernet 3-10 2,000-200,000
æšå¥š STAãã¹ã³ã¹ã
ããŒãã¿ã€ã ãªã³ã¯ã¿ã€ã IEEE802.1D-1998 IEEE802.1w-2001
EthernetHalf DuplexFull DuplexTrunk
1009590
2,000,0001,999,9991,000,000
Fast EthernetHalf DuplexFull DuplexTrunk
191815
200,000100,00050,000
Gigabit EthernetFull DuplexTrunk
43
10,0005,000
125FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Admin Link Type
ã€ã³ã¿ãã§ãŒã¹ãžæ¥ç¶ããæ¥ç¶æ¹åŒïŒåæèšå® :AutoïŒ
ïŒ Point-to-Point â ä»ã® 1å°ã®ããªããžãžã®æ¥ç¶ïŒ Shared â 2å°ä»¥äžã®ããªããžãžã®æ¥ç¶ïŒ Auto â Point-to-Pointã Sharedã®ã©ã¡ãããèªåçã«å€æããŸãã
Root Guard
STAã¯ããäœãããªããžèå¥åïŒãŸãã¯åãå€ãšãããäœã MACã¢ãã¬ã¹ïŒãæã€ããªããžããã€ã§ããã«ãŒãããªããžãåŒãç¶ãããšãèš±å¯ããŸããRoot Guard ã¯ã«ãŒãããªããžãæé©ä»¥äžã®å Žæã«ãããŠæ§æãããªãããšãä¿èšŒããããã«äœ¿çšããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Admin Edge Port
ïŒ Enabled â æåã§ããŒãã EdgeããŒããšããŠèšå®ããŸããïŒ Disabled â EdgeããŒãèšå®ãç¡å¹ã«ããŸããïŒ Auto â RSTP ãŸã㯠MSTP BPDU ãåä¿¡ããã«ãšããžé 延æéã®æéãåããéãããŒããèªåã§ãšããžããŒããšããŠèšå®ããŸãã
以äžã®æ¡ä»¶ã§ã¯ãã€ã³ã¿ãã§ãŒã¹ã¯ EdgeããŒããšããŠæ©èœããŸããã
⢠ã¹ããã³ã°ããªãŒã¢ãŒãã STPïŒP120ïŒã«èšå®ãããŠããå ŽåããšããžããŒãã¢ãŒãã¯æåã§æå¹ããèªåã«èšå®ã§ããŸããå¹æã¯çºããŸããã
⢠ã«ãŒãããã¯æ€çŽ¢ ïŒP118ïŒãæå¹ã§ããã ãšã«ãŒããã㯠BPDUãç¡å¹ã®å Žåãã€ã³ã¹ã¿ã³ã¹ã¯ã«ãŒãããã¯ç¶æ ãéæŸããããŸã§ãšããžããŒããšããŠæ©èœåºæ¥ãŸããã
⢠ã€ã³ã¿ãã§ãŒã¹ããã©ã¯ãŒãã£ã³ã°ç¶æ ã§ãããŒã«ãå€æŽãããå Žåããšããžé 延æéãæéåãã«ãªã£ãŠããŠããã€ã³ã¹ã¿ã³ã¹ã¯ãšããžããŒããšããŠåäœãç¶ããããšãåºæ¥ãŸããã
⢠é 延ã¿ã€ããŒã®æéãåããåŸã«ããšããžããŒãã BPDUsãåä¿¡ããªãå ŽåãdesignatedããŒããžããŒã«å€æŽãããããã«ãã©ã¯ãŒãã£ã³ã°ç¶æ ã«å ¥ããŸãã ïŒ128 ããŒãžã®ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ïŒ
BPDU Guard
BPDU ã®åä¿¡ãããšããžããŒããä¿è·ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
BPDU Filter
æåŸã®ããŒãã«æ¥ç¶ãããèšå®ãããããšããžããŒã㧠BPUD ã®è»¢éãç¡å¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒMigration
èšå®ããã³ããããžå€æŽéç¥ BPDUãå«ã STP BPDUãæ€ç¥ããããšã«ãããèªåçã« STPäºæã¢ãŒãã«å€æŽããããšãã§ããŸãããŸããæ¬æ©èœã®ãã§ãã¯ããã¯ã¹ããã§ãã¯ãæ©èœãæå¹ã«ããããšã«ãããæåã§é©åãªBPDUãã©ãŒãããïŒRSTPãŸã㯠STPäºæïŒã®å確èªãè¡ãããšãã§ããŸãã
ããã©ã«ã STAãã¹ã³ã¹ã
ããŒãã¿ã€ã ãªã³ã¯ã¿ã€ã IEEE802.1w-2001
EthernetHalf DuplexFull DuplexTrunk
2,000,0001,000,000500,000
Fast EthernetHalf DuplexFull DuplexTrunk
200,000100,00050,000
Gigabit EthernetFull DuplexTrunk
10,0005,000
126 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
ïŒ1ïŒ[Spanning Tree] â [STA]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒå¿ èŠã«å¿ããŠèšå®å€æŽãè¡ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
127FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.5 ã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º
STA Port Informationåã³ STA Trunk Informationç»é¢ã§ã¯ STAããŒãåã³ STAãã©ã³ã¯ã®çŸåšã®ç¶æ ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Spanning Tree
STAã®æå¹ /ç¡å¹ã衚瀺ãããŸãã
STA Status
ã¹ããã³ã°ããªãŒå ã§ã®åããŒãã®çŸåšã®ç¶æ ã衚瀺ããŸã :
ïŒ Discarding â STPèšå®ã¡ãã»ãŒãžãåä¿¡ããŸããããã±ããã®éä¿¡ã¯è¡ã£ãŠããŸããã
ïŒ Learning â ççŸããæ å ±ãåä¿¡ããããšãªããForward Delayã§èšå®ããééã§èšå®ã¡ãã»ãŒãžãéä¿¡ããŠããŸããããŒãã¢ãã¬ã¹ããŒãã«ã¯ã¯ãªã¢ãããã¢ãã¬ã¹ã®åŠç¿ãéå§ãããŠããŸãã
ïŒ Forwarding â ãã±ããã®è»¢éãè¡ãããã¢ãã¬ã¹ã®åŠç¿ãç¶ç¶ãããŠããŸãã
ããŒãç¶æ ã®ã«ãŒã«
⢠STPæºæ ã®ããªããžããã€ã¹ãæ¥ç¶ãããŠããªããããã¯ãŒã¯ã»ã°ã¡ã³ãäžã®ããŒãã¯ãåžžã«è»¢éç¶æ (Forwarding)ã«ãããŸãã
⢠ä»ã® STPæºæ ã®ããªããžããã€ã¹ãæ¥ç¶ãããŠããªãã»ã°ã¡ã³ãäžã«ã2åã®ããŒããååšããå Žåã¯ãIDã®å°ããæ¹ã§ãã±ããã®è»¢éãè¡ãã (Forwarding)ãä»æ¹ã§ã¯ãã±ãããç Žæ£ãããŸã (Discarding)ã
⢠起åæã«ã¯ãã¹ãŠã®ããŒãã§ãã±ãããç Žæ£ãããŸã (Discarding)ããã®åŸåŠç¿ç¶æ (Learning)ããã©ã¯ãŒãã£ã³ã° (Forwarding)ãžãšé·ç§»ããŸãã
Forward Transitions
ããŒãã転éç¶æ (Forwarding)ã«é·ç§»ããåæ°ã衚瀺ãããŸãã
Designated Cost
ã¹ããã³ã°ããªãŒèšå®ã«ããããæ¬ããŒãããã«ãŒããžã®ã³ã¹ãã衚瀺ãããŸããåªäœãé ãå Žåãã³ã¹ãã¯å¢å ããŸãã
Designated Bridge
ã¹ããã³ã°ããªãŒã®ã«ãŒãã«å°éããéã«ãæ¬ããŒãããéä¿¡ãè¡ãããã€ã¹ã®ãã©ã€ãªãªãã£ãšMACã¢ãã¬ã¹ã衚瀺ãããŸãã
Designated Port
ã¹ããã³ã°ããªãŒã®ã«ãŒãã«å°éããéã«ãæ¬æ©ãšéä¿¡ãè¡ãæå®ããªããžããã€ã¹ã®ããŒãã®ãã©ã€ãªãªãã£ãšçªå·ã衚瀺ãããŸãã
Oper Path Cost
ãã®ããŒããå«ãã¹ããã³ã°ããªãŒã«ãŒããžåãããã¹ã®ãã¹ã³ã¹ããžã®ããã®ããŒãã®è²¢ç®ã
Oper Link Type
ã€ã³ã¿ãã§ãŒã¹ã®å±ãã LANã»ã°ã¡ã³ãã®äœ¿çšäžã® 2ç¹éã®ç¶æ³ããã®é ç®ã¯ STP Port/Trunk ConfigurationããŒãžã® Admin Link Typeã«èšèŒãããŠããããã«æåèšå®åã¯èªåæ€åºã«ãã決å®ãããŸãã
128 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Oper Edge Port
ãã®é ç®ã¯ STP Port/Trunk ConfigurationããŒãžã® Admin Eddge Portã®èšå®ã«ããèšå®ã®ããã«åæåãããŸãããããããã®ããŒããžã®æ¥ç¶ãããä»ã®ããªããžãå«ããBPDUãåä¿¡ããå Žå㯠falseã«èšå®ãããŸãã
Port Role
å®è¡äžã®ã¹ããã³ã°ããªãŒããããžã®äžéšã§ããããªããã«åŸã£ãŠåœ¹å²ãå²ãåœãŠãããŠããŸãã
ïŒ RootããŒã â ã«ãŒãããªããžãžã®ããªããžã«æ¥ç¶ããŸãã
ïŒ DesignatedããŒã â ã«ãŒãããªããžãžã®ããªããžãéã㊠LANã«æ¥ç¶ããŸãã
ïŒ MasterããŒã â MSTI regionalã«ãŒã
ïŒ Alternate å㯠BackupããŒã â ä»ã®ããªããžãããªããžããŒãå㯠LANãåæãŸãã¯åé€ãããå Žåã«ãæ¥ç¶ãæäŸããŸãã
ïŒDisabledããŒã â ã¹ããã³ã°ããªãŒå ã§ã®åœ¹å²ããªãå Žåã«ã¯ç¡å¹ (Disabled)ãšãªããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Spanning Tree]â [STA]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
129FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.6 MSTPèšå®
MSTPã¯åã€ã³ã¹ã¿ã³ã¹ã«å¯Ÿãç¹å®ã®ã¹ããã³ã°ããªãŒãçæããŸããããã«ãããããã¯ãŒã¯äžã«è€æ°ã®ãã¹ãæ§ç¯ããéä¿¡ã®ããŒããã©ã³ã¹ãè¡ããåäžã®ã€ã³ã¹ã¿ã³ã¹ã«äžå ·åãçºçããå Žåã«å€§èŠæš¡ãªãããã¯ãŒã¯ã®é害ãçºçããããšãåé¿ãããšå ±ã«ãäžå ·åã®çºçããã€ã³ã¹ã¿ã³ã¹ã®æ°ããããããžãŒãžã®å€æŽãè¿ éã«è¡ãªããŸãã
åæèšå®ã§ã¯ãã¹ãŠã® VLANã¯ãMSTå ã«æ¥ç¶ãããããªããžããã³ LANã¯ãã¹ãŠå éšã¹ããã³ã°ã»ããªãŒ (MSTã€ã³ã¹ã¿ã³ã¹ 0)ã«å²ãåœãŠãããŸãã
æ¬æ©ã§ã¯æ倧 32ã®ã€ã³ã¹ã¿ã³ã¹ããµããŒãããŠããŸãããããã¯ãŒã¯ã®åäžãšãªã¢ãã«ããŒãã VLANãã°ã«ãŒãåããããã«èšå®ããŠäžããã
äœããåäžã€ã³ã¹ã¿ã³ã¹ã®ã»ããã«ããåäž MSTIå ã®ãã¹ãŠã®ããªããžãåã³åäž VLANã®ã»ããã«ããåäžã€ã³ã¹ã¿ã³ã¹ã圢æããå¿ èŠããããŸããRSTPã¯åäžããŒããšããŠåMSTIãæ±ãããã¹ãŠã®MSTIã Common Spanning TreeãšããŠæ¥ç¶ããç¹ã«æ³šæããŠäžããã
MSTPã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªã£ãŠãã ããã
ïŒ1ïŒã¹ããã³ã°ããªãŒã¿ã€ãã MSTPã«èšå®ããŸã (P120 ãã°ããŒãã«èšå®ãåç § )
ïŒ2ïŒéžæãã MSTã€ã³ã¹ã¿ã³ã¹ã«ã¹ããã³ã°ããªãŒãã©ã€ãªãªãã£ãå ¥åããŸãã
ïŒ3ïŒMSTIãå ±æãã VLANãè¿œå ããŸãã
[泚æ ]ããã¹ãŠã® VLANã¯èªåçã« ISTïŒã€ã³ã¹ã¿ã³ã¹ 0ïŒã«è¿œå ãããŸãã
MSTIããããã¯ãŒã¯äžã§æå¹ã«ããæ¥ç¶ãç¶ç¶ããããã«ã¯ãåæ§ã®èšå®ãé¢é£ããããªããžã«ãããŠè¡ãªãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
MST ID
èšå®ã®ããã®ã€ã³ã¹ã¿ã³ã¹ IDïŒèšå®ç¯å²ïŒ0-4094ïŒ
VLAN ID
MSTã€ã³ã¹ã¿ã³ã¹ã«æå®ãã VLAN IDïŒèšå®ç¯å²ïŒ1-4093ïŒ
Priority
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ïŒç¯å²ïŒ4096é£ã°ãã®å€ã§ 0-61440ãéžæè¢ïŒ0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440ãåæèšå®ïŒ32768ïŒ
130 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
MSTPã€ã³ã¹ã¿ã³ã¹ã®äœæ
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒMSTã€ã³ã¹ã¿ã³ã¹ãšåæ VLANã¡ã³ããŒãæå®ããŸããã¡ã³ããŒã®è¿œå 㯠panning Tree > MSTP(Configure Global - Add Member)ããŒãžã§è¡ãããšãã§ããŸãã ãã©ã€ãªãªãã£ãæå®ããªãå Žåãåæå€ã® 32768ã䜿çšãããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
èšå®æ¹æ³
MSTPã€ã³ã¹ã¿ã³ã¹ã®è¡šç€º
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã衚瀺é ç®ã®è§£èª¬ã¯ P128 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠãã ããã
131FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
MSTPã€ã³ã¹ã¿ã³ã¹ãž VLANã°ã«ãŒããè¿œå
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd MemberããéžæããŸãã
ïŒ4ïŒMST IDãªã¹ããã MSTã€ã³ã¹ã¿ã³ã¹ãéžæããŸãã
ïŒ5ïŒãVLAN IDããã£ãŒã«ããžãã€ã³ã¹ã¿ã³ã¹ãžè¿œå ãã VLANã°ã«ãŒãã® VLAN IDãå ¥åããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
MSTPã€ã³ã¹ã¿ã³ã¹ã® LANã¡ã³ããŒã衚瀺
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow MemberããéžæããŸãã
132 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
3.7.7 MSTPã€ã³ã¿ãã§ãŒã¹ã®èšå®
Spanning Tree > MSTP (Configure Interface - Configure)ããŒãžã«ãŠãMSTã€ã³ã¹ã¿ã³ã¹ãžã® STAã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ãªãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
MST Instance ID
èšå®ãè¡ãã€ã³ã¹ã¿ã³ã¹ IDïŒåæèšå®ïŒ0ïŒ
Interface
ããŒããŸãã¯ãã©ã³ã¯ãªã¹ãã®è¡šç€º
STA Status
ã¹ããã³ã°ããªãŒå ã§ã®åããŒãã®çŸåšã®ç¶æ ã衚瀺ããŸã :
ïŒè©³çŽ°ã¯ 128 ããŒãžã®ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããïŒ
ïŒ Discarding â STPèšå®ã¡ãã»ãŒãžãåä¿¡ããŸããããã±ããã®éä¿¡ã¯è¡ã£ãŠããŸããã
ïŒ Learning â ççŸããæ å ±ãåä¿¡ããããšãªããForward Delayã§èšå®ããééã§èšå®ã¡ãã»ãŒãžãéä¿¡ããŠããŸããããŒãã¢ãã¬ã¹ããŒãã«ã¯ã¯ãªã¢ãããã¢ãã¬ã¹ã®åŠç¿ãéå§ãããŠããŸãã
ïŒ Forwarding â ãã±ããã®è»¢éãè¡ãããã¢ãã¬ã¹ã®åŠç¿ãç¶ç¶ãããŠããŸãã
Priority
STPã§ã®åããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸãã
æ¬æ©ã®å šãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãæãé«ããã©ã€ãªãªãã£ïŒæãäœãèšå®å€ïŒãã¹ããã³ã°ããªãŒã®ã¢ã¯ãã£ããªãªã³ã¯ãšãªããŸããããã«ãããSTPã«ãããŠãããã¯ãŒã¯ã®ã«ãŒããåé¿ããå Žåã«ãé«ããã©ã€ãªãªãã£ã®ããŒãã䜿çšãããããã«ãªããŸãã2ã€ä»¥äžã®ããŒããæãé«ããã©ã€ãªãªãã£ã®å Žåã«ã¯ãããŒãçªå·ãå°ããããŒããæå¹å°ãªããŸãïŒåæèšå® : 128ãç¯å² : 0-240ã® 16ãã€ïŒ
Admin MST Path Cost
ãã®ãã©ã¡ãŒã¿ã¯ MSTPã«ãããŠããã€ã¹éã§ã®æé©ãªãã¹ã決å®ããããã«èšå®ããŸããäœãå€ãã¹ããŒãã®æ©ãã¡ãã£ã¢ã®ããŒãã«å²ãåœãŠãããããé«ãå€ãããé ãã¡ãã£ã¢ã«å²ãåœãŠãããå¿ èŠããããŸãïŒãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãïŒ
ïŒæšå¥šèšå®ç¯å²ïŒP125ã®è¡šãåç §ããŠãã ããã
ïŒæšå¥šèšå®å€ïŒP125ã®è¡šãåç §ããŠãã ããã
ïŒåæèšå®ïŒP126ã®è¡šãåç §ããŠãã ããã
133FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
ããŒããŸãã¯ãã©ã³ã¯ã® MSTPãã©ã¡ãŒã¿ãèšå®ã
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ4ïŒã€ã³ã¿ãã§ãŒã¹ã®ãã©ã€ãªãªãã£ãšãã¹ã³ã¹ããå ¥åããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒããŸãã¯ãã©ã³ã¯ã® MSTPãã©ã¡ãŒã¿ã衚瀺ã
ïŒ1ïŒ[Spanning Tree] â [MSTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow InformationããéžæããŸãã
134 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åž¯åå¶åŸ¡
3.8 垯åå¶åŸ¡
垯åå¶åŸ¡æ©èœã§ã¯åã€ã³ã¿ãã§ãŒã¹ã®éä¿¡åã³åä¿¡ã®æ倧é床ãèšå®ããããšãã§ããŸãã垯åå¶åŸ¡ãæå¹ã«ãããšãéä¿¡ã¯ããŒããŠã§ã¢ã«ããç£èŠãããèšå®ãè¶ ããéä¿¡ã¯ãããããããŸããèšå®ç¯å²å ã®éä¿¡ã¯ãã®ãŸãŸè»¢éãããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Type
ããŒãã¿ã€ãïŒ100Base-TXã1000Base-Tã SFPïŒ
Status
垯åå¶åŸ¡ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
Rate
垯åå¶åŸ¡ã®ã¬ãã«ãèšå®ïŒç¯å²ïŒFast Ethernet 64 - 100,000 kilobits/ç§ã Gigabit Ethernet 64-1,000,000 kilobits/ç§ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Traffic]â [Rate Limit]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒèšå®ããããªãããŒãã®ãRate Lonit Statusããæå¹ã«ããŸãã
ïŒ3ïŒåã ã®ããŒããžãRateããèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
135FXC3110
Webã€ã³ã¿ãã§ãŒã¹åž¯åå¶åŸ¡
3.8.1 ã¹ããŒã ã³ã³ãããŒã«
Traffic > Storm ControlããŒãžã䜿çšãããããŒããã£ã¹ãã¹ããŒã ãããå€ã³ã³ãããŒã«ã®èšå®ãå¯èœã§ãããããŒããã£ã¹ãã¹ããŒã ã¯ããããã¯ãŒã¯äžã®è£ 眮ã誀åäœãèµ·ããããã¢ããªã±ãŒã·ã§ã³ããã°ã©ã ã®äžå ·åãŸãã¯é©åã«èšå®ãããŠããªãæã«çºçããŸãããããã¯ãŒã¯äžã«é床ã®ãããŒããã£ã¹ããã©ãã£ãã¯ãååšããå Žåãããã©ãŒãã³ã¹ã¯èããèœã¡ãŸãã
ãããŒããã£ã¹ããã©ãã£ãã¯ã®ãããå€ãèšå®ããããšã§ããããŒããã£ã¹ãã¹ããŒã ãããããã¯ãŒã¯ãä¿è·ããããšãå¯èœã§ããæå®ãããããå€ãè¶ ãããããŒããã£ã¹ããã±ããã¯ç Žæ£ãããŸãã
æ©èœè§£èª¬
⢠ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã¯åæèšå®ã§æå¹ã«ãªã£ãŠããŸãã
⢠ãããŒããã£ã¹ãã³ã³ãããŒã«ã¯ IPãã«ããã£ã¹ããã©ãã£ãã¯ã«åœ±é¿ããŸããã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺ã
Type
ã€ã³ã¿ãã§ãŒã¹ã¿ã€ãïŒ100Base-TXã100Base-Tã SFPïŒ
Unknown Unicast
æªç¥ã®ãŠããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
Multicast
ãã«ããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
Broadcast
ãããŒããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
Status
ã¹ããŒã ã³ã³ãããŒã«ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«æå¹ããã«ããã£ã¹ã /æªç¥ã®ãŠããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ç¡å¹ïŒ
Rate
ã¬ãŒããšããŠã®ãããå€ïŒãã±ãã /ç§ãç¯å²ïŒ64-1,000,000 Kbits/ç§åæèšå®ïŒ64 Kbits/secondïŒ
[ 泚æ ]ã1ã€ã®ã¬ãŒãã®ã¿ãã€ã³ã¿ãã§ãŒã¹äžã®å šãŠã®ãã©ãã£ãã¯ã¿ã€ãã§ãµããŒããããŸãã
136 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åž¯åå¶åŸ¡
èšå®æ¹æ³
ïŒ1ïŒ[Traffic]â [Storm Control]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãããå€ãèšå®ããä»»æã®ããŒãã® "Enable"ãã£ãŒã«ããžãã§ãã¯ãå ¥ããŸãã
ïŒ3ïŒ[Apply]ãã¯ãªãã¯ããŠäžããã
137FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
3.9 Class of ServiceïŒCoSïŒ
Class of Service(CoS)ã¯ããããã¯ãŒã¯ã®æ··éç¶æ ã®ããã«éä¿¡ããããã¡ãããå Žåã«ãåªå ããããŒã¿ãã±ãããæå®ããããšãã§ããŸããæ¬æ©ã§ã¯åããŒã㧠4段éã®ãã¥ãŒã® CoSããµããŒãããŠããŸããé«ããã©ã€ãªãªãã£ã®ãã¥ãŒãæã£ãããŒã¿ãã±ããããããäœããã©ã€ãªãªãã£ã®ãã¥ãŒãæã£ãããŒã¿ãã±ãããããå ã«è»¢éããŸããåã€ã³ã¿ãã§ãŒã¹ã«ããã©ã«ããã©ã€ãªãªãã£ãèšå®ããããšãã§ããåæ¬æ©ã®ãã©ã€ãªãªãã£ãã¥ãŒã«å¯Ÿãããã¬ãŒã ãã©ã€ãªãªãã£ã¿ã°ã®ãããã³ã°ãè¡ãããšãã§ããŸãã
3.9.1 ã¬ã€ã€ 2ãã¥ãŒèšå®
ã¿ã°ç¡ããã¬ãŒã ã®ããã©ã«ããã©ã€ãªãªãã£èšå®ããã¥ãŒã¢ãŒãã®èšå®ãããããã®ãã¥ãŒãžã®ãŠã§ã€ãã®å²ãåœãŠçã«ã€ããŠè§£èª¬ããŸã
ã€ã³ã¿ãã§ãŒã¹ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå®
åã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ãããŒããã©ã€ãªãªãã£ãæå®ããããšãåºæ¥ãŸããã¹ã€ãããžå ¥ãå šãŠã®ã¿ã°ãªããã±ããã¯æå®ãããããã©ã«ãããŒããã©ã€ãªãªãã£ã«ããã¿ã°ãä»ããããåºåããŒãã§ã®é©åãªãã©ã€ãªãªãã£ãã¥ãŒãèšå®ãããŸãã
æ©èœè§£èª¬
⢠æ¬æ©ã¯åããŒã㧠4ã€ã®ãã©ã€ãªãªãã£ãã¥ãŒãæäŸããŸããhead-of-queue blockageãé²æ¢ããããã«éã¿ä»ãã©ãŠã³ãããã³ (WRR)ã䜿çšããŸãã
⢠ããã©ã«ããã©ã€ãªãªãã£ã¯ã"accept all frame type"ã«èšå®ãããããŒãã§åä¿¡ããã¿ã°ãªããã¬ãŒã ã®å Žåã«é©çšãããŸãããã®ãã©ã€ãªãªãã£ã¯ IEEE 802.1Q VLANã¿ã°ä»ãã¬ãŒã ã«å¯Ÿå¿ããŠããŸãããåä¿¡ãã¬ãŒã ã IEEE 802.1Q VLAN ã¿ã°ä»ãã¬ãŒã ã®å ŽåãIEEE 802.1Q VLAN User Priorityãããã䜿çšãããŸãã
⢠åºåããŒããé¢é£ VLANã®ã¿ã°ç¡ãã¡ã³ããŒã®å Žåããããã®ãã¬ãŒã ã¯éä¿¡åã«å šãŠã®VLANã¿ã°ãå€ããŸãã
èšå®ã»è¡šç€ºé ç®
InterfaceããŒããŸãã¯ãã©ã³ã¯ã®ãªã¹ãã衚瀺ãCoSæå®ãããã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã¿ã°ç¡ããã¬ãŒã ã«å²ãåœãŠããããã©ã€ãªãªãã£ãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ0ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Traffic] â [Priority]â [Default Priority]ãã¯ãªãã¯ããŸããïŒ2ïŒè¡šç€ºããã€ã³ã¿ãã§ãŒã¹ã®ã¿ã€ããéžæããŸããïŒããŒããŸãã¯ãã©ã³ã¯ïŒïŒ3ïŒåã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ããã©ã€ãªãªãã£ãç·šéããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
138 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
ãã¥ãŒã¢ãŒãã®éžæ
æ¬æ©ã§ã¯ããã¹ãŠã®é«ãã©ã€ãªãªãã£ãã¥ãŒãäœãã©ã€ãªãªãã£ãã¥ãŒã«åªå ããã strictã«ãŒã«ãåã¯åãã¥ãŒã®éã¿ä»ããè¡ãWeighted Round-Robin (WRR)ãçšããŠãã¥ãŒã€ã³ã°ãè¡ããŸããWRRã§ã¯ããããããèšå®ããéã¿ã«å¿ããŠåãã¥ãŒã®è»¢éæéã®å²åã決å®ããŸããããã«ãããStrictã«ãŒã«ã«ãã£ãŠçãã HOL Blockingãé²ãããšãã§ããŸãã
æ©èœè§£èª¬
⢠Strictãã©ã€ãªãªãã£ã¯ã¯ããé«ããã©ã€ãªãªãã£ãã¥ãŒã®ãã¹ãŠã®ãã©ãã£ãã¯ããããäœããã¥ãŒããµãŒãã¹ãããåã«åŠçãããããšãå¿ èŠãšããŸãã
⢠æ¬æ©ã§äœ¿çšãããŠããWRRã¢ã«ãŽãªãºã 㯠Shaped Deficit Weighted Round Robin (SDWRR)ãšããŠç¥ãããŠããŸãã
⢠åºæ¬WRRã¢ã«ãŽãªãºã ã¯ããããã®ãã¥ãŒã«ã次ã®ãã¥ãŒã«æ ãåã«ã¹ã€ãããåã ã®ãã¥ãŒãåŠçããããµãŒãã¹æéã®ããŒã»ã³ããŒãžã決å®ããçžå¯Ÿè·éã䜿ããŸãããã㯠strict priorityãã¥ãŒã€ã³ã°ã§çºçãã head-ofline blocking ãé²ããŸãã
⢠Strictããã³ WRRã¢ãŒããéžæãããŠããæãStrictãµãŒãã¹ã®çµåããé«ããã©ã€ãªãªãã£ãã¥ãŒã«äœ¿ãããæ®ãã®ãã¥ãŒã®ãµãŒãã¹ãå éããŸãã
⢠æå®ããããã¥ãŒã¢ãŒãã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
èšå®ã»è¡šç€ºé ç®
Queue Mode
ïŒ Strictã€ã³ã°ã¬ã¹ãã¥ãŒãé 次åŠçããŸãããã¹ãŠã®é«ãã©ã€ãªãªãã£ãã¥ãŒã®ãã©ãã£ãã¯ãäœãã©ã€ãªãªãã£ãã¥ãŒã®ãã©ãã£ãã¯ããåªå çã«åŠçãããŸãã
ïŒWRRïŒSDWRRïŒãšã°ã¬ã¹ããŒãã®åž¯åãã¹ã±ãžã¥ãŒãªã³ã°ãŠã§ã€ãã䜿çšããŠå ±æããRound-Robinæ¹åŒã§ããããã®ãã¥ãŒãåŠçããŸãã
ïŒ Strict and WRRé«ãã©ã€ãªãªãã£ãã¥ãŒã«ã¯ Strictãã©ã€ãªãªãã£ã䜿çšãããã®ä»ã«ã¯ SDWWã䜿çšããŸããïŒåæèšå®ïŒ
Queue ID
ãã©ã€ãªãªãã£ãã¥ãŒã® IDïŒç¯å²ïŒ0-7ïŒ
Strict Mode
âStrict and WRRâ ã¢ãŒããéžæãããŠããå ŽåãStrictãµãŒãã¹ã®çµåããé«ããã©ã€ãªãªãã£ãã¥ãŒã«äœ¿çšãããæ®ãã®ãã¥ãŒã®ãµãŒãã¹ãå éããŸããã"strict weighted queuing"ã¢ãŒãã䜿çšãããŠããæããã®ãã©ã¡ãŒã¿ã¯ Strictãã©ã€ãªãªãã£ã䜿çšããããå²ãåœãŠããããã¥ãŒãæå®ããããã«äœ¿çšããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Weight
SDWRRã¹ã±ãžã¥ãŒã©ã§äœ¿çšããããããããã®ãã¥ïŒã«ãŠã§ã€ããèšå®ïŒç¯å²ïŒ1-255ãåæèšå®ïŒWeights 1, 2, 4, 6 ããã¥ãŒ 0-3ãžããããå²ãåœãŠãããŸãã
139FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
ãã¥ãŒã¢ãŒãã®èšå®ïŒStrictïŒ
ïŒ1ïŒ[Traffic] â [Priority]â [Queue]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãã¥ãŒã¢ãŒããèšå®ããŸããïŒ3ïŒèšå®ã®ç·šéãè¡ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã¥ãŒã¢ãŒãã®èšå®ïŒWRRïŒ
ãã¥ãŒã¢ãŒãã®èšå®ïŒStrict and WRRïŒ
140 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
Egressãã¥ãŒãžã® CoSå€ã®ãããã³ã°
æ¬æ©ã¯åããŒãã® 8ã€ã®ãã©ã€ãªãªãã£ãã¥ãŒã䜿çšããããšã«ãã CoSãã©ã€ãªãªãã£ã¿ã°ä»éä¿¡ã®åŠçããéã¿ä»ãã©ãŠã³ãããã³ (Weighted Round Robin/WRR)ã«åºã¥ãããµãŒãã¹ã¹ã±ãžã¥ãŒã«ã«ããè¡ããŸãã
æ倧 8ã€ã«åããããéä¿¡ãã©ã€ãªãªãã£ã¯ IEEE802.1pã§å®ããããŸããããã©ã«ããã©ã€ãªãªãã£ã¬ãã«ã¯æ¬¡ã®è¡šã«èšèŒãããŠãã IEEE802.1pã®å§åã«åºã¥ããŠå²ãåœãŠãããŠããŸãã
æ§ã ãªãããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ã® IEEE 802.1pæšæºã§æšå¥šããããã©ã€ãªãªãã£ã¬ãã«ã以äžã®è¡šã«èšèŒãããŠããŸããããããã¢ããªã±ãŒã·ã§ã³ã®éä¿¡ã«å¯ŸããŠãèªç±ã«ã¢ãŠãããããã¥ãŒã®ãã©ã€ãªãªãã£ã¬ãã«ãèšå®ããããšãå¯èœã§ãã
æ©èœè§£èª¬
⢠åºåãã±ããã¯ããã®ã³ãã³ãã«ãã£ãŠå®çŸ©ããããããã³ã°ã«åŸã£ãŠãããŒããŠã§ã¢ãã¥ãŒã®äžãžçœ®ãããŸãã
⢠åæèšå®ã®å éš PHB ããåºåãã¥ãŒãžã®ãããã³ã°ã¯ä»¥äžã§ãã
⢠æå®ããããããã³ã°ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ãžé©çšãããŸãã
èšå®ã»è¡šç€ºé ç®
PHB
Per-hop behaviorãŸãã¯ãã®ã«ãŒã¿ãããã§äœ¿çšããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ã7ã¯æé«ãã©ã€ãªãªãã£ïŒ
Queue
åºåãã¥ãŒãããã¡ïŒç¯å²ïŒ0-3ã3ã¯æé« CoSãã©ã€ãªãªãã£ãã¥ãŒïŒ
ãã©ã€ãªãªã㣠0 1 2 3 4 5 6 7
ãã¥ãŒ 1 0 0 1 2 2 3 3
ãã©ã€ãªãªãã£ã¬ãã« ãã©ãã£ãã¯ã¿ã€ã
1 Background
2 (Spare)
0ïŒåæèšå®ïŒ Best Effort
3 Excellent Effort
4 Controlled Load
5 Video, less than 100 milliseconds latency and jitter
6 Voice, less than 10 milliseconds latency and jitter
7 Network Control
Per-hop Behavior 0 1 2 3 4 5 6 7
Hardware Queues 1 0 0 1 2 2 3 3
141FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
å éš PHBãããŒããŠã§ã¢ãã¥ãŒãžããã
ïŒ1ïŒ[Traffic] â [Priority]â [PHB]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒ"PHB"ãš "Queue"ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
å éš PHBã®ããŒããŠã§ã¢ãã¥ãŒãžã®ãããã衚瀺
ïŒ1ïŒ[Traffic] â [Priority]â [PHB to Queue]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããShowããéžæããŸããïŒ3ïŒ ã€ã³ã¿ãã§ãŒã¹ãéžæããŸãã
142 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
3.9.2 ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®èšå®
CoSå€ãžã®ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®ãããã³ã°
æ¬æ©ã¯ã¢ããªã±ãŒã·ã§ã³ã®èŠæ±ãæºãããããã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ããµããŒãããŠããŸããéä¿¡ãã©ã€ãªãªãã£ã¯ Type of Service (ToS)ãªã¯ãããã®ãã©ã€ãªãªãã£ããããTCPããŒãçªå·ã䜿çšããã¬ãŒã ã® IPãããã§æå®ããŸãããã©ã€ãªãªãã£ãããã䜿çšããå ŽåãToS ãªã¯ããã㯠Differentiated Services Code Point(DSCP)ãµãŒãã¹ã® 6ãããã䜿çšããŸãããããã®ãµãŒãã¹ãæå¹ãªæããã©ã€ãªãªãã£ã¯ CoSå€ãžãããã³ã°ããã該åœããåºåãã¥ãŒãžéãããŸãã
[泚æ ]ãå ¥åãã©ãã£ãã¯ããå éšDSCPå€ãžã®ãããã³ã°ãã©ã€ãªãªãã£å€ã§äœ¿çšãããããã©ã«ãèšå®ã¯ãåºåãã©ãã£ãã¯ã§äœ¿ãããããŒããŠã§ã¢ãã¥ãŒã決å®ããããã«äœ¿çšããããã©ã€ãªãªãã£å€ã¯çœ®ãæããŸããããããã®åæèšå®ã¯å€§å€æ°ã®ãããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ã®ããã®ãã©ã€ãªãªãã£ãµãŒãã¹ãæé©åããããšãæå³ããŠããŸããç¹å®ã®ã¢ããªã±ãŒã·ã§ã³ã§ãã¥ãŒã®åé¡ãçºçããªãéããããã©ã«ãèšå®ãä¿®æ£ããå¿ èŠã¯ãããŸããã
åªå åŠçã DSCPãŸã㯠CoSãžèšå®
æ¬æ©ã¯ DSCPãŸã㯠CoSãã©ã€ãªãªãã£åŠçã¡ãœããã®ãããããéžæããŠäœ¿çšããããšãå¯èœã§ããPriority > Trust ModeããŒãžã§å¿ èŠãªããã»ãã·ã³ã°ã¡ãœãããéžæããŸãã
æ©èœè§£èª¬
⢠QoSãããã³ã°ã¢ãŒãã DSCPã«èšå®ãããŠãããå ¥åãã±ããã¿ã€ãã IPv4ã®å Žåããã©ã€ãªãªãã£åŠçã¯å ¥åãã±ããã® DSCPå€ãåºã«ããŸãã
⢠QoSãããã³ã°ã¢ãŒãã DSCPã«èšå®ãããŠãããIP以å€ã®ãã±ãããåä¿¡ãããå Žåãã¿ã°ä»ãã®å Žåããã±ããã® CoSãš CFIïŒCanonical Format IndicatorïŒå€ã¯ãã©ã€ãªãªãã£ããã»ãã·ã³ã°ã«äœ¿çšãããŸããã¿ã°ç¡ããã±ããã®å Žåããã©ã€ãªãªãã£åŠçã«ã¯ããã©ã«ãããŒããã©ã€ãªãªãã£ã䜿çšãããŸãã
⢠QoSãããã³ã°ã¢ãŒãã CoSã«èšå®ãããŠãããå ¥åãã±ããã¿ã€ãã IPv4ã®å Žåããã©ã€ãªãªãã£åŠçã¯å ¥åãã±ããã® CoSãš CFIå€ãåºã«ããŸããã¿ã°ç¡ããã±ããã®å Žåããã©ã€ãªãªãã£åŠçã«ã¯ããã©ã«ãããŒããã©ã€ãªãªãã£ã䜿çšãããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ãæå®ã
Trust Mode
ïŒ DSCPïŒ Differentiated Services Code PointïŒDSCPïŒå€ã䜿çšããŠã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ããããããŸãã
ïŒ CoSïŒ Class of Serviceå€ã䜿çšããŠã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ããããããŸããïŒåæèšå®ïŒ
143FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Traffic] â [Priority]â [Trust Mode]ãã¯ãªãã¯ããŸããïŒ2ïŒè¡šç€ºããã€ã³ã¿ãã§ãŒã¹ã¿ã€ããéžæããŸããïŒããŒããŸãã¯ãã©ã³ã¯ïŒïŒ3ïŒ ãTrust Modeããèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
144 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
ã€ã³ã°ã¬ã¹ DSCPå€ãå éš DSCPå€ãžãããã³ã°
Traffic > Priority > DSCP to DSCPããŒãžã䜿çšããŠãå ¥åãã±ããã® DSCPå€ãå éšãã©ã€ãªãªãã£åŠçã® per-hop behaviorãš drop precedenceå€ã«ãããããŸãã
DSCP㯠6ãããã§æ倧 64åã®ç°ãªã£ã転éåäœãå¯èœã§ããDSCP㯠ToSããããšçœ®ãæããããšãã§ãå è¡ 3ãããã䜿çšããŠäžäœäºææ§ãç¶æããã®ã§ãDSCPé察å¿ã§ ToS察å¿ã®ããã€ã¹ã¯ DSCPãããã³ã°ã䜿çšããããšãã§ããŸããDSCPã§ã¯ããããã¯ãŒã¯ããªã·ãŒã«åºã¥ããç°ãªãçš®é¡ã®ãã©ãã£ãã¯ãç°ãªãçš®é¡ã®è»¢éãšããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ãã©ã€ãªãªãã£ãããã³ã°ã¢ãŒãã DSCPã«ã»ãããããŠãããå ¥åãã±ããã®ã¿ã€ãã IPv4ã®æã®ã¿äœ¿çšåºæ¥ãŸãã
⢠ãããã¡ã 0x60ãã±ããã§äžæ¯ã«ãªã£ãæãRandom Early Detectionãé»ãšèµ€ã®ãã±ããã®ãããããéå§ãããããã¡ã 0x80ãã±ããäžæ¯ã«ãªã£ãæã«ã¯è²ã«é¢ä¿ãªãå šãŠã®ãã±ãããããããããŸãã
⢠æå®ããããããã³ã°ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
èšå®ã»è¡šç€ºé ç®
DSCP
ã€ã³ã°ã¬ã¹ãã±ããã® DSCPå€ïŒç¯å²ïŒ0-63ïŒ
PHB
Per-hop behaviorãŸãã¯ãã®ã«ãŒã¿ãããã§äœ¿çšããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ïŒ
Drop Precedence
ãã©ãã£ãã¯èŒ»èŒ³ã³ã³ãããŒã«ã® Random Early Detectionã«äœ¿çšãããŸããïŒç¯å²ïŒ0-ç·ã3-é»ã1-èµ€ïŒ
*å ¥å DSCP㯠ingress-dscp10ïŒå·ŠåŽã®æãéèŠãªåïŒãš ingress-dscp1ïŒäžçªäžã®åãingress-dscp = ingress-dscp10 * 10 + ingress-dscp1ïŒã§æ§æãããŠãããããŒãã«ã®éãªãã»ã«ã«å¯Ÿå¿ããå éš DSCPãèŠããŸããå ¥å DSCPã¯ãããã Precedenceã決å®ããããã«ã2é²æ³ã® 11㧠ANDedãåããããããã¯ã€ãºã§ãã
DSCPå€ããå éš PHB/ãããã Precedenceãžã®ããã©ã«ããããã³ã°
ingress-desp1
0 1 2 3 4 5 6 7 8 9ingress-desp10
0 0,0 0,1 0,0 0,3 0,0 0,1 0,0 0,3 1,0 1,1
1 1,0 1,3 1,0 1,1 1,0 1,3 2,0 2,1 2,0 2,3
2 2,0 2,1 2,0 2,3 3,0 3,1 3,0 3,3 3,0 3,1
3 3,0 3,3 4,0 4,1 4,0 4,3 4,0 4,1 4,0 4,3
4 5,0 5,1 5,0 5,3 5,0 5,1 6,0 5,3 6,0 6,1
5 6,0 6,3 6,0 6,1 6,0 6,3 7,0 7,1 7,0 7,3
6 7,0 7,1 7,0 7,3
145FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
DSCPå€ãå éš PHB/drop precedenceãžããã
ïŒ1ïŒ[Traffic] â [Priority]â [DSCP to DSCP]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒ DSCPå€ã® PHBãš drop precedenceãèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
DSCPå€ã®å éš PHB/drop precedenceãžã®ãããã衚瀺
ïŒ1ïŒ[Traffic] â [Priority]â [DSCP to DSCP]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
146 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
CoSãã©ã€ãªãªãã£ãå éš DSCPå€ãžãããã³ã°
Traffic > Priority > CoS to DSCPããŒãžã䜿çšããå ¥åãã±ããã® Cos/CFIå€ãããã©ã€ãªãªãã£åŠçã® per-hop behaviorãš drop precedenceå€ãžãããããŸãã
æ©èœè§£èª¬
⢠CoSãã PHBå€ãžã®ããã©ã«ããããã³ã°ã¯è¡š CoS/CFIããå éš PHB/ãããã Precedenceãžã®ããã©ã«ããããã³ã°ãåç §ããŠãã ããã
⢠ãã 802.1Qããããæã€ãã±ãããå°çããããã IPãã±ããã§ãªãå Žåããã©ã€ãªãªãã£ãçæããå éšåŠçã® precedenceå€ãããããããããã«ãCoS/CFI-to-PHB/Drop Precedenceãããã³ã°ããŒãã«ã䜿çšãããŸãããªãªãžãã«ãã±ããã®ãã©ã€ãªãªãã£ã¿ã°ã¯ãã®ã³ãã³ãã§ã¯ä¿®æ£ãããŸããã
⢠å éš DSCPã¯ããã±ãããéããããã¥ãŒã決å®ãã per-hop behavior (PHB)ã® 3ããããšããã©ãã£ãã¯èŒ»èŒ³ã³ã³ãããŒã«ãè¡ã Random Early Detection (RED)ã«äœ¿çšããã drop precedenceã® 2ãããã§æ§æãããŠããŸãã
⢠ãããã¡ããã¡ãŒã¹ãã€ãŒãµãããããŒãã§æé« 16ãã±ããããŸãã¯ã®ã¬ãããã€ãŒãµãããã§æé« 72ãã±ãããæºãããæãREDã¯é»ãšèµ€ã®ãã±ããã®ãããããéå§ããŸãããŸãããããã¡ããã¡ãŒã¹ãã€ãŒãµãããããŒãã§æé« 58ãã±ããããŸãã¯ã®ã¬ãããã€ãŒãµãããã§æé« 80ãã±ãããæºãããæãè²ã«é¢ä¿ç¡ãå šãŠã®ãã±ããã®ãããããéå§ããŸãã
⢠æå®ããããããã³ã°ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
èšå®ã»è¡šç€ºé ç®
CoS
å ¥åãã±ããã® CoSå€ïŒç¯å²ïŒ0-7ïŒ
CFI
Canonical Format IndicatorïŒåºæºçãªãã©ãŒãããææšïŒãã®ãã©ã¡ãŒã¿ã "0"ã«ã»ãããããšããã¬ãŒã ã§è¡šããã MACã¢ãã¬ã¹æ å ±ãåºæºçãªãã©ãŒãããã§ããããšã瀺ããŸããïŒç¯å²ïŒ0-1ïŒ
PHB
Per-hop behaviorãŸãã¯ãã®ã«ãŒã¿ãããã§äœ¿çšããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ïŒ
Drop Precedence
ãã©ãã£ãã¯èŒ»èŒ³ã³ã³ãããŒã«ã® Random Early Detectionã«äœ¿çšãããŸããïŒç¯å²ïŒ0-ç·ã3-é»ã1-èµ€ïŒ
å ¥å DSCP㯠ingress-dscp10ïŒå·ŠåŽã®æãéèŠãªåïŒãš ingress-dscp1ïŒäžçªäžã®åãingress-dscp = ingress-dscp10 * 10 + ingress-dscp1ïŒã§æ§æãããŠãããããŒãã«ã®éãªãã»ã«ã«å¯Ÿå¿ããå éš DSCPãèŠããŸããå ¥å DSCPã¯ãããã Precedenceã決å®ããããã«ã2é²æ³ã® 11㧠ANDedãåããããããã¯ã€ãºã§ãã
CoS/CFIããå éš PHB/ãããã Precedenceãžã®ããã©ã«ããããã³ã°
CFI0 1
CoS
0 ïŒ0,0ïŒ ïŒ0,0ïŒ
1 ïŒ1,0ïŒ ïŒ1,0ïŒ
2 ïŒ2,0ïŒ ïŒ2,0ïŒ
3 ïŒ3,0ïŒ ïŒ3,0ïŒ
4 ïŒ4,0ïŒ ïŒ4,0ïŒ
5 ïŒ5,0ïŒ ïŒ5,0ïŒ
6 ïŒ6,0ïŒ ïŒ6,0ïŒ
7 ïŒ7,0ïŒ ïŒ7,0ïŒ
147FXC3110
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
CoS/CFIå€ãå éš PHB/drop precedenceãžããã
ïŒ1ïŒ[Traffic] â [Priority]â [CoS to DSCP]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒPHBãš drop precedenceãèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
CoS/CFIå€ã®å éš PHB/drop precedenceãžã®ãããã衚瀺
ïŒ1ïŒ[Traffic] â [Priority]â [CoS to DSCP]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããShowããéžæããŸããïŒ3ïŒã€ã³ã¿ãã§ãŒã¹ãéžæããŸãã
148 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
3.10 Quality of Service
3.10.1 Quality of Serviceã®èšå®
ããã§èšèŒãããŠããã³ãã³ã㯠QoS(Quality of Service)æ©èœã®åºæºãšãµãŒãã¹ããªã·ãŒãæ§æããããã«äœ¿çšãããŸããDiffServ(Differentiated Services)æ©èœã¯ããããã¯ãŒã¯äžãæµãããã¬ãŒã ã® 1ã€ã®åäœãç¹å®ã®ãã©ãã£ãã¯ã®èŠä»¶ã«åèŽãããããããããã¯ãŒã¯ãªãœãŒã¹ãåªå ãã管çæ©èœãæäŸããŸããããããã®ãã±ããã¯ã¢ã¯ã»ã¹ãªã¹ããIP PrecedenceãDSCPãVLANãªã¹ããããŒã¹ã«ãããããã¯ãŒã¯ã®äžã®ãšã³ããªã«ãã£ãŠåé¡ãããŸããã¢ã¯ã»ã¹ãªã¹ãã䜿çšããããšã«ãããããããã®ãã±ãããå«ãã§ããã¬ã€ã€ 2ïœ 4ã®æ å ±ãå ã«ãã©ãã£ãã¯ã®éžå¥ãèš±å¯ããŸããèšå®ããããããã¯ãŒã¯ããªã·ãŒãããŒã¹ã«ããŠãç°ãªãçš®é¡ã®ãã©ãã£ãã¯ã«å¯Ÿããç°ãªãçš®é¡ã®è»¢éã®ããã«ããŒã¯ãä»ããããšãã§ããŸãã
ã€ã³ã¿ãŒãããã«ã¢ã¯ã»ã¹ãããã¹ãŠã®ã¹ã€ãããšã«ãŒã¿ãŒã¯ãåãã¯ã©ã¹ã®ãã±ããã«ã¯åãæ¹åãžã®è»¢éãè¡ãããã«ã¯ã©ã¹æ å ±ã䜿çšããŸããã¯ã©ã¹æ å ±ã¯ãçµè·¯ã®çµç«¯ã®ãã¹ããã¹ã€ãããã«ãŒã¿ãŒã®ããããããå²ãåœãŠãããŸãããããŠãåªå 床ã¯äžè¬çãªããªã·ãŒããããã¯ãã±ãã詳现調æ»ã«ãã£ãŠå²ãåœãŠãããŸãããããããã±ããã®è©³çŽ°èª¿æ»ã¯ã³ã¢ã¹ã€ãããšã«ãŒã¿ãŒã«è² è·ããããéããªãããã«ããããããããã¯ãŒã¯ã®ãšããžåŽã«è¿ããšããã§è¡ãããå¿ èŠããããŸãã
çµè·¯ã«å±ããã¹ã€ãããšã«ãŒã¿ãŒã¯ãç°ãªãã¯ã©ã¹ã«ãªãœãŒã¹ã®å²ãåœãŠã®åªå é äœãã€ãããããã¯ã©ã¹æ å ±ã䜿çšããããšãã§ããŸããåã ã®ããã€ã¹ã DiffServæ©èœã«åºã¥ããŠãã©ãã£ãã¯ãæ±ãæ¹æ³ã¯ãPer-Hop BehaviorãšåŒã°ããŸããçµè·¯ã«å±ãããã¹ãŠã®ããã€ã¹ã¯ããšã³ãã»ãã¥ã»ãšã³ãã® QoSãœãªã¥ãŒã·ã§ã³ãæ§æããããã«ççŸã®ãªãæ¹æ³ã§èšå®ãããŸãã
[ 泚æ ]ãã¯ã©ã¹ãããããšã«æ倧 16 åã®ã«ãŒã«ãèšå®ããããšãã§ããŸããããªã·ãŒãããã«ã¯è€æ°ã®ã¯ã©ã¹ãèšå®ããããšãã§ããŸãã
[ 泚æ ]ãããªã·ãŒããããäœæããåã«ã¯ã©ã¹ããããäœæããŠãã ãããäœæããªãå Žåãããªã·ãŒã«ãŒã«ã®èšå®ç»é¢ããã¯ã©ã¹ããããéžæããããšã¯ã§ããŸããã
æ©èœè§£èª¬
ç¹å®ã®ã«ããŽãªãå ¥åãã©ãã£ãã¯ã®ããã®ãµãŒãã¹ããªã·ãŒãäœæããã«ã¯ãäžã®ã¹ããããå®æœããŠãã ããã
ïŒ1ïŒConfigure Class (Add)ããŒãžã䜿çšããŠããã©ãã£ãã¯ã®ç¹å®ã®ã«ããŽãªã«ã¯ã©ã¹ã®ååãèšå®ããŸãã
ïŒ2ïŒConfigure Class (Add Rule)ããŒãžã䜿çšããã¢ã¯ã»ã¹ãªã¹ããDSCPãIP Precedenceã®å€ãVLANã«åºã¥ããŠãã©ãã£ãã¯ã®çš®é¡ãæå®ããããã«ãããããã®ã¯ã©ã¹ã®ã«ãŒã«ãç·šéããŸãã
ïŒ3ïŒConfigure Policy (Add)ããŒãžã䜿çšããŠãå ¥åãã©ãã£ãã¯ãåãæ±ãç¹å®ã®æ¹æ³ã®ããªã·ãŒã®ååãèšå®ããŸãã
ïŒ4ïŒConfigure Policy (Add Rule)ããŒãžã䜿çšããããªã·ãŒãããã« 1ã€ããããã¯ãã以äžã®ã¯ã©ã¹ãè¿œå ããŸãããã©ãã£ãã¯ã«åèŽããã¯ã©ã¹ã« QoSã®å€ãå²ãåœãŠããããsettingç»é¢ã§ããããã®ã¯ã©ã¹ã«ã«ãŒã«ãå²ãåœãŠãŸããããªã·ãŒã«ãŒã«ã¯ãããŒã¬ãŒããšããŒã¹ãã¬ãŒãã®å¹³åã®ç£èŠãç¹å®ã®ã¬ãŒããè¶ ãããã©ãã£ãã¯ã®ç Žæ£ãç¹å®ã®ã¬ãŒããè¶ ãããã©ãã£ãã¯ã® DSCPãµãŒãã¹ã¬ãã«ãæžããããæ§æã§ããŸãã
ïŒ5ïŒConfigure Interfaceã䜿çšããŠãç¹å®ã®ã€ã³ã¿ãŒãã§ãŒã¹ã«ããªã·ãŒããããå²ãåœãŠãŸãã
149FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
ã¯ã©ã¹ãããã®èšå®
ã¯ã©ã¹ããããæå®ãããã¯ã©ã¹ã«ãã±ãããããããããããã«äœ¿çšããŸããTraffic > DiffServ (Configure Class)ããŒãžã䜿çšããã¯ã©ã¹ãããã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠ã¯ã©ã¹ãããã¯ããªã·ãŒãããã§ããã±ããåé¡ããµãŒãã¹ã¿ã®ã³ã°ããã³ãã¯ã€ãºããªãã·ã³ã°ãå®çŸ©ããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®ããã«ããµãŒãã¹ããªã·ãŒãäœæããããã«äœ¿çšãããŸãã
⢠æ倧 32ã®ã¯ã©ã¹ããããèšå®ã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Add
Class Name
ã¯ã©ã¹ãããåïŒç¯å²ïŒ1-16æåïŒ
Type
ã¿ã€ããæå®ããŸãã
Description
ã¯ã©ã¹ãããã®ç°¡åãªèª¬æïŒç¯å²ïŒ1-64æåïŒ
Add Rule
Class Name
ã¯ã©ã¹ãããåã
Type
ã¿ã€ããæå®ããŸãã
ACL List
ACLãªã¹ãåã
IP DSCP
IP DSCPå€ïŒç¯å²ïŒ0-63ïŒ
IP Precedence
IP Precedenceå€ïŒç¯å²ïŒ0-7ïŒ
VLAN ID
VLANïŒç¯å²ïŒ1-4093ïŒ
150 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
èšå®æ¹æ³
ã¯ã©ã¹ããããèšå®
ïŒ1ïŒ[Traffic] â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ClassããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒ"Class name"ãå ¥åããŸãã
ïŒ5ïŒ"Description"ãå ¥åããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
èšå®ããã¯ã©ã¹ãããã衚瀺
ïŒ1ïŒ[Traffic] â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ClassããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
151FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
ã¯ã©ã¹ãããã®ã«ãŒã«ãç·šé
ïŒ1ïŒ[Traffic] â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ClassããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒã¯ã©ã¹ããããéžæããŸããïŒ5ïŒã¢ã¯ã»ã¹ãªã¹ã DSCPãŸã㯠IP Precedenceå€ãVLANã«åºã¥ãããã®ã¯ã©ã¹ã®ãã©
ãã£ãã¯ã¿ã€ããæå®ããŸããå ¥åãã©ãã£ãã¯ãã¯ã©ã¹ãããã«å²ãåœãŠæãæ倧16ã¢ã€ãã ãæå®ã§ããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¯ã©ã¹ãããã®ã«ãŒã«ã衚瀺
ïŒ1ïŒ[Traffic] â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ClassããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow RuleããéžæããŸãã
152 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
QoSããªã·ãŒã®äœæ
Traffic > DiffServ (Configure Policy)ããŒãžã䜿çšããè€æ°ã®ã€ã³ã¿ãã§ãŒã¹ãä»å ã§ããããªã·ãŒããããäœæããŸãã
ããªã·ãŒãããã¯ã1ã€ä»¥äžã®ã¯ã©ã¹ãããã¹ããŒãã¡ã³ãã®åé¡ããµãŒãã¹ã¿ã°ã®ä¿®æ£ããã³ãã¯ã€ãºããªãã·ã³ã°ã«äœ¿çšãããŸããQoSããªã·ãŒã®èšå®ã«ã¯ããã€ãã®æ®µéãå¿ èŠã§ãã
æåã«ãã¢ã¯ã»ã¹ãªã¹ããDSCPãŸã㯠IP Precedenceå€ãŸãã¯æå®ãã VLANã®ã¡ã³ããŒã«åŸã£ãŠãã€ã³ããŠã³ããã±ãããšäžèŽããæ¹æ³ã瀺ã class mapã®èšå®ãè¡ããŸãã
次ã«ã€ã³ããŠã³ããã©ãã£ãã¯ã®ã¢ãã¿ãªã³ã°ã«äœ¿çšãããå¢çãã©ã¡ãŒã¿ã瀺ããããªã·ãŒããããèšå®ããé å¿ãšäžé©åãªãã©ãã£ãã¯ã«ããããŠåãè¡åãèšå®ããŸãã
ããªã·ãŒãããã¯ãããããäœæããã¯ã©ã¹ãããã®å®çŸ©ãåºã«ãã1ã€ãŸãã¯ãã以äžã®ã¯ã©ã¹ãå«ã¿ãŸãã
class of serviceãŸã㯠per-hop behaviorïŒå éšãã¥ãŒåŠçã«äœ¿çšããããã©ã€ãªãªãã£ïŒã¯ããããããã±ããã«å²ãåœãŠãããŸããå ããŠãã€ã³ããŠã³ããã©ãã£ãã¯ã®ãããŒã¬ã¬ãŒãã¯ç£èŠãããããšãå¯èœã§ã以äžã«è§£èª¬ãã 3ã€ã®ç°ãªãããªãã·ã³ã°ã¡ãœããã®å 1ã€ãåºã«ããé å¿ãšäžé©åãªãã©ãã£ãã¯ãžè¿çããŸãã
Police Flow Meter ïŒç¢ºçŽããæ å ±ã¬ãŒããæ確ã«ããïŒæ倧ã¹ã«ãŒãããïŒããŒã¹ããµã€ãºã確çŽããïŒburst rateïŒé å¿ãšäžé©åãã©ãã£ãã¯ã«ããããŠåãã¹ãè¡åãå®çŸ©ããŸãã
srTCM Police Meter ïŒ RFC2697ã§å®çŸ©ããããåé床äžè²ãã±ããããŒã« (srTCM) æ¹åŒã«åºã¥ããåé¡ããããã©ãã£ãã¯ããããã©ãã£ãã¯ã®æœå·¥ãå®çŸ©ããŸããsrTCM ã¯ãã©ãã£ãã¯ãã¢ãã¿ããcommitted information rateïŒCIRãŸãã¯æ倧ã¹ã«ãŒãããïŒãcommitted burst sizeïŒBCãŸãã¯ããŒã¹ãã¬ãŒãïŒãexcess burst sizeïŒBEïŒã«åŸããã±ãããåŠçããŸãã
⢠PHBã©ãã«ã¯ per-hop behaviorã® 3ããããšã³ã³ãããŒã«ãã¥ãŒèŒ»èŒ³ã§äœ¿çšãããã«ã©ãŒã¹ããŒãã® 2ãããã® 5ãããã§æ§æãããŸããéä¿¡ãDSCPãµãŒãã¹å€ã®ãªããŒã¯ããŸãã¯ãã±ããã®ç Žæ£ãè¡ããã®ã³ãã³ãã«å®çŸ©ãããã¢ã¯ã·ã§ã³ã«å ããã¹ã€ãã㯠Random Early Detectionãã±ããã®ãããã Precedenceã®ã»ããã«ä»æ§ããã 2ã€ã®ã«ã©ãŒããããããŒã¯ããŸããã³ããããããæ å ±ã¬ãŒããšããŒã¹ããµã€ãºãè¶ ããªãå Žåããã±ããã¯ç·ã«ããŒã¯ãããŸããã³ããããããæ å ±ã¬ãŒããšããŒã¹ããµã€ãºãè¶ããå Žåããã±ããã¯é»ã«ããŒã¯ããããã®ä»ã¯èµ€ã«ããŒã¯ãããŸãã
⢠ã¡ãŒã¿ã¯ 2ã€ã®å 1ã€ã®ã¢ãŒãã§åäœããŸããã«ã©ãŒãã€ã³ãã¢ãŒãã§ã¯ããã±ããã«ããŒãã³ã° (è²ä»ã )ããããŠããªããšã¿ãªããŸããã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã§ã¯ããããããäœããã®å段ã®ååšããã±ããã«ããŒãã³ã°ïŒè²ä»ãïŒãããŠãããšã¿ãªããŸããïŒãã±ããã¯æ¢ã«ç·ã»é»è²ã»èµ€ã®ããããã§ããïŒIPãã±ããã®ããŒã«ãŒïŒåïŒè²ä»ãã¯ã¡ãŒã¿ã®çµæã«åŸããŸããã«ã©ãŒã¯ãã±ããã®DSãã£ãŒã«ãïŒRFC2474ïŒã§ã³ãŒãåãããŸãã
⢠ã¡ãŒã¿ã®ãµããŸãã¯ãåäœã¢ãŒããšãå ±éã®ã¬ãŒã CIR ãå ±æãã C ãš E ã®ãµãã€ã®ããŒã¯ã³ãã±ãã§èŠå®ãããŸããC ã®æ倧å€ã¯ BSãE ã®æ倧å€ã¯ BEã§ããC ãš E ã¯æå» 0 ã§ã¯ãæºæ¯ã§ãïŒTc(0)=BCãTe(0)=BEïŒããã®åŸã¯ä»¥äžã®ããã«æ¯ç§ CIR åãã€æŽæ°ãããŸãã
ã»Tc ã BCããå°ãããã°ã²ãšã€ã ãå¢å ãããã
ã»Te ã BE ããå°ãããã°ã²ãšã€ã ãå¢å ãããã
ã»Tc ã Te ãå¢ããããªãã
153FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
⢠æå» t ã« B ãã€ãã®ãã±ãããå°çãããããã±ããã«ã©ãŒãã€ã³ãã¢ãŒãã®å Žåã¯ä»¥äžã®ããã«åäœããŸãïŒ
ã»Tc(t)-B ã 0以äžãªããã±ããã¯ç·è²ã«ãããTc ã B ã ãæžå°ããïŒTc ã®æäœå€ã¯ 0ïŒ
ã»Te(t)-B ã 0 以äžãªããã±ããã¯é»è²ã«ãããTe ã B ã ãæžå°ããïŒTe ã®æäœå€ã¯ 0ïŒ
ã»ãã±ããã¯èµ€è²ã«ãããTc ã Te ãæžå°ããªã
⢠æå» t ã« B ãã€ãã®ãã±ãããå°çããããã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã®å Žåã¯ä»¥äžã®ããã«åäœããŸãïŒ
ã»ãã±ãããäºãç·è²ã§ãããã〠Tc(t)-B ã 0 以äžãªããã±ããã¯ç·è²ã«ãã Tcã Bã ãæžããããïŒTc ã®æäœå€ã¯ 0ïŒ
ã»ãã±ãããäºãç·è²ãŸãã¯é»è²ã§ãããTe(t)-B ã 0 以äžãªããã±ããã¯é»è²ã«ãããTe ã B ã ãæžããããïŒTe ã®æäœå€ã¯ 0ïŒ
ã»ãã±ããã¯èµ€è²ã«ãããTc ã Te ãæžããããªãã
trTCM Police Meter ïŒ RFC2698ã§å®çŸ©ããããäºé床äžè²ãã±ããããŒã« (srTCM) æ¹åŒã«åºã¥ããåé¡ããããã©ãã£ãã¯ã®æœå·¥ãå®çŸ©ããŸããtrTCM ã¯ãã©ãã£ãã¯ã枬å®ããCIRãŸãã¯æ倧ã¹ã«ãŒããããRIPãé¢é£ããããŒã¹ããµã€ãºã«åºã¥ããŠãã±ãããç·ã»é»è²ã»èµ€ã«è²ä»ãããŸãã
⢠PHBã©ãã«ã¯ per-hop behaviorã® 3ããããšã³ã³ãããŒã«ãã¥ãŒèŒ»èŒ³ã§äœ¿çšãããã«ã©ãŒã¹ããŒãã® 2ãããã® 5ãããã§æ§æãããŸããéä¿¡ãDSCPãµãŒãã¹å€ã®ãªããŒã¯ããŸãã¯ãã±ããã®ç Žæ£ãè¡ããã®ã³ãã³ãã«å®çŸ©ãããã¢ã¯ã·ã§ã³ã«å ããã¹ã€ããã¯ãŸããRandom Early Detectionãã±ããã®ãããã Precedenceã®ã»ããã«ä»æ§ããã 2ã€ã®ã«ã©ãŒããããããŒã¯ããŸããPIR ãè¶ããŠããã°èµ€ã§ãããããã§ãªããã° CIR ãè¶ ããŠãããããªããã«ãã£ãŠç·ãé»è²ã«ãªããŸãã
⢠ã¡ãŒã¿ã¯æ¬¡ã®äºã€ã®ã¢ãŒãã®ãã¡ã©ã¡ããã§åäœããŸããã«ã©ãŒãã€ã³ãã¢ãŒãã§ã¯ãã±ããã«ããŒãã³ã° (è²ä»ã )ããããŠããªããšã¿ãªããã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã§ã¯ãããããäœããã®å段ã®ååšããã±ããã«ããŒãã³ã°ïŒè²ä»ãïŒãããŠãããšã¿ãªããŸããïŒãã±ããã¯æ¢ã«ç·ã»é»è²ã»èµ€ã®ããããïŒã
⢠ã¡ãŒã¿ã®ãµããŸãã¯ãã¢ãŒãã®åºæºãšãRIPãš CIRãåºã«ãã Pãš Cã®ãµãã€ã®ããŒã¯ã³ãã±ãã§æå®ãããŸããPã®æ倧å€ã¯ BPãCã®æ倧å€ã¯ BCã§ããPãš Cã¯æå» 0 ã§ã¯ãæºæ¯ã§ãïŒTp(0)=BPãTc(0)=BCïŒããã®åŸ Tp㯠BPãŸã§æ¯ç§ 1RIPã¥ã€ BPãŸã§å¢å ããããŒã¯ã³ã«ãŠã³ã Tcã¯æ¯ç§1CIRã¥ã€ BcãŸã§å¢å ããŸããæå» t ã« B ãã€ãã®ãã±ãããå°çãããããã±ããã«ã©ãŒãã€ã³ãã¢ãŒãã®å Žåã¯ä»¥äžã®ããã«åäœããŸãïŒ
ã»Tp(t)-Bã 0ããå°ãããã°ãã±ããã¯èµ€ã«è²ä»ããããŸãã
ã»Tc(t)-Bã 0ããå°ãããã°ãã±ããã¯é»ã«è²ä»ããããBã«ãã£ãŠæžå°ããŸãã
ã»Tpãš Tcã®äž¡æ¹ã Bã«ãã£ãŠæžå°ããå Žåããã±ããã¯ç·ã«è²ä»ããããŸãã
⢠æå» t ã« B ãã€ãã®ãã±ãããå°çãããããã±ããã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã®å Žåã¯ä»¥äžã®ããã«åäœããŸãïŒ
ã»Tp(t)-B ã 0以äžãªããã±ããã¯èµ€ã«è²ä»ããããŸãã
ã»Tc(t)-B ã 0 以äžãªããã±ããã¯é»ã«è²ä»ããããŸãã
ã»Tpãš Tcã®äž¡æ¹ã Bã«ãã£ãŠæžå°ããå Žåããã±ããã¯ç·ã«è²ä»ããããŸãã
154 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
Random Early Detection ïŒãããã¡ã 0à 60ãã±ããäžæ¯ã«ãªã£ãæãREDã¯é»ãšèµ€ã®ãã±ããã®ãããããéå§ãã0x80ãã±ãããäžæ¯ã«ãªã£ãæãè²ã«é¢ãããå šãŠã®ãã±ããããããããå§ããŸãã
æ©èœè§£èª¬
⢠ããªã·ãŒãããã¯åãã€ã³ã¿ãã§ãŒã¹ã«é©çšã§ãã 16ã®ã¯ã©ã¹ã¹ããŒãã¡ã³ããå«ãããšãå¯èœã§ããïŒP160ïŒå ¥åããŒãã«æ倧 32ã®ããªã·ãŒããããèšå®ã§ããŸãã
⢠ããªã·ãŒãããããã±ããåé¡ããµãŒãã¹ã¿ã®ã³ã°ããã³ãã¯ã€ãºããªãã·ã³ã°ã®å®çŸ©ã«äœ¿çšããåŸããµãŒãã¹ããªã·ãŒïŒP160ïŒã«ãã£ãŠæå®ã®ã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Add
Policy Name
ããªã·ãŒåïŒç¯å²ïŒ1-16æåïŒ
Description
ããªã·ãŒãããã®è§£èª¬ïŒç¯å²ïŒ1-256æåïŒ
Add Rule
Policy Name
ããªã·ãŒãããã®ååïŒç¯å²ïŒ1-16æåïŒ
Class Name
ããªã·ãŒãäœçšãããã©ãã£ãã¯åé¡ãå®çŸ©ããã¯ã©ã¹ãããã®åå
Action
ãã®å±æ§ã¯ãããã³ã°ãã±ããçšã®ããŒããŠã§ã¢ã®å éšQoSå€ãèšå®ããããã«äœ¿çšããŸãã
PHBã©ãã«ã¯ 5ãããã§æ§æããã3ããã㯠per-hop behaviorã2ããã㯠srTCMãtrTCMã¡ãŒã¿ãªã³ã°æ©èœãšå ±ã«ãã¥ãŒèŒ»èŒ³ãã³ã³ãããŒã«ããããã«äœ¿çšãããã«ã©ãŒã¹ããŒã ã§ãã
ïŒ Set CoSïŒãããã³ã°ãã±ããïŒã¯ã©ã¹ãããã®ã«ãŒã«èšå®ã§æå®ãããïŒã®å éš CoSå€ãã»ããããããšã«ãã£ãŠãå ¥åãã©ãã£ãã¯ãžæäŸããããµãŒãã¹ãèšå®ããŸããïŒç¯å²ïŒ0-7ïŒ
ïŒ Set PHBïŒãããã³ã°ãã±ããïŒã¯ã©ã¹ãããã®ã«ãŒã«èšå®ã§æå®ãããïŒã®å éš per-hop behaviorãã»ããããããšã«ãã£ãŠãå ¥åãã©ãã£ãã¯ãžæäŸããããµãŒãã¹ãèšå®ããŸããïŒç¯å²ïŒ0-7ïŒ
Meter
æ倧ã¹ã«ãŒããããããŒã¹ãã¬ãŒããããªã·ïŒéåã®çµæãšãªãã¢ã¯ã·ã§ã³ãå®çŸ©ããããã«ãã§ãã¯ããŸãã
Meter Mode
以äžã®ããªãã·ã³ã°ã¡ãœããã®ãããããéžæããŸãã
ïŒ FlowïŒPolice FlowïŒ - committed information rateïŒCIRãŸãã¯æ倧ã¹ã«ãŒãããïŒãcom-mitted burst sizeïŒBCãŸãã¯ããŒã¹ãã¬ãŒãïŒãé©åãšäžé©åãã©ãã£ãã¯ã«å¯ŸããŠåãã¢ã¯ã·ã§ã³ãå®çŸ©ããŸãã
155FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
⢠Committed Information Rate (CIR)ïŒã¬ãŒããæå®ãïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒã㧠64-10000000 kbpsïŒã¬ãŒãã¯èšå®ãããã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããŸããã
⢠Committed Burst Size (BC) ïŒããŒã¹ããµã€ãºãæå®ãïŒç¯å²ïŒ4kãã€ãã®ç²ŸåºŠã§4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠Conform ïŒæ倧ã¬ãŒãïŒCIRïŒãžé å¿ãããã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããŸãã
ã»TransmitïŒäžé©åãã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããããŸãã
ïŒ Violate ïŒ æ倧ã¬ãŒãïŒCIRïŒè¶ãããã©ãã£ãã¯ããããããããããDSCPãµãŒãã¹ã¬ãã«ãæžå°ããããæå®ããŸãã
⢠Set IP DSCP ïŒé©åãã©ãã£ãã¯å€ã® DSCPãã©ã€ãªãªãã£ãæžå°ïŒç¯å²ïŒ0-63ïŒ
⢠Drop ïŒé©åãã©ãã£ãã¯ãããããããŸãã
ïŒ srTCM (Police Meter)ïŒ committed information rateïŒCIRãŸãã¯æ倧ã¹ã«ãŒãããïŒãcommitted burst sizeïŒBCãŸãã¯ããŒã¹ãã¬ãŒãïŒãexcess burst sizeïŒBEïŒããã³æ倧ã¹ã«ãŒãããã«é©åãããã©ãã£ãã¯ãå®çŸ©ããŸãã転éãDSCPãµãŒãã¹å€ã®ãªããŒã¯ããã±ããã®ãããããè¡ããã®ã³ãã³ãã«ãã£ãŠå®çŸ©ãããã¢ã¯ã·ã§ã³ã«å ããã¹ã€ããã¯ãŸã Random Early Detectionã®ããã®ãã±ããã®ãããã Prece-denceã«äœ¿çšããã 2ã€ã®ã«ã©ãŒããããããŒã¯ããŸããã«ã©ãŒã¢ãŒãã«ã¯ãã±ããã¹ããªãŒã ãè²ä»ããããŠããªããšæ³å®ãã "ã«ã©ãŒãã€ã³ã "ãšãå ¥åãã±ããã¯æ¢ã«è²ä»ããããŠãããšæ³å®ãã " ã«ã©ãŒã¢ãŠã§ã¢ "ã® 2ã€ããããŸãã
⢠Committed Information Rate (CIR)ïŒã¬ãŒããæå® ïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒã㧠64-10000000kbps)ã¬ãŒãã¯èšå®ãããã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããŸããã
⢠Committed Burst Size (BC) ïŒããŒã¹ããµã€ãºãæå® (ç¯å²ïŒ4kbpsã®ç²ŸåºŠã§ 4000-16000000)ããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠Excess Burst Size (BE) ïŒã³ããããããããŒã¹ããµã€ãºãè¶ éããããŒã¹ãïŒç¯å²ïŒ4kbpsã®ç²ŸåºŠã§ 4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠Conform ïŒæ倧ã¬ãŒãïŒCIRïŒãžé å¿ãããã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããŸãã
ã»TransmitïŒäžé©åãã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããããŸãã
⢠Exceed ïŒæ倧ã¬ãŒãïŒCIRïŒãè¶ããããè¶ éããŒã¹ããµã€ãºå ã§ãããã©ãã£ãã¯ããããããããã DSCPãµãŒãã¹ã¬ãã«ãæžå°ããããæå®ããŸãã
ã»Set IP DSCPïŒé©åãã©ãã£ãã¯å€ã® DSCPãã©ã€ãªãªãã£ãæžå°ãïŒç¯å²ïŒ0-63ïŒã»DropïŒé©åãã©ãã£ãã¯ãããããããŸãã
⢠Violate ïŒè¶ éããŒã¹ããµã€ãºïŒBEïŒãè¶ãããã©ãã£ãã¯ããããããããããDSCPãµãŒãã¹ã¬ãã«ãæžå°ããããæå®ããŸãã
156 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
ã»Set IP DSCPïŒé©åãã©ãã£ãã¯å€ã® DSCPãã©ã€ãªãªãã£ãæžå°ãïŒç¯å²ïŒ0-63ïŒã»DropïŒé©åãã©ãã£ãã¯ãããããããŸãã
ïŒ trTCM (Police Meter)ïŒ ccommitted information rateïŒCIRãŸãã¯æ倧ã¹ã«ãŒãããïŒãpeak
information rateïŒPIRïŒããããã«é¢ããããŒã¹ããµã€ãºãå®çŸ©ããŸããïŒã³ããããããããŒã¹ããµã€ãºïŒBCãŸãã¯ããŒã¹ãã¬ãŒãïŒãš peak information rateïŒPIRïŒããã©ãã£ãã¯ãæ倧ã¹ã«ãŒãããã«é©åããæã«åãã¢ã¯ã·ã§ã³ãæ倧ã¹ã«ãŒããããè¶ããpeak
information rateïŒRIPïŒå ã«ãããŸã㯠peak information rateïŒPIRïŒãè¶ éãçãå®çŸ©ããŸãããã®ã³ãã³ãã§å®çŸ©ããããDSCPãµãŒãã¹å€ã®ãªãŒããŒã¯ãŸãã¯ãããããã±ããçã«å ããã¹ã€ããã¯ãŸã Random Early Detectionã®ããã®ãã±ããã®ãããã Precedenceã«äœ¿çšããã 2ã€ã®ã«ã©ãŒããããããŒã¯ããŸãã
ã«ã©ãŒã¢ãŒãã«ã¯ãã±ããã¹ããªãŒã ãè²ä»ããããŠããªããšæ³å®ãã "ã«ã©ãŒãã€ã³ã "ãšãå ¥åãã±ããã¯æ¢ã«è²ä»ããããŠãããšæ³å®ãã "ã«ã©ãŒã¢ãŠã§ã¢ "ã® 2ã€ããããŸãã
⢠Committed Information Rate ïŒCIRïŒïŒã¬ãŒããæå® ïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒã㧠64-10000000kbpsïŒ
⢠Peak Information Rate ïŒPIRïŒïŒã¬ãŒããæå®ïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒã㧠64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒãã§ïŒ
⢠Committed Burst Size ïŒBCïŒïŒããŒã¹ããµã€ãºãæå® (ç¯å²ïŒ4kbpsã®ç²ŸåºŠã§4000-16000000)ããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠Peak Burst Size ïŒBPïŒïŒããŒã¹ããµã€ãºãæå®ïŒç¯å²ïŒ4kbpsã®ç²ŸåºŠã§ 4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠Conform ïŒæ倧ã¬ãŒãïŒCIRïŒãžé å¿ãããã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããŸãã
ã»TransmitïŒäžé©åãã©ãã£ãã¯ã DSCPãµãŒãã¹ã¬ãã«ã®å€æŽç¡ãã§è»¢éãããããŸãã
⢠Exceed ïŒå€§ã¬ãŒãïŒCIRïŒãè¶ããããpeak information rate ïŒPIRïŒå ã§ãããã©ãã£ãã¯ããããããããã DSCPãµãŒãã¹ã¬ãã«ãæžå°ããããæå®ããŸãã
ã»Set IP DSCPïŒé©åãã©ãã£ãã¯å€ã® DSCPãã©ã€ãªãªãã£ãæžå°ãïŒç¯å²ïŒ0-63ïŒã»DropïŒé©åãã©ãã£ãã¯ãããããããŸãã
⢠Violate ïŒ peak information rateïŒPIRïŒãè¶ãããã©ãã£ãã¯ããããããããããDSCPãµãŒãã¹ã¬ãã«ãæžå°ããããæå®ããŸãã
ã»Set IP DSCPïŒé©åãã©ãã£ãã¯å€ã® DSCPãã©ã€ãªãªãã£ãæžå°ãïŒç¯å²ïŒ0-63ïŒã»DropïŒé©åãã©ãã£ãã¯ãããããããŸãã
157FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
èšå®æ¹æ³
ããªã·ãŒãããã®èšå®
ïŒ1ïŒ[Traffic]â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure PolicyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒããªã·ãŒåãå ¥åããŸããïŒ5ïŒè§£èª¬ãå ¥åããŸããïŒ6ïŒïŒ AddïŒãã¯ãªãã¯ããŸãã
ããªã·ãŒãããèšå®ã®è¡šç€º
ïŒ1ïŒ[Traffic]â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure PolicyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
158 FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
ããªã·ãŒãããã®ã«ãŒã«ãç·šé
ïŒ1ïŒ[Traffic]â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure PolicyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããªã·ãŒãããã®ã«ãŒã«ã衚瀺
ïŒ1ïŒ[Traffic]â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure PolicyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow RuleããéžæããŸãã
159FXC3110
Webã€ã³ã¿ãã§ãŒã¹Quality of Service
ããªã·ãŒããããããŒããžé©çš
ããªã·ãŒããããããŒããžé©çšããŸãã
æ©èœè§£èª¬
⢠å§ãã«ã¯ã©ã¹ãããã®å®çŸ©ãè¡ã£ãŠãã ããããã®åŸãããªã·ãŒãããã®å®çŸ©ãè¡ããæåŸã«ãµãŒãã¹ããªã·ãŒãã€ã³ã¿ãã§ãŒã¹ãžé©çšããŸãã
⢠äžã€ã®ã€ã³ã¿ãã§ãŒã¹ã«äžã€ã®ããªã·ãŒããã€ã³ãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒããæå®ã
Ingress
å ¥åãã©ãã£ãã¯ãžã«ãŒã«ãé©çšããŸãã
èšå®æ¹æ³
ããªã·ãŒããããããŒããžãã€ã³ã
ïŒ1ïŒ[Traffic]â [DiffServ]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒããªã·ãŒããããæå¹ã«ããããŒãã®ãIngressãã£ãŒã«ãã®ãã§ãã¯ããã¯ã¹ããã§ãã¯ããŸãã
ïŒ4ïŒã¹ã¯ããŒã«ããŠã³ããã¯ã¹ããããªã·ãŒããããéžæããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
160 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
3.11 VoIPèšå®
IPé»è©±ããšã³ã¿ãŒãã©ã€ãºãããã¯ãŒã¯ã«é 眮ãããå Žåãä»ã®ããŒã¿ãã©ãã£ãã¯ããVoIPãããã¯ãŒã¯ãåé¢ããããšãæšå¥šããŸãããã©ãã£ãã¯ã®åé¢ã¯æ¥µç«¯ãªãã±ããå°éé 延ããã±ãããã¹ããžãã¿ãŒãé²ããããé«ãé³å£°å質ãåŸãããšã«ã€ãªãããŸãããã㯠1ã€ã® Voice VLANã«ãã¹ãŠã® VoIPãã©ãã£ãã¯ãå²ãåœãŠãããšã§å®çŸã§ããŸãã
Voice VLANã䜿çšããããšã«ã¯ããã€ãã®å©ç¹ããããŸããä»ã®ããŒã¿ãã©ãã£ãã¯ããVoIPãã©ãã£ãã¯ãåé¢ããããšã§ã»ãã¥ãªãã£ãä¿ãããŸãããšã³ããã¥ãŒãšã³ãã®QoSããªã·ãŒãšé«ãåªå 床ã®èšå®ã«ããããããã¯ãŒã¯ã暪æã㊠VoIP VLANãã©ãã£ãã¯ã«å¿ èŠãªåž¯åå¹ ãä¿èšŒããããšãã§ããŸãããŸããVLANåå²ã¯é³å£°å質ã«é倧ãªåœ±é¿ãåãŒããããŒããã£ã¹ãããã«ããã£ã¹ããããã©ãã£ãã¯ãä¿è·ããããšãã§ããŸãã
ã¹ã€ããã¯ãããã¯ãŒã¯é㧠Voice VLANãèšå®ããVoIPãã©ãã£ãã¯ã« CoSå€ãèšå®ããããšãã§ããŸããVoIPãã©ãã£ãã¯ã¯ãã±ããã®éä¿¡å MACã¢ãã¬ã¹ããããã¯æ¥ç¶ããã VoIPããã€ã¹ãçºèŠããããã« LLDPïŒIEEE802.1ABïŒã䜿ãããšã§ãã¹ã€ããããŒãäžã«ãããŠæ€åºãããŸããVoIPãã©ãã£ãã¯ãèšå®ãããããŒãäžã§æ€åºããããšããã¹ã€ããã¯èªåçã« Voice VLANã®ã¿ã°ã¡ã³ããŒãšããŠããŒããå²ãåœãŠãŸãã
ã¹ã€ããããŒããæåã§èšå®ããããšãã§ããŸãã
VoIPãã©ãã£ãã¯ã®èšå®
VoIPåãã«ã¹ã€ãããæ§æãããããæåã«ã¹ã€ããããŒãã«æ¥ç¶ããã VoIPããã€ã¹ã®Automatic Detectionãæå¹ã«ãã次ã«ãããã¯ãŒã¯äžã® Voice VLANã® IDãèšå®ããŸãããŸã Voice VLAN Aging Timeã¯ãVoIPãã©ãã£ãã¯ãããŒãäžã§åä¿¡ãããŠããªããšããVoice VLANããããŒããåãå€ãããã«èšå®ããŸãã
èšå®ã»è¡šç€ºé ç®
Auto Detection Status
ã¹ã€ããããŒãäžã§ VoIPãã©ãã£ãã¯ã®èªåæ€åºãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Voice VLAN ID
ãããã¯ãŒã¯äžã® Voice VLAN IDãèšå®ããŸãã1ã€ã® Voice VLAN IDã®ã¿ãµããŒãããŸãããŸããã® VLAN IDã¯äºåã«ã¹ã€ããäžã§äœæãããŠããªããã°è¡ããŸãããïŒç¯å²ïŒ1-4093ïŒ
Vioce VLAN Aging Time
Voice VLAN Aging TimeâŠããŒãäžã§ VoIPãã©ãã£ãã¯ãåä¿¡ãããŠããªããšããããŒãã Voice VLANããåãå€ããããŸã§ã®æéãïŒç¯å²ïŒ5-43200ç§ãåæèšå®ïŒ1440ç§
[泚æ]ãAuto Detection Statusãæå¹ã®ãšããVoice VLAN IDãèšå®ããããšãã§ããŸããã
161FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
èšå®æ¹æ³
ïŒ1ïŒ[Traffic] â [VoIP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒ"Auto Detection"ãæå¹ã«ããŸãã
ïŒ4ïŒ"Voice VLAN ID"ãæå®ããŸãã
ïŒ5ïŒå¿ èŠã«å¿ãã"Voice VLAN Aging Time"ãç·šéããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
162 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
ãã¬ãã©ã㌠OUIã®èšå®
ã¹ã€ããã«æ¥ç¶ããã VoIPããã€ã¹ã¯ãåä¿¡ãããã±ããã®éä¿¡å MACã¢ãã¬ã¹ã®äžã®VoIPããã€ã¹è£œé è ã® Organizational Unique IdentifierïŒOUIïŒã«ãã£ãŠèªèãããŸããOUIçªå·ã¯è£œé è ã«ãã£ãŠå²ãåœãŠãããããã€ã¹ã® MACã¢ãã¬ã¹ã®æåã® 3ãªã¯ããããæ§æããŸããVoIPããã€ã¹ããã®ãã©ãã£ãã¯ã VoIPãšèªèããããã«ãVoIPæ©åšã®MACã¢ãã¬ã¹ã® OUIçªå·ãã¹ã€ããäžã§èšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Telephony OUI
ãªã¹ãã«è¿œå ãã MACã¢ãã¬ã¹ã®ç¯å²ãæå®ããŸããã01-23-45-67-89-ABããšãããã©ãŒããã㧠MACã¢ãã¬ã¹ãå ¥åããŸãã
Mask
VoIPããã€ã¹ã® MACã¢ãã¬ã¹ã®ç¯å²ã確å®ããŸããããã§ãFF-FF-FF-00-00-00ããèšå®ãããšåã OUIçªå·ïŒæåã® 3ãªã¯ããããåäžïŒã§ãããã¹ãŠã®ããã€ã¹ã VoIPããã€ã¹ãšããŠèªèããŸããä»ã®å€ãæå®ããããšã§MACã¢ãã¬ã¹ã®ç¯å²ãå¶éããããšãã§ããŸããããã§ãFF-FF-FF-FF-FF-FFããéžæãããš 1ã€ã® MACã¢ãã¬ã¹ã®ã¿ VoIPããã€ã¹ãšããŠèšå®ããŸãïŒåæèšå®ïŒFF-FF-FF-00-00-00ïŒ
Description
VoIPããã€ã¹ã®å 容ã説æããããã¹ããå ¥åããŸãã
163FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
èšå®æ¹æ³
VoIPè£ çœ®ã® MAC OUIçªå·ãèšå®
ïŒ1ïŒ[Traffic] â [VoIP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure OUIããéžæããŸããïŒ3ïŒãActionããªã¹ããããAddããéžæããŸããïŒ4ïŒãããã¯ãŒã¯å ã® VoIPããã€ã¹ã® OUIãæå®ãã MACã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ5ïŒMACã¢ãã¬ã¹ç¯å²ãå®çŸ©ãããã¹ã¯ããã«ããŠã³ãªã¹ãããéžæããŸãã
ïŒ6ïŒããã€ã¹ã®èª¬æãå ¥åããŸããïŒ7ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
VoIPè£ çœ®ã§äœ¿çšãããã® MAC OUIçªå·ã衚瀺
ïŒ1ïŒ[Traffic] â [VoIP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure OUIããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
164 FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
VoIPãã©ãã£ãã¯ããŒãã®èšå®
VoIPãã©ãã£ãã¯ã®ããã«ããŒããæ§æãããããã¢ãŒãïŒAutoã ManualïŒãVoIPããã€ã¹ãçºèŠããæ¹æ³ããã©ãã£ãã¯ã®åªå 床ãèšå®ããå¿ èŠããããŸãããŸã VoIPãã©ãã£ãã¯ã®ã¿ Voice VLANäžã転éã§ããããšãä¿èšŒãããããã»ãã¥ãªãã£ãã£ã«ã¿ãæå¹ã«ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Mode
ããŒãã Voice VLANã«å ãã£ãå ŽåãVoIPãã©ãã£ãã¯ãã©ã®æç¹ã§æ€åºããããèšå®ããŸãïŒåæèšå®ïŒNoneïŒ
⢠None ïŒããŒãäžã§ Voice VLANæ©èœã¯ç¡å¹ã«ãªããŸããããŒã㯠VoIPãã©ãã£ãã¯ãæ€åºãããVoice VLANã«ãè¿œå ãããŸããã
⢠Auto ïŒããŒãã VoIPãã©ãã£ãã¯ãæ€åºãããšããããŒã㯠Voice VLANã®ã¿ã°ã¡ã³ããŒãšããŠè¿œå ãããŸããVoIPãã©ãã£ãã¯ãæ€åºããæ¹æ³ããOUIã802.1ABã®ã©ã¡ããããéžæããªããŠã¯ãããŸãããOUIãéžæããå ŽåãTelephony OUI List㧠MACã¢ãã¬ã¹ã®ç¯å²ã確èªããŠãã ããã
⢠Manual ïŒ Voice VLANæ©èœã¯ããŒãäžã§æå¹ã«ãªããŸãããããŒãã¯æå㧠Voice VLANã«è¿œå ãããŸãã
Security
ããŒãäžã§åä¿¡ãã Voice VLAN IDã®ã¿ã°ã®ä»ããé VoIPãã±ãããç Žæ£ããããã«ãã»ãã¥ãªãã£ãã£ã«ã¿ãæå¹ã«ããŸããVoIPãã©ãã£ãã¯ã¯ Telephony OUI Listã§æ§æãããéä¿¡å MACã¢ãã¬ã¹ããããã¯ã¹ã€ããäžã§æ¥ç¶ããã VoIPããã€ã¹ãçºèŠãã LLDPãéããŠèªèšŒãããŸããVoIPããã€ã¹ã§ã¯ãªãéä¿¡å ããåä¿¡ãããã±ããã¯ç Žæ£ãããŸãïŒåæèšå®ïŒç¡å¹ïŒ
Discovery Protocol
ããŒãäžã§ VoIPãã©ãã£ãã¯ãæ€åºããããã«äœ¿ãæ¹åŒãéžæããŸããïŒåæèšå®ïŒOUIïŒ
⢠OUI ïŒ VoIPããã€ã¹ããã®ãã©ãã£ãã¯ã¯éä¿¡å MACã¢ãã¬ã¹ã®Organizationally Unique IdentifierïŒOUIïŒã«ãã£ãŠæ€åºãããŸããOUIçªå·ã¯è£œé è ã«ãã£ãŠå²ãåœãŠãããããã€ã¹ã® MACã¢ãã¬ã¹ã®æåã® 3ãªã¯ããããæ§æããŸããã¹ã€ããã VoIPããã€ã¹ããã®ãã©ãã£ãã¯ãèªèããã«ã¯ãMACã¢ãã¬ã¹ã® OUIçªå·ã Telephony OUI Listã§æ§æããªããŠã¯ãããŸããã
⢠LLDP ïŒããŒãã«æ¥ç¶ããã VoIPããã€ã¹çºèŠããããã« LLDPã䜿çšããŸããLLDP㯠System Capability TLVã®äžã® Telephone Bitãæå¹ã§ãããã©ããããã§ãã¯ããŸããLLDPïŒLink Layer Discovery ProtocolïŒã«ã€ããŠã¯æ¬ããã¥ã¢ã«258 ããŒãžã®ãLLDPããåç §ããŠãã ããã
Priority
Voice VLANäžã®ããŒããšãã©ãã£ãã¯ã® CoSåªå 床ãå®çŸ©ããŸããVoice VLANæ©èœãããŒãäžã§æå¹ã§ãããšããåä¿¡ãããã¹ãŠã® VoIPãã±ããã®åªå 床ãæ°ããåªå 床ã§äžæžããããŸãã
Remaining Age
ãã®ãšã³ããªããšã€ãžã¢ãŠããããŸã§ã®ç§æ°
165FXC3110
Webã€ã³ã¿ãã§ãŒã¹VoIPèšå®
èšå®æ¹æ³
ïŒ1ïŒ[Traffic] â [VoIP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸããïŒ3ïŒããããã®ããŒãã® VoIPèšå®ããå¿ èŠãªé ç®ã®ç·šéãè¡ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
166 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12 ã»ãã¥ãªãã£
æ¬æ©ã¯ãããããã®ããŒã¿ããŒãã«æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã®ãã©ãã£ãã¯ã®åé¢ããã³ãèªèšŒãããã¯ã©ã€ã¢ã³ãã ããã¢ã¯ã»ã¹ãåŸãããšãä¿èšŒããããã®å€æ°ã®ã¡ãœããããµããŒãããŸãããã©ã€ããŒã VLANãš IEEE802.1xãå©çšããããŒãããŒã¹èªèšŒã¯ãäžè¬çã«ãããã®ç®çã®ããã«äœ¿çšãããŸãã ãããã®ã¡ãœããã«å ãããã®ä»ããã€ãã®æäŸãããŠããã»ãã¥ãªãã£ã®ãªãã·ã§ã³ããµããŒããããŠããŸãã
[泚æ ]ããã£ã«ã¿ãªã³ã°ã³ãã³ãã®å®è¡ãã©ã€ãªãªãã£ã¯ãããŒãã»ãã¥ãªãã£ãããŒãèªèšŒããããã¯ãŒã¯ã¢ã¯ã»ã¹ãWeb èªèšŒãã¢ã¯ã»ã¹ã³ã³ãããŒã«ãªã¹ããIP ãœãŒã¹ã¬ãŒããDHCPã¹ããŒãã³ã°ã§ãã
3.12.1 AAAèš±å¯ãšã¢ã«ãŠã³ãã£ã³ã°
ãªãŒã»ã³ãã£ã±ãŒã·ã§ã³ããªãŒãœã©ã€ãŒãŒã·ã§ã³ãã¢ã«ãŠã³ãã£ã³ã°ïŒAAAïŒæ©èœã¯ã¹ã€ããäžã§ã¢ã¯ã»ã¹å¶åŸ¡ãè¡ãããã®äž»èŠãªãã¬ãŒã ã¯ãŒã¯ãèŠå®ããŸãããã® 3ã€ã®ã»ãã¥ãªãã£æ©èœã¯äžã®ããã«ãŸãšããããšãã§ããŸãã
⢠ãªãŒã»ã³ãã£ã±ãŒã·ã§ã³ïŒãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãèŠæ±ãããŠãŒã¶ãŒãèªèšŒããŸãã
⢠ãªãŒãœã©ã€ãŒãŒã·ã§ã³ïŒãŠãŒã¶ãŒãç¹å®ã®ãµãŒãã¹ã«ã¢ã¯ã»ã¹ã§ãããã©ããã決å®ããŸãã
⢠ã¢ã«ãŠã³ãã£ã³ã°ïŒãããã¯ãŒã¯äžã®ãµãŒãã¹ã«ã¢ã¯ã»ã¹ãããŠãŒã¶ãŒã«é¢ããå ±åãç£æ»ãè«æ±ãè¡ããŸãã
AAAæ©èœã䜿çšããã«ã¯ãããã¯ãŒã¯äžã§ RADIUSãµãŒããŒãããã㯠TACACS+ãµãŒããŒãæ§æããããšãå¿ èŠã§ããã»ãã¥ãªãã£ãµãŒããŒã¯ã·ãŒã±ã³ã·ã£ã«ã°ã«ãŒããšããŠå®çŸ©ãããç¹å®ã®ãµãŒãã¹ãžã®ãŠãŒã¶ãŒã¢ã¯ã»ã¹ãå¶åŸ¡ããããã«é©çšãããŸããäŸãã°ãã¹ã€ããããŠãŒã¶ãŒãèªèšŒããããšè©Šã¿ãå Žåãæåã«ãªã¯ãšã¹ããå®çŸ©ãããã°ã«ãŒãå ã®ãµãŒããŒã«éä¿¡ãããŸããå¿çããªãå Žåã第 2ã®ãµãŒããŒã«ãªã¯ãšã¹ããéä¿¡ãããããã«å¿çããªãå Žåã次ã®ãµãŒããŒã«ãªã¯ãšã¹ããéä¿¡ãããŸããã©ããã®æç¹ã§èªèšŒãæåããã倱æããå Žåãããã»ã¹ã¯åæ¢ããŸãã
æ¬æ©ã¯äžèšã® AAAæ©èœããµããŒãããŠããŸãã
⢠ã¹ã€ãããéããŠãããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ãã IEEE802.1xã§èªèšŒããããŠãŒã¶ãŒãã¢ã«ãŠã³ãã£ã³ã°ããŸãã
⢠ã³ã³ãœãŒã«ãš TelnetãéããŠã¹ã€ããäžã®ç®¡çã€ã³ã¿ãŒãã§ãŒã¹ã«ã¢ã¯ã»ã¹ãããŠãŒã¶ãŒãã¢ã«ãŠã³ãã£ã³ã°ããŸãã
⢠ç¹å®ã® CLIç¹æš©ã¬ãã«ã«å ¥ã£ããŠãŒã¶ãŒã«ã³ãã³ããã¢ã«ãŠã³ãã£ã³ã°ããŸãã
⢠ã³ã³ãœãŒã«ãš TelnetãéããŠã¹ã€ããäžã®ç®¡çã€ã³ã¿ãŒãã§ãŒã¹ã«ã¢ã¯ã»ã¹ãããŠãŒã¶ãŒã®ãªãŒãœã©ã€ãŒãŒã·ã§ã³ãè¡ããŸãã
167FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã¹ã€ããäžã® AAAæ©èœã®èšå®ãè¡ãããã«ãäžã®æé ãå®è¡ããå¿ èŠããããŸãã
ïŒ1ïŒRADIUSãµãŒããŒãTACACS+ãµãŒããŒãžã¢ã¯ã»ã¹ããããã®å€ãèšå®ããŸãã
ïŒ2ïŒãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ããªãŒãœã©ã€ãŒãŒã·ã§ã³æ©èœããµããŒããããããRADIUSãµãŒããŒãš TACACS+ãµãŒããŒã®ã°ã«ãŒããå®çŸ©ããŸãã
ïŒ3ïŒé©çšãããããããã®ãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ããªãŒãœã©ã€ãŒãŒã·ã§ã³ã®ã¡ãœããåãå®çŸ©ãã䜿çšãã RADIUSãµãŒããŒãããã㯠TACACS+ãµãŒããŒã®ã°ã«ãŒããæå®ããŸãã
ïŒ4ïŒããŒããŸãã¯ã©ã€ã³ã€ã³ã¿ãŒãã§ãŒã¹ã«ã¡ãœããåãé©çšããŸãã
[泚æ ]ãäžã®èª¬æ㯠RADIUSãµãŒããŒãš TACACS+ãµãŒããŒãæ¢ã« AAAæ©èœããµããŒãããŠããããšãåæã«ããŠããŸããRADIUSãµãŒããŒãš TACACS+ãµãŒããŒã®èšå®ã«ã€ããŠã¯ãåãµãŒããŒããœãããŠã§ã¢ã®ããã¥ã¢ã«ãåç §ããŠãã ããã
168 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ããŒã«ã« /ãªã¢ãŒããã°ãªã³èªèšŒèšå®
æ¬æ©ã§ã¯ãŠãŒã¶åãšãã¹ã¯ãŒãããŒã¹ã«ãã管çã¢ã¯ã»ã¹ã®å¶éãè¡ãããšãã§ããŸããæ¬æ©å éšã§ã®ã¢ã¯ã»ã¹æš©ã®èšå®ãè¡ããä»ãRADIUSåã³ TACACS+ã«ãããªã¢ãŒãèªèšŒãµãŒãã§ã®èªèšŒãè¡ãããšãã§ããŸãã
RADIUSåã³ TACACS+ã¯ããããã¯ãŒã¯äžã® RADIUS察å¿åã³ TACACS+察å¿ã®ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«è¡ãããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
æ©èœè§£èª¬
⢠åæèšå®ã§ã¯ã管çã¢ã¯ã»ã¹ã¯æ¬æ©å éšã®èªèšŒããŒã¿ããŒã¹ã䜿çšããŸããå€éšã®èªèšŒãµãŒãã䜿çšããå ŽåãèªèšŒæé ãšãªã¢ãŒãèªèšŒãããã³ã«ã®å¯Ÿå¿ãããã©ã¡ãŒã¿ã®èšå®ãè¡ãå¿ èŠããããŸããããŒã«ã«ãRADIUSåã³ TACACS+èªèšŒã§ã¯ãã³ã³ãœãŒã«æ¥ç¶ãWebã€ã³ã¿ãã§ãŒã¹åã³ Telnetçµç±ã®ã¢ã¯ã»ã¹ç®¡çãè¡ããŸãã.
⢠æ倧 3ã€ã®èªèšŒæ¹æ³ãå©çšããããšãã§ããŸããäŸãã° (1) RADIUSã(2) TACACSã(3) Localãšèšå®ããå Žåãåãã« RADIUSãµãŒãã§ãŠãŒã¶åãšãã¹ã¯ãŒãã®èªèšŒãè¡ããŸããRADIUSãµãŒãã䜿çšã§ããªãå Žåã«ã¯ã次㫠TACACS+ãµãŒãã䜿çšãããã®åŸæ¬äœå éšã®ãŠãŒã¶åãšãã¹ã¯ãŒãã«ããèªèšŒãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Authentication
èªèšŒæ¹åŒãéžæããŸãã
ïŒ Local â æ¬æ©å éšã«ãããŠãŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ RADIUS â RADIUSãµãŒãã«ãããŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ TACACS â TACACS+ãµãŒãã«ãããŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ [ authentication sequence ]ïŒãŠãŒã¶èªèšŒã¯ãæå®ãããã·ãŒã±ã³ã¹ã®æ倧 3ã€ã®èªèšŒã¡ãœããã«ãã£ãŠå®è¡ãããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [AAA]â [System Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒâAuthentication sequenceâãæå®ããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
169FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ãªã¢ãŒããã°ãªã³èªèšŒãµãŒãã®èšå®
æ¬æ©ã§ã¯ãŠãŒã¶åãšãã¹ã¯ãŒãããŒã¹ã«ãã管çã¢ã¯ã»ã¹ã®å¶éãè¡ãããšãã§ããŸããæ¬æ©å éšã§ã®ã¢ã¯ã»ã¹æš©ã®èšå®ãè¡ããä»ãRADIUSåã³ TACACS+ã«ãããªã¢ãŒãèªèšŒãµãŒãã§ã®èªèšŒãè¡ãããšãã§ããŸãã
RADIUSåã³ TACACS+ã¯ããããã¯ãŒã¯äžã® RADIUS察å¿åã³ TACACS+察å¿ã®ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«è¡ãããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
RADIUSã§ã¯ãã¹ããšãã©ãŒãåã® UDPã䜿çšããŸãããTACACS+ã§ã¯æ¥ç¶ç¢ºç«åéä¿¡ã® TCPã䜿çšããŸãããŸããRADIUSã§ã¯ãµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãããTACACS+ã¯å šãŠã®ãã±ãããæå·åãããŸãã
æ©èœè§£èª¬
⢠å€éšã®èªèšŒãµãŒãã䜿çšããå ŽåãèªèšŒæé ãšãªã¢ãŒãèªèšŒãããã³ã«ã®å¯Ÿå¿ãããã©ã¡ãŒã¿ã®èšå®ãè¡ãå¿ èŠããããŸããããŒã«ã«ãRADIUSåã³ TACACS+èªèšŒã§ã¯ãã³ã³ãœãŒã«æ¥ç¶ãWebã€ã³ã¿ãã§ãŒã¹åã³ Telnetçµç±ã®ã¢ã¯ã»ã¹ç®¡çãè¡ããŸãã
⢠RADIUSåã³ TACACS+èªèšŒã§ã¯ãåãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿããã¢ã¯ã»ã¹ã¬ãã« (Pribilege Level)ãèšå®ããŸãããŠãŒã¶åããã¹ã¯ãŒãåã³ã¢ã¯ã»ã¹ã¬ãã«(Pribilege Level)ã¯èªèšŒãµãŒãåŽã§èšå®ãè¡ããŸããèšå®
衚瀺é ç®
RADIUSèšå®
Global
RADIUSãµãŒãã®èšå®ãã°ããŒãã«ã«é©çšããŸãã
Server Index
èšå®ãã RADIUSãµãŒããã5ã€ã®ãã¡ 1ã€æå®ããŸããæ¬æ©ã¯ã衚瀺ããããµãŒãã®é ã«èªèšŒããã»ã¹ãå®è¡ããŸããèªèšŒããã»ã¹ã¯ããµãŒãããã®ãŠãŒã¶ã®ã¢ã¯ã»ã¹ãèš±å¯ãŸãã¯æåŠããæç¹ã§çµäºããŸãã
Server IP Address
RADIUSãµãŒãã® IPã¢ãã¬ã¹
Accounting Server UDP Port
ã¢ã«ãŠã³ãã£ã³ã°ã¡ãã»ãŒãžã«äœ¿çšããããèªèšŒãµãŒãã®ãããã¯ãŒã¯ããŒãïŒUDPïŒçªå·ïŒ1-65535ãåæèšå® :1813ïŒ
Authentication Server UDP Port
èªèšŒã¡ãã»ãŒãžã«äœ¿çšããããèªèšŒãµãŒãã®ãããã¯ãŒã¯ããŒãïŒUDPïŒçªå·ïŒ1-65535ãåæèšå® :1812ïŒ
WebTelnet
RADIUS/TACACS+server
console
1.
170 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
Authentication Timeout
ã¹ã€ããããªã¯ãšã¹ããåéä¿¡ãããŸã§ãRADIUSãµãŒãããã®è¿çãåŸ ã€ç§æ°ãïŒ1-65535ãåæèšå® :5ïŒ
Authentication Retries
ã¹ã€ãããèªèšŒãµãŒããçµç±ããŠãèªèšŒãã°ãªã³ã¢ã¯ã»ã¹ãè©Šã¿ãåæ°ãïŒ1-30ãåæèšå® :2ïŒ
Set Key
ã¹ã€ãããèªèšŒãµãŒããçµç±ããŠãèªèšŒãã°ãªã³ã¢ã¯ã»ã¹ãè©Šã¿ãåæ°ãïŒ1-30ãåæèšå® :2ïŒ
Authentication Key
æå·éµã¯ã¯ã©ã€ã¢ã³ãã®ãã°ãªã³ã¢ã¯ã»ã¹ã«èªèšŒã«äœ¿çšãããŸããäœçœã䜿çšããªãã§ãã ãããïŒæ倧å€ïŒ48æåïŒ
Confirm Authentication Key
ãšã©ãŒããªãããšã確èªããçºã«ãåã®ãã£ãŒã«ãã«å ¥åãããã¹ããªã³ã°ãåã¿ã€ãããŠãã ããã
TACACS+èšå®
Global
TACACS+ãµãŒãã®èšå®ãã°ããŒãã«ã«é©çšããŸãã
Server Index
èšå®ãè¡ããµãŒãã®ã€ã³ããã¯ã¹çªå·ãæå®ããŸããæ¬æ©ã¯ 1ã€ã® TACACS+ãµãŒãã®ã¿ãµããŒãããŠããŸããServer IP Address
TACACS+ãµãŒãã® IPã¢ãã¬ã¹
Authentication Server TCP Port
TACACS+ãµãŒãã§èªèšŒã¡ãã»ãŒãžã«äœ¿çšããã TCPããŒãçªå·ïŒç¯å²ïŒ1-65535ãåæèšå® :49ïŒ
Set Key
æå·ããŒã®èšå®ãŸãã¯ç·šéãè¡ãããã«ãã®ããã¯ãããŒã¯ããŸãã
Authentication Key
ã¯ã©ã€ã¢ã³ãã®ãã°ãªã³ã®èªèšŒã«äœ¿çšãããã¢ã¯ã»ã¹æå·ããŒãäœçœã¯äœ¿çšããªãã§ãã ãããïŒæå€§äº 48æåïŒ
Confirm Authentication Key
ãšã©ãŒããªãããšã確èªããçºã«ãåã®ãã£ãŒã«ãã«å ¥åãããã¹ããªã³ã°ãåã¿ã€ãããŠãã ããã
ã°ã«ãŒãèšå®
Server Type
RADIUSãŸã㯠TACACS+ãµãŒããéžæ
Group Name
RADIUSãŸã㯠TACACS+ãµãŒãã®ã°ã«ãŒãåãå®çŸ©ïŒ1-255æåïŒ
Sequence at Priority
ã°ã«ãŒãã§äœ¿çšãã RADIUSãµãŒããšã·ãŒã±ã³ã¹ãæå®ïŒç¯å²ïŒ1-5ïŒ
171FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ãªã¢ãŒãèªèšŒãµãŒãã®èšå®ïŒRADIUSïŒ
ïŒ1ïŒ[Security] â [AAA]â [Server]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ServerããéžæããŸãã
ïŒ3ïŒRADIUSãŸã㯠TACACS+ãããµãŒãã¿ã€ããéžæããŸãã
ïŒ4ïŒå¿ èŠã«å¿ããèšå®å€æŽãè¡ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãªã¢ãŒãèªèšŒãµãŒãã®èšå®ïŒTACACS+ïŒ
172 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã¢ã«ãŠã³ãã£ã³ã°ãšèš±å¯ã«äœ¿çšããã RADIUSãŸã㯠TACACS+ãµãŒãã°ã«ãŒãã®èšå®
ïŒ1ïŒ[Security] â [AAA]â [Server]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GroupããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒRADIUSãŸã㯠TACACS+ãããµãŒãã¿ã€ããéžæããŸãã
ïŒ5ïŒå¿ èŠã«å¿ããèšå®å€æŽãè¡ããŸããïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¢ã«ãŠã³ãã£ã³ã°ãšèš±å¯ã«äœ¿çšããã RADIUSãŸã㯠TACACS+ãµãŒãã°ã«ãŒãã®è¡šç€º
ïŒ1ïŒ[Security] â [AAA]â [Server]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GroupããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
173FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
AAAã¢ã«ãŠã³ãã£ã³ã°ã®èšå®
ãã®ç»é¢ã§ã¯èª²éãã»ãã¥ãªãã£ç®çã§ãªã¯ãšã¹ãããããµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ã«ãããã©ãããèšå®ããŸãã
æ©èœè§£èª¬
⢠ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ã«ããåã«ãRADIUSãŸã㯠TACACS+çµç±ã® AAAèªèšŒãæå¹ã«ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
ã°ããŒãã«èšå®
Periodic Update
ããŒã«ã«ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã¹ããã·ã¹ãã äžã®å šãŠã®ãŠãŒã¶ããã¢ã«ãŠã³ãã£ã³ã°ãµãŒããŒãžã®æ å ±ãã¢ããããŒãããééãæå®ãïŒç¯å²ïŒ1-2147483647åã0ã¯ç¡å¹ãæå³ããŸãïŒ
ã¡ãœããèšå®
Accounting Type
⢠802.1XïŒãšã³ããŠãŒã¶ã®ã¢ã«ãŠã³ãã£ã³ã°
⢠ExecïŒããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHçšã®ç®¡çã¢ã«ãŠã³ãã£ã³ã°
Method Name
ãµãŒãã¹èŠæ±ã®ãªãŒãœã©ã€ãŒãŒã·ã§ã³æ¹æ³ãæå®ããŸãã"default"ã¡ãœããã¯ä»ã®ã¡ãœãããå®çŸ©ãããŠããªãå Žåããªã¯ãšã¹ãããããµãŒãã¹ã«äœ¿çšãããŸãïŒç¯å²ïŒ1ïœ 255æåïŒ
Accounting Notice
ãã°ã€ã³ãããã°ãªããã€ã³ããŸã§ã®ãŠãŒã¶æŽ»åãèšé²ãServer Group Name
ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã°ã«ãŒããæå®ïŒç¯å²ïŒ1-255æåïŒã°ã«ãŒãå "radius"ãš "tacacs+"ã¯èšå®ãããå šãŠã® RADIUSãš TACACS+ãã¹ã (P169 ãããŒã«ã« /ãªã¢ãŒããã°ãªã³èªèšŒèšå®ããåç § )ãæå®ããŸãããã®ä»ã®ã°ã«ãŒãå㯠SecurityïŒ AAAïŒ Server (Configure Group)ããŒãžã§èšå®ããããµãŒãã°ã«ãŒããåç §ããŠãã ããã
ãµãŒãèšå®
Accounting Type
ã¢ã«ãŠã³ãã£ã³ã°ã¿ã€ããæå®ããŸãã802.1X
⢠Method NameïŒã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã«å²ãåœãŠããŠãŒã¶ãŒå®çŸ©ã®ã¡ãœããåãæããããããããå®ããŸããïŒç¯å²ïŒ1-255æåïŒ
Exec
⢠Console Method NameïŒã³ã³ãœãŒã«æ¥ç¶ã«å²ãåœãŠããããŠãŒã¶å®çŸ©ã¡ãœããåãæå®ã
⢠Telnet Method NameïŒ Telnetæ¥ç¶ãš Telnetæ¥ç¶ã«å²ãåœãŠããŠãŒã¶ãŒå®çŸ©ã®ã¡ãœããåããããããããããããæå®ããŸãã
174 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
æ å ±ã®è¡šç€ºïŒæŠèŠ
Accounting Type
ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã¹ã衚瀺
Method Name
ãŠãŒã¶å®çŸ©ãŸãã¯ããã©ã«ãã¢ã«ãŠã³ãã£ã³ã°ã¡ãœããã衚瀺ã
Server Group Name
ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã°ã«ãŒãã衚瀺ã
Interface
ã«ãŒã«ãé©çšãããããŒããã³ã³ãœãŒã«ãŸã㯠Telnetã€ã³ã¿ãã§ãŒã¹ã衚瀺ã
æ å ±ã®è¡šç€ºïŒçµ±èš
User Name
ç»é²ããããŠãŒã¶ãŒåã衚瀺ã
Accounting Type
ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã¹ã衚瀺ã
Interface
ãã®ãŠãŒã¶ãã¹ã€ããã«ã¢ã¯ã»ã¹ããåä¿¡ããŒãæ°ã
Time Elapsed
ãã®ãšã³ããªãæå¹ã«ãªã£ãæéã®é·ãã衚瀺ã
175FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
AAAã¢ã«ãŠã³ãã£ã³ã°ã®ã°ããŒãã«èšå®
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸããïŒ3ïŒé©åãªã¢ããããŒãã€ã³ã¿ãŒãã«ãå ¥åããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœããã®èšå®
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure MethodããéžæããŸããïŒ3ïŒãActionããªã¹ããããAddããéžæããŸããïŒ4ïŒã¢ã«ãŠã³ãã£ã³ã°ã¿ã€ããéžæããŸããïŒ5ïŒã¢ã«ãŠã³ãã£ã³ã°ã¡ãœããåãšãµãŒãã°ã«ãŒãåãæå®ããŸããïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœããã®è¡šç€º
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure MethodããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
176 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
æå®ãããã€ã³ã¿ãã§ãŒã¹ãã³ã³ãœãŒã«ã³ãã³ããããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ã«é©çšãããã¢ã«ãŠã³ãã£ã³ã°ã¡ãœããã®èšå®
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ServiceããéžæããŸããïŒ3ïŒã¢ã«ãŠã³ãã£ã³ã°ã¿ã€ããéžæããŸããïŒ802.1XãExecïŒïŒ4ïŒã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããå ¥åããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
EcecãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã¹ãèšå®
æå®ããããµãŒãã¹ã¿ã€ãã«èšå®ããããã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããšãµãŒãã°ã«ãŒãã®æŠèŠã衚瀺
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸããïŒ3ïŒãSummaryããã¯ãªãã¯ããŸãã
177FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
åºæ¬ã¢ã«ãŠã³ãã£ã³ã°æ å ±ããã³ãŠãŒã¶ã»ãã·ã§ã³ã«èšé²ãããçµ±èšã衚瀺
ïŒ1ïŒ[Security] â [AAA]â [Acounting]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸãã
ïŒ3ïŒãStatisticsããã¯ãªãã¯ããŸãã
178 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
AAAèªå¯èšå®
Security > AAA > AuthorizationããŒãžã䜿çšããèŠæ±ããããµãŒãã¹ã®èªå¯ãæå¹ã«ããŸãããŸããèšå®ãããèªå¯ã¡ãœããã®è¡šç€ºãæå®ããã€ã³ã¿ãã§ãŒã¹ãžã®ã¡ãœããã®å²ãåœãŠãè¡ããŸãã
ã³ãã³ã解説
⢠ãã®æ©èœã¯ããŠãŒã¶ã Execã·ã§ã«ãå®è¡ããããšãå¯èœã«ãããã©ããã決å®ããèªå¯ãè¡ããŸãã.
⢠ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ã«ããåã«ãRADIUSãŸã㯠TACACS+çµç±ã® AAAèªèšŒãæå¹ã«ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
ã¡ãœããã®èšå®
Authorization Type
ãªãŒãœã©ã€ãŒãŒã·ã§ã³ãµãŒãã¹ã®çš®é¡ã衚瀺ããŸãã
Method Name
ãµãŒãã¹ãªã¯ãšã¹ãã®ããã®èªå¯ã¡ãœãããæå®ããŸããä»ã®ã¡ãœãããå®çŸ©ãããŠããªãå Žåã"default"ã¡ãœãããèŠæ±ããããµãŒãã¹ã«äœ¿çšãããŸããïŒç¯å²ïŒ1-255æåïŒ
Server Group Name
èªå¯ãµãŒãã°ã«ãŒããæå®ïŒç¯å²ïŒ1-255æåïŒã°ã«ãŒãå "tacacs+"ã¯ãèšå®ããã TACACS+ãã¹ã ïŒ169 ããŒãžã®ãããŒã«ã« /ãªã¢ãŒããã°ãªã³èªèšŒèšå®ããåç §ïŒå šãŠãæå®ããŸãããã®ä»ã®ã°ã«ãŒãå㯠"TACACS+"èšå®ããŒãžã§èšå®ããããµãŒãã°ã«ãŒããåç §ããŠãã ãããèªå¯ã¯ TACACS+ãµãŒãã§ã®ã¿ãµããŒããããŸãã
ãµãŒãã¹ã®èšå®
Console Method Name
ã³ã³ãœãŒã«æ¥ç¶ã«å²ãåœãŠãããŠãŒã¶ãŒå®çŸ©ã¡ãœããåãæå®
Telnet Method Name
Telnetæ¥ç¶ã«å²ãåœãŠãããŠãŒã¶ãŒå®çŸ©ã¡ãœããåãæå®
æ å ±ã®è¡šç€º
Authorization Type
ãªãŒãœã©ã€ãŒãŒã·ã§ã³ãµãŒãã¹ã衚瀺
Method Name
ãŠãŒã¶å®çŸ©ãŸãã¯ããã©ã«ãã¢ã«ãŠã³ãã¡ãœããã衚瀺
Server Group Name
èªå¯ãµãŒãã°ã«ãŒãã衚瀺
Interface
ãªãŒãœã©ã€ãŒãŒã·ã§ã³ã¡ãœãããé©çšããã³ã³ãœãŒã«ãããã㯠Telnetã®ã€ã³ã¿ãŒãã§ãŒã¹ã衚瀺ããŸãïŒãã®æ¬ã¯ãªãŒãœã©ã€ãŒãŒã·ã§ã³ã¡ãœããããŸãã¯é¢é£ä»ãããããµãŒããŒã°ã«ãŒããå²ãåœãŠãããŠããªãå Žåã空æ¬ã«ãªããŸãïŒ
179FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ExecãµãŒãã¹ã¿ã€ãã«é©çšãããèªå¯ã¡ãœãããèšå®
ïŒ1ïŒ[Security] â [AAA]â [Authorization]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MethodããéžæããŸãã
ïŒ3ïŒèªå¯ã¡ãœããåãšãµãŒãã°ã«ãŒãåãæå®ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ExecãµãŒãã¹ã¿ã€ãã«é©çšãããèªå¯ã¡ãœããã衚瀺
ïŒ1ïŒ[Security] â [AAA]â [Authorization]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MethodããéžæããŸãã
ïŒ3ïŒãStepããªã¹ããããShowããéžæããŸãã
180 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ã«é©çšãããèªå¯ã¡ãœãããèšå®
ïŒ1ïŒ[Security] â [AAA]â [Authorization]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ServiceããéžæããŸãã
ïŒ3ïŒå¿ èŠãšãããèªå¯ã¡ãœãããå ¥åããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
èšå®ãããèªå¯ã¡ãœãããš ExecãµãŒãã¹ã¿ã€ãã®ã¢ãµã€ã³ããããµãŒãã°ã«ãŒãã衚瀺
ïŒ1ïŒ[Security] â [AAA]â [Authorization]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸãã
181FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.2 ãŠãŒã¶ã¢ã«ãŠã³ãã®èšå®
ã²ã¹ãã¢ãŒãã§ã¯ã»ãšãã©ã®èšå®ãã©ã¡ãŒã¿ã«ãããŠã衚瀺ããè¡ãããšãã§ããŸããã管çè ã¢ãŒãã§ã¯èšå®ãã©ã¡ãŒã¿ã®å€æŽãè¡ãããšãã§ããŸãã
å®å šã®ããã管çè çšãã¹ã¯ãŒãã¯åæèšå®ããã®å€æŽãè¡ãªãããã¹ã¯ãŒãã¯å®å šãªå Žæã«ä¿ç®¡ããŠäžããã
åæèšå®ã§ã¯ãã²ã¹ãã¢ãŒãã®ãŠãŒã¶åã»ãã¹ã¯ãŒãã¯å ±ã«ãguestãã管çè ã¢ãŒãã®ãŠãŒã¶åã»ãã¹ã¯ãŒãã¯ãadminãã§ãã
èšå®ã»è¡šç€ºé ç®
User Name ãŠãŒã¶åïŒæ倧æåæ°ïŒ32æåãæ倧ãŠãŒã¶æ°ïŒ16ïŒ
Access Level ãŠãŒã¶ã®ã¢ã¯ã»ã¹ã¬ãã«ïŒãªãã·ã§ã³ïŒ0ïŒNormalã15ïŒPrivilegedïŒ
PasswordãŠãŒã¶ã®ãã¹ã¯ãŒãïŒç¯å²ïŒ0-32æåã倧æåãšå°æåã¯åºå¥ãããŸãïŒ
Confirm Password 確èªã®ãããããäžåºŠãã¹ã¯ãŒããå ¥åã
èšå®æ¹æ³
ãŠãŒã¶ã¢ã«ãŠã³ãã®èšå®
ïŒ1ïŒ[Security] â [User Accounts]âãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒãŠãŒã¶åãæå®ãããŠãŒã¶ã®ã¢ã¯ã»ã¹ã¬ãã«ãéžæããŸãããã¹ã¯ãŒããå ¥ååŸã確èªã®çºããäžåºŠãã¹ã¯ãŒããå ¥åããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
182 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ãŠãŒã¶ã¢ã«ãŠã³ãã®è¡šç€º
ïŒ1ïŒ[Security] â [User Accounts]âãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ3ïŒãŠãŒã¶åãæå®ãããŠãŒã¶ã®ã¢ã¯ã»ã¹ã¬ãã«ãéžæããŸãããã¹ã¯ãŒããå ¥ååŸã確èª
183FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.3 WebèªèšŒ
WebèªèšŒã¯ã802.1xããããã¯ãŒã¯ã¢ã¯ã»ã¹èªèšŒãå®è¡äžå¯èœã§ããå®çšçã§ãªãç¶æ³ã§ããããã¯ãŒã¯ãžã®èªèšŒãšã¢ã¯ã»ã¹ãè¡ãããšã端æ«ã«èš±å¯ããŸããWebèªèšŒæ©èœã¯ IPã¢ãã¬ã¹ãå²ãåœãŠã DHCPã®ãªã¯ãšã¹ããšåä¿¡ãDNSã¯ãšãªã®å®è¡ããèªèšŒãããŠããªããã¹ãã«èš±å¯ããŸããHTTPãé€ããã»ãã®ãã¹ãŠã®ãã©ãã£ãã¯ã¯ãããã¯ãããŸããã¹ã€ãã㯠HTTPãã©ãã£ãã¯ãååããRADIUSãéããŠãŠãŒã¶ãŒããŒã ãšãã¹ã¯ãŒããå ¥åããã¹ã€ãããçæããWebããŒãžã«ãªãã€ã¬ã¯ãããŸããäžåºŠèªèšŒã«æåãããšãWebãã©ãŠã¶ã¯å ã®ãªã¯ãšã¹ããããWebããŒãžã«è»¢éãããŸããèªèšŒãæåããããŒãã«æ¥ç¶ããããã¹ãŠã®ãã¹ãã«ã€ããŠãèªèšŒãæå¹ã«ãªããŸãã
[ 泚æ ]ãRADIUS èªèšŒã¯é©åã«æ©èœãããããã«ãã¢ã¯ãã£ããŒãã Web èªèšŒã®ããã«é©åã«æ§æããªããŠã¯ãããŸãããïŒP233 ã802.1xããŒãèªèšŒããåç §ïŒ
[泚æ ]ãWeb èªèšŒã¯ãã©ã³ã¯ããŒãäžã§èšå®ããããšã¯ã§ããŸããã
WebèªèšŒã®ã°ããŒãã«èšå®
SecurityïŒWeb Authentication(Configure Global)ããŒãžã䜿çšããŠãWebèªèšŒã®ã°ããŒãã«ãã©ã¡ãŒã¿ãç·šéã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Web Authentication Status
ã¹ã€ããäžã§WebèªèšŒæ©èœãæå¹ã«ããŸãïŒåæèšå®ïŒç¡å¹ïŒ
Session Timeout
ãã¹ãã®åèªèšŒãããåã«èªèšŒã»ãã·ã§ã³ãã©ã®ãããã®æéç¶æããããèšå®ããŸã
ïŒç¯å²ïŒ300ïŒ 3600ç§ãåæèšå®ïŒ3600ç§ïŒ
Quiet Period
ãã¹ãããã°ã€ã³ã®è©Šè¡åæ°ã®äžéãè¶ ããåŸãåã³èªèšŒãã§ãããŸã§ã«åŸ æ©ããæéãèšå®ããŸãïŒç¯å²ïŒ1ïŒ 180ç§ãåæèšå®ïŒ60ç§ïŒ
Login Attempts
ãã°ã€ã³ã®è©Šè¡åæ°ã®äžéãèšå®ããŸããïŒç¯å²ïŒ1ïŒ 3åãåæèšå®ïŒ3åïŒ
184 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Web Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒWebèªèšŒãæå¹ã«ããå¿ èŠãªãã©ã¡ãŒã¿ã®ç·šéãè¡ã£ãŠãã ããã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
185FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
WebèªèšŒã®èšå®ïŒããŒãïŒ
SecurityïŒWeb AuthenticationïŒConfigure InterfaceïŒããŒãžã䜿çšããŠãWebèªèšŒãããŒãã§æå¹åããŸãããŸããæ¥ç¶ããããã¹ãã®æ å ±ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Port
èšå®ãããããŒã
Status
ããŒãã®Web Authenticationã®ç¶æ ãèšå®ããŸãã
Host IP Address
æ¥ç¶ãããããããã®ãã¹ãã® IPã¢ãã¬ã¹ã
Remaining Session Time
ãã¹ãã®çŸåšã®èªèšŒã»ãã·ã§ã³ã®æéãåãããŸã§ã®æ®ãæéã衚瀺ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Web Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒWebèªèšŒãå¿ èŠãšããããŒãã®ãStatusããã§ãã¯ããã¯ã¹ã«ãã§ãã¯ãå ¥ããïŒApplyïŒãã¯ãªãã¯ããŸãã
186 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.4 ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMACã¢ãã¬ã¹èªèšŒïŒ
ã¹ã€ããããŒãã«æ¥ç¶ããããã€ãã®ããã€ã¹ã¯ãããŒããŠã§ã¢ããœãããŠã§ã¢ã®å¶éã«ãã 802.1xèªèšŒããµããŒãã§ããªããããããŸãããããã¯ãããã¯ãŒã¯ããªã³ã¿ãIPé»è©±ãã¯ã€ã€ã¬ã¹ã¢ã¯ã»ã¹ãã€ã³ãã®ãããªããã€ã¹ã§ãã°ãã°ééããŸããã¹ã€ããã¯ãRADIUSãµãŒããŒã§ããã€ã¹ã® MACã¢ãã¬ã¹ãèªèšŒã管çããããšã§ããããã®ããã€ã¹ããã®ãããã¯ãŒã¯ã¢ã¯ã»ã¹ãå¯èœã«ããŸãã
[ 泚æ ]ãRADIUS èªèšŒã¯é©åã«æ©èœãããããã«ãã¢ã¯ãã£ããŒãã Web èªèšŒã®ããã«é©åã«æ§æããªããŠã¯ãããŸãããïŒP233 ã802.1xããŒãèªèšŒããåç §ïŒ
[泚æ ]ãMACèªèšŒã¯ãã©ã³ã¯ããŒãäžã§èšå®ããããšã¯ã§ããŸããã
æ©èœè§£èª¬
⢠ãããã¯ãŒã¯ã¢ã¯ã»ã¹æ©èœã¯ããã¹ããæ¥ç¶ãããã¹ã€ããããŒãäžã§ MACã¢ãã¬ã¹ãèªèšŒããããšã§ããã¹ãã®ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ã管çããŠããŸããç¹å®ã®MACã¢ãã¬ã¹ããåä¿¡ãããã©ãã£ãã¯ã¯ãéä¿¡å MACã¢ãã¬ã¹ã RADIUSãµãŒããŒã§èªèšŒãããå Žåã®ã¿ã¹ã€ããã«ãã転éãããŸããMACã¢ãã¬ã¹ã«ããèªèšŒãé²è¡ããŠãããšãããã¹ãŠã®ãã©ãã£ãã¯ã¯èªèšŒãå®äºãããŸã§ãããã¯ãããŸããèªèšŒãæåããå ŽåãRADIUSãµãŒããŒã¯ã¹ã€ããããŒãã« VLANèšå®ãä»»æã«å²ãåœãŠãå¯èœæ§ããããŸãã
⢠ããŒãäžã§æå¹ã«ãããšããèªèšŒããã»ã¹ã¯èšå®ããã RADIUSãµãŒããŒã«Password Authentication ProtocolïŒPAPïŒãªã¯ãšã¹ããéä¿¡ããŸãããŠãŒã¶ãŒããŒã ãšãã¹ã¯ãŒãã¯äž¡æ¹ãšãèªèšŒããäºå®ã® MACã¢ãã¬ã¹ãšåãã§ããRADIUSãµãŒããŒäžã§ PAPã®ãŠãŒã¶ãŒããŒã ãšãã¹ã¯ãŒãã¯MACã¢ãã¬ã¹ã®ãã©ãŒãããïŒxx-xx-xx-xx-xx-xxïŒã§èšå®ããŠãã ããã
⢠èªèšŒããã MACã¢ãã¬ã¹ã¯ãã¹ã€ããã®ä¿è·ããã MACã¢ãã¬ã¹ããŒãã«ã«ãã€ãããã¯ãšã³ããªãšããŠä¿åããããšãŒãžã³ã°ã¿ã€ã ãéãããšãã«åãé€ãããŸããã¹ã€ããã§ãµããŒãããä¿è·ããã MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024åã§ãã
⢠èšå®ãããéç MACã¢ãã¬ã¹ãã¹ã€ããããŒãã§èŠãããæãã»ãã¥ã¢ã¢ãã¬ã¹ããŒãã«ã«è¿œå ãããŸããéçã¢ãã¬ã¹ã¯ RADIUSãµãŒããžã®ãªã¯ãšã¹ãéä¿¡ç¡ãã§èªèšŒæžã¿ãšããŠåãæ±ãããŸãã
⢠ããŒãã¹ããŒã¿ã¹ãããŠã³ãžå€æŽããéãå šãŠã® MACã¢ãã¬ã¹ã¯ã»ãã¥ã¢ã¢ãã¬ã¹ããã¯ãªã¢ãããŸããéç VLANå²ãåœãŠã¯ä¿åãããŸããã
⢠RADIUSãµãŒããŒã¯ã¹ã€ããããŒãã«é©çšããããã« VLAN IDã®ãªã¹ããä»»æã«è¿ããããããŸãããäžèšã®èšå®ã¯ RADIUSãµãŒããŒäžã§èšå®ããããã«å¿ èŠã§ãã
ïŒ Tunnel-TypeïŒ VLAN
ïŒ Tunnel-Medium-TypeïŒ 802
ïŒ Tunnel-Private-Group-IDïŒ 1uã2tïŒVLAN IDãªã¹ãïŒ
VLAN IDãªã¹ã㯠RADIUSã® "Tunnel-Private-Group-ID"ã®äžã§ç¶æãããŠããŸããVLAN IDã®ãªã¹ãã¯ã"1uã2tã3u"ãšãã£ããã©ãŒãããã®è€æ°ã® VLAN IDãå«ãããšãã§ããŸãã"u"ãä»ããŠããã®ã¯ã¿ã°ãªãã® VLAN IDã§ã"t"ãä»ããŠããã®ã¯ã¿ã°ããã® VLAN IDãšãªããŸãã
187FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
⢠RADIUSãµãŒãã¯ãªãã·ã§ã³ãšããŠãèªèšŒããããŠãŒã¶ã®ããã«ãã¹ã€ããããŒãã«é©çšãããåç QoSå²ãåœãŠãè¿ããŸãã"Filter ID"å±æ§ã¯ã以äžã® QoSæ å ±ãæž¡ããã RADIUSãµãŒãã«èšå®ããããšãã§ããŸãã
⢠è€æ°ã®ãããã£ãŒã«ã¯ã»ãã³ãã³ã§ãããããåºåãããšã«ãããFilter-IDå±æ§ã§æå®ããããšãã§ããŸããäŸãã°ãå±æ§âservice-policy-in=pp1;rate-limit-input=100â 㯠"diffserv profile name is pp1,â ãš "ingress rate limit profile value is 100 kbps"ãæå®ããŠããŸãã
⢠éè€ãããããã£ãŒã«ã Filter-IDå±æ§ã§ãã¹ããéãæåã®ãããã£ãŒã«ã®ã¿äœ¿çšãããŸããäŸãã°ãããå±æ§ã âservice-policy-in=p1;service-policy-in=p2âã®å Žåãã¹ã€ãã㯠"DiffServ profile p1."ã®ã¿é©çšããŸãã
⢠Filter-IDå±æ§ã®æªãµããŒããããã£ãŒã«ã¯ç¡èŠãããŸããäŸãã°å±æ§ãâmap-ip-dscp=2:3;service-policy-in=p1,â ã®å Žåãã¹ã€ããã¯âmap-ip-dscpâ ãç¡èŠããŸãã
⢠èªèšŒæåæãåç QoSæ å ±ã¯ä»¥äžã®ãã¡ããããã®ç¶æ ã«ãããRADIUSãµãŒããããã¹ãããªãããšããããŸãã
ïŒ Filter-ID å±æ§ãŠãŒã¶ãããã£ãŒã«ã«èŠã€ããããªãã
ïŒ Filter-ID å±æ§ããã©ã³ã¯ã
ïŒåç QoSå²ãåœãŠã® Filter-ID å±æ§ãã©ãŒããããèªèäžå¯ïŒFilter-ID å±æ§å šäœãèªèäžå¯ïŒ
⢠以äžã®ç¶æ ãèµ·ããæãåç QoSå²ãåœãŠã倱æãèªèšŒçµæãæåãã倱æãžå€æŽãããŸãã
ïŒãããã£ãŒã«å€ã«ã€ãªãŒã¬ã«æåãçºèŠïŒäŸïŒ802.1pãããã£ãŒã«å€ã®éããžã¿ã«æåïŒ
ïŒèªèšŒããŒãã§åä¿¡ããããããã£ãŒã«èšå®ã®å€±æ
⢠åç QoSã«ã¢ãµã€ã³ãããæåŸã®ãŠãŒã¶ãããŒããããã°ãªãããæãã¹ã€ããã¯ãªãªãžãã« QoSèšå®ãããŒããžãªã¹ãã¢ããŸãã
⢠ãŠãŒã¶ããæ¢ã«åãããŒããžãã°ãªã³ããŠãããŠãŒã¶ãšç°ãªãåç QoSãããã£ãŒã«ã§ãããã¯ãŒã¯ãžã®ãã°ã€ã³ãè©Šã¿ãæããã®ãŠãŒã¶ã¯ã¢ã¯ã»ã¹ãæåŠãããŸãã
⢠ããŒããå²ãåœãŠããã QoSãããã£ãŒã«ãæã€éãæå QoSèšå®ã¯ãå šãŠã®ãŠãŒã¶ãããŒããããã°ãªãããåŸã«ã®ã¿å¹åãçºããŸãã
åç QoSãããã¡ã€ã«
ãããã¡ã€ã« å±æ§ææ³ äŸ
DiffServ service-policy-in=policy-map-name service-policy-in=p1
Rate Limit rate-limit-input=rate rate-limit-input=100 (in units of Kbps)
802.1p switchport-priority-default=value switchport-priority-default=2
188 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ãããã¯ãŒã¯ã¢ã¯ã»ã¹ã®ã°ããŒãã«èšå®
MACã¢ãã¬ã¹èªèšŒã¯åºæ¬çã«ããŒãããšã«èšå®ããŸãããã¹ã€ãããã¹ãŠã®ããŒãã«é©çšããèšå®ã 2ã€ãããŸããSecurity > Network Access ïŒConfigure GlobalïŒããŒãžã䜿çšããŠãMACã¢ãã¬ã¹èªèšŒãšãŒãžã³ã°ãšåèªèšŒæéã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Aging Status
ã»ãã¥ã¢ MACã¢ãã¬ã¹ããŒãã«ã«ä¿åããããèªèšŒ MACã¢ãã¬ã¹ã®ãšãŒãžã³ã°ãæå¹ /ç¡å¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
ãã®ãã©ã¡ãŒã¿ã¯æ¬ã»ã¯ã·ã§ã³ã§èª¬æãã MACã¢ãã¬ã¹èªèšŒããã»ã¹ã«ãã£ãŠèšå®ãããèªèšŒããã MACã¢ãã¬ã¹ãšãåæ§ã« 802.1xã«ãã£ãŠèªèšŒãããã»ãã¥ã¢ MACã¢ãã¬ã¹ã«ã802.1Xã¢ãŒã (Single-HostãMulti-Hostã MAC-Based ãP235 ã802.1XèªèšŒããŒãèšå®ããåç § )ãã«ãããããé©çšãããŸãã
èªèšŒããã MACã¢ãã¬ã¹ã¯ãã¹ã€ããã®ã»ãã¥ã¢ MACã¢ãã¬ã¹ããŒãã«åçãšã³ããªãšããŠä¿åããããšãŒãžã³ã°ã¿ã€ã ã®æéãåããæã«åé€ãããŸãã
ã¹ã€ããã·ã¹ãã ã«ãµããŒããããŠããã»ãã¥ã¢ MACã¢ãã¬ã¹æ倧æ°ã¯ 1024ã§ãã
Reauthentication Time
MACã¢ãã¬ã¹ãèªèšŒãããåŸãåèªèšŒããããŸã§ã®æéãèšå®ããŸããïŒç¯å²ïŒ120ç§ïŒ1,000,000ç§ãåæèšå®ïŒ1800ç§ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒã»ãã¥ã¢ã¢ãã¬ã¹ã®ãšãŒãžã³ã°ãæå¹ /ç¡å¹ã«ãããReauthentication Timeããç·šéããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
189FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ããŒãã®ãããã¯ãŒã¯ã¢ã¯ã»ã¹èšå®
SecurityïŒ Network Access (Configure Interface - General)ããŒãžã䜿çšããŠãã¹ã€ããããŒãã« MACã¢ãã¬ã¹èªèšŒã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
MAC Authentication
⢠StatusïŒããŒã㧠MACèªèšŒãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
⢠IntrusionïŒãã¹ã MACèªèšŒã倱æããæã«ãããŒããžã®ã¢ã¯ã»ã¹ããããã¯ãããããããã¯ãã©ãã£ãã¯ãæž¡ãããèšå®ããŸããïŒãªãã·ã§ã³ïŒBlockãPassãåæèšå®ïŒBlockïŒ
⢠Max MAC Count*ïŒ MACèªèšŒçµç±ã§ãèªèšŒãããããšãå¯èœãª MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ïŒç¯å²ïŒ1-1024ãåæèšå®ïŒ1024ïŒ
Network Access Max MAC Count*
ãããã圢æ ã®èªèšŒã«ãã£ãŠããŒãã€ã³ã¿ãã§ãŒã¹ãèªèšŒå¯èœãª MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããŸããïŒç¯å²ïŒ1-1024ãåæèšå®ïŒ1024ïŒ
Guest VLAN
802.1xã®èªèšŒã倱æãããšããããŒãã«å²ãåœãŠã VLANãæå®ããŸããVLANã¯äºåã«äœæããæå¹ã«ããå¿ èŠããããŸãã
Dynamic VLAN
èªèšŒãããããŒããžã®ãã€ããã㯠VLANã®å²ãåœãŠãæå¹ã«ããŸããæå¹ã«ãããšããRADIUSãµãŒããŒããè¿ã£ãŠãã VLAN IDãããŒãã«å²ãåœãŠãããã¹ã€ããäžã§äºåã«äœæãã VLANãèŠå®ãããŸãïŒVLANäœæã« GVRPã¯äœ¿çšã§ããŸããïŒãVLANã®èšå®ã¯æåã«è¡ã£ãŠãã ãããïŒåæèšå®ïŒæå¹ïŒ
Dynamic QoS
èªèšŒããŒãã§ã®ãåç QoSæ©èœã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
*ããŒãããšã® MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024ã§ãããŸããã¹ã€ããã·ã¹ãã ã§ãµããŒããããã»ãã¥ã¢MACã¢ãã¬ã¹ã®æ倧æ°ã 1024ã§ããäžéã«éããæãå šãŠã®æ°ããMACã¢ãã¬ã¹ã¯èªèšŒå€±æãšããŠæ±ãããŸãã
190 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãGeneralããã¿ã³ãã¯ãªãã¯ããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ã®ç·šéãè¡ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
191FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ããŒããªã³ã¯æ€åº
ããŒããªã³ã¯æ€åºæ©èœã¯ãªã³ã¯ã€ãã³ãçºçæã«ãSNMPãã©ããã®éä¿¡ãšããŒãã®ã·ã£ããããŠã³ïŒã©ã¡ãããããã¯äž¡æ¹ïŒãå®è¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Link Detection Status
ããŒãã§ãªã³ã¯æ€åºãæå¹ /ç¡å¹ã«èšå®
Condition
ããŒãã¢ã¯ã·ã§ã³ãåŒãèµ·ãããªã³ã¯ã€ãã³ãã¿ã€ã
⢠Link UpïŒãªã³ã¯ã¢ããã€ãã³ãã®ã¿ããŒãã¢ã¯ã·ã§ã³ãçºç
⢠Link DownïŒãªã³ã¯ããŠã³ã€ãã³ãã®ã¿ããŒãã¢ã¯ã·ã§ã³ãçºç
⢠Link Up and DownïŒå šãŠã®ãªã³ã¯ã¢ããã»ããŠã³ã€ãã³ãã§ããŒãã¢ã¯ã·ã§ã³ãçºç
Action
æ¬æ©ã¯ä»¥äžã® 3éãã®æ¹æ³ã§ãªã³ã¯ã¢ããã»ããŠã³ã€ãã³ãã«å¯Ÿå¿ããããšãå¯èœã§ãã
ïŒ TrapïŒ SNMPãã©ãããéä¿¡ã
ïŒ Trap and ShutdownïŒ SNMPãã©ãããéä¿¡ããããŒããã·ã£ããããŠã³ããŸãã
ïŒ ShutdownïŒããŒããã·ã£ããããŠã³ã
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãLink Detectionããã¿ã³ãã¯ãªãã¯ããŸãã
ïŒ4ïŒããŒãããšã«ããLink Detection StatusãããConditionãããActionãã®ç·šéãè¡ããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
192 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
MACã¢ãã¬ã¹ãã£ã«ã¿
ããããã®ããŒãã®MACèªèšŒã¯ãç¬ç«ããŠèšå®ãããŸããMACèªèšŒããŒãèšå®ããŒãžã§ã¯ãããããã®ããŒãã§æå®ããMACèªèšŒã®æ倧æ°ãšãäŸµå ¥æã®ã¢ã¯ã·ã§ã³ãèšå®ããŸãã
æ©èœè§£èª¬
⢠æå®ãã MACã¢ãã¬ã¹ã¯èªèšŒãå é€ãããŸãã
⢠æ倧 65ãã£ã«ã¿ããŒãã«ã®å®çŸ©ãå¯èœã§ãã
⢠ãã£ã«ã¿ããŒãã«ã§äœ¿ããããšã³ããªã®æ°ã«å¶éã¯ãããŸããã
èšå®ã»è¡šç€ºé ç®
Filter ID
æå®ãããã£ã«ã¿ã®ãã£ã«ã¿ã«ãŒã«ãè¿œå ã
MAC Address
ãã£ã«ã¿ã«ãŒã«ã¯ãå ¥åãã±ããã MACã¢ãã¬ã¹ãŸã㯠MACã¢ãã¬ã¹ç¯å²ïŒMACã¢ãã¬ã¹ãã¹ã¯ã«ãã£ãŠãå®çŸ©ãããïŒãšç §ããåãããŠãã§ãã¯ããŸãã
MAC Address Mask
ãã£ã«ã¿ã«ãŒã«ã¯ MACããããã¹ã¯ã§å®çŸ©ããã MACã¢ãã¬ã¹ç¯å²ãšãã§ãã¯ãããŸãããããã¹ã¯ãçç¥ããå Žåãã·ã¹ãã ã¯å®å šäžèŽã®ããã©ã«ããã¹ã¯ãå²ãåœãŠãŸããïŒç¯å²ïŒ000000000000 - FFFFFFFFFFFFãåæèšå® : FFFFFFFFFFFFïŒ
èšå®æ¹æ³
MACèªèšŒã® MACã¢ãã¬ã¹ãã£ã«ã¿ãè¿œå
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MAC FilterããéžæããŸãã
ïŒ3ïŒãACtionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒFilter IDãMAC Addressããã¹ã¯ïŒãªãã·ã§ã³ïŒãå ¥åããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
193FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
MACèªèšŒã® MACã¢ãã¬ã¹ãã£ã«ã¿ããŒãã«ã衚瀺
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MAC FilterããéžæããŸãã
ïŒ3ïŒãACtionããªã¹ããããShowããéžæããŸãã
194 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã»ãã¥ã¢ MACã¢ãã¬ã¹æ å ±ã®è¡šç€º
Security > Network Access (Show Information) ããŒãžã䜿çšããã»ãã¥ã¢ MACã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŠãããèªèšŒæžã¿ MACã¢ãã¬ã¹ã衚瀺ããŸããããã§ã¯ä¿è·ããã MACãšã³ããªã®æ å ±ã衚瀺ããéžæãããšã³ããªãããŒãã«ããåé€ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Query By
MACã¢ãã¬ã¹ã®æ€çŽ¢ã«äœ¿çšããå€ãæå®ããŸãã
⢠Sort KeyâMACã¢ãã¬ã¹ãããŒãã€ã³ã¿ãã§ãŒã¹ãŸãã¯ãã®ä»å±æ§ã§è¡šç€ºãããæ å ±ããœãŒãããŸãã
⢠MAC Address â MACã¢ãã¬ã¹ãæå®
⢠Interface â ããŒãã€ã³ã¿ãã§ãŒã¹ãæå®
⢠Attribute âã¹ã¿ãã£ãã¯ã¢ãã¬ã¹ããã€ãããã¯ã¢ãã¬ã¹ãã衚瀺
Authenticated MAC Address List
⢠MAC AddressïŒèªèšŒããã MACã¢ãã¬ã¹
⢠Interface â ã»ãã¥ã¢ MACã¢ãã¬ã¹ã«é¢é£ä»ããããããŒãã€ã³ã¿ãã§ãŒã¹
⢠RADIUS Server âMACã¢ãã¬ã¹ãèªèšŒãã RADIUSãµãŒãã® IPã¢ãã¬ã¹
⢠TimeâMACã¢ãã¬ã¹ãæåŸã«èªèšŒãããæé
⢠AttributeâéçãŸãã¯åçã¢ãã¬ã¹ãæå®
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Network Access]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸããïŒ3ïŒMACã¢ãã¬ã¹ãã€ã³ã¿ãã§ãŒã¹ãŸãã¯ãã®ä»ã®å±æ§ãåºã«ã¢ãã¬ã¹ã衚瀺ããããããSortãããŒã䜿çšããŸãã
ïŒ4ïŒãMAC Addressããã£ãŒã«ãã«å ¥åãããã¢ãã¬ã¹ãããInterfaceããã£ãŒã«ãã§æå®ããããŒãããAttributeããã£ãŒã«ãã§æå®ããåçãéçã¢ãã¬ã¹ã¿ã€ãã«ãã£ãŠè¡šç€ºãéå®ããŸãã
ïŒ5ïŒïŒ QueryïŒãã¯ãªãã¯ããŸãã
195FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.5 HTTPSèšå®
Secure Socket Layer(SSL)ã䜿ã£ã Secure Hypertext Transfer Protocol(HTTPS)ã«ãã£ãŠæ¬æ©ã®Webã€ã³ã¿ãã§ãŒã¹ãžãæå·åãããå®å šãªæ¥ç¶ãè¡ãããšãã§ããŸãã
æ©èœè§£èª¬
⢠HTTPåã³ HTTPSãµãŒãã¹ã¯å ±ã«äœ¿çšããããšã¯ã§ããŸããäœããHTTPåã³HTTPSãµãŒãã¹ã§åã UDPããŒãçªå·ãèšå®ããããšã¯ã§ããŸããã
⢠HTTPSã䜿çšããå ŽåãURL㯠HTTPS:ããå§ãŸã衚瀺ããããŸããäŸ :[https://device:ããŒãçªå· ]
⢠HTTPSã®ã»ãã·ã§ã³ãéå§ããããšä»¥äžã®æé ã§æ¥ç¶ã確ç«ãããŸãã
ïŒã¯ã©ã€ã¢ã³ãã¯ãµãŒãã®ããžã¿ã«èšŒææžã䜿çšãããµãŒãã確èªããŸãã
ïŒã¯ã©ã€ã¢ã³ããšãµãŒããæ¥ç¶çšã®ã»ãã¥ãªãã£ãããã³ã«ã®èª¿æŽãè¡ããŸãã
ïŒã¯ã©ã€ã¢ã³ããšãµãŒãã¯ãããŒã¿ãæå·åã解èªããããã®ã»ãã·ã§ã³ã»ããŒãçæããŸãã
⢠HTTPSã䜿çšããå Žåãã¯ã©ã€ã¢ã³ããšãµãŒãã¯å®å šãªæå·åãããæ¥ç¶ãè¡ããŸããInternet Explorer 5.x以äžãŸã㯠NetscapeNavigator 6.2以äžãMozilla Firefox 2.0.0.0以äžã®ã¹ããŒã¿ã¹ããŒã«ã¯éµããŒã¯ã衚瀺ãããŸãã
⢠"HTTPããµããŒãããŠããWebãã©ãŠã¶åã³ OSã¯ä»¥äžã®éãã§ãã
â» å®å šãªãµã€ãã®èšŒæãæå®ããããã«ã¯ãP197 ããµã€ã蚌ææžã®çœ®ãæãããåç §ããŠäžããã
èšå®ã»è¡šç€ºé ç®
HTTPS Status
HTTPSãµãŒãæ©èœãæå¹ãŸãã¯ç¡å¹ã«èšå®ããŸãïŒåæèšå®ïŒæå¹ïŒ
HTTPS Port
HTTPSæ¥ç¶ã«äœ¿çšããã UDPããŒããæå®ããŸãïŒåæèšå®ïŒ443ïŒ
Webãã©ãŠã¶ OS
Internet Explorer 5.0ä»¥äž Windows 98ãWindows NT (ãµãŒãã¹ãã㯠6A)ãWindows 2000ãWindows XPãWindows7
Netscape Navigator 6.2 ä»¥äž Windows 98ãWindows NT (ãµãŒãã¹ãã㯠6A)ãWindows 2000ãWindows XPãSolaris 2.6
Mozilla Firefox 2.0.0.0 ä»¥äž Windows 2000ãWindows XPãLinux
196 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [HTTPS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒHHTPSãæå¹ã«ããå¿ èŠãªå Žåã¯ããŒãçªå·ãæå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãµã€ã蚌ææžã®çœ®ãæã
HTTPSã䜿çšããŠWebã€ã³ã¿ãã§ãŒã¹ã«ãã°ã€ã³ããéã«ãSSLã䜿çšããŸããåæèšå®ã§ã¯èªèšŒæ©é¢ã«ããèªèšŒãåããŠããªããããNetscapeåã³ Internet Explorerç»é¢ã§å®å šãªãµã€ããšããŠèªèšŒãããŠããªããšããèŠåã衚瀺ãããŸãããã®èŠåã衚瀺ãããªãããã«ããããã«ã¯ãèªèšŒæ©é¢ããåå¥ã®èšŒææžãå ¥æããèšå®ãè¡ãå¿ èŠããããŸãã
[泚æ ]ãåæèšå®ã®èšŒææžã¯åã ã®ããŒããŠã§ã¢ã§åºæã®èªèšŒããŒã§ã¯ãããŸãããããé«åºŠãªã»ãã¥ãªãã£ç°å¢ãå®çŸããããã«ã¯ãã§ããã ãæ©ãã§ç¬èªã® SSL 蚌ææžãååŸãèšå®ãè¡ãäºãæšå¥šããŸãã
åå¥ã®èšŒææžãååŸããå Žåã«ã¯ãTFTPãµãŒãã䜿çšããŠæ¢åã®èšŒææžãšçœ®ãæããŸãã
èšå®ã»è¡šç€ºé ç®
TFTP Server IP Address
蚌ææžãã¡ã€ã«ãå«ããTFTPãµãŒãã® IPã¢ãã¬ã¹ã
Certificate Source File Name
TFTPãµãŒãã«ä¿åãããŠãã蚌ææžãã¡ã€ã«åã
Private Key Source File Name
TFTPãµãŒãã«ä¿åãããŠãããã©ã€ããŒãããŒãã¡ã€ã«åã
Private Password
ãã©ã€ããŒãããŒãã¡ã€ã«ã«ä¿åãããŠãããã¹ã¯ãŒãã
Confirm Password
確èªã®ãããå床ãã¹ã¯ãŒããå ¥åããŠãã ããã
197FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [HTTPS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããCopy CertificateããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
198 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.6 Secure Shellèšå®
Secure Shell (SSH)ã¯ããã以åãããã£ãããŒã¯ã¬ãŒãªã¢ãŒãã¢ã¯ã»ã¹ããŒã«ã®ã»ãã¥ãªãã£é¢ã確ä¿ãã代æ¿ãšããŠãµãŒã /ã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãå«ãã§ããŸãããŸããSSHã¯Telnetã«ä»£ããæ¬æ©ãžã®ã»ãã¥ã¢ãªãªã¢ãŒã管çã¢ã¯ã»ã¹ãæäŸããŸãã
ã¯ã©ã€ã¢ã³ãã SSHãããã³ã«ã«ãã£ãŠæ¬æ©ãšæ¥ç¶ããå Žåãæ¬æ©ã¯ã¢ã¯ã»ã¹èªèšŒã®ããã«ããŒã«ã«ã®ãŠãŒã¶åããã³ãã¹ã¯ãŒããšå ±ã«ã¯ã©ã€ã¢ã³ãã䜿çšããå ¬éæå·ããŒãçæããŸããããã«ãSSHã§ã¯æ¬æ©ãš SSHãå©çšãã管ç端æ«ã®éã®éä¿¡ããã¹ãŠæå·åãããããã¯ãŒã¯äžã®ããŒã¿ã®ä¿è·ãè¡ãªããŸãã
[ 泚æ ]ãSSH çµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãªãããã«ã¯ãã¯ã©ã€ã¢ã³ãã« SSH ã¯ã©ã€ã¢ã³ããã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
[泚æ ]ã æ¬æ©ã§ã¯ SSH Version1.5ãš 2.0ããµããŒãããŠããŸãã
æ©èœè§£èª¬
æ¬æ©ã® SSHãµãŒãã¯ãã¹ã¯ãŒãåã³ãããªãã¯ããŒèªèšŒããµããŒãããŠããŸããSSHã¯ã©ã€ã¢ã³ãã«ãããã¹ã¯ãŒãèªèšŒãéžæããå ŽåãèªèšŒèšå®ããŒãžã§èšå®ãããã¹ã¯ãŒãã«ããæ¬æ©å ãRADIUSãTACACS+ã®ããããã®èªèšŒæ¹åŒãçšããŸããã¯ã©ã€ã¢ã³ãããããªãã¯ããŒèªèšŒãéžæããå Žåã«ã¯ãã¯ã©ã€ã¢ã³ãåã³æ¬æ©ã«å¯ŸããŠèªèšŒããŒã®èšå®ãè¡ãªãå¿ èŠããããŸãã
å ¬éæå·ããŒåã¯ãã¹ã¯ãŒãèªèšŒã®ã©ã¡ããã䜿çšããã«é¢ããããæ¬æ©äžã®èªèšŒããŒïŒSSHãã¹ãããŒïŒãçæããSSHãµãŒããæå¹ã«ããå¿ èŠããããŸãã
SSHãµãŒãã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªããŸãã
ïŒ1ïŒãã¹ãããŒãã¢ã®çæ â SSHãã¹ãããŒèšå®ããŒãžã§ãã¹ã ãããªã㯠/ãã©ã€ããŒãããŒã®ãã¢ãçæããŸãã
ïŒ2ïŒãã¹ãå ¬éããŒã®ã¯ã©ã€ã¢ã³ããžã®æäŸ â å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯ãæ¬æ©ãšã®èªåçã«åææ¥ç¶èšå®äžã«èªåçã«ãã¹ãããŒãåãåããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãããã¹ããã¡ã€ã«äžã®å ¬éæå·ããŒã¯ä»¥äžã®äŸã®ããã«è¡šç€ºãããŸãã
10.1.0.54 1024 35 1568499540186766925933394677505461732531367489083654725415020245593199868544358361651999923329781766065830956 1082591321289023376546801726272571413428762941301196195566782 595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117
ïŒ3ïŒã¯ã©ã€ã¢ã³ãå ¬éããŒã®æ¬æ©ãžã®åã蟌㿠â 403 ããŒãžã®ãcopyããåç §ã³ãã³ãã䜿çšããSSHã¯ã©ã€ã¢ã³ãã®æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æäŸãããå ¬éããŒãå«ããã¡ã€ã«ãã³ããŒããŸããã¯ã©ã€ã¢ã³ããžã¯ãããã®ããŒã䜿çšããèªèšŒãè¡ãªãããŸããçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ä»¥äžã®ãã㪠UNIXæšæºãã©ãŒãããã®ãã¡ã€ã«ã®ã¿åãå ¥ããããšãå¯èœã§ãã
1024 35134108168560989392104094492015542534763164192187295892114317388005553616163105177594083868631109291232226828519254374603100937187721199696317813662774141689851320491172048303392543241016379975923714490119380060902539484084827178194372288402533115952134861022902978982721353267131629432532818915045306393916643 ã[email protected]
ïŒ4ïŒãªãã·ã§ã³ãã©ã¡ãŒã¿ã®èšå® â SSHèšå®ããŒãžã§ãèªèšŒã¿ã€ã ã¢ãŠãããªãã©ã€åæ°ããµãŒãããŒãµã€ãºãªã©ã®èšå®ãè¡ãªã£ãŠãã ããã
199FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ïŒ5ïŒSSHã®æå¹å â SSHèšå®ããŒãžã§æ¬æ©ã® SSHãµãŒããæå¹ã«ããŠäžããã
ïŒ6ïŒèªèšŒ ïŒ æ¬¡ã®èªèšŒæ¹æ³ã®å ã²ãšã€ã䜿çšãããŸãã
ãã¹ã¯ãŒãèªèšŒïŒSSH v1.5ãŸã㯠V2ã¯ã©ã€ã¢ã³ãïŒ
a.ã¯ã©ã€ã¢ã³ãã¯ãµãŒããžãã¹ã¯ãŒããéä¿¡ããŸãã
b.ã¹ã€ããã¯ã¯ã©ã€ã¢ã³ãã®ãã¹ã¯ãŒããšã¡ã¢ãªã«ä¿åãããŠãããã®ãæ¯èŒããŸãã
c.ããããããããªãã°ãæ¥ç¶ã¯èš±å¯ãããŸãã
[泚æ ]ããã¹ã¯ãŒãèªèšŒãšå ±ã« SSHã䜿çšããå Žåã«ãããã¹ãå ¬éããŒã¯åææ¥ç¶æåã¯æåã«ããã¯ã©ã€ã¢ã³ãã®ãã¹ããã¡ã€ã«ã«äžããããŸããäœããã¯ã©ã€ã¢ã³ãããŒã®èšå®ãè¡ãªãå¿ èŠã¯ãããŸããã
ãããªãã¯ããŒèªèšŒïŒ SSHã¯ã©ã€ã¢ã³ããã¹ã€ãããžã®æ¥ç¶ãè©Šã¿ãæãSSHãµãŒãã¯ãã¹ãããŒãã¢ã䜿çšããã»ãã·ã§ã³ããŒãšæå·åæ¹åŒã®ããŽã·ãšãŒããè¡ããŸããã¹ã€ããã«ä¿åããããããªãã¯ããŒã«å¯Ÿå¿ãããã©ã€ããŒãããŒãæã€ã¯ã©ã€ã¢ã³ãã ããã¢ã¯ã»ã¹å¯èœã§ãã以äžã®ããåãã¯ããã®ããã»ã¹ã®éã«è¡ãããŸãã
SSH v1.5ã¯ã©ã€ã¢ã³ãèªèšŒ
a.ã¯ã©ã€ã¢ã³ãã¯ã¹ã€ãããž RSAãããªãã¯ããŒãéä¿¡ããŸãã
b.ã¹ã€ããã¯ã¯ã©ã€ã¢ã³ãã®ãã¹ã¯ãŒããšã¡ã¢ãªã«ä¿åãããŠãããã®ãæ¯èŒããŸãã
c.äžèŽããå Žåãã¹ã€ããã¯ãã®ã·ãŒã¯ã¬ããããŒã䜿çšããŠã©ã³ãã 㪠256-bitã¹ããªã³ã°ããchallengeãšããŠçæããŸãããã®ã¹ããªã³ã°ããŠãŒã¶ãããªãã¯ããŒã§æå·åããã¯ã©ã€ã¢ã³ããžéä¿¡ããŸãã
d.ã¯ã©ã€ã¢ã³ãã¯ãã©ã€ããŒãããŒã䜿çšã㊠challengeã¹ããªã³ã°ã解èªããMD5ãã§ãã¯ãµã ãèšç®ãããããã¹ã€ãããžãã§ãã¯ãµã ããã¯ããŸãã
e.ã¹ã€ããã¯ãã¯ã©ã€ã¢ã³ãããéããããã§ãã¯ãµã ãšãèšç®ããããªãªãžãã«ã¹ããªã³ã°ãæ¯èŒããŸãã2ã€ã®ãã§ãã¯ãµã ããããããå Žåãã¯ã©ã€ã¢ã³ãã®ãã©ã€ããŒãããŒãèªèšŒãããªãã¯ããŒãšäžèŽããããšãæå³ããã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŸãã
SSH v2ã¯ã©ã€ã¢ã³ãèªèšŒ
a.ã¯ã©ã€ã¢ã³ãã¯æåã«ãDSAãããªãã¯ããŒèªèšŒãå容åºæ¥ããã©ããã決å®ããçºãã¹ã€ãããžåãåãããŸãã
b.ãããæå®ãããã¢ã«ãŽãªãºã ãã¹ã€ããã§ãµããŒããããŠããå Žåãã¯ã©ã€ã¢ã³ãã«èªèšŒããã»ã¹ãç¶ããããç¥ãããŸãããµããŒããããŠããªãå Žåã¯èŠæ±ã¯æ絶ãããŸãã
c.ã¯ã©ã€ã¢ã³ãã¯ãã©ã€ããŒãããŒã䜿çšããŠçæããã眲åãã¹ã€ãããžéä¿¡ããŸãã
d.ãµãŒãããã®ã¡ãã»ãŒãžãåãåããšãäŸçµŠãããããŒãèªèšŒã®çºã«å容ã§ãããã©ããããã§ãã¯ããŸããå¯èœãªå Žåã眲åãæ£ãããã©ããããã§ãã¯ããŸããäž¡æ¹ã®ãã§ãã¯ãã«æåãããšãã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŸãã
[泚æ]ã SSHãµãŒãã¯TelnetãšããããŠæ倧4ã¯ã©ã€ã¢ã³ãã®åæã»ãã·ã§ã³ããµããŒãããŸãã
200 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
SSHãµãŒãèšå®
SecurityïŒ SSH ïŒConfigure GlobalïŒèªèšŒçšã® SSHãµãŒãã®èšå®ãè¡ããŸãã
[ 泚æ ]ãSSH ãµãŒããæå¹ã«ããåã«ãã¹ã€ããã§ãã¹ãããŒãã¢ãèšå®ããŠãã ãããïŒ202 ããŒãžã®ããã¹ãããŒãã¢ã®çæããåç §ïŒ
èšå®ã»è¡šç€ºé ç®
SSH Server Status
SSHãµãŒãæ©èœãæå¹ãŸãã¯ç¡å¹ã«ããŸãïŒåæèšå® :ç¡å¹ïŒ
Version
Secure Shellã®ããŒãžã§ã³ãã³ããŒãVersion 2.0ãšè¡šç€ºãããŠããŸãããVersion1.5ãš 2.0ã®äž¡æ¹ããµããŒãããŠããŸãã
Authentication timeout
SSHãµãŒãã®èªèšŒæã«èªèšŒç«¯æ«ããã®å¿çãåŸ ã€åŸ æ©æéïŒ1-120ïŒç§ïŒãåæèšå® :120ïŒç§ïŒïŒ
Authentication Retries
èªèšŒã«å€±æããå Žåã«ãèªèšŒããã»ã¹ãå床è¡ãããšãã§ããåæ°ãèšå®ããåæ°ãè¶ ãããšèªèšŒãšã©ãŒãšãªããèªèšŒç«¯æ«ã®åèµ·åãè¡ãå¿ èŠããããŸãïŒ1-5ãåæèšå® :3åïŒ
Server-Key Size
SSHãµãŒãã®ããŒãµã€ãºïŒèšå®ç¯å²ïŒ512-896ããããåæèšå® :768ãããïŒ
ïŒ ãµãŒãããŒã¯ãã©ã€ããŒãããŒã§ãæ¬æ©ä»¥å€ãšã¯å ±æããŸããã
ïŒ SSHã¯ã©ã€ã¢ã³ããšå ±æããããã¹ãããŒã¯ã1024ãããåºå®ã§ãã
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [SSH]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒSSHãµãŒããæå¹ã«ããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
201FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ãã¹ãããŒãã¢ã®çæ
ãã¹ãå ¬é /ãã©ã€ããŒãããŒãã¢ã¯æ¬æ©ãš SSHã¯ã©ã€ã¢ã³ãéã®ã»ãã¥ã¢ãªæ¥ç¶ã®ããã«äœ¿çšãããŸããããŒãã¢ãçæãããåŸããã¹ãå ¬éããŒã SSHã¯ã©ã€ã¢ã³ãã«æäŸããäžèšã®æ©èœè§£èª¬ã®éãã«ã¯ã©ã€ã¢ã³ãã®å ¬éããŒãæ¬æ©ã«åã蟌ãå¿ èŠããããŸãã
[ 泚æ ]ãSSH ãµãŒããæå¹ã«ããåã«ãã¹ã€ããã§ãã¹ãããŒãã¢ãèšå®ããŠãã ãããP201 ãSSHãµãŒãèšå®ããåç §ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Host-Key Type
ããŒã¿ã€ãã¯ïŒå ¬éããŒããã©ã€ããŒãããŒã®ïŒãã¹ãããŒãã¢ãçæããããã«äœ¿çšãããŸãïŒèšå®ç¯å²ïŒRSA, DSA, Bothãåæèšå®ïŒBothïŒã¯ã©ã€ã¢ã³ããæ¬æ©ãšæåã«æ¥ç¶ã確ç«ããå ŽåãSSHãµãŒãã¯ããŒäº€æã®ããã« RSAå㯠DSAã䜿çšããŸãããã®åŸãããŒã¿æå·åã« DES(56-bit)å㯠3DES(168 -bit)ã®ãããããçšããããã¯ã©ã€ã¢ã³ããšèª¿æŽãè¡ãªããŸãã
[泚æ ]ãæ¬æ©ã¯ SSHv1.5ã¯ã©ã€ã¢ã³ãã® RSAããŒãžã§ã³ 1ãšãSSHv2ã® DSAããŒãžã§ã³2ã®ã¿äœ¿çšããŸãã
Save Host-Key from Memory to Flash
ãã¹ãããŒã RAMãããã©ãã·ã¥ã¡ã¢ãªã«ä¿åããŸãããã¹ãããŒãã¢ã¯åæèšå®ã§ã¯RAMã«ä¿åãããŠããŸãããã¹ãããŒãã¢ãçæããã«ã¯ãäºåã«ãã®ã¢ã€ãã ãéžæããå¿ èŠããããŸããïŒåæèšå®ïŒç¡å¹ïŒ
èšå®æ¹æ³
SSHãã¹ãããŒãã¢ã®çæ
ïŒ1ïŒ[Security] â [SSH]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Host KeyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããGenerateããéžæããŸãã
ïŒ4ïŒããããããŠã³ããã¯ã¹ãã Host-Keyã¿ã€ããéžæããŸãã
ïŒ5ïŒå¿ èŠãªå Žåã¯ããSave Host-Key from Memory to Flashãã«ãã§ãã¯ãå ¥ããŸãã
ïŒ6ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
202 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
SSHãã¹ãããŒãã¢ã®è¡šç€º
ïŒ1ïŒ[Security] â [SSH]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Host KeyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
203FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ãŠãŒã¶ãããªãã¯ããŒã®ã€ã³ããŒã
ãŠãŒã¶ã®å ¬éããŒã¯ããŠãŒã¶ãå ¬éããŒèªèšŒã¡ã«ããºã ã䜿çšããŠãã°ã€ã³ãè¡ãããšãå¯èœã«ãªãããã«ãã¹ã€ãããžã¢ããããŒããããå¿ èŠããããŸãããŠãŒã¶ã®å ¬éããŒãã¹ã€ããã«ååšããªãå ŽåãèªèšŒãå®äºãããããSSHã¯å¯Ÿè©±åã®ãã¹ã¯ãŒãèªèšŒã¡ã«ããºã ã«æ»ããŸãã
èšå®ã»è¡šç€ºé ç®
User Name
ãããã -ããŠã³ããã¯ã¹ã§ã管çãããå ¬éããŒã®ãŠãŒã¶ãéžæããŸããïŒP182 ããŠãŒã¶ã¢ã«ãŠã³ãã®èšå®ããåç §ããŠãã ããïŒ
Public-Key Type
ãããã -ããŠã³ããã¯ã¹ã§ãã¢ããããŒããããå ¬éããŒãéžæããŸãã
ïŒ RSA: ã¹ã€ãã㯠SSH ããŒãžã§ã³ïŒãRSA ã®æå·åãããå ¬éããŒãåãå ¥ããŸãã
ïŒ DSA: ã¹ã€ãã㯠SSH ããŒãžã§ã³ 2ã®ãDSA ã®æå·åãããå ¬éããŒãåãå ¥ããŸãã
TFTP Server IP Address
TFTPãµãŒãã® IPã¢ãã¬ã¹
Source File Name
ãœãŒã¹ãã¡ã€ã«å
èšå®æ¹æ³
SSHãŠãŒã¶ãããªãã¯ããŒã®ã³ããŒ
ïŒ1ïŒ[Security] â [SSH]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure User KeyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããCopyããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
204 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
SSHãŠãŒã¶ãããªãã¯ããŒã®è¡šç€ºãšæ¶å»
ïŒ1ïŒ[Security] â [SSH]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure User KeyããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãUser Nameããªã¹ããããŠãŒã¶ãéžæããŸãã
ïŒ5ïŒæ¶å»ãããã¹ãããŒã¿ã€ããéžæããŸããïŒ6ïŒïŒ ClearïŒãã¯ãªãã¯ããŸãã
205FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.7 ACL ïŒAccess Control ListsïŒ
Access Control Lists (ACL)㯠IPv4ãã¬ãŒã ïŒIPã¢ãã¬ã¹ããããã³ã«ãã¬ã€ã€ 4ãããã³ã«ããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãïŒããã³ãã®ä»ã®ãã¬ãŒã ïŒMACã¢ãã¬ã¹ãã€ãŒãµãããã¿ã€ãïŒã®ãã±ãããã£ã«ã¿ãªã³ã°ãæäŸããŸãã
å ¥åããããã±ããã®ãã£ã«ã¿ãªã³ã°ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæãå¿ èŠãªã«ãŒã«ãè¿œå ããŸãããã®åŸããªã¹ãã«ç¹å®ã®ããŒãããã€ã³ãããŸãã
ACLã®èšå®
ACL㯠IPã¢ãã¬ã¹ãåã¯ä»ã®æ¡ä»¶ãšäžèŽãããã±ããã«å¯Ÿããã¢ã¯ã»ã¹ãèš±å¯ (Permit)åã¯æåŠ (Deny)ããããã®ãªã¹ãã§ãã
æ¬æ©ã§ã¯å ¥ååã³åºåãã±ããã«å¯Ÿã㊠ACLãšäžèŽãããã©ããïŒåãã€ç¢ºèªãè¡ãªããŸãããã±ãããèš±å¯ã«ãŒã«ãšäžèŽããå Žåã«ã¯çŽã¡ã«éä¿¡ãèš±å¯ããæåŠã«ãŒã«ãšäžèŽããå Žåã«ã¯ãã±ãããç Žæ£ããŸãããªã¹ãäžã®èš±å¯ã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯ç Žæ£ããããªã¹ãäžã®æåŠã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯éä¿¡ãèš±å¯ãããŸãã
æ©èœè§£èª¬
ACLã¯ä»¥äžã®å¶éããããŸãã
⢠æ倧 ACL èšå®æ°ã¯ 64 åã§ãã
⢠ã·ã¹ãã ããšã«èšå®ã§ããã«ãŒã«ã¯ã512ã«ãŒã«ã§ãã
⢠å ACLã¯æ倧 32ã«ãŒã«ãŸã§èšå®å¯èœã§ããããªãœãŒã¹å¶éã«ãããããŒãã«ããŠã³ããããã«ãŒã«ã®å¹³å㯠20以äžã«ã¯ã§ããŸãã
206 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã¿ã€ã ã¬ã³ãžã®èšå®
Security > ACL (Configure Time Range)ããŒãžã§ã¯ãACLæ©èœãé©çšãããæéã®ç¯å²ãèšå®ããŸãã
èšå®ã»è¡šç€ºé ç®
Add
Time-Range Name
ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
Add Rule
Time-Range
ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
Mode
⢠AbsoluteïŒæéãŸãã¯ã¿ã€ã ã¬ã³ãžãæå®
⢠Start/EndïŒéå§ãšçµäºã®ãæïŒhoursïŒãåïŒminutesïŒãæïŒmonthïŒãæ¥ïŒdayïŒã幎ïŒyearïŒãæå®ããŸãã
⢠PeriodicïŒåšæãæå®
⢠Start/ToïŒéå§ãšçµäºã®ãææ¥ãšæïŒhoursïŒãåïŒminutesïŒãæïŒmonthïŒãæå®ããŸãã
èšå®æ¹æ³
ã¿ã€ã ã¬ã³ãžãèšå®
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure Time RangeããéžæããŸããïŒ3ïŒãActionããªã¹ããããAddããéžæããŸããïŒ4ïŒã¿ã€ã ã¬ã³ãžã®ååãå ¥åããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¿ã€ã ã¬ã³ãžã®ãªã¹ãã衚瀺
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure Time RangeããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
207FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã¿ã€ã ã¬ã³ãžã®ã«ãŒã«ãèšå®
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Time RangeããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒããããããŠã³ãªã¹ããããã¿ã€ã ã¬ã³ãžã®ååãéžæããŸããïŒ5ïŒã¢ãŒãã®ãªãã·ã§ã³ã "Absolute"ã"Periodic"ããéžæããŸãã
ïŒ6ïŒå¿ èŠãªé ç®ã®ç·šéãè¡ããŸããïŒ7ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
èšå®ãããã¿ã€ã ã¬ã³ãžã®ã«ãŒã«ã衚瀺
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure Time RangeããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow RuleããéžæããŸãã
208 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
TCAM䜿çšçã®è¡šç€º
Security > ACL (Configure ACL - Show TCAM)ããŒãžã䜿çšãã䜿çšãããã³ããŒããªã·ãŒå¶åŸ¡ãšã³ããªãããªãŒãšã³ããªã®çªå·ãå šäœçãªããŒã»ã³ããŒãžãå«ããTCAM (Ternary Content Addressable Memory)ãŠãŒãã£ã©ã€ãŒãŒã·ã§ã³ãã©ã¡ãŒã¿ã衚瀺ããŸãã
æ©èœè§£èª¬
ããªã·å¶åŸ¡ãšã³ã㪠(PCEs)ã¯ãAccess Control Lists (ACLs)ãIP Source Guardãã£ã«ã¿ã«ãŒã«ãQuality of Service (QoS)ããã»ã¹çãæ€çŽ¢ããŒã¹ã®ã«ãŒã«ã«é Œãæ§ã ãªã·ã¹ãã ã§äœ¿çšãããŸããäŸãã°ãããŒãã« ACLããã€ã³ãã£ã³ã°ããæãACLã®ããããã®ã«ãŒã«ã¯ 2ã€ã® PCEã䜿çšããããŒãã« IPãœãŒã¹ã¬ãŒããã£ã«ã¿ã«ãŒã«ãèšå®ããæã«ãåãã2ã€ã® PCEã䜿çšããŸãã
èšå®ã»è¡šç€ºé ç®
Total Policy Control Entries
䜿çšãããã³ããŒããªã·å¶åŸ¡ãšã³ããª
Free Policy Control Entries
䜿çšã§ããããªã·å¶åŸ¡ãšã³ããªã®æ°
Entries Used by System
ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã«ãã£ãŠäœ¿çšãããããªã·å¶åŸ¡ãšã³ããªã®æ°
Entries Used by User
ACLçã®èšå®ã«ãã£ãŠäœ¿çšãããããªã·å¶åŸ¡ãšã³ããªã®æ°
TCAM Utilization
䜿çšäžã® TCAMã®å šäœçãªããŒã»ã³ããŒãž
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow TCMããéžæããŸãã
209FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ACLåããã³ã¿ã€ãã®èšå®
ACL ConfigurationããŒãžã§ã¯ãACLã®åååã³ã¿ã€ããèšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
ACL Name
ACLåïŒ15æå以å ïŒ
Type
ïŒ IP Standard â ãœãŒã¹ IPv4ã¢ãã¬ã¹ã«åºã¥ããã±ãããã£ã«ã¿ãªã³ã°ãè¡ããŸãã
ïŒ IP Extended â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPv4ã¢ãã¬ã¹ããããã³ã«ã¿ã€ãããããã³ã«ããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ãªããŸãã
ïŒ MAC â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãã€ãŒãµããããã¬ãŒã ã¿ã€ã(RFC 1060)ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ãªã MAC ACLã¢ãŒãã
ïŒ ARP â ARPã€ã³ã¹ãã¯ã·ã§ã³ïŒè©³çŽ°ã¯ 221 ããŒãžã®ãARPã€ã³ã¹ãã¯ã·ã§ã³ããåç §ïŒã䜿çšããéç IP-to-MACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ãæå®ããŸãã
èšå®æ¹æ³
ACLã®ååãšã¿ã€ããèšå®
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸããïŒ3ïŒãActionããªã¹ããããAddããéžæããŸããïŒ4ïŒACLåãå ¥åããACLã¿ã€ããéžæããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ACLãªã¹ãã衚瀺
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
210 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã¹ã¿ã³ããŒã IPv4 ACLã®èšå®
SecurityïŒ ACL (Configure ACL - Add Rule - IP Standard) ããŒãžã䜿çšããã¹ã¿ã³ããŒãIPv4 ACLã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Type
ããŒã ãªã¹ãã«è¡šç€ºãã ACLã®ã¿ã€ããéžæããŸãã
Name
éžæããã¿ã€ãã«ããããã ACLã®ååã衚瀺ããŸãã
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãã
Address Type
ãœãŒã¹ IPã¢ãã¬ã¹ã®æå®ãè¡ãªããŸãã"any"ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã察象ãšãªããŸãã"host"ã§ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã®ãã¹ãã察象ãšãªããŸãã"IP"ã§ã¯ãIPã¢ãã¬ã¹ãšãµãããããã¹ã¯ã«ããèšå®ãã IPã¢ãã¬ã¹ã®ç¯å²ã察象ãšãªããŸãã
ïŒãªãã·ã§ã³ïŒAny, Host, IPãåæèšå®ïŒ AnyïŒ
Source IP Address
ãœãŒã¹ IPã¢ãã¬ã¹
Source SubnetMask
ãœãŒã¹ãµãããããã¹ã¯
Time Range
ã¿ã€ã ã¬ã³ãžå
211FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒã¿ã€ããªã¹ããã "Standard IP"ãéžæããŸãã
ïŒ5ïŒããŒã ãªã¹ããã ACLåãéžæããŸãã
ïŒ6ïŒãActionããæå®ããŸãã
ïŒ7ïŒã¢ãã¬ã¹ã¿ã€ããéžæããŸããïŒ8ïŒ"Host"ãéžæãããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"IP"ãéžæãããå Žåãã¢ã
ã¬ã¹ç¯å²ã®ãµããããã¢ãã¬ã¹ãšãã¹ã¯ãå ¥åããŸããïŒ9ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
212 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
æ¡åŒµ IPv4 ACLã®èšå®
SecurityïŒ ACL (Configure ACL - Add Rule - IP Extended)ããŒãžã䜿çšããæ¡åŒµ IPv4 ACLã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Type
ããŒã ãªã¹ãã«è¡šç€ºãã ACLã®ã¿ã€ããéžæããŸãã
Name
éžæããã¿ã€ãã«ããããã ACLã®ååã衚瀺ããŸãã
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãã
Source/Destination Address Type
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã"any"ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã察象ãšãªããŸãã"host"ã§ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã®ãã¹ãã察象ãšãªããŸãã"IP"ã§ã¯ãIPã¢ãã¬ã¹ãšãµãããããã¹ã¯ã«ããèšå®ãã IPã¢ãã¬ã¹ã®ç¯å²ã察象ãšãªããŸãïŒãªãã·ã§ã³ïŒAny, Host, IPãåæèšå®ïŒAnyïŒ
Source/Destination IP Address
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
Source/Destination Subnet Mask
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã®ãµãããããã¹ã¯
Source /Destination Port
ãããã³ã«ã¿ã€ãã«å¿ãããœãŒã¹ / ãã£ã¹ãã£ããŒã·ã§ã³ããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
Source/Destination Port Bitmask
äžèŽããããŒãããããè¡šã 10é²æ°ïŒç¯å²ïŒ0-65535ïŒ
Protocol
TCPãUDPã®ãããã³ã«ã¿ã€ãã®æå®åã¯ããŒãçªå· (0-255)
ïŒãªãã·ã§ã³ïŒTCP, UDP, Others;ãåæèšå®ïŒTCPïŒ
Service Type
以äžã®åºæºã«åºã¥ãããã±ãããã©ã€ãªãªãã£ã»ããã£ã³ã°
⢠ToSâType of Serviceã¬ãã«ïŒç¯å²ïŒ0-15ïŒ
⢠PrecedenceâIP precedenceã¬ãã«ïŒç¯å²ïŒ0-7ïŒ
⢠DSCPâ DSCP priorityã¬ãã«ïŒç¯å²ïŒ0-63ïŒ
Control Code
TCPãããã®ãã€ã 14å ã®ãã©ã°ã»ããããæå®ïŒç¯å² :0-63ïŒ
Control Code Bit Mask
äžèŽããã³ãŒããããã®å€ïŒç¯å²ïŒ0-63ïŒ
213FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
â»ã³ã³ãããŒã«ããããã¹ã¯ã¯ãã³ã³ãããŒã«ã³ãŒãã«äœ¿çšããã 10 é²æ°ã®å€ã§ãã10 é²æ°ã®å€ãå ¥åããç䟡㪠2 é²æ°ã®ãããã "1" ã®å ŽåãäžèŽãããããã§ããã"0" ã®å ŽåãæåŠããããããšãªããŸãã
以äžã®ããããæå®ãããŸãã
ïŒ 1 (fin) â Finish
ïŒ 2 (syn) â Synchronize
ïŒ 4 (rst) â Reset
ïŒ 8 (psh) â Push
ïŒ 16 (ack) â Acknowledgement
ïŒ 32 (urg) â Urgent pointer
äŸãã°ãã³ãŒãå€åã³ã³ãŒããã¹ã¯ãå©çšãããã±ãããã€ããã«ã¯ä»¥äžã®ãã©ã°ãã»ããããŸãã
ïŒæå¹ãª SYN flag â ã³ã³ãããŒã«ã³ãŒãïŒ2ãã³ã³ãããŒã«ããããã¹ã¯ïŒ2
ïŒæå¹ãª SYNåã³ ACK â ã³ã³ãããŒã«ã³ãŒãïŒ18ãã³ã³ãããŒã«ããããã¹ã¯ïŒ18
ïŒæå¹ãª SYNåã³ç¡å¹ãª ACK â ã³ã³ãããŒã«ã³ãŒãïŒ2ãã³ã³ãããŒã«ããããã¹ã¯ïŒ18
Time Range
ã¿ã€ã ã¬ã³ãžå
214 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒã¿ã€ããªã¹ããã "Extended IP"ãéžæããŸãã
ïŒ5ïŒããŒã ãªã¹ããã ACLåãéžæããŸãã
ïŒ6ïŒãActionããæå®ããŸãã
ïŒ7ïŒã¢ãã¬ã¹ã¿ã€ããéžæããŸããïŒ8ïŒ"Host"ãéžæãããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"IP"ãéžæãããå Žåãã¢ã
ã¬ã¹ç¯å²ã®ãµããããã¢ãã¬ã¹ãšãã¹ã¯ãå ¥åããŸããïŒ9ïŒå¿ èŠãªé ç®ã®å ¥åã»ç·šéãè¡ããŸããïŒ10ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
215FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
MAC ACLã®èšå®
SecurityïŒ ACL (Configure ACL - Add Rule - MAC)ããŒãžã䜿çšããããŒããŠã§ã¢ã¢ãã¬ã¹ããã±ãããã©ãŒããããã€ãŒãµãããã¿ã€ããåºã«ãã ACLã®èšå®ããããªããŸãã
èšå®ã»è¡šç€ºé ç®
Type
ããŒã ãªã¹ãã«è¡šç€ºãã ACLã®ã¿ã€ããéžæããŸãã
Name
éžæããã¿ã€ãã«ããããã ACLã®ååã衚瀺ããŸãã
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãã
Source/Destination Address Type
"Any"ã䜿çšããå Žåãå šãŠã®å¯èœãªã¢ãã¬ã¹ãå«ã¿ã"Host"ãæå®ããå Žåã¯ã¢ãã¬ã¹ãã£ãŒã«ãã«ãã¹ãã¢ãã¬ã¹ãå ¥ããŸããâMACâãæå®ããå Žåãã¢ãã¬ã¹ãšããããã¹ã¯ãã£ãŒã«ããžã¢ãã¬ã¹ç¯å²ãå ¥åããŸããïŒãªãã·ã§ã³ïŒAnyãHostãMACãåæèšå®ïŒAnyïŒ
Source/Destination MAC Address
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³MACã¢ãã¬ã¹
Source/Destination Bitmask
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³MACã¢ãã¬ã¹ã® 16é²æ°ã®ãã¹ã¯
Packet Format
æ¬å±æ§ã¯æ¬¡ã®ãã±ããã»ã¿ã€ãããéžæã§ããŸãã
ãïŒ Any â ãã¹ãŠã®ã€ãŒãµããããã±ããã¿ã€ã
ãïŒ Untagged-eth2 â ã¿ã°ãªãã€ãŒãµããã II ãã±ãã
ãïŒ Untagged-802.3 âã¿ã°ãªãã€ãŒãµããã IEEE802.3 ãã±ãã
ãïŒ Tagged-eth2 â ã¿ã°ä»ã€ãŒãµããã II ãã±ãã
ãïŒ Tagged-802.3 â ã¿ã°ä»ã€ãŒãµããã IEEE802.3 ãã±ãã
VID
VLAN IDïŒç¯å²ïŒ1-4094ïŒ
VID Mask
VLANããããã¹ã¯ïŒç¯å²ïŒ1-4094ïŒ
Ethernet Type
ãã®é ç®ã¯ã€ãŒãµããã IIãã©ãŒãããã®ãã±ããã®ãã£ã«ã¿ãªã³ã°ã«äœ¿çšããŸãïŒç¯å²ïŒ600-fff hexïŒã€ãŒãµããããããã³ã«ã¿ã€ãã®ãªã¹ã㯠RFC 1060ã§å®çŸ©ãããŠããŸãããäžè¬çãªã¿ã€ããšããŠã¯ã0800(IP)ã0806(ARP)ã8137(IPX)çããããŸãã
Ethernet Type Bit mask
ãããã³ã«ããããã¹ã¯ïŒç¯å²ïŒ600-fff hexïŒ
Time Range
ã¿ã€ã ã¬ã³ãžå
216 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒã¿ã€ããªã¹ããã "MAC"ãéžæããŸãã
ïŒ5ïŒããŒã ãªã¹ããã ACLåãéžæããŸãã
ïŒ6ïŒãActionããæå®ããŸãã
ïŒ7ïŒã¢ãã¬ã¹ã¿ã€ããéžæããŸããïŒ8ïŒ"Host"ãéžæãããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"MAC"ãéžæãããå Žåã
ã¢ãã¬ã¹ç¯å²ã®ããŒã¹ã¢ãã¬ã¹ãšããããã¹ã¯ãå ¥åããŸããïŒ9ïŒå¿ èŠãªé ç®ã®å ¥åã»ç·šéãè¡ããŸããïŒ10ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
217FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARP ACLã®èšå®
SecurityïŒ ACL (Configure ACL - Add Rule - ARP)ããŒãžã䜿çšããARPã¡ãã»ãŒãžã¢ãã¬ã¹ãããŒã¹ã«ãã ACLã®èšå®ããããªããŸããARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãããã® ACLããçããããã©ãã£ãã¯ã®ãã£ã«ã¿ãè¡ãçºã«äœ¿çšããããšãåºæ¥ãŸããïŒè©³çŽ°ã¯ 221 ããŒãžã®ãARPã€ã³ã¹ãã¯ã·ã§ã³ããåç §ããŠãã ããïŒ
èšå®ã»è¡šç€ºé ç®
Type
ããŒã ãªã¹ãã«è¡šç€ºãã ACLã®ã¿ã€ããéžæããŸãã
Name
éžæããã¿ã€ãã«ããããã ACLã®ååã衚瀺ããŸãã
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãã
Packet Type
ARPãªã¯ãšã¹ããARPã¬ã¹ãã³ã¹ãã€ãŒãµã¿ã€ããæå®ããŸããïŒç¯å²ïŒRequestãResponseãAllãåæèšå®ïŒRequestïŒ
Source/Destination IP Address Type
ãœãŒã¹ãŸãã¯ã㣠ã¹ã ã£ããŒã· 㧠㳠IP ïœ 4 ã¢ãã¬ã¹ãæå®ããŸãã îAnyî ã䜿çšããããšã§ã
å šãŠã®å¯èœãªã¢ãã¬ã¹ãå«ã¿ã îHostî ã¯ã¢ãã¬ã¹ã ã£ãŒã«ãã«ç¹å®ã®ãã¹ ãã¢ã ã¬ã¹ãæå®
ããŸãã îIPî ã¯ã¢ãã¬ã¹ãšãã¹ã¯ã ã£ãŒã«ããžã¢ãã¬ã¹ã®ç¯å²ãæå®ããŸãã ïŒç¯å² ïŒ AnyãHostã IPãåæèšå® ïŒ AnyïŒ
Source/Destination IP Address
ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
Source/Destination IP Subnet Mask
ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ã®ãµãããããã¹ã¯
Source/Destination MAC Address Type
ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPïœ4ã¢ãã¬ã¹ãæå®ããŸãã"Any"ã䜿çšããããšã§ãå šãŠã®å¯èœãªã¢ãã¬ã¹ãå«ã¿ã"Host"ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã«ç¹å®ã®ãã¹ãã¢ãã¬ã¹ãæå®ããŸãã"MAC"ã¯ã¢ãã¬ã¹ãšãã¹ã¯ãã£ãŒã«ããžã¢ãã¬ã¹ã®ç¯å²ãæå®ããŸããïŒç¯å²ïŒAnyãHostãIPãåæèšå®ïŒAnyïŒ
Source/Destination MAC Address
ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹
Source/Destination MAC Bit Mask
ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã® 16é²æ°ãã¹ã¯ã
Log
ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãšã³ããªã«äžèŽãããã±ããã®ãã°ã
218 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ACLããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd RuleããéžæããŸãã
ïŒ4ïŒã¿ã€ããªã¹ããã "ARP"ãéžæããŸãã
ïŒ5ïŒããŒã ãªã¹ããã ACLåãéžæããŸãã
ïŒ6ïŒãActionããæå®ããŸãã
ïŒ7ïŒãã±ããã¿ã€ããéžæããŸããïŒ8ïŒã¢ãã¬ã¹ã¿ã€ããéžæããŸããïŒ9ïŒ"Host"ãéžæãããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"IP"ãéžæãããå Žåãã¢ã
ã¬ã¹ç¯å²ã®ããŒã¹ã¢ãã¬ã¹ãšããããã¹ã¯ãå ¥åããŸããïŒ10ïŒå¿ èŠãªé ç®ã®å ¥åã»ç·šéãè¡ããŸããïŒ11ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
219FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ACLãžã®ããŒãã®ãã€ã³ã
ACLã®èšå®ãå®äºåŸããã£ã«ã¿ãªã³ã°ãæ©èœãããããã«ã¯ããŒãããã€ã³ãããå¿ èŠããããŸãã1ã€ã® IPã¢ã¯ã»ã¹ãªã¹ããš MACã¢ã¯ã»ã¹ãªã¹ããããŒãã«å²ãåœãŠãããšãã§ããŸãã
æ©èœè§£èª¬
⢠æ¬æ©ã¯å ¥åãã£ã«ã¿ã® ACLã®ã¿ãµããŒãããŠããŸãã
â¢ å ¥åãã£ã«ã¿ãªã³ã°ãè¡ãããŒãã«ã1ã€ã® ACLã®ã¿ããã€ã³ãããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Type
ããŒããžãã€ã³ããã ACLã®ã¿ã€ããéžæ
Port
ããŒãåã¯æ¡åŒµã¢ãžã¥ãŒã«ã¹ãããïŒç¯å²ïŒ1-10ïŒ
ACL
å ¥åãã±ããã«å¯Ÿãã ACL
Time Range
ã¿ã€ã ã¬ã³ãžå
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ACL]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒã¿ã€ããªã¹ããã "IP"ãŸã㯠"MAC"ãéžæããŸãã
ïŒ4ïŒACLãªã¹ããã ACLåãéžæããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
220 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.8 ARPã€ã³ã¹ãã¯ã·ã§ã³
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãAddress Resolution packetïŒARPïŒãããã³ã«ã®ãããMACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®åŠ¥åœæ§ã®æ€æ»ãè¡ãã»ãã¥ãªãã£æ©èœã§ãããã®æ©èœã«ããããã皮㮠man-in-the-middle æ»æçãããããã¯ãŒã¯ãä¿è·ã§ããŸããããã¯ããŒã«ã« ARPãã£ãã·ã¥ãã¢ããããŒãããããããŸãã¯ãã±ãããé©åãªç®çå°ã«è»¢éãããåã«ãå šãŠã® ARPãªã¯ãšã¹ããéäžã§æããããããã®ãã±ããã®ãããããç §åããããšã«ãã£ãŠéæãããŸããç¡å¹ãª ARPãã±ããã¯ç Žæ£ãããŸããARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãä¿¡é Œã§ããããŒã¿ããŒã¹ã«ä¿åãããæ£åœãª IP-to-MACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã«åºã¥ã㊠ARPãã±ããã®æ£åœæ§ã決å®ããŸããïŒ247 ããŒãžã®ãDHCPã¹ããŒãã³ã°ããåç §ïŒãã®ããŒã¿ããŒã¹ã¯ããããã¹ã€ãããš VLANã§æå¹ã«ãªã£ãŠããæã« DHCPã¹ããŒãã³ã°ã«ãã£ãŠæ§ç¯ãããŸãããŸããARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãŠãŒã¶ã§èšå®ããã ARPã¢ã¯ã»ã¹ã³ã³ãããŒã«ãªã¹ãïŒACLïŒã«å¯ŸããŠãARPãã±ããã®åŠ¥åœæ§ã確èªããããšãå¯èœã§ããïŒ218 ããŒãžã®ãARP ACLã®èšå®ããåç §ïŒ
æ©èœè§£èª¬
ARPã€ã³ã¹ãã¯ã·ã§ã³ã®æå¹ /ç¡å¹
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ã¹ã€ããå šäœããã³ VLANããŒã¹ã§ã³ã³ãããŒã«ãããŸãã
⢠åæèšå®ã§ã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ã¹ã€ãããšå šãŠ VLANã®äž¡æ¹ã§ç¡å¹ã«ãªã£ãŠããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã®å Žåãæå¹ã«ãªã£ãŠãã VLANäžã§ã®ã¿ã¢ã¯ãã£ãã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã®å Žåãã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ãªVLANã®å šãŠã® ARPãªã¯ãšã¹ããšãªãã©ã€ãã±ãã㯠CPUãžãªãã€ã¬ã¯ããããããã®ã¹ã€ããã³ã°è¡çºã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ã«ãã£ãŠåŠçãããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®å Žåãæå¹ã«ãªã£ãŠããç©ãå«ãå šãŠã® VLANã§éã¢ã¯ãã£ãã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãç¡å¹ã®å Žåãå šãŠã® ARPãªã¯ãšã¹ããšãªãã©ã€ãã±ãã㯠ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ãåé¿ãããããã®ã¹ã€ããã³ã°è¡çºã¯ãã®ä»å šãŠã®ãã±ãããšåæ§ã«ãªããŸãã
⢠ã°ããŒãã« ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ç¡å¹åãšãã®åŸã®åæå¹åã¯ãVLANã® ARPã€ã³ã¹ãã¯ã·ã§ã³èšå®ã«åœ±é¿ãäžããŸããã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®éãåã ã® VLANã® ARPã€ã³ã¹ãã¯ã·ã§ã³èšå®ã¯å¯èœã§ããã°ããŒãã«ã§ ARPã€ã³ã¹ãã¯ã·ã§ã³ãå床æå¹ã«ãªã£ãæããããã®èšå®å€æŽã¯ã¢ã¯ãã£ãã«ãªããŸãã
⢠çŸåšã®ãã¡ãŒã ãŠã§ã¢ããŒãžã§ã³ã® ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ã¯ãã©ã³ã¯ããŒãã® ARPã€ã³ã¹ãã¯ã·ã§ã³ããµããŒãããŠããŸããã
221FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ã°ããŒãã«èšå®
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãã¹ã€ããå šäœãš VLANããšã®äž¡æ¹ã§åäœããã€ã³ã¹ãã¯ã·ã§ã³ãã©ã¡ãŒã¿ã¯ããããã® VLANã§èšå®ããŸãã
æ©èœè§£èª¬
ARPã€ã³ã¹ãã¯ã·ã§ã³åŠ¥åœæ§ãã§ãã¯
⢠åæèšå®ã§ãARPã€ã³ã¹ãã¯ã·ã§ã³åŠ¥åœæ§ãã§ãã¯ã¯ç¡å¹ã«ãªã£ãŠããŸãã
⢠以äžã®åŠ¥åœæ§æ€æ»ã®å ãæäœ 1ã€ãæå®ããããšã«ãããARPã€ã³ã¹ãã¯ã·ã§ã³åŠ¥åœæ§ãã§ãã¯ãã°ããŒãã«ã§æå¹ã«ããããšãå¯èœã§ãã以äžã®é ç®ã®ãããããåæã«ã¢ã¯ãã£ãã«ããããšãã§ããŸãã
⢠Destination MACARPããã£ã®ã¿ãŒã²ãã MACã¢ãã¬ã¹ã«ããããŠãã€ãŒãµããããããã®éä¿¡å MACã¢ãã¬ã¹ããã§ãã¯ããŸãããã®ãã§ãã¯ã¯ ARPã¬ã¹ãã³ã¹ã®ããã«å®è¡ãããŸããæå¹ã®éãç°ãªã MACã¢ãã¬ã¹ãæã€ãã±ããã¯ç¡å¹ãšããŠåé¡ããç Žæ£ãããŸãã
⢠IPç¡å¹ãšäºæã㬠IPã¢ãã¬ã¹ã® ARPããã£ããã§ãã¯ããŸãããããã®ã¢ãã¬ã¹ã¯ 0.0.0.0ã255.255.255.255ããã³å šãŠã® IPãã«ããã£ã¹ãã¢ãã¬ã¹ãå«ã¿ãŸããã»ã³ã㌠IPã¢ãã¬ã¹ã¯å šãŠã® ARPãªã¯ãšã¹ããšã¬ã¹ãã³ã¹ã§ãã§ãã¯ãããã¿ãŒã²ãã IPã¢ãã¬ã¹ã¯ ARPã¬ã¹ãã³ã¹ã®ã¿ãã§ãã¯ãããŸãã
⢠Source MACARPããã£ã®ã»ã³ã㌠MACã¢ãã¬ã¹ã«ããããã€ãŒãµããããããã®ãœãŒã¹MACã¢ãã¬ã¹ã®ãã§ãã¯ããããªããŸãããã®ãã§ãã¯ã¯ ARPãªã¯ãšã¹ããšã¬ã¹ãã³ã¹äž¡æ¹ã«å®è¡ãããŸããæå¹ã®éãç°ãªã MACã¢ãã¬ã¹ãæã€ãã±ããã¯ç¡å¹ãšããŠåé¡ããç Žæ£ãããŸãã
ARPã€ã³ã¹ãã¯ã·ã§ã³ãã®ã³ã°
⢠åæèšå®ã§ãARPã€ã³ã¹ãã¯ã·ã§ã³ã®ãã®ã³ã°ã¯ã¢ã¯ãã£ãã«ãªã£ãŠããç¡å¹ã«ã¯ã§ããŸããã
⢠管çè ã¯ãã°ãã¡ã·ãªãã£ã¬ãŒãã®èšå®ããããªããŸãã
⢠ã¹ã€ããããã±ããã®ç Žæ£ãè¡ã£ãæãã¹ã€ããã¯ãã°ãããã¡ã«ãšã³ããªã眮ããã³ã³ãããŒã«ãããã¬ãŒããåºã«ã·ã¹ãã ã¡ãã»ãŒãžãçæããŸããã·ã¹ãã ã¡ãã»ãŒãžã衚瀺ãããåŸããšã³ããªã¯ãã°ãããã¡ããã¯ãªã¢ãããŸãã
⢠ããããã®ãã°ãšã³ããªã¯åä¿¡ VLANãããŒãçªå·ããœãŒã¹ã»ãã£ã¹ãã£ããŒã·ã§ã³IPã¢ãã¬ã¹ããœãŒã¹ã»ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã®æ å ±ãå«ã¿ãŸãã
⢠è€æ°ãåäžã®äžæ£ãª ARPãã±ãããåã VLANã§é£ç¶ããŠåä¿¡ãããå Žåããã®ã³ã°ãã¡ã·ãªãã£ã¯ãã°ãããã¡ã® 1ã€ã®ãšã³ããªãšã1ã€ã®å¯Ÿå¿ããã·ã¹ãã ã¡ãã»ãŒãžã®ã¿çæããŸãã
⢠ãã®ã³ã°ãããã¡ãäžæ¯ã«ãªããšãæãå€ãé ç®ããæ°ãããšã³ããªã§çœ®ãæããããŸãã
222 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®ã»è¡šç€ºé ç®
ARP Inspection Status
ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
ARP Inspection Validation
以äžã®ãªãã·ã§ã³ã®å ããããã䜿çšå¯èœã®å Žåãæ¡åŒµ ARPã€ã³ã¹ãã¯ã·ã§ã³æ€æ»ãæå¹ã«ã§ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
⢠Dst-MACARPã¬ã¹ãã³ã¹ã®ããã£å ã®ã¿ãŒã²ãã MACã¢ãã¬ã¹ã«å¯Ÿããã€ãŒãµããããããã®ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã®åŠ¥åœæ§æ€æ»ããããªããŸãã
⢠IPäžæ£ããã³äºæã㬠IPã¢ãã¬ã¹ã® ARPããã£ããã§ãã¯ããŸããã»ã³ã㌠IPã¢ãã¬ã¹ã¯å šãŠã® ARPãªã¯ãšã¹ããšã¬ã¹ãã³ã¹ããã§ãã¯ãããŸããã¿ãŒã²ãã IPã¢ãã¬ã¹ã¯ ARPã¬ã¹ãã³ã¹ã®ã¿ãã§ãã¯ãããŸãã
⢠Src-MACARPããã£å ã®ã»ã³ã㌠MACã¢ãã¬ã¹ã«å¯Ÿããã€ãŒãµããããããã®ãœãŒã¹ MACã¢ãã¬ã¹ã®åŠ¥åœæ§æ€æ»ããããªããŸãããã®ãã§ãã¯ã¯ ARPãªã¯ãšã¹ããšã¬ã¹ãã³ã¹ã®äž¡æ¹ã«å®è¡ãããŸãã
Log Message Number
ãã°ã¡ãã»ãŒãžã«ä¿åãããšã³ããªã®æ倧æ°ïŒç¯å²ïŒ0-256ãåæèšå®ïŒ5ïŒ
Log Interval
ãã°ã¡ãã»ãŒãžãéä¿¡ãããééïŒç¯å²ïŒ0-86400ç§ãåæèšå®ïŒ1ç§ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ARP Inspection]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã«ãããã®ä»å¿ èŠãªé ç®ã®èšå®ãè¡ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
223FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARPã€ã³ã¹ãã¯ã·ã§ã³ VLANèšå®
Security > ARP Inspection (Configure VLAN)ããŒãžã䜿çšããVLANã® ARPã€ã³ã¹ãã¯ã·ã§ã³ã®æå¹ã»äœ¿çš ARP ACLã®æå®ãè¡ããŸãã
æ©èœè§£èª¬
ARPã€ã³ã¹ãã¯ã·ã§ã³ VLANãã£ã«ã¿ïŒACLïŒ
⢠åæèšå®ã§ãARPã€ã³ã¹ãã¯ã·ã§ã³ ACLã¯èšå®ãããŠãããããã®æ©èœã¯ç¡å¹ã§ãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ ACL㯠ARP ACL ConfigurationããŒãžã§èšå®ãããŸããïŒ218 ããŒãžã®ãARP ACLã®èšå®ããåç §ïŒ
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ ACLã¯èšå®ãããã©ã® VLANã«ãé©çšããããšãå¯èœã§ãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãæ£åœãª IP-to-MACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®ãªã¹ãã®ããã«ãDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ã䜿çšããŸããARP ACLã¯DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ã®ãšã³ããªã«åªå ãããŸããã¹ã€ããã¯æåã«ãæå®ããã ARP ACLãš ARPãã±ãããæ¯èŒããŸãã
⢠"staticãæå®ãããå ŽåãARPãã±ããã¯éžæããã ACLãã±ããããããã®ãããã³ã°ã«ãŒã«ã«ãã£ãŠãã£ã«ã¿ãããããšã«ããããŠã®ã劥åœæ§ã®æ€æ»ã®ã¿è¡ãããŸãããããã®ã«ãŒã«ã«ããããã³ã°ããªããã±ããã¯ç Žæ£ãããDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ãã§ãã¯ã¯åé¿ãããŸãã
⢠"staticãæå®ãããªãå ŽåãARPãã±ããã¯æåã«éžæãã ACLã«å¯ŸããŠåŠ¥åœæ§ãæ€æ»ãããŸããACLã«ãŒã«ãšãã±ãããäžèŽããªãå ŽåãDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ã¯ãããã®æ£åœæ§ã決å®ããŸãã
èšå®ã»è¡šç€ºé ç®
ARP Inspection VLAN ID
VLANãéžæïŒåæèšå®ïŒ1ïŒ
ARP Inspection VLAN Status
éžæãã VLAN㧠ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ïŒåæèšå®ïŒç¡å¹ïŒ
ARP Inspection ACL Name
ïŒ ARP ACLïŒèšå®ããã ARP ACLã®éžæãèš±å¯
ïŒ StaticïŒ ARP ACLãéžæããããŸã static modeããŸãéžæãããŠããæãæ¬æ©ã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ã¿å®è¡ããDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ã®åŠ¥åœæ§æ€æ»ãåé¿ããŸããARP ACLãéžæãéžæãããstatic modeãéžæãããŠããªãæãæ¬æ©ã¯æåã« ARPã€ã³ã¹ãã¯ã·
224 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ARP Inspection]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure VLANããéžæããŸããïŒ3ïŒå¿ èŠãšããã VLAN㧠ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ã«ãããã®ä»é ç®ã®èšå®ãè¡ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
225FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARPã€ã³ã¹ãã¯ã·ã§ã³ã€ã³ã¿ãã§ãŒã¹èšå®
Security > ARP Inspection (Configure Interface)ããŒãžã䜿çšããŠãARPã€ã³ã¹ãã¯ã·ã§ã³ãå¿ èŠãšããããŒããæå®ãããã±ããã€ã³ã¹ãã¯ã·ã§ã³ã¬ãŒãã調æŽããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Trust Status
ããŒãã TrustedãŸã㯠Untrustedã«èšå®ïŒåæèšå®ïŒUntrustedïŒ
Packet Rate Limit
UntrustedããŒãã§åä¿¡ããã ARPãã±ããã®ã¬ãŒãå¶éïŒç¯å²ïŒ0-2048ãåæèšå®ïŒ15ïŒ0ã¯å¶éç¡ããæå³ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ARP Inspection]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒARPã€ã³ã¹ãã¯ã·ã§ã³ãå¿ èŠãšãã TrustedããŒããæå®ãããã±ããã¬ãŒãã調æŽããŠãã ããã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
226 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARPã€ã³ã¹ãã¯ã·ã§ã³çµ±èšå€ã®è¡šç€º
ARPã€ã³ã¹ãã¯ã·ã§ã³ããŒãæ å ±ã衚瀺ããŸããTrustedããŒãã®ãªã¹ããæ§ã ãªçç±ã§åŠçãŸãã¯ç Žæ£ããã ARPãã±ããã®æ°ã«é¢ããçµ±èšæ å ±ãªã©ã確èªã§ããŸãã
èšå®ã»è¡šç€ºé ç®
ARP Inspection Statistics
ïŒ Received ARP packets before ARP inspection rate limitARPã€ã³ã¹ãã¯ã·ã§ã³ã¬ãŒãå¶éãè¶ããªãåä¿¡ ARPãã±ããã®æ°
ïŒ Dropped ARP packets in the process of ARP inspection rate limitARPã¬ãŒãå¶éãè¶ããïŒç Žæ£ãããïŒARPãã±ããã®æ°
ïŒ Total ARP packets processed by ARP inspectionARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ã«åŠçãããå šãŠã® ARPãã±ããæ°
ïŒ ARP packets dropped by additional validation (Src-MAC)ãœãŒã¹ MACã¢ãã¬ã¹ãã¹ãã«èœã¡ããã±ããæ°
ïŒ ARP packets dropped by additional validation (Dst-MAC)ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãã¹ãã«èœã¡ããã±ããæ°
ïŒ ARP packets dropped by additional validation (IP)IPã¢ãã¬ã¹ãã¹ãã«èœã¡ã ARPãã±ããæ°
ïŒ ARP packets dropped by ARP ACLsARP ACLã«ãŒã«ã«å¯Ÿãã劥åœæ§æ€æ»ã«èœã¡ã ARPãã±ããã®æ°
ïŒ ARP packets dropped by DHCP snoopingDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ã«å¯Ÿãã劥åœæ§æ€æ»ã«èœã¡ããã±ããæ°
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ARP Inspection]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InformationããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow StatisticsããéžæããŸãã
227FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ã®è¡šç€º
Security > ARP Inspection (Show Information - Show Log) ããŒãžã䜿çšããé¢é£ä»ããããVLANãããŒããã¢ãã¬ã¹ã³ã³ããŒãã³ãçããã°ã«ä¿åããããšã³ããªã«ã€ããŠã®æ å ±ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
ARP Inspection Log
ARPã€ã³ã¹ãã¯ã·ã§ã³ãã®ã³ã°ãã©ã¡ãŒã¿ãèšå®ããŸãã
ïŒ VLAN ID
ïŒ Port
ïŒ Src. IP Address
ïŒ Dst. IP Address
ïŒ Src. MAC Address
ïŒ Dst. MAC Address
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [ARP Inspection]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InformationããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow LogããéžæããŸãã
228 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.9 管çã¢ãã¬ã¹ã®ãã£ã«ã¿ãªã³ã°
Webã€ã³ã¿ãã§ãŒã¹ãSNMPãTelnetã«ãã管çã¢ã¯ã»ã¹ãå¯èœãª IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ã°ã«ãŒããæ倧 15åäœæã§ããŸãã
æ©èœè§£èª¬
⢠管çã€ã³ã¿ãã§ãŒã¹ã¯ãåæèšå®ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã«å¯ŸããŠæ¥ç¶å¯èœãªç¶æ ã«ãªã£ãŠããŸãããã£ã«ã¿ãªã¹ãã« 1ã€ã§ã IPã¢ãã¬ã¹ãæå®ãããšããã®ã€ã³ã¿ãã§ãŒã¹ã¯æå®ããã¢ãã¬ã¹ããã®æ¥ç¶ã®ã¿ãèš±å¯ããŸãã
⢠èšå®ä»¥å€ã®ç¡å¹ãª IPã¢ãã¬ã¹ãã管çã¢ã¯ã»ã¹ã«æ¥ç¶ãããå Žåãæ¬æ©ã¯æ¥ç¶ãæåŠããã€ãã³ãã¡ãã»ãŒãžãã·ã¹ãã ãã°ã«ä¿åãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ããŸãã
⢠SNMPãWebãTelnetã¢ã¯ã»ã¹ãžã® IPã¢ãã¬ã¹ãŸã㯠IPã¢ãã¬ã¹ç¯å²ã®èšå®ã¯åèšã§æ倧 5ã€ãŸã§èšå®å¯èœã§ãã
⢠SNMPãWebãTelnetã®åäžã°ã«ãŒãã«å¯Ÿã㊠IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯ã§ããŸãããç°ãªãã°ã«ãŒãã®å Žåã«ã¯ IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯å¯èœã§ãã
⢠èšå®ãã IPã¢ãã¬ã¹ç¯å²ããç¹å®ã® IPã¢ãã¬ã¹ã®ã¿ãåé€ããããšã¯ã§ããŸãããIPã¢ãã¬ã¹ç¯å²ããã¹ãŠåé€ãããã®åŸèšå®ããçŽããŠäžããã
⢠IPã¢ãã¬ã¹ç¯å²ã®åé€ã¯ IPã¢ãã¬ã¹ç¯å²ã®æåã®ã¢ãã¬ã¹ã ããå ¥åããŠãåé€ãããšãã§ããŸãããŸããæåã®ã¢ãã¬ã¹ãšæåŸã®ã¢ãã¬ã¹ã®äž¡æ¹ãå ¥åããŠåé€ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Mode
⢠WebïŒWebã°ã«ãŒãã® IPã¢ãã¬ã¹ãèšå®
⢠SNMPïŒ SNMPã°ã«ãŒãã® IPã¢ãã¬ã¹ãèšå®
⢠TelnetïŒ Telnetã°ã«ãŒãã® IPã¢ãã¬ã¹ãèšå®
Start IP Address
IPã¢ãã¬ã¹ãå㯠IPã¢ãã¬ã¹ãç¯å²ã§æå®ããŠããå Žåã®æåã® IPã¢ãã¬ã¹
End IP Address
IPã¢ãã¬ã¹ãç¯å²ã§æå®ããŠããå Žåã®æåŸã® IPã¢ãã¬ã¹
229FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
管çã¢ã¯ã»ã¹ãèš±å¯ããã IPã¢ãã¬ã¹ãªã¹ããäœæ
ïŒ1ïŒ[Security] â [IP Filter]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒãã£ã«ã¿ãè¡ã管çã€ã³ã¿ãã§ãŒã¹ãéžæããŸããïŒWebãSNMPãTelnetïŒ
ïŒ4ïŒã€ã³ã¿ãã§ãŒã¹ãžã®ç®¡çã¢ã¯ã»ã¹ãèš±å¯ããã IPã¢ãã¬ã¹ãŸãã¯ç¯å²ãå ¥åããŸãã
ïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
管çã¢ã¯ã»ã¹ãèš±å¯ããã IPã¢ãã¬ã¹ãªã¹ãã衚瀺
ïŒ1ïŒ[Security] â [IP Filter]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
230 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.10 ããŒãã»ãã¥ãªãã£ã®èšå®
ããŒãã»ãã¥ãªãã£ã¯ããŒãã«å¯Ÿãããã®ããŒãã䜿çšããŠãããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ããäºãã§ããããã€ã¹ã®MACã¢ãã¬ã¹ãèšå®ãããã®ä»ã® MACã¢ãã¬ã¹ã®ããã€ã¹ã§ã¯ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãè¡ããªãããæ©èœã§ãã
ããŒãã»ãã¥ãªãã£ãæå¹ã«ããå Žåãæ¬æ©ã¯æå¹ã«ããããŒãã«ãããŠMACã¢ãã¬ã¹ã®åŠç¿ãåæ¢ããŸããæ¬æ©ã«å ¥ã£ãŠæ¥ãéä¿¡ã®ãã¡ããœãŒã¹ã¢ãã¬ã¹ãåçã»éçãªã¢ãã¬ã¹ããŒãã«ã«ç»é²æžã¿ã® MACã¢ãã¬ã¹ã®å Žåã«ã®ã¿ããã®ããŒããå©çšãããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãè¡ãããšãã§ããŸããç»é²ãããŠããªãäžæ£ãªMACã¢ãã¬ã¹ã®ããã€ã¹ãããŒãã䜿çšããå ŽåãäŸµå ¥ã¯æ€ç¥ããèªåçã«ããŒããç¡å¹ã«ãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ããŸãã
ããŒãã»ãã¥ãªãã£ã䜿çšããå ŽåãããŒãã«èš±å¯ãã MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããåçã« <ãœãŒã¹MACã¢ãã¬ã¹ãVLAN>ã®ãã¢ãããŒãã§åä¿¡ãããã¬ãŒã ããåŠç¿ããŸããP108 ãåçã¢ãã¬ã¹ããŒãã«ã®èšå®ãã䜿çšããå ¥åã«ãã MACã¢ãã¬ã¹ãèšå®ããããšãã§ããŸããããŒãã«èšå®ãããæ倧 MACã¢ãã¬ã¹æ°ã«éãããšãããŒãã¯åŠç¿ãçµäºããŸããã¢ãã¬ã¹ããŒãã«ã«ä¿åããã MACã¢ãã¬ã¹ã¯ä¿æãããæéã®çµéã«ããæ¶å»ãããããšã¯ãããŸããããã以å€ã®ããã€ã¹ãããŒããå©çšããããšããŠããã¹ã€ããã«ã¢ã¯ã»ã¹ããããšã¯ã§ããŸããã
æ©èœè§£èª¬
⢠ã»ãã¥ãªãã£ããŒãã«èšå®ã§ããããŒãã¯ã以äžã®å¶éããããŸãã
ïŒ LACPãŸãã¯éçãã©ã³ã¯ããŒãã«èšå®ã§ããŸããã
ïŒãããªã©ãããã¯ãŒã¯æ¥ç¶ããã€ã¹ã¯æ¥ç¶ããªãã§äžããã
⢠åæèšå®ã§ã¯ãã»ãã¥ãªãã£ããŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ããŠããæ倧 MACã¢ãã¬ã¹æ°ã¯ "0"ã§ããã»ãã¥ãªãã£ããŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ããããã«ã¯ãæ倧MACã¢ãã¬ã¹æ°ã 1-1024ã®ããããã«èšå®ããå¿ èŠããããŸãã
⢠ã»ãã¥ãªãã£éåã«ããããŒãã Disabledãšãªã£ãïŒã·ã£ããããŠã³ããïŒå ŽåãP48 ãã€ã³ã¿ãã§ãŒã¹èšå®ãããããŒãã®æå¹åãè¡ãªã£ãŠãã ããã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Action
ïŒ None â åäœãè¡ãªãããŸãã (åæèšå® )
ïŒ Trap â SNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
ïŒ Shutdown â ããŒããç¡å¹ã«ããŸãã
ïŒ Trap and Shutdown â ããŒããç¡å¹ã«ããSNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
Security Status
ããŒãã»ãã¥ãªãã£ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
Max MAC Count
ããŒããåŠç¿å¯èœãªMACã¢ãã¬ã¹æ°ïŒèšå®ç¯å²ïŒ0-1024ã0ã¯ç¡å¹ïŒ
231FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
管çã¢ã¯ã»ã¹ãèš±å¯ããã IPã¢ãã¬ã¹ãªã¹ããäœæ
ïŒ1ïŒ[Security] â [Port Security]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒããŒãã§ç¡å¹ãªã¢ãã¬ã¹ãæ€åºãããæã«ãšãè¡åãèšå®ãããSecurity Statusããã§ãã¯ããã¯ã¹ã§æ©èœãæå¹ã«ããŸããããŒãã§èš±å¯ããã MACã¢ãã¬ã¹ã®æ倧æ°ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
232 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.11 802.1xããŒãèªèšŒ
ã¹ã€ããã¯ãã¯ã©ã€ã¢ã³ã PCãã容æã«ãããã¯ãŒã¯ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããããããããã«ããã¯å¥œãŸãããªãã¢ã¯ã»ã¹ã蚱容ãããããã¯ãŒã¯äžã®æ©å¯ã®ããŒã¿ãžã®ã¢ã¯ã»ã¹ãè¡ããå¯èœæ§ããããŸãã
IEEE802.1x(dot1x)èŠæ Œã§ã¯ããŠãŒã¶ ID åã³ãã¹ã¯ãŒãã«ããèªèšŒãè¡ãããšã«ããç¡èš±å¯ã®ã¢ã¯ã»ã¹ãé²ãããŒãããŒã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãæäŸããŸãã
ãããã¯ãŒã¯äžã®ãã¹ãŠã®ããŒããžã®ã¢ã¯ã»ã¹ã¯ã»ã³ãã©ã«ãµãŒãã«ããèªèšŒãè¡ãããšã§ãã©ã®ããŒãããã§ã 1ã€ã®èªèšŒçšã®ãŠãŒã¶ IDåã³ãã¹ã¯ãŒãã«ãããŠãŒã¶ã®èªèšŒãè¡ããŸãã
æ¬æ©ã§ã¯ Extensible Authentication Protocol over LAN (EAPOL)ã«ããã¯ã©ã€ã¢ã³ãã®èªèšŒãããã³ã«ã¡ãã»ãŒãžã®äº€æãè¡ããŸããRADIUSãµãŒãã«ãããŠãŒã¶ IDãšã¢ã¯ã»ã¹æš©ã®ç¢ºèªãè¡ããŸãã
ã¯ã©ã€ã¢ã³ãïŒãµããªã«ã³ãïŒãããŒãã«æ¥ç¶ããããšãæ¬æ©ã§ã¯ EAPOLã® IDã®ãªã¯ãšã¹ããè¿ããŸããã¯ã©ã€ã¢ã³ã㯠IDãã¹ã€ããã«éä¿¡ããRADIUSãµãŒãã«è»¢éãããŸãã
RADIUSãµãŒãã¯ã¯ã©ã€ã¢ã³ãã® IDã確èªããã¯ã©ã€ã¢ã³ãã«å¯Ÿã㊠access challenge backãéããŸãã
RADIUSãµãŒãããã® EAPãã±ããã«ã¯ Challengeåã³èªèšŒã¢ãŒããå«ãŸããŸããã¯ã©ã€ã¢ã³ããœããåã³ RADIUSãµãŒãã®èšå®ã«ãã£ãŠã¯ãã¯ã©ã€ã¢ã³ãã¯èªèšŒã¢ãŒããæåŠããä»ã®èªèšŒã¢ãŒããèŠæ±ããããšãã§ããŸããèªèšŒã¢ãŒãã«ã¯ãMD5, TLS (Transport Layer Security),TTLS (Tunneled Transport Layer Security)çããããŸãã
ã¯ã©ã€ã¢ã³ãã¯ããã¹ã¯ãŒãã蚌ææžãªã©ãšå ±ã«ãé©åãªæ¹æ³ã«ããå¿çããŸãã
RADIUSãµãŒãã¯ã¯ã©ã€ã¢ã³ãã®èšŒææžã確èªããèš±å¯ãŸãã¯äžèš±å¯ã®ãã±ãããè¿ããŸããèªèšŒãæåããå Žåãã¯ã©ã€ã¢ã³ãã«å¯ŸããŠãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããŸããããã§ãªãå Žåã¯ãã¢ã¯ã»ã¹ã¯åŠå®ãããããŒãã¯ãããã¯ãããŸãã
IEEE802.1xèªèšŒã䜿çšããã«ã¯æ¬æ©ã«ä»¥äžã®èšå®ãè¡ããŸãã
⢠ã¹ã€ããã® IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã
⢠RADIUSèªèšŒãæå¹ã«ããRADIUSãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããŸãã
⢠èªèšŒãè¡ãåããŒã㧠dot1x"Auto"ã¢ãŒãã«èšå®ããŸãã
⢠æ¥ç¶ãããã¯ã©ã€ã¢ã³ãåŽã« dot1xã¯ã©ã€ã¢ã³ããœãããã€ã³ã¹ããŒã«ãããé©åãªèšå®ãè¡ããŸãã
⢠RADIUSãµãŒãåã³ IEEE802.1xã¯ã©ã€ã¢ã³ã㯠EAPããµããŒãããå¿ èŠããããŸãïŒæ¬æ©ã§ã¯ EAPãã±ããããµãŒãããã¯ã©ã€ã¢ã³ãã«ãã¹ããããã®EAPOLã®ã¿ããµããŒãããŠããŸãïŒ
⢠RADIUSãµãŒããšã¯ã©ã€ã¢ã³ãã¯MD5ãTLSãTTLSãPEAPçã®åã EAPèªèšŒã¿ã€ãããµããŒãããŠããå¿ èŠããããŸãïŒäžéšã¯Windowsã§ãµããŒããããŠããŸããããã以å€ã«é¢ããŠã¯ IEEE802.1xã¯ã©ã€ã¢ã³ãã«ãããµããŒããããŠããå¿ èŠããããŸãïŒ
WebTelnet
RADIUS/TACACS+server
1.
233FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
802.1xã°ããŒãã«èšå®
Security > Port Authentication (Configure Global)ããŒãžã䜿çšããIEEE 802.1XããŒãèªèšŒã®èšå®ãè¡ããŸããããŒãèšå®ãã¢ã¯ãã£ãã«ããåã«ã802.1Xãããã³ã«ãã¹ã€ããã·ã¹ãã å šäœã§æå¹ã«ããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Port Authentication Status
802.1Xã®ã°ããŒãã«èšå®ïŒåæèšå®ïŒç¡å¹ïŒ
EAPOL Pass Through
dot1xãã°ããŒãã«ã§ç¡å¹æã«ãSTPãã©ã¯ãŒãã£ã³ã°ç¶æ ã®å šãŠã®ããŒããž EAPOLãã¬ãŒã ãééãããŸããïŒåæèšå®ïŒç¡å¹ïŒ.
Identity Profile User Name
Dot1xãµããªã«ã³ããŠãŒã¶åïŒç¯å²ïŒ1-8æåïŒ
Set Password
dot1xãµããªã«ã³ããã¹ã¯ãŒããå ¥å
Indentity Profile Password
èªèšŒè ãã MD5 challengeãžè¿çãããéãdot1xãµããªã«ã³ããã¹ã¯ãŒãã¯ããã®ã¹ã€ããããµããªã«ã³ããšããŠèå¥ããçºã«äœ¿çšãããŸãã
Confirm Profile Password
dot1xãµããªã«ã³ããã¹ã¯ãŒãã®ç¢ºèª
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Port Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒåçš®èšå®ãè¡ããïŒ Apply ïŒãã¯ãªãã¯ããŸãã
234 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
802.1XèªèšŒããŒãèšå®
802.1Xãæå¹ã«ããå Žåãã¯ã©ã€ã¢ã³ããšã¹ã€ããéåã³ã¹ã€ãããšèªèšŒãµãŒãéã®ã¯ã©ã€ã¢ã³ãèªèšŒããã»ã¹ã«é¢ãããã©ã¡ãŒã¿ãèšå®ããå¿ èŠããããŸãããããã®ãã©ã¡ãŒã¿ã«ã€ããŠè§£èª¬ããŸãã
æ©èœè§£èª¬
⢠ã¹ã€ããããã¹ã€ããã«åãä»ãããããµããªã«ã³ãšããã€ã¹ãšèªèšŒãµãŒãéã®ããŒã«ã«ãªãŒã»ã³ãã£ã±ãŒã¿ãšããŠæ©èœããæã" Authenticator configuration"ããŒãžã§ããªãŒã»ã³ãã£ã±ãŒã¿ãšã¯ã©ã€ã¢ã³ãéã® EAPã¡ãã»ãŒãžäº€æãããããã«ãã©ã¡ãŒã¿ãèšå®ããŠãã ããã
⢠ããŒãã«åãä»ããããããã€ã¹ããããã¯ãŒã¯ã®ä»ã®ãªãŒã»ã³ãã£ã±ãŒã¿ãžãªã¯ãšã¹ããåºããªããŠã¯ãªããªãæããConfigure Global pageã(P234 ã802.1xã°ããŒãã«èšå®ã)ããŒãžã§ "Identity Profile parameters"ã®èšå®ãè¡ãããªã¢ãŒãèªèšŒãéããŠã¯ã©ã€ã¢ã³ããèªèšŒããå¿ èŠã®ããããããã®ããŒãã®çºã®ãµããªã«ã³ããã©ã¡ãŒã¿ãèšå®ããŠãã ãã (P238 ã802.1XããŒããµããªã«ã³ãèšå®ããåç § )ã
⢠æ¬æ©ã¯ããã®èšå®ããŒãžã§ãControl ModeãããAutoãã«ããããšã§ãéžæãããããŒãã®ãªãŒã»ã³ãã£ã±ãŒã¿ã®åœ¹ãšããŠèšå®ããããšãå¯èœã§ãããŸãããã®ããŒãžã§ãControl ModeãããForce Authorizedãã«ãããSupplicant configuationãããŒãžã§ PAEãµããªã«ã³ããæå¹ã«ããããšã§ãä»ã®ããŒãã®ãµããªã«ã³ããšãªãããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Status
ããŒãã®èªèšŒã®æå¹ /ç¡å¹
Authorized
ïŒ Yes â æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŠããŸãã
ïŒ No âæ¥ç¶ãããã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŠããŸãããSupplicant
æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã® MACã¢ãã¬ã¹
Control Mode
èªèšŒã¢ãŒãã以äžã®ãªãã·ã§ã³ã®äžããèšå®ããŸãã
ïŒAuto â dot1x察å¿ã¯ã©ã€ã¢ã³ãã«å¯ŸããŠRADIUSãµãŒãã«ããèªèšŒãèŠæ±ããŸããdot1xé察å¿ã¯ã©ã€ã¢ã³ãããã®ã¢ã¯ã»ã¹ã¯èš±å¯ããŸããã
ïŒ Force-Authorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
ïŒ Force-Unauthorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãçŠæ¢ããŸãã
Operation Mode
802.1XèªèšŒããŒããžæ¥ç¶ãã 1ã€ãŸãã¯è€æ°ã®ãã¹ãïŒã¯ã©ã€ã¢ã³ãïŒãèš±å¯ããŸãã
ïŒ Single-Host â 1ãã¹ãã®ã¿ãã®ããŒããžã®æ¥ç¶ãèš±å¯
ïŒ Multi-Host â è€æ°ã®ãã¹ãã®ãã®ããŒããžã®æ¥ç¶ãèš±å¯
ïŒ MAC-Based â è€æ°ã®ãã¹ãã®ãã®ããŒããžã®æ¥ç¶ãèš±å¯ãããããã®ãã¹ãã¯èªèšŒãå¿ èŠã
ãããã®ã¢ãŒãã§ã¯ãããŒãã«æ¥ç¶ãããããããã®ãã¹ãã¯èªèšŒãéãå¿ èŠããããŸãã
ãããã®ã¢ãŒãã§ããŒããªãã¬ãŒãã£ã³ã°ãžã¢ã¯ã»ã¹ãèš±å¯ããããã¹ãã®æ°ã¯ã»ãã¥ã¢
ããã¢ãã¬ã¹ããŒãã«ã®å©çšå¯èœãªã¹ããŒã¹ã«ã®ã¿å¶éãããŸãã
235FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
Max Mac Count
Multi-Hostèšå®æã®æ倧æ¥ç¶å¯èœã¯ã©ã€ã¢ã³ãæ°ïŒèšå®ç¯å²ïŒ1-1024ãåæèšå®ïŒ5ïŒ
Max-Request
èªèšŒã»ãã·ã§ã³ãã¿ã€ã ã¢ãŠãã«ãªãåã«ãEAPãªã¯ãšã¹ããã±ãããã¹ã€ããããŒãããã¯ã©ã€ã¢ã³ããžåéä¿¡ããå Žåã®æ倧åæ°ïŒç¯å²ïŒ1-10åãåæèšå®ïŒ2åïŒ
TX Period
èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãééïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Supplicant Timeout
ã¹ã€ããããŒãã EAPãã±ããã®åéä¿¡ãŸã§ã«ãã¯ã©ã€ã¢ã³ãããã® EAPãªã¯ãšã¹ããåŸ ã€æéãèšå®ïŒç¯å²ïŒ1-65535ãåæèšå®ïŒ30ç§ïŒ
Server Timeout
ã¹ã€ããããŒãã EAPãã±ããã®åéä¿¡ãŸã§ã«ãèªèšŒãµãŒãããã® EAPãªã¯ãšã¹ããåŸ ã€æéãèšå®ïŒåºå®èšå®ïŒ10ç§ïŒ
Re-authentication Status
Re-authentication Periodã§èšå®ããæéçµéåŸã«ã¯ã©ã€ã¢ã³ããåèªèšŒãããã©ãããåèªèšŒã«ãããæ°ããªæ©åšãã¹ã€ããããŒãã«æ¥ç¶ãããŠããªãããæ€åºã§ããŸãïŒåæèšå®ïŒç¡å¹ )
Re-authentication Period
æ¥ç¶æžã¿ã®ã¯ã©ã€ã¢ã³ãã®åèªèšŒãè¡ãééïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ3600ç§ïŒ
Intrusion Action
ïŒ Block Traffic â å šãŠã®é EAPãã©ãã£ãã¯ããããã¯ããŸãïŒåæèšå®ïŒ
ïŒ Guest VLAN â ããŒãã®å šãã©ãã£ãã¯ã¯ã¯ã²ã¹ã VLANã«ã¢ãµã€ã³ãããŸããïŒP83 ãVLANã°ã«ãŒãã®èšå®ããP190 ãããŒãã®ãããã¯ãŒã¯ã¢ã¯ã»ã¹èšå®ããåç §ããŠãã ããïŒã
Authenticator PAE State Machine
State
çŸåšã®ç¶æ ïŒinitializeãdisconnectedãconnectingãauthenticatingãauthenticatedãabortingãheldãforce_authorizedãforce_unauthorizedïŒ
Reauth Count
å床æ¥ç¶ç¶æ ã«å ¥ã£ãåæ°Current Identifier
èªèšŒãµãŒãã«ãã£ãŠãããããã® EAPæåã»å€±æããªã¯ãšã¹ããã±ããã«éãããèå¥å
Backend State Machine
State
çŸåšã®ç¶æ ïŒequestãresponseãsuccessãfailãtimeoutãidleãinitializeïŒ
Request Count
å¿çãåãåããã«ãµããªã«ã³ããžéä¿¡ãã EAPãªã¯ãšã¹ããã±ããã®æ°
Identifier ïŒServerïŒ
èªèšŒãµãŒãã«ãã£ãŠãããããã® EAPæåã»å€±æããªã¯ãšã¹ããã±ããã«éãããèå¥å
Reauthentication State Machine
State
çŸåšã®ç¶æ ïŒåæåãåèªèšŒïŒ
236 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Port Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒåçš®èšå®ãè¡ããïŒ Apply ïŒãã¯ãªãã¯ããŸãã
237FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
802.1XããŒããµããªã«ã³ãèšå®
Security > Port Authentication (Configure Interface - Supplicant)ããŒãžã䜿çšããããŒãããä»ã®ããã€ã¹ã®ãªãŒã»ã³ãã£ã±ãŒã¿ãžçºè¡ãããããµããªã«ã³ããªã¯ãšã¹ãã® 802.1XããŒãèšå®ãè¡ããŸãã802.1Xãæå¹ã§ãããã³ã³ãããŒã«ã¢ãŒãããForce-Authorizedãã«èšå®ãããŠããéã(P235 ã802.1XèªèšŒããŒãèšå®ããåç § )ã¯ã©ã€ã¢ã³ãããããã¯ãŒã¯ã®ä»ã®ããã€ã¹ãéã£ãŠèªèšŒãããå Žåã«ã¯ãã¯ã©ã€ã¢ã³ããµããªã«ã³ãããã»ã¹ã®ããã«ãã©ã¡ãŒã¿ã®èšå®ãè¡ãå¿ èŠããããŸãã
æ©èœè§£èª¬
⢠ããŒãã«åãä»ããããããã€ã¹ããããã¯ãŒã¯ã®ä»ã®ãªãŒã»ã³ãã£ã±ãŒã¿ãžãªã¯ãšã¹ããåºããªããŠã¯ãªããªãæããConfigure Global pageãïŒP234 ã802.1xã°ããŒãã«èšå®ããåç §ïŒããŒãžã§ "Identity Profile parameters"ã®èšå®ãè¡ãããªã¢ãŒãèªèšŒãéããŠã¯ã©ã€ã¢ã³ããèªèšŒããå¿ èŠã®ããããããã®ããŒãã®çºã®ãµããªã«ã³ããã©ã¡ãŒã¿ãèšå®ããŠãã ããïŒP238 ã802.1XããŒããµããªã«ã³ãèšå®ããåç §ïŒã
⢠æ¬æ©ã¯ããã®ãªãŒã»ã³ãã£ã±ãŒã¿èšå®ããŒãžã§ãControl ModeãããAutoãã«ããããšã§ãéžæãããããŒãã®ãªãŒã»ã³ãã£ã±ãŒã¿ã®åœ¹ãšããŠèšå®ããããšãå¯èœã§ãããŸãããã®ããŒãžã§ãControl ModeãããForce Authorizedãã«ãããSupplicant configuationãããŒãžã§ PAEãµããªã«ã³ããæå¹ã«ããããšã§ãä»ã®ããŒãã®ãµããªã«ã³ããšãªãããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
PAE Supplicant
EAPãµããªã«ã³ãã¢ãŒãã®æå¹åïŒåæèšå®ïŒç¡å¹ïŒæ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ããããããã¯ãŒã¯ã®ä»ã®ããã€ã¹ãéããŠèªèšŒãããå¿ èŠãããå Žåããµããªã«ã³ãã¹ããŒã¿ã¹ãæå¹ã«ããŠãã ããããµããªã«ã³ãã¹ããŒã¿ã¹ã¯ããã®ããŒã㧠PAEã³ã³ãããŒã«ã¢ãŒãã "Force-Authoraized"ã«ãªã£ãŠããå Žåã®ã¿æå¹ã«ã§ããŸãïŒP235 ã802.1XèªèšŒããŒãèšå®ããåç §ïŒãããŒãããã©ã³ã¯ã¡ã³ããŒã§ãããããã®ããŒã㧠LACPãæå¹ã®æãPARãµããªã«ã³ãã¹ããŒã¿ã¹ãæå¹ã«ããããšã¯ã§ããŸããã
Authentication Period
ãµããªã«ã³ãããŒãããªãŒã»ã³ãã£ã±ãŒã¿ããã®è¿çãåŸ ã€æéïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Hold Period
ãµããªã«ã³ãããŒããæ°ãããªãŒã»ã³ãã£ã±ãŒã¿ãžèšŒææžãåéãããŸã§ã®åŸ ã¡æéïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Start Period
ãµããªã«ã³ãããŒãã EAPOLã¹ã¿ãŒããã¬ãŒã ããªãŒã»ã³ãã£ã±ãŒã¿ãžåéãããŸã§ã®åŸ ã¡æéïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Maximum Start
ããŒããµããªã«ã³ããã¯ã©ã€ã¢ã³ããž EAPã¹ã¿ãŒããã¬ãŒã ãéä¿¡ããæ倧æ°ïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ3ïŒ
Authenticated
ãµããªã«ã³ããèªèšŒããããåŠãã衚瀺ã
238 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [Port Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãSupplicantããã¯ãªãã¯ããŸãã
ïŒ4ïŒåçš®èšå®ãè¡ããïŒ Apply ïŒãã¯ãªãã¯ããŸãã
239FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
IEEE802.1xçµ±èšæ å ±ã®è¡šç€º
dot1xãããã³ã«ã®åããŒãã®çµ±èšæ å ±ã衚瀺ããŸãã
æ©èœè§£èª¬
ãã©ã¡ãŒã¿ 解説Authenticator
Rx EXPOL Start EAPOLã¹ã¿ãŒããã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Logoff EAPOLãã°ãªããã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Invalid å š EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Total æå¹ãª EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx Last EAPOLVer çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãããã³ã«ããŒãžã§ã³
Rx Last EAPOLSrc çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãœãŒã¹ MACã¢ãã¬ã¹
Rx EAP Resp/Id EAP Resp/Idãã¬ãŒã ã®åä¿¡æ°
Rx EAP Resp/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®åä¿¡æ°
Rx EAP LenError ãã±ããé·ãäžæ£ãªç¡å¹ EAPOLãã¬ãŒã ã®åä¿¡æ°
Tx EAP Req/Id EAP Resp/Idãã¬ãŒã ã®éä¿¡æ°
Tx EAP Req/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®éä¿¡æ°
Tx EAPOL Total å š EAPOLãã¬ãŒã ã®éä¿¡æ°
Supplicant
Rx EAPOL Invalid ãã¬ãŒã ã¿ã€ããèªèãããªããµããªã«ã³ãã«ãã£ãŠåä¿¡ããã EAPOLãã¬ãŒã æ°
Rx EAPOL Total æå¹ãª EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx Last EAPOLVer çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãããã³ã«ããŒãžã§ã³
Rx Last EAPOLSrc çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãœãŒã¹ MACã¢ãã¬ã¹
Rx EAP Resp/Id EAP Resp/Idãã¬ãŒã ã®åä¿¡æ°
Rx EAP Resp/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®åä¿¡æ°
Rx EAP LenError ãã±ããé·ãäžæ£ãªç¡å¹ EAPOLãã¬ãŒã ã®åä¿¡æ°
Tx EAPOL Total å š EAPOLãã¬ãŒã ã®éä¿¡æ°
Tx EAPOL Start EAPOLã¹ã¿ãŒããã¬ãŒã ã®åä¿¡æ°
Tx EAPOL Logoff EAPOLã¹ã¿ãŒããã¬ãŒã ã®åä¿¡æ°
Tx EAP Req/Id EAP Resp/Idãã¬ãŒã ã®éä¿¡æ°
Tx EAP Req/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®éä¿¡æ°
240 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
802.1XããŒãèªèšŒçµ±èšã衚瀺
ïŒ1ïŒ[Security] â [Port Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow StatisticsããéžæããŸãã
ïŒ3ïŒãAuthenticationããã¯ãªãã¯ããŸãã
802.1XããŒããµããªã«ã³ãçµ±èšã衚瀺
ïŒ1ïŒ[Security] â [Port Authentication]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow StatisticsããéžæããŸãã
ïŒ3ïŒãSupplicantããã¯ãªãã¯ããŸãã
241FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.12 IPãœãŒã¹ã¬ãŒã
IPãœãŒã¹ã¬ãŒãã¯ãIP ãœãŒã¹ã¬ãŒãããŒãã«ã«æåã§æ§æããããšã³ããªããDHCP ã¹ããŒãã³ã°ãæå¹ã«ãããšãã®åºå®ã»åçãšã³ããªãåºã«ããŠããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹äžã® IPãã©ãã£ãã¯ããã£ã«ã¿ããã»ãã¥ãªãã£æ©èœã§ããIP ãœãŒã¹ã¬ãŒãã¯ãããã¹ãããããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ããŠãããã¯ãŒã¯å ã® IPã¢ãã¬ã¹ã䜿çšããããšããè©Šã¿ããã£ããšããåŒãèµ·ããããæ»æããå®ãããã«äœ¿çšãããŸãããã®é 㯠IP ãœãŒã¹ã¬ãŒãã§äœ¿çšããã³ãã³ãã«ã€ããŠè§£èª¬ããŸãã
IPãœãŒã¹ã¬ãŒãããŒãèšå®
IP ãœãŒã¹ã¬ãŒãã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã¡ãã»ãŒãžãåä¿¡ãããä¿è·ãããŠããªãããŒãäžã®ãã©ãã£ãã¯ããã£ã«ã¿ããããã«äœ¿çšãããŸãã
[泚æ ]ããã«ããã£ã¹ãã¢ãã¬ã¹ã¯ IPãœãŒã¹ã¬ãŒãã§äœ¿çšããããšãã§ããŸããã
æ©èœè§£èª¬
⢠æå¹ã«ãããšãããã©ãã£ãã¯ã¯ DHCP ã¹ããŒãã³ã°ãéããŠåŠç¿ãããã€ãããã¯ãšã³ããªã IP ãœãŒã¹ã¬ãŒãã®ãã€ã³ãããŒãã«ã§æ§æãããåºå®ã¢ãã¬ã¹ãåºã«ãã£ã«ã¿ãè¡ãããŸãããã£ã«ã¿ã¯ã¹ã€ããã®ã€ã³ããŠã³ããã±ããã«å¯ŸããŠè¡ãããIPã¢ãã¬ã¹ã®ã¿ïŒSIPïŒãããã㯠IPã¢ãã¬ã¹ãš MACã¢ãã¬ã¹ã®äž¡æ¹ïŒSIP-MACïŒããã€ã³ãããŒãã«äžã®ãšã³ããªãšæ¯èŒãããŸãããã±ããããã€ã³ãããŒãã«äžã®ãšã³ããªãšéãå Žåããã±ããã¯ç Žæ£ãããŸãã
⢠ãã®æ©èœã¯éžæããããŒãã§ããœãŒã¹ã¬ãŒãã¢ãŒãã SIPïŒSource IPïŒãŸã㯠SIP-MACïŒSource IPãš MACïŒã®æå¹ã«ããŸãããã€ã³ãã£ã³ã°ããŒãã«ã®å šãŠã®ãšã³ããªã«ããããVLAN IDããœãŒã¹ IPã¢ãã¬ã¹ãããŒãçªå·ã®ãã§ãã¯ãè¡ãã«ã¯ SIPãªãã·ã§ã³ã䜿çšããŠãã ãããããããšåããã©ã¡ãŒã¿ã«å ãããœãŒã¹ MACã¢ãã¬ã¹ã®ãã§ãã¯ãè¡ãã«ã¯ãSIP-MACãªãã·ã§ã³ã䜿çšããŠäžãããããããããããšã³ããªãèŠã€ãããªãå Žåããã±ããã¯ç Žæ£ãããŸãã
⢠IPãœãŒã¹ã¬ãŒããæå¹ã®å Žåãäžãã®ãã±ããã® IPã¢ãã¬ã¹ïŒSIPãªãã·ã§ã³ïŒãŸãã¯ãã® IPã¢ãã¬ã¹ãšå¯Ÿå¿ãã MACã¢ãã¬ã¹ã®äž¡æ¹ïŒSIP-MACãªãã·ã§ã³ïŒã¯ãã€ã³ãã£ã³ã°ããŒãã«ã«ç §ããåããããŸããããããããããšã³ããªãèŠã€ãããªãæããã±ããã¯ç Žæ£ãããŸãã
⢠ãã£ã«ã¿ãªã³ã°ã«ãŒã«ã¯ä»¥äžã®ããã«å®è¡ãããŸãã
ïŒ DHCPã¹ããŒãã³ã°ãç¡å¹ã®éïŒP247åç §ïŒãIPãœãŒã¹ã¬ãŒã㯠VLAN IDããœãŒã¹ IPã¢ãã¬ã¹ãããŒãçªå·ããœãŒã¹ MACã¢ãã¬ã¹ïŒSIP-MACãªãã·ã§ã³ïŒããã§ãã¯ããŸãããããã€ã³ãã£ã³ã°ããŒãã«ã«ããããããšã³ããªãèŠã€ãããªãæããã±ããã¯ç Žæ£ãããŸãã
ïŒ DHCPã¹ããŒãã³ã°ãæå¹ã®éãIPãœãŒã¹ã¬ãŒã㯠VLAN IDããœãŒã¹ IPã¢ãã¬ã¹ãããŒãçªå·ããœãŒã¹ MACã¢ãã¬ã¹ïŒSIP-MACãªãã·ã§ã³ïŒããã§ãã¯ããŸãããããã€ã³ãã£ã³ã°ããŒãã«ãŸãã¯èŠã€ãããããšã³ããªã¿ã€ããéç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ãŸãã¯åç DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ã§ããå Žåããã±ããã¯è»¢éãããŸãã
ïŒ IPãœãŒã¹ã¬ãŒãã IPãœãŒã¹ãã€ã³ãã£ã³ã°ãæªèšå®ã®ã€ã³ã¿ãã§ãŒã¹ïŒIPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ããŒãã«ã®éçèšå®ãš DHCPã¹ããŒãã³ã°ããã®åçåŠç¿ã®ããããïŒã§æå¹ã®éãã¹ã€ããã¯ããŒãã® DHCPãã±ãã以å€å šãŠã® IPãã©ãã£ãã¯ãç Žæ£ããŸãã
242 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®ã»è¡šç€ºé ç®
Filter Type
éä¿¡å IPã¢ãã¬ã¹ãŸãã¯å¯Ÿå¿ãã MACã¢ãã¬ã¹ãå ã«ããå ¥åãã©ãã£ãã¯ã®ãã£ã«ã¿ãªã³ã°ãèšå®
⢠None ïŒ ããŒã㧠IPãœãŒã¹ã¬ãŒããã£ã«ã¿ãªã³ã°ãç¡å¹
⢠SIP ïŒãã€ã³ãã£ã³ã°ããŒãã«ã«ä¿åããã IPã¢ãã¬ã¹ã«ãããã©ãã£ãã¯ãã£ã«ã¿ãªã³ã°ãæå¹
⢠SIP-MAC ïŒ ãã€ã³ãã£ã³ã°ããŒãã«ã«ä¿åããã IPã¢ãã¬ã¹ã«ããã³å¯Ÿå¿ãã MACã¢ãã¬ã¹ãããã©ãã£ãã¯ãã£ã«ã¿ãªã³ã°ãæå¹
SIP-MAC
éä¿¡å IPã¢ãã¬ã¹ãŸãã¯å¯Ÿå¿ãã MACã¢ãã¬ã¹ãå ã«ããå ¥åãã©ãã£ãã¯ã®ãã£ã«ã¿ãªã³ã°ãæå¹å
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [IP Source Guard]â [Port Configuration]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒããããã®ããŒãã§å¿ èŠãšããããã£ã«ã¿ãªã³ã°ã¿ã€ããèšå®ããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
243FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
IPãœãŒã¹ã¬ãŒãéçãã€ã³ãã£ã³ã°èšå®
IP ãœãŒã¹ã¬ãŒãã®ãã€ã³ãããŒãã«ã«åºå®ã¢ãã¬ã¹ãè¿œå ããŸãããšã³ããªã¯ MACã¢ãã¬ã¹ãIPã¢ãã¬ã¹ããªãŒã¹ã¿ã€ã ããšã³ããªã®çš®é¡ïŒStaticãDynamicïŒãVLAN IDã Port IDãå«ãã§ããŸãããã¹ãŠã®åºå®ãšã³ããªã¯ãªãŒã¹ã¿ã€ã ãç¡éã§æ§æãããŸãããªãŒã¹ã¿ã€ã ã¯ããŒãã«äžã§ã¯ 0ã§è¡šç€ºãããŸãã
æ©èœè§£èª¬
⢠ãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ããŒãã«ã®éçã¢ãã¬ã¹ãšã³ããªã¯ãç¡éã®ãªãŒã¹æéã§èªåçã«èšå®ãããŸããDHCPã¹ããŒãã³ã°ã§åŠç¿ãããåçãšã³ããªã¯ DHCPãµãŒãèªèº«ã§èšå®ãããŸãã
⢠éçãã€ã³ãã£ã³ã°ã¯ä»¥äžã®ããã«åŠçãããŸãã
ïŒåäžã® VLAN IDãš MACã¢ãã¬ã¹ã«é ç®ãç¡ãå Žåãæ°ãããšã³ããªã¯éç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ã¿ã€ãã䜿çšãããã€ã³ãã£ã³ã°ããŒãã«ã«è¿œå ãããŸãã
ïŒåäžã® VLAN IDãšMACã¢ãã¬ã¹ã«é ç®ãç¡ãããšã³ããªã®ã¿ã€ããéç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ã§ããå Žåãæ°ãããšã³ããªãå€ãç©ã眮ãæããŸãã
ïŒåäžã® VLAN IDãšMACã¢ãã¬ã¹ã«é ç®ãç¡ãããšã³ããªã®ã¿ã€ããåç DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ã§ããå Žåãæ°ãããšã³ããªãå€ãç©ã眮ãæãããšã³ããªã¿ã€ãã¯éç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ã«å€æŽãããŸãã
èšå®ã»è¡šç€ºé ç®
Port
éçé ç®ãããŠã³ããããŠããããŒã
VLAN
èšå®ãè¡ã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
MAC Address
æå¹ãªãŠããã£ã¹ãMACã¢ãã¬ã¹
IP Address
æå¹ãªãŠããã£ã¹ã IPã¢ãã¬ã¹
244 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
èšå®æ¹æ³
IPãœãŒã¹ã¬ãŒãã®éçãã€ã³ãã£ã³ã°ãèšå®
ïŒ1ïŒ[Security] â [IP Source Guard]â [Static Configuration]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ3ïŒããããã®ããŒãã§å¿ èŠãšããããã€ã³ãã£ã³ã°ãå ¥åããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
IPãœãŒã¹ã¬ãŒãã®éçãã€ã³ãã£ã³ã°ã衚瀺
ïŒ1ïŒ[Security] â [IP Source Guard]â [Static Configuration]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
245FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
åç IPãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°æ å ±ã®è¡šç€º
éžæããã€ã³ã¿ãã§ãŒã¹ã® IP ãœãŒã¹ã¬ãŒãã®åçã«ååŸããåã®ãã€ã³ãããŒãã«ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Query by
⢠PortïŒã¹ã€ããäžã®ããŒã
⢠VLANïŒèšå®ããã VLANïŒç¯å²ïŒ1-4093ïŒ
⢠MAC AddressïŒæå¹ãªãŠããã£ã¹ã MACã¢ãã¬ã¹
⢠IP AddressïŒæå¹ãªãŠããã£ã¹ã IPã¢ãã¬ã¹ïŒã¯ã©ã¹ã¿ã€ã AãBãCãå«ãïŒ
Dynamic Binding List
⢠VLANïŒãã®é ç®ã«ããŠã³ããããŠãã VLAN
⢠MAC AddressïŒãšã³ããªãšé¢é£ä»ããããç©çã¢ãã¬ã¹
⢠InterfaceïŒãã®é ç®ã«ããŠã³ããããŠããããŒã
⢠IP AddressïŒã¯ã©ã€ã¢ã³ãã«å¯Ÿå¿ããŠãã IPã¢ãã¬ã¹
⢠TypeïŒéçãŸãã¯åçãã€ã³ãã£ã³ã°
⢠Lease TimeïŒãã® IPã¢ãã¬ã¹ãã¯ã©ã€ã¢ã³ãã«ãªãŒã¹ãããæé
èšå®æ¹æ³
ïŒ1ïŒ[Security] â [IP Source Guard]â [Dynamic Binding]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒæ€çŽ¢æ¡ä»¶ããã§ãã¯ããå¿ èŠãªå€ãå ¥åããŸããïŒ3ïŒããããã®ããŒãã§å¿ èŠãšããããã€ã³ãã£ã³ã°ãå ¥åããŸããïŒ4ïŒïŒ QueryïŒãã¯ãªãã¯ããŸãã
246 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
3.12.13 DHCPã¹ããŒãã³ã°
DHCP Snoopingã¯æªæã®ãã DHCPãµãŒããŒã DHCPãµãŒããŒã«é¢é£ã®ããæ å ±ãéä¿¡ããä»ã®ããã€ã¹ãããããã¯ãŒã¯ãå®ããŸãããã®æ å ±ã¯ç©çããŒããž IPã¢ãã¬ã¹ãæ»ãéãžã®è¿œè·¡ã«åœ¹ç«ã€å ŽåããããŸãã
æ©èœè§£èª¬
⢠ãããã¯ãŒã¯ã®å€åŽããæªæã®ãã DHCPã¡ãã»ãŒãžãåä¿¡ããããšãããããã¯ãŒã¯ãã©ãã£ãã¯ãæ··ä¹±ããå¯èœæ§ããããŸããDHCP Snoopingã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã®å®å šã§ãªãã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã DHCPã¡ãã»ãŒãžããã£ã«ã¿ããããã«äœ¿çšãããŸããDHCP Snoopingãæå¹ã«ã㊠VLANã€ã³ã¿ãã§ãŒã¹ã«èšå®ãããšããDHCP SnoopingããŒãã«äžã«èŒã£ãŠããªãããã€ã¹ãã untrustã®ã€ã³ã¿ãã§ãŒã¹ã§ DHCPã¡ãã»ãŒãžãåä¿¡ãããšãããç Žæ£ããŸãã
⢠ããŒãã«ãšã³ããªã¯ Trustedã€ã³ã¿ãã§ãŒã¹ã®ããã«ã®ã¿åŠç¿ãããŸããã¯ã©ã€ã¢ã³ãã DHCPãµãŒããã IPã¢ãã¬ã¹ãåä¿¡ãŸãã¯ãªãªãŒã¹ããæããšã³ããªã DHCPã¹ããŒãã³ã°ããŒãã«ãžåçã«è¿œå ãŸãã¯åé€ããŸããããããã®ãšã³ããªã¯ MACã¢ãã¬ã¹ãIPã¢ãã¬ã¹ããªãŒã¹ã¿ã€ã ãVLANèå¥æ å ±ãããŒãèå¥æ å ±ãå«ã¿ãŸãã
⢠ã¹ã€ããã«ãã£ãŠåŠçãå¯èœãª DHCPã¡ãã»ãŒãžã®ã¬ãŒããªãããã¯æ¯ç§ 100ãã±ããã§ãããã®å¶éãè¶ãã DHCPãã±ããã¯ãããããããŸãã
⢠æå¹ã«ãããšããuntrustã®ã€ã³ã¿ãã§ãŒã¹ã«å ¥ã£ã DHCPã¡ãã»ãŒãžã«ã¯ãDHCP Snoopingã§åŠç¿ãããã€ãããã¯ãšã³ããªãããŒã¹ã«ãããã£ã«ã¿ãè¡ãããŸãã
ãã£ã«ã¿ã®ã«ãŒã«ã¯äžèšã®éãã§ãã
⢠DHCP Snoopingãç¡å¹ã®å ŽåãDHCPãã±ããã¯è»¢éãããã
⢠DHCP Snoopingãæå¹ã§ DHCPãã±ãããåä¿¡ãã VLANäžã§ãæå¹ã®å Žåããã¹ãŠã® DHCPãã±ãã㯠trustç¶æ ã®ããŒãã«åããŠè»¢éãããŸããåä¿¡ãããã±ããã DHCP ACKã¡ãã»ãŒãžã®å Žåããã®ãšã³ããªã¯ãã€ã³ãããŒãã«ã«è¿œå ãããŸãã
⢠DHCP Snoopingãæå¹ã§ DHCPãã±ãããåä¿¡ãã VLANäžã§ãæå¹ã ããããŒãã trustã§ãªãå Žåã¯äžèšã®åäœãè¡ããŸãã
ïŒ DHCPãã±ããã DHCPãµãŒããŒããã®è¿çãã±ããïŒOFFER,ACK,NAKã¡ãã»ãŒãžãå«ãïŒã®å Žåããã®ãã±ããã¯ç Žæ£ãããŸãã
ïŒ DHCPãã±ãããã¯ã©ã€ã¢ã³ãããã®ãã®ã§ããå ŽåãDECLINEã RELEASEã¡ãã»ãŒãžã®ãããªãã±ããã¯ãäžèŽãããšã³ããªããã€ã³ãããŒãã«ã§èŠã€ãã£ãå Žåã®ã¿ãã¹ã€ããã¯ãã±ããã転éããŸãã
ïŒ DHCPãã±ãããã¯ã©ã€ã¢ã³ãããã®ãã®ã§ããå ŽåãDISCOVERãREQUESTãINFORMãDECLINEãRELEASEã¡ãã»ãŒãžã®ãããªãã±ããã¯ãMACã¢ãã¬ã¹ã«ããç §åãç¡å¹ã§ããå Žåã«ã¯ãã±ããã¯è»¢éãããŸããããããMACã¢ãã¬ã¹ã®ç §åãæå¹ã®å ŽåãDHCPãã±ããã«èšé²ãããŠããã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ã Ehternetãããã® Source MACã¢ãã¬ã¹ãšåãå Žåã«ãã±ããã¯è»¢éãããŸãã
ïŒ DHCPãã±ãããèªèã§ããªãã¿ã€ãã®å Žåã¯ç Žæ£ãããŸãã
⢠ã¯ã©ã€ã¢ã³ãããã® DHCPãã±ãããäžèšã®ãã£ã«ã¿åºæºãééããå ŽåãåãVLANã® trustããŒãã«è»¢éãããŸãã
247FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
⢠ãµãŒããŒããã® DHCPãã±ããã trustããŒãã§åä¿¡ãããå Žåãåã VLANã® trustããŒããš untrustããŒãã«è»¢éãããŸãã
⢠DHCP Snoopingãç¡å¹ã®å Žåããã¹ãŠã®ãã€ãããã¯ãšã³ããªã¯ãã€ã³ãããŒãã«ããåãé€ãããŸãã
⢠ã¹ã€ããèªèº«ã DHCPã¯ã©ã€ã¢ã³ãã®å Žåã®åäœã¹ã€ããã DHCPãµãŒããŒã«ã¯ã©ã€ã¢ã³ãã® Requestãã±ãããéä¿¡ããããŒãã¯trustãšããŠèšå®ããªããŠã¯ãããŸãããã¹ã€ãã㯠DHCPãµãŒããŒãã ACKã¡ãã»ãŒãžãåä¿¡ãããšããèªèº«ã®æ å ±ããã€ã³ãããŒãã«ã®ãã€ãããã¯ãšã³ããªãšããŠè¿œå ããŸããããŸããã¹ã€ããã DHCPã¯ã©ã€ã¢ã³ãã®ãã±ãããèªèº«ã«éä¿¡ãããšãããã£ã«ã¿ã®åäœã¯çºçããŸãããããããã¹ã€ããã DHCPãµãŒããŒããã¡ãã»ãŒãžãåä¿¡ãããšããuntrustããŒãã§åä¿¡ãããã±ããã¯ãã¹ãŠç Žæ£ãããŸãã
DHCP Snooping Option 82
⢠DHCPã¯ã¹ã€ãããš DHCPã¯ã©ã€ã¢ã³ãã«ã€ããŠã®æ å ±ã DHCPãµãŒããŒã«éä¿¡ãããªã¬ãŒã¡ã«ããºã ãæäŸããŸãããã㯠DHCP Option 82ãšããŠç¥ãããŠãããIPã¢ãã¬ã¹ãå²ãåœãŠããšãã®æ å ±ã䜿ãããããããã¯ã¯ã©ã€ã¢ã³ãã«ä»ã®ãµãŒãã¹ãããªã·ãŒãèšå®ããããã« DHCPãµãŒããŒã«äºææ§ãæäŸããŸãã
⢠ãªãã·ã§ã³ 82æ å ±ããªã¯ãšã¹ããã±ããã«æ¿å ¥ããããšãåºæ¥ãããã«ãDHCPã¹ããŒãã³ã°ãæå¹ã«ããå¿ èŠããããŸãã
⢠DHCPã¹ããŒãã³ã°æ å ±ãªãã·ã§ã³ 82ãã¹ã€ããã§æå¹ã«ããéãVLAN (DHCPã¹ããŒãã³ã°ãã£ã«ã¿ãªã³ã°ã«ãŒã«ã«äŸå ). äžã§åä¿¡ããã DHCPãªã¯ãšã¹ããã±ããã«æ å ±ãæ¿å ¥ãããŸããæ å ±ã¯ãã²ãŒããŠã§ã€ã€ã³ã¿ãŒãããã¢ãã¬ã¹ãšåæ§ã«ãµãŒããã IDããªã¢ãŒã IDãå«ããäžç¶ããããã±ããã«æ¿å ¥ãããŸãã
⢠ãã§ã« DHCPãªãã·ã§ã³ 82æ å ±ãå«ãã¯ã©ã€ã¢ã³ããã DHCPãã±ãããåä¿¡ããæãã¹ã€ããã¯ãããã®ãã±ããã®ããã«ã¢ã¯ã·ã§ã³ããªã·ãŒãèšå®ããããšãå¯èœã§ããã¹ã€ãã㯠DHCPãã±ãããããããããããæ¢åã®æ å ±ãç¶æããããã¹ã€ããã®ãªã¬ãŒæ å ±ã§çœ®ãæ¿ããäºãåºæ¥ãŸãã
DHCPã¹ããŒãã³ã°èšå®
IP ServiceïŒ DHCPïŒ Snooping (Configure Global)ã䜿çšããDHCPã¹ããŒãã³ã°ãã°ããŒãã«ã§æå¹ /ç¡å¹ããŸãã¯MACã¢ãã¬ã¹æ€èšŒã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
DHCP Snooping Status
ã¹ã€ãã㧠DHCPã¹ããŒãã³ã°ãæå¹ /ç¡å¹ã«ããŸãã
DHCP Snooping MAC-Address Verification
MAC addressæ€èšŒã®æå¹ /ç¡å¹ .
ãããã±ããã® Ethernetããã㌠ã§éä¿¡å MACã¢ãã¬ã¹ã DHCP ãã±ããã§ã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ãšåãã§ã¯ãªããªããDHCPãã±ããã¯ç Žæ£ãããŸããïŒåæèšå®ïŒæå¹ïŒ
DHCP Snooping Information Option Status
DHCP Option 82 Indormation Relayæå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
248 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
DHCP Snooping Information Option Policy
Option 82ãå«ã DHCPã¯ã©ã€ã¢ã³ãããã®ãã±ããã®ãããDHCP Snooping Information ãªãã·ã§ã³ãèšå®ããŸãã
⢠Drop ïŒæ¢ã«ãªã¬ãŒæ å ±ããã£ãå Žåãã®ã¡ãã»ãŒãžãç Žæ£ããå šãŠã® VLANã« ãã©ããã£ã³ã°ããŸãã
⢠Keep ïŒæ¢åã®ãªã¬ãŒæ å ±ããã®ãŸãŸä¿æããŸãã
⢠Replace ïŒã¹ã€ããã®ãªã¬ãŒæ å ±ã§ãDHVPã¯ã©ã€ã¢ã³ããã±ããã® ã€ã³ãã©ã¡ãŒã·ã§ã³ãäžæžãããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[IP Service]â [DHCP Snooping]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
249FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
DHCPã¹ããŒãã³ã° VLANèšå®
IP ServiceïŒ DHCPïŒ Snooping (Configure VLAN)ããŒãžã䜿çšããç¹å®ã® VLANäžã§DHCP Snoopingãæå¹ã«ããŸãã
æ©èœè§£èª¬
⢠DHCPã¹ããŒãã³ã°ãã¹ã€ããã®ã°ããŒãã«ãã€æå®ããã VLANã§æå¹ã®æãDHCPãã±ãããã£ã«ã¿ãªã³ã°ã¯ãVLANã«å±ããå šãŠã® UntrustããŒãã§å®è¡ãããŸãã
⢠DHCPã¹ããŒãã³ã°ãã°ããŒãã«ã§ç¡å¹æãDHCPã¹ããŒãã³ã°ã¯äŸç¶æå®ãããVLANã§ã®èšå®ãå¯èœã§ãããDHXPã¹ããŒãã³ã°ãã°ããŒãã«ã§å床æå¹ã«ãªããŸã§å¹æã¯åæ ãããŸããã
⢠DHCPã¹ããŒãã³ã°ãã°ããŒãã«ã§æå¹ã§ãããVLANã§ç¡å¹ã«ãªã£ãå Žåããã®VLANã§ã®å šãŠã®åçãã€ã³ãã£ã³ã°åŠç¿ã¯ãã€ã³ãã£ã³ã°ããŒãã«ããåãé€ãããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN ID
èšå®ãè¡ã VLANïŒç¯å²ïŒ1-4093ïŒ
DHCP Snooping Status
éžæãã VLANã§ã® DHCPã¹ããŒãã³ã°ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[IP Service]â [DHCP Snooping]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure VLANããéžæããŸãã
ïŒ3ïŒæ¢åã®ããããã® VLAN㧠DHCP Snoopingãæå¹ã«ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
250 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
DHCPã¹ããŒãã³ã°ããŒãèšå®
IP ServiceïŒ DHCPïŒ Snooping (Configure Interface)ããŒãžã䜿çšããã¹ã€ããã®ããŒãã trustã untrustã«èšå®ããããšãã§ããŸãã
æ©èœè§£èª¬
⢠untrustã«èšå®ããã€ã³ã¿ãã§ãŒã¹ã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã¡ãã»ãŒãžãåä¿¡ããããã«æ§æãããŸããtrustã«èšå®ããã€ã³ã¿ãã§ãŒã¹ã¯ãããã¯ãŒã¯å éšããã®ã¡ãã»ãŒãžã®ã¿åä¿¡ããããæ§æãããŸãã
⢠DHCPã¹ããŒãã³ã°ãã°ããŒãã«ãš VLANäž¡æ¹ã§æå¹æãDHCPãã±ãããã£ã«ã¿ãªã³ã°ã¯ VLANäžã® untrustedããŒãäžã§ãå®è¡ãããŸãã
⢠untrustedããŒãã trustedããŒãã«å€æŽãããæããã®ããŒãã«é¢é£ä»ããããŠããå šãŠã®åç DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ã¯åé€ãããŸãã
⢠ããŒã«ã«ãããã¯ãŒã¯ãŸãã¯ãã¡ã€ã€ãŠã©ãŒã«å ã® DHCPãµãŒãã«æ¥ç¶ãããå šãŠã®ããŒã㯠trustedã«èšå®ããŠãã ãããããŒã«ã«ãããã¯ãŒã¯ãŸãã¯ãã¡ã€ã€ãŠã©ãŒã«ã®å€ã«ãããã®ä»å šãŠã®ããŒã㯠untrustedã«èšå®ããŸãã
èšå®ã»è¡šç€ºé ç®
Trust Status
ããŒãã TrustããŒããšããŠæå¹ /ç¡å¹ã«èšå®ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[IP Service]â [DHCP Snooping]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒããŒãã® "Trusted Status"ã® "Enabled"ã«ãã§ãã¯ãå ¥ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
251FXC3110
Webã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°æ å ±
IP ServiceïŒ DHCPïŒ Snooping (Show Information)ããŒãžã䜿çšããDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°æ å ±ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
MAC Address
ãšã³ããªã«é¢é£ãã MACã¢ãã¬ã¹
IP Address
ã¯ã©ã€ã¢ã³ãã«å¯Ÿå¿ãã IPã¢ãã¬ã¹
Lease TimeïŒSecondsïŒ
ãã® IPã¢ãã¬ã¹ãã¯ã©ã€ã¢ã³ãã«ãªãŒã¹ãããæé
Type
⢠DHCP-SnoopingïŒåçã«è©®çŽ¢
⢠Static-DHCPSNPïŒéçã«èšå®
VLAN
ãã®ãšã³ããªãããŠã³ãããã VLAN
Interface
ãã®ãšã³ããªãããŠã³ããããããŒããŸãã¯ãã©ã³ã¯Store
åçã«åŠç¿ãããå šãŠã®ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªãžæžã蟌ã¿ãŸããClear
åçã«åŠç¿ãããå šãŠã®ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªããåãé€ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[IP Service]â [DHCP Snooping]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããShow InformationããéžæããŸããïŒ3ïŒå¿ èŠã«å¿ãã"Store"ãŸã㯠"Clear"æ©èœã䜿çšããŠãã ããã
252 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13 åºæ¬ç®¡çãããã³ã«
3.13.1 Event Loggingã®èšå®
ãšã©ãŒã¡ãã»ãŒãžã®ãã°ã«é¢ããèšå®ãè¡ãããšãã§ããŸããã¹ã€ããæ¬äœãžä¿åããã€ãã³ãã¡ãã»ãŒãžã®çš®é¡ãsyslogãµãŒããžã®ãã°ã®ä¿åãåã³ææ°ã®ã€ãã³ãã¡ãã»ãŒãžã®äžèŠ§è¡šç€ºãªã©ãå¯èœã§ãã
syslogã®èšå®
æ¬æ©ã¯ãã€ãã³ãã¡ãã»ãŒãžã®ä¿å /éä¿åãRAM/ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åããã¡ãã»ãŒãžã¬ãã«ã®æå®ãå¯èœã§ãã
ãã©ãã·ã¥ã¡ã¢ãªã®ã¡ãã»ãŒãžã¯æ¬æ©ã«æ°žä¹ çã«ä¿åããããããã¯ãŒã¯ã§é害ãèµ·ãã£ãéã®ãã©ãã«è§£æ±ºã«åœ¹ç«ã¡ãŸãããã©ãã·ã¥ã¡ã¢ãªã«ã¯ 4096件ãŸã§ä¿åããããšãã§ããä¿åå¯èœãªãã°ã¡ã¢ãª (256KB)ãè¶ ããå Žåã¯æãå€ããšã³ããªããäžæžããããŸãã
System Logsç»é¢ã§ã¯ããã©ãã·ã¥ã¡ã¢ãª /RAMã«ä¿åããã·ã¹ãã ã¡ãã»ãŒãžã®å¶éãèšå®ã§ããŸããåæèšå®ã§ã¯ããã©ãã·ã¥ã¡ã¢ãªã«ã¯ 0-3ã®ã¬ãã«ãå RAMã«ã¯ 0-6ã®ã¬ãã«ã®ã€ãã³ãã«é¢ããŠããããä¿åãããŸãã
èšå®ã»è¡šç€ºé ç®
System Log Status
ãããã°åã¯ãšã©ãŒã¡ãã»ãŒãžã®ãã°ä¿åã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
Flash Level
ã¹ã€ããæ¬äœã®ãã©ãã·ã¥ã¡ã¢ãªã«æ°žä¹ çã«ä¿åãããã°ã¡ãã»ãŒãžãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "3"ãæå®ãããšã0-3ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ3ïŒ
â»çŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ã¬ãã« 2ã5ã6ã®ãšã©ãŒã¡ãã»ãŒãžã®ã¿ãµããŒã
RAM Level
ã¹ã€ããæ¬äœã® RAMã«äžæçã«ä¿åãããã°ã¡ãã»ãŒãžãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "7"ãæå®ãããšã0-7ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ7ïŒ
[ 泚æ ]ããã©ãã·ã¥ã¡ã¢ãªã®ã¬ãã«ã¯ RAM ã¬ãã«ãšåãããããããäžã®ã¬ãã«ã«ããŠäžããã
ã¬ãã« åå 解説7 Debug ãããã°ã¡ãã»ãŒãž6 Informational æ å ±ã¡ãã»ãŒãž5 Notice éèŠãªã¡ãã»ãŒãž4 Warning èŠåã¡ãã»ãŒãž3 Error ãšã©ãŒç¶æ ã瀺ãã¡ãã»ãŒãž2 Critical é倧ãªç¶æ ã瀺ããšã©ãŒã¡ãã»ãŒãž1 Alert è¿ éãªå¯Ÿå¿ãå¿ èŠãªã¡ãã»ãŒãž0 Emergency ã·ã¹ãã äžå®å®ç¶æ ã瀺ãã¡ãã»ãŒãž
253FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ã·ã¹ãã ã¡ã¢ãªãã°ã®èšå®
ïŒ1ïŒ[Administration]â [Log]â [System]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒã·ã¹ãã ãã®ã³ã°ãæå¹ /ç¡å¹ã«ãããã©ãã·ã¥ã¡ã¢ãªãš RAMã«èšé²ãããã€ãã³ãã¡ãã»ãŒãžã®ã¬ãã«ãèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã·ã¹ãã ã¡ã¢ãªã«èšé²ããããšã©ãŒã¡ãã»ãŒãžã®è¡šç€º
ïŒ1ïŒ[Administration]â [Log]â [System]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow System LogsããéžæããŸãã
254 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ãªã¢ãŒããã°ã®èšå®
AdministrationïŒ LogïŒ RemoteããŒãžã§ã¯ãä»ã®ç®¡çã¹ããŒã·ã§ã³ãã syslogãµãŒããžéä¿¡ããã€ãã³ãã¡ãã»ãŒãžã®ãã°ã«é¢ããèšå®ãè¡ããŸããæå®ããã¬ãã«ããäžã®ãšã©ãŒã¡ãã»ãŒãžã ãéä¿¡ããããå¶éããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Remote Log Status
ãããã°åã¯ãšã©ãŒã¡ãã»ãŒãžã®ãªã¢ãŒããã°ä¿åã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
Logging Facility
éä¿¡ãã syslogã¡ãã»ãŒãžã®ãã¡ã·ãªãã£ã¿ã€ãã8ã€ã®ãã¡ã·ãªãã£ã¿ã€ãã 16-23ã®å€ã§æå®ããŸããsyslogãµãŒãã¯ã€ãã³ãã¡ãã»ãŒãžãé©åãªãµãŒãã¹ãžéä¿¡ããããã«ãã¡ã·ãªãã£ã¿ã€ãã䜿çšããŸãã
æ¬å±æ§ã§ã¯ syslogã¡ãã»ãŒãžãšããŠéä¿¡ãããã¡ã·ãªãã£ã¿ã€ãã¿ã°ãæå®ããŸã (詳现ïŒRFC3164)ãã¿ã€ãã®èšå®ã¯ãæ¬æ©ã«ããå ±åããã¡ãã»ãŒãžã®çš®é¡ã«åœ±é¿ããŸãããsyslogãµãŒãã«ãããŠãœãŒããããŒã¿ããŒã¹ãžã®ä¿åã®éã«äœ¿çšãããŸãïŒç¯å²ïŒ16-23ãåæèšå®ïŒ23ïŒ
Logging Trap Lebel
syslogãµãŒãã«éä¿¡ããã¡ãã»ãŒãžã®çš®é¡ãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "3"ãæå®ãããšã0-3ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãªã¢ãŒããµãŒãã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ7ïŒ
Server IP Address
syslogã¡ãã»ãŒãžãéããããªã¢ãŒããµãŒãã® IPã¢ãã¬ã¹
èšå®æ¹æ³
ïŒ1ïŒ[Administration]â [Log]â [Remote]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãªã¢ãŒããã®ã³ã°ãæå¹ã«ããsyslogã¡ãã»ãŒãžã«äœ¿çšãã "facility"ã¿ã€ããæå®ããŸãããªã¢ãŒããµãŒãã® IPã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
255FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
SMTPïŒSimple Mail Transfer ProtocolïŒ
AdministrationïŒ Log ïŒ SMTPããŒãžã䜿çšããSMTP (Simple Mail Transfer Protocol)ã®èšå®ãè¡ãããšãã§ããŸããæå®ããã¬ãã«ã®ã€ãã³ããçºçããéãã·ã¹ãã 管çè ã«ãã©ãã«ã®çºçãç¥ãããããã«ãæ¬æ©ã¯ SMTP ã䜿çšããã¡ãŒã«éä¿¡ãè¡ãããšãã§ããŸããã¡ãŒã«ã¯ãããã¯ãŒã¯ã«æ¥ç¶ããŠããæå®ãã SMTPãµãŒãã«éä¿¡ãããPOPå㯠IMAPã¯ã©ã€ã¢ã³ãããåä¿¡ã§ããŸãã
èšå®ã»è¡šç€ºé ç®
SMTP Status
SMTPæ©èœã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
Severity
ã¢ã©ãŒãã¡ãã»ãŒãžã®ãããå€ãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã€ãã³ãçºçæã«ã¯ãèšå®ããã¡ãŒã«åä¿¡è ããŠã«éä¿¡ãããŸããäŸãã° "7"ãæå®ãããšã0-7ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠéç¥ãããŸããã¬ãã«ã«ã€ããŠã¯ P253ãåç §ããŠãã ãããïŒåæèšå®ïŒ7ïŒ
Email Source Address
ã¢ã©ãŒãã¡ãã»ãŒãžã® "From"ã«å ¥åãããã¡ãŒã«éä¿¡è åãèšå®ããŸããæ¬æ©ãèå¥ããããã®ã¢ãã¬ã¹ïŒæååïŒãæ¬æ©ã®ç®¡çè ã®ã¢ãã¬ã¹ãªã©ã䜿çšããŸãã
Email Destination Address
ã¢ã©ãŒãã¡ãã»ãŒãžãåä¿¡ããã¢ãã¬ã¹ãã¢ãã¬ã¹ããã£ãŒã«ãã«å ¥åãã[Add]ãã¯ãªãã¯ããããšã§ãªã¹ããžã®è¿œå ã[Remove]ãã¯ãªãã¯ããããšã§ãªã¹ãããã®åé€ããããªããŸãã
Server IP Address
æ¬æ©ããã®ã¢ã©ãŒãã¡ãã»ãŒãžãåä¿¡ããæ倧 3ã€ã® SMTPãµãŒããæå®ã
256 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ïŒ1ïŒ[Administration]â [Log]â [SMTP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒSMTPãæå¹ã«ããsource/Distination Eã¡ãŒã«ã¢ãã¬ã¹ãæå®ããŸãã1ã€ãŸãã¯ãã以äžã® SNMTPãµãŒããæå®ããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
257FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.2 LLDP
Link Layer Discovery ProtocolïŒLLDPïŒã¯ããŒã«ã«ãããŒããã£ã¹ããã¡ã€ã³ã®äžã®æ¥ç¶ããã€ã¹ã«ã€ããŠã®åºæ¬çãªæ å ±ãçºèŠããããã«äœ¿çšããŸããLLDPã¯ã¬ã€ã€ 2ã®ãããã³ã«ã§ãããããã€ã¹ã«ã€ããŠã®æ å ±ãåšæçãªãããŒããã£ã¹ãã§äŒéããŸããäŒéãããæ å ±ã¯ IEEE802.1abã«åŸã£ãŠ Type Length ValueïŒTLVïŒã§è¡šãããããã«ã¯ããã€ã¹èªèº«ã®èå¥æ å ±ãèœåãèšå®æ å ±ã®è©³çŽ°ãå«ãŸããŠããŸãããŸã LLDPã¯çºèŠããè¿é£ã®ãããã¯ãŒã¯ããŒãã«ã€ããŠéããããæ å ±ã®ä¿åæ¹æ³ãšç®¡çæ¹æ³ãå®çŸ©ããŸãã
3.13.3 LLDPã¿ã€ã å±æ§ã®èšå®
LLDPã®æå¹åãã¡ãã»ãŒãžã®ãšãŒãžã¢ãŠãã¿ã€ã ãéåžžã®æ å ±äŒéããããŒããã£ã¹ãããééãLLDP MIBã®å€æŽã«ã€ããŠã®äŒéãšãã£ããäžè¬çãªèšå®ã¯ LLDPèšå®ç»é¢ã§è¡ããŸãã
èšå®ã»è¡šç€ºé ç®
LLDP
LLDPãã¹ã€ããã°ããŒãã«ã§æå¹ /ç¡å¹ã«ããŸããïŒåæèšå®ïŒæå¹ïŒ
Transmission Interval
LLDPã®æ å ±äŒéã®ããåšæçã«éä¿¡ããééãèšå®ããŸã
ïŒç¯å²ïŒ5ïŒ 32768ç§åæèšå®ïŒ30ç§ïŒ
ãã®å€ã¯äžã®æ°åŒã«åŸã£ãŠèšç®ããŸãã
ïŒTransmission Interval à Hold Time MultiplierïŒâŠ 65536Transmission Interval >= ïŒ4 à Delay IntervalïŒ
Hold Time Multiplier
äžã®åŒã§ç€ºãããŠããããã«ãLLDPã®ã¢ããã¿ã€ãºã¡ã³ãã§éä¿¡ããã Time-To-LiveïŒTTLïŒå€ãèšå®ããŸãïŒç¯å²ïŒ2ïŒ 10ãåæèšå®ïŒ4ïŒ
TTLã¯ãã¿ã€ã ãªãŒãªæ¹æ³ã§ã¢ããããŒããéä¿¡ãããªãå Žåãéä¿¡ãã LLDPãšãŒãžã§ã³ãã«é¢ä¿ã®ãããã¹ãŠã®æ å ±ãã©ã®ãããã®æéç¶æããããåä¿¡ãã LLDPãšãŒãžã§ã³ãã«äŒéããŸããTTLã¯ç§ã§è¡šãããäžã®æ°åŒã§èšç®ããŸããTransmission Interval à Hold Time Multiplier ⊠65536ã€ãŸãäžã®åŒããããã©ã«ãã® TTLã¯äžã®ããã«ãªããŸãã4 à 30 ïŒ 120
Delay Interval
ããŒã«ã« LLDP MIBã®å€æ°ã«å€åãèµ·ãã£ãåŸã«åŒãç¶ããã¢ããã¿ã€ãºã¡ã³ããéä¿¡ãããŸã§ã®æéãèšå®ããŸãïŒç¯å²ïŒ1ïœ 8192ç§ãåæèšå®ïŒ2ç§ïŒ
ãã®å€ã¯äžã®æ°åŒã«åŸã£ãŠèšç®ããŸãã(4 à Delay Interval)⊠Transmission Interval
Reinitialization Delay
LLDPããŒããç¡å¹ã«ãªãããªã³ã¯ããŠã³ããåŸãååæåãè©Šã¿ããŸã§ã®æéãèšå®ããŸãïŒç¯å²ïŒ1ïŒ 10ç§ãåæèšå®ïŒ2ç§ïŒ
Notification Interval
LLDP MIBã®å€æŽãè¡ããSNMPéç¥ãéä¿¡ããããŸã§ã®æéãèšå®ããŸã
258 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ïŒç¯å²ïŒ5ïŒ 3600ç§ãåæèšå®ïŒ5ç§ïŒ
259FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ïŒ1ïŒ[Administration] â [LLDP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒLLDPãæå¹ã«ããåãã©ã¡ãŒã¿ãç·šéããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
260 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.4 LLDPã€ã³ã¿ãã§ãŒã¹ã®èšå®
åå¥ã®ã€ã³ã¿ãŒãã§ãŒã¹ã«å¯Ÿããã¡ãã»ãŒãžã®å 容ãæå®ããããã« LLDPããŒãã»ãã©ã³ã¯ã®èšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Admin Status
LLDPã¡ãã»ãŒãžã®éä¿¡ã»åä¿¡ã®ã¢ãŒããæå¹ã«ããŸã
ïŒèšå®é ç®ïŒTx only, Rx only, TxRx, Disabledãåæèšå®ïŒTxRxïŒ
SNMP Notification
LLDPãš LLDP-MEDã®å€æŽã«ã€ã㊠SNMPãã©ããéç¥ã®éä¿¡ãæå¹ã«ããŸã
ïŒåæèšå®ïŒæå¹ïŒ
Basic Optional TLVs
ã¢ããã¿ã€ãºããã¡ãã»ãŒãžã® TLVãã£ãŒã«ãã®æ å ±ã«ã€ããŠèšå®ããŸãã
ïŒ Management Address â ã¹ã€ããã® IPv4ã¢ãã¬ã¹ãå«ãŸããŸããã¹ã€ããã«ç®¡ççšã®ã¢ãã¬ã¹ããªãå Žåãã¢ãã¬ã¹ã¯ã¹ã€ããã® CPUã® MACã¢ãã¬ã¹ãããã®ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ããããŒãã®MACã¢ãã¬ã¹ã«ãªããŸãã
ïŒPort Description â RFC2863ã® ifDescrãªããžã§ã¯ãã§èŠå®ãããŠããŸããããã«ã¯è£œé è ãã¹ã€ããã®è£œååãã€ã³ã¿ãŒãã§ãŒã¹ã®ããŒããŠã§ã¢ãšãœãããŠã§ã¢ã®ããŒãžã§ã³ãå«ãŸããŸãã
ïŒ System Capabilities âã·ã¹ãã ã®äž»ãªæ©èœãå«ãŸããŸãããã®æ å ±ã«ã¯æ©èœèªäœãæå¹ãã©ããã¯é¢ä¿ãããŸããããã® TLVã«ãã£ãŠã¢ããã¿ã€ãºãããæ å ±ã¯IEEE802.1ABèŠæ Œã«èšè¿°ãããŠããŸãã
ïŒ System Description â RFC3418ã® sysDescrãªããžã§ã¯ãã§èŠå®ãããŠããŸããã·ã¹ãã ã®ããŒããŠã§ã¢ããªãã¬ãŒãã£ã³ã°ãœããããããã¯ãŒãã³ã°ãœããã®ãã«ããŒã ãšããŒãžã§ã³ãå«ãŸããŠããŸãã
ïŒSystem Name â RFC3418ã® sysNameãªããžã§ã¯ãã§èŠå®ãããŠããŸããã·ã¹ãã ã®ç®¡ççšã«å²ãåœãŠãããååãå«ãŸããŸãã
802.1 Organizationally Specific TLVs
ã¢ããã¿ã€ãºãã¡ãã»ãŒãžã® TLVãã£ãŒã«ãã«å«ãŸãã 802.1æ å ±ãèšå®ã
ïŒ Protocol Identityâ ãã®ã€ã³ã¿ãã§ãŒã¹ãéããŠã¢ã¯ã»ã¹å¯èœãªãããã³ã«ïŒP99 ããããã³ã« VLANãåç §ïŒ
ïŒ VLAN ID âããŒãã®ããã©ã«ã VLANèå¥åïŒPVIDïŒã¯ VLANãã¿ã°ç¡ãã§ããããé¢é£ä»ãããããã©ã€ãªãªãã£ã¿ã°ä»ããã¬ãŒã ã§ãããã瀺ããŸã (P80 ãIEEE802.1Q VLANãåç §ïŒ
ïŒ VLAN Nameâãã®ã€ã³ã¿ãã§ãŒã¹ãã¢ãµã€ã³ãããå šãŠã® VLANã®åå (P80 ãIEEE802.1Q VLANããP99 ããããã³ã« VLANãåç §ïŒ
ïŒ Port And Protocol VLAN IDâãã®ã€ã³ã¿ãã§ãŒã¹ã«èšå®ãããããŒãããŒã¹ãšãããã³ã«ããŒã¹ VLAN(P80 ãIEEE802.1Q VLANããP99 ããããã³ã« VLANãåç §ïŒ
802.3 Organizationally Specific TLVs
ã¢ããã¿ã€ãºãã¡ãã»ãŒãžã® TLVãã£ãŒã«ãã«å«ãŸãã IEEE802.3æ å ±
ïŒ Link Aggregationâ ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³æ©èœããªã³ã¯ã®ã¢ã°ãªã²ãŒã·ã§ã³ã¹ããŒã¿ã¹ããã®ã€ã³ã¿ãã§ãŒã¹ãçŸåšãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã¡ã³ããŒã§ããå Žåã¯IEEE802.3ã¢ã°ãªã²ãŒã·ã§ã³ããŒãèå¥å
261FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ïŒ Max Frame Size âæ倧ãã¬ãŒã ãµã€ãºïŒP25 ãJumbo ãã¬ãŒã ã®æå¹åããåç §ïŒ
ïŒMAC/PHY Configuration/Status â ãªãŒãããŽã·ãšãŒã·ã§ã³ãµããŒã /æ§èœã®æ å ±ãå«ããMAC/PHYèšå®ãšã¹ããŒã¿ã¹ãšãæäœå¯èœãª Multistation Access UnitïŒMAUïŒã¿ã€ã
èšå®æ¹æ³
ïŒ1ïŒ[Administration] â [LLDP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒLLDPéä¿¡ /åä¿¡ã¢ãŒããèšå®ããSNMPãã©ããã¡ãã»ãŒãžãéä¿¡ãããåŠããæå®ããŸããLLDPã¡ãã»ãŒãžã§ã¢ããã¿ã€ãºããæ å ±ãéžæããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
262 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.5 LLDPããŒã«ã«ããã€ã¹æ å ±ã®è¡šç€º
Administration > LLDP (Show Local Device Information)ã䜿çšããMACã¢ãã¬ã¹ãã·ã£ãŒã· IDã管ç IPã¢ãã¬ã¹ãããŒãçãæ¬æ©ã®æ å ±ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
ã°ããŒãã«èšå®
Chassis Type
éä¿¡ LLDPãšãŒãžã§ã³ããšé¢é£ä»ãããã IEEE802 LANãšã³ãã£ãã£ãå«ãã·ã£ãŒã·ãèå¥ããŸããã·ã£ãŒã·ãèå¥ããã³ã³ããŒãã³ãã®ã¿ã€ãã瀺ãããã«äœ¿çšãããã·ã£ãŒã· IDãµãã¿ã€ãããã·ã£ãŒã· IDãã£ãŒã«ãã«åç §ãããããã«ã¯ããã€ãã®æ¹æ³ããããŸãã
Chassis ID
ãã®ã·ã¹ãã ã®ç¹å®ã®ã·ã£ãŒã·ã®æå®ãããèå¥åã瀺ãã8é²æ°ã¹ããªã³ã° .
System Name
ã·ã¹ãã ã®ç®¡çäžã«å²ãåœãŠãããååã瀺ãã¹ããªã³ã° ïŒP23 ãã·ã¹ãã æ å ±ã®è¡šç€ºããåç §ïŒ
System Description
ãããã¯ãŒã¯ãšã³ãã£ãã£ã®èšè¿°ããã®ãã£ãŒã«ã㯠"show system"ã³ãã³ãã§ã衚瀺ãããŸãã
System Capabilities Supported
ã·ã¹ãã ã®ãã©ã€ããªãã¡ã³ã¯ã·ã§ã³ãå®çŸ©ããã±ã€ãããªãã£
ã·ã£ãŒã· IDãµãã¿ã€ã
ID Basis Reference
Chassis componententPhysClassã "chassis(3)"ã®å€ãæã€æã¯EntPhysicalAliasïŒIETF RFC 2737ïŒ
Interface alias IfAlias ïŒIETF RFC 2863ïŒ
Port componententPhysicalClassã "port(10)"ãŸã㯠"backplane(4)"ã®å€ãæã€æ㯠EntPhysicalAlias ïŒIETF RFC 2737ïŒ
MAC address MACã¢ãã¬ã¹ïŒIEEE Std 802-2001ïŒ
Network address ãããã¯ãŒã¯ã¢ãã¬ã¹
Interface name ifName ïŒIETF RFC 2863ïŒ
Locally assigned ããŒã«ã«ã«å²ãåœãŠããã
ã·ã¹ãã æ§èœ
ID Basis Reference
Other ïŒ
Repeater IETF RFC 2108
Bridge IETF RFC 2674
WLAN Access Point IEEE 802.11 MIB
Router IETF RFC 1812
Telephone IETF RFC 2011
DOCSIS cable device IETF RFC 2669ããã³ IETF RFC 2670
End Station Only IETF RFC 2011
263FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
System Capabilities Enabled
çŸåšæå¹ã«ãªã£ãŠããã·ã¹ãã ã®ãã©ã€ããªãã¡ã³ã¯ã·ã§ã³ãåã®ããŒãã«ãåç §ããŠãã ããã
Management Address
ããŒã«ã«ã·ã¹ãã ã«é¢é£ä»ãããã管çã¢ãã¬ã¹ã
ã€ã³ã¿ãã§ãŒã¹èšå®
äžã®ãªã¹ããããå±æ§ã¯ããŒããšãã©ã³ã¯ã€ã³ã¿ãã§ãŒã¹ã¿ã€ãäž¡æ¹ã«é©çšå¯èœã§ãã
ãã©ã³ã¯ããªã¹ããããæã説æã¯ãã©ã³ã¯ã®æåã®ããŒãã«é©çšãããŸãã
Port/Trunk Description
ããŒããŸãã¯ãã©ã³ã¯ã®èª¬æãRFC 2863ãå®è£ ãããŠããå ŽåãifDescrãªããžã§ã¯ãããã®ãã£ãŒã«ãã«äœ¿çšãããŸãã
Port/Trunk ID
ããŒããŸãã¯ãã©ã³ã¯ã®èå¥å
èšå®æ¹æ³
LLDPã®ããŒã«ã«ããã€ã¹æ å ±ã衚瀺ïŒGeneralïŒ
ïŒ1ïŒ[Administration] â [LLDP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow Local Device InformationããéžæããŸãã
ïŒ3ïŒ"General"ã"Port"ã"Trunk"ãããããããéžæããŸãã
264 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
LLDPã®ããŒã«ã«ããã€ã¹æ å ±ã衚瀺ïŒPortïŒ
265FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.6 LLDPãªã¢ãŒãããŒãæ å ±ã®è¡šç€º
LLDP Remote Port/Trunk Informationç»é¢ã¯ãã¹ã€ããã®ããŒãã«çŽæ¥æ¥ç¶ãããããã€ã¹ã«ã€ããŠã®æ å ±ã衚瀺ããŸãããããã®æ å ±ã¯ LLDPãéããŠã¢ããã¿ã€ãºãããŠããŸãã
èšå®ã»è¡šç€ºé ç®
ããŒã
Local Port
ãªã¢ãŒã LLDP察å¿ã®è£ 眮ãåãä»ããããŠããããŒã«ã«ããŒã
attached.
Chassis ID
ãã®ã·ã¹ãã ã®ç¹å®ã®ã·ã£ãŒã·ã®æå®ãããèå¥åã瀺ãã8é²æ°ã¹ããªã³ã°
Port ID
ããŒãèå¥å
System Name
ã·ã¹ãã ã®ç®¡çäžã«å²ãåœãŠãããååã瀺ãã¹ããªã³ã°
ããŒã詳现
Local Port
ãªã¢ãŒã LLDP察å¿ã®è£ 眮ãåãä»ããããŠããããŒã«ã«ããŒã
Chassis Type
éä¿¡ LLDPãšãŒãžã§ã³ããšé¢é£ä»ãããã IEEE802 LANãšã³ãã£ãã£ãå«ãã·ã£ãŒã·ãèå¥ããŸããã·ã£ãŒã·ãèå¥ããã³ã³ããŒãã³ãã®ã¿ã€ãã瀺ãããã«äœ¿çšãããã·ã£ãŒã·IDãµãã¿ã€ãããã·ã£ãŒã· IDãã£ãŒã«ãã«åç §ãããããã«ã¯ããã€ãã®æ¹æ³ããããŸãã (P263 ãã·ã£ãŒã· IDãµãã¿ã€ãããåç §ïŒ
Chassis ID
ãã®ã·ã¹ãã ã®ç¹å®ã®ã·ã£ãŒã·ã®æå®ãããèå¥åã瀺ãã8é²æ°ã¹ããªã³ã°ã
System Name
ã·ã¹ãã ã®ç®¡çäžã«å²ãåœãŠãããååã瀺ãã¹ããªã³ã°ã
System Description
ãããã¯ãŒã¯ãšã³ãã£ãã£ã®èšè¿°ã
Port Type
ããŒã IDãã£ãŒã«ãã§ãªã¹ããããèå¥åãåºç€ã«ç€ºããŸãã
266 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Port Description
ããŒãã®èª¬æãRFC 2863ãå®è£ ãããŠããå ŽåãifDescrãªããžã§ã¯ãããã®ãã£ãŒã«ãã«äœ¿çšãããŸãã
Port ID
ããŒãèå¥åã
System Capabilities Supported
ã·ã¹ãã ã®ãã©ã€ããªãã¡ã³ã¯ã·ã§ã³ãå®çŸ©ããã±ã€ãããªã㣠(P263 ãã·ã¹ãã æ§èœããåç § )
System Capabilities Enabled
çŸåšæå¹ã«ãªã£ãŠããã·ã¹ãã ã®ãã©ã€ããªãã¡ã³ã¯ã·ã§ã³ã(P263 ãã·ã¹ãã æ§èœããåç § )
Management Address List
ãã®ããã€ã¹ã®ç®¡çã¢ãã¬ã¹ãäžè¬çã«ã¯ãã¬ã€ã€ 3ããã€ã¹ã«çµã³ä»ããããå€ãã®ç°ãªãã¢ãã¬ã¹ãååšãããããåã ã® LLDP PDU㯠1ã€ä»¥äžã®ç®¡çã¢ãã¬ã¹ TLVãå«ã¿ãŸãããããŒãžã¡ã³ãã¢ãã¬ã¹ãå©çšå¯èœã§ãªãå Žåãã¢ãã¬ã¹ã¯ CPUãŸãã¯ããŒãã®ããã«ãã®ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ããŸãã
ããŒã詳现ïŒ802.1æ¡åŒµæ å ±ïŒ
Remote Port VID
ããŒãã®ããã©ã«ã VLANèå¥åïŒPVIDïŒã¯ VLANãã¿ã°ç¡ããŸãã¯ãã©ã€ãªãªãã£ã¿ã°ãã¬ãŒã ãå²ãåœãŠãããŠãããã瀺ããŸãã
Remote Port-Protocol VLAN List
ãã®ã€ã³ã¿ãã§ãŒã¹ã«èšå®ãããŠããããŒãããŒã¹ããã³ãããã³ã«ããŒã¹ VLANã
Remote VLAN Name List
ããŒãã«é¢é£ä»ãããã VLANåã
Remote Protocol Identity List
ããŒããééããŠã¢ã¯ã»ã¹å¯èœãªç¹å®ã®ãããã³ã«ã®æ å ±ã
ãããŒã IDãµãã¿ã€ã
ID Basis Reference
Interface alias IfAlias ïŒIETF RFC 2863ïŒ
Chassis component
entPhysClassã 'chassis(3)'ã®å€ãæã€æã« EntPhysicalAlias(IETF RFC 2737)
Port alias entPhysicalClassã 'port(10)'ãŸã㯠'backplane(4)' ãæã€æã¯EntPhysicalAlias(IETF RFC 2737)
MAC address MAC address (IEEE Std 802-2001)
Network address ãããã¯ãŒã¯ã¢ãã¬ã¹Interface name ifName (IETF RFC 2863)
Agent circuit ID ãšãŒãžã§ã³ããµãŒããã (IETF RFC 3046)
Locally assigned ããŒã«ã«ã«å²ãåœãŠããã
267FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ããŒã詳现ïŒ802.3æ¡åŒµæ å ±ïŒ
Remote Port Auto-Neg Supported
æå®ã®ããŒãïŒãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããïŒããªãŒãããŽã·ãšãŒã·ã§ã³ããµããŒããããåŠãã瀺ããŸãã
Remote Port Auto-Neg Adv-Capability
ãªã¢ãŒãã·ã¹ãã ã®ããŒãã«é¢é£ä»ãããã IfMauAutoNegCapAdvertisedBitsãªããžã§ã¯ãã®å€ïŒããããããïŒïŒIETF RFC 3636ã§å®çŸ©ïŒ
Remote Port Auto-Neg Status
ãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããããŒãã§ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ãåŠãã衚瀺ã
Remote Port MAU Type
éä¿¡ããã€ã¹ã®çšŒåããŠãã MAUã¿ã€ãã瀺ãæŽæ°å€ããã®ãªããžã§ã¯ã㯠IETF RFC 3636ã«ãªã¹ãããã dot3MauTypeã«å¯Ÿå¿ãããªã¹ãããžã·ã§ã³ããåŸãããæŽæ°å€ãå«ã¿ãããããã® dot3MauType OIDã®æåŸã®æ°ãšçããã§ãã
ããŒã詳现ïŒ802.3æ¡åŒµãã¯ãŒæ å ±ïŒ
Remote Power Class
ãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããæå®ã®ããŒãã®ããŒãã¯ã©ã¹ (PSE - Power Sourcing Equipment ãŸã㯠PD - Powered Device)
Remote Power MDI Status
ãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããæå®ã®ããŒã㧠MDIãã¯ãŒãæå¹ãåŠãã衚瀺
ããªã¢ãŒãããŒããªãŒãããŽã·ãšãŒã·ã§ã³ã¢ããã¿ã€ãºããã£ãããªãã£
Bit Reference
0 ãã®ä»ãŸãã¯æªç¥1 10BASE-T half duplex mode
2 10BASE-T full duplex mode
3 100BASE-T4
4 100BASE-TX half duplex mode
5 100BASE-TX full duplex mode
6 100BASE-T2 half duplex mode
7 100BASE-T2 full duplex mode
8 PAUSE for full-duplex links
9 Asymmetric PAUSE for full-duplex links
10 Symmetric PAUSE for full-duplex links
11 Asymmetric and Symmetric PAUSE for full-duplex links
12 1000BASE-X, -LX, -SX, -CX half duplex mode
13 1000BASE-X, -LX, -SX, -CX full duplex mode
14 1000BASE-T half duplex mode
15 1000BASE-T full duplex mode
268 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Remote Power Pairs
"Signal"ã¯ä¿¡å·ãã¢ã®ã¿äœ¿çšãããŠããããšãæå³ããŸãã"Spare"ã¯äºåã®ãã¢ã®ã¿ããããããŠããããšãæå³ããŸãã
Remote Power MDI Supported
ãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããæå®ã®ããŒãã«ãMDIãã¯ãŒããµããŒããããŠãããåŠãã衚瀺ããŸãã
Remote Power Pair Controlable
ãã¢ã»ã¬ã¯ã·ã§ã³ããªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããæå®ã®ããŒãã® sourcing powerã§ã³ã³ãããŒã«å¯èœãåŠãã瀺ããŸãã
Remote Power Classification
LANãããã¯ãŒã¯äžã®ç°ãªããã¯ãŒã¿ãŒããã«ãé»åæ¶è²»éã«åŸãã¿ã°ã䜿çšããããšã§åé¡ããŸããIPé»è©±ã®ãããªããã€ã¹ãWLANã¢ã¯ã»ã¹ãã€ã³ãããã®ä»ã¯ãããã®å¿ èŠé»åæ¡ä»¶ã«ãã£ãŠåé¡ãããŸãã
ããŒã詳现ïŒ802.3æ¡åŒµãã©ã³ã¯æ å ±ïŒ
Remote Link Aggregation Capable
ãªã¢ãŒãããŒãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ç¶æ ã«ãããåŠãããŸãã¯ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ããµããŒãããŠãããããªããã衚瀺ã
Remote Link Aggregation Enable
ãªã³ã¯ã®çŸåšã®ã¢ã°ãªã²ãŒã·ã§ã³ç¶æ ã
Remote Link Aggregation Port ID
ãªã¢ãŒãã·ã¹ãã ã«é¢é£ä»ããããããŒãã³ã³ããŒãã³ãã® ifIndexã® ifNumberããåŸããã IEEE 802.3 aggregated port identifierãaAggPortID (IEEE 802.3-2002, 30.7.2.1.1)ãå«ã¿ãŸãããªã¢ãŒãããŒãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ç¶æ ã«ç¡ãããµããŒãããŠããªãå Žåããã®å€ã¯ïŒã«ãªããŸãã
ããŒã詳现ïŒ802.3æ¡åŒµãã¬ãŒã æ å ±ïŒ
Remote Max Frame Size
ãªã¢ãŒãã·ã¹ãã ãšé¢é£ä»ããããããŒãã³ã³ããŒãã³ãã® 8é²æ°ã§ãµããŒãããããã¬ãŒã ãµã€ãºã瀺ãæŽæ°å€ã
269FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
LLDPã®ãªã¢ãŒãããã€ã¹æ å ±ã衚瀺ïŒPortïŒ
ïŒ1ïŒ[Administration] â [LLDP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããRemote Device InformationããéžæããŸãã
ïŒ3ïŒâPortâã"Port Details"ã"Trunk"ã"Trunk Details"ãããããããéžæããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
LLDPã®ãªã¢ãŒãããã€ã¹æ å ±ã衚瀺ïŒPort詳现ïŒ
270 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.7 ããã€ã¹çµ±èšå€ã®è¡šç€º
LAdministration > LLDP (Show Device Statistics)ããŒãžã䜿çšãããã®ã¹ã€ããã«æ¥ç¶ãããŠãã LLDPãæå¹ãªãã¹ãŠã®ããã€ã¹ã®çµ±èšã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
ãªã¢ãŒãããã€ã¹ã®æŠèŠçµ±èšå€
Neighbor Entries List Last Updated
LLDPé£æ¥ãšã³ããªãªã¹ããæåŸã«æŽæ°ãããæã
New Neighbor Entries Count
ãªã¢ãŒã TTLã®æéãåããŠããªã LLDPé£æ¥ã®æ°ã
Neighbor Entries Deleted Count
ãªãããã®çç±ã§ãLLDPãªã¢ãŒãã·ã¹ãã MIBããåãé€ããã LLDPé£æ¥ã®æ°ã
Neighbor Entries Dropped Count
ãªãœãŒã¹äžè¶³ã®ããã«ãã¹ã€ããäžã®ãªã¢ãŒãããŒã¿ããŒã¹ã LLDP DUãããããããæéæ°
Neighbor Entries Age-out Count
TTLã¿ã€ããŒã®æéåããåå ã§ãè¿é£ã®æ å ±ã LLDPãªã¢ãŒãã·ã¹ãã MIBããåé€ãããæéæ°ã
ããŒã /ãã©ã³ã¯
Frames Discarded
ç¹å®ã® TLVã«å®çŸ©ãããæå®ã®äœ¿çšã«ãŒã«ã«å ããéåžžã®æ¿èªèŠåã«æºããã«ç Žæ£ããããã¬ãŒã æ°ã
Frames Invalid
å šãŠã® LLDPDUã® 1ã€ãŸãã¯ãã以äžã§æ¢ç¥å¯èœãªãšã©ãŒã®æ°ã
Frames Received
åä¿¡ããã LLDP PDUã
Frames Sent
éä¿¡ããã LLDP PDUã
TLVs Unrecognized
åä¿¡ããã LLDPããŒã«ã«ãšãŒãžã§ã³ãã«ãã£ãŠèªèãããªãå šãŠã® TLVã®æ°ã
TLVs Discarded
åä¿¡ãããã¡ã¢ãªäžè¶³ãã¢ãŠããªãã·ãŒã±ã³ã¹ãŸãã¯ãã®ä»ã®çç±ã§ç Žæ£ãããå šãŠã®LLDPDUã®æ°
Neighbor Ageouts
TTLã¿ã€ãã®æéåããçç±ã§ãè¿é£æ å ±ã LLDPãªã¢ãŒãã·ã¹ãã MIBããåé€ãããæéã
271FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
LLDPããã€ã¹çµ±èšå€ã®è¡šç€ºïŒGeneralïŒ
ïŒ1ïŒ[Administration] â [LLDP]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow Device StatisticsããéžæããŸãã
ïŒ3ïŒâGeneralâãâPortâãâTrunkâãããããããéžæããŸãã
LLDPããã€ã¹çµ±èšå€ã®è¡šç€ºïŒPortïŒ
272 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.8 SNMP
Simple Network Management Protocol (SNMP)ã¯ãããã¯ãŒã¯äžã®æ©åšã®ç®¡ççšã®éä¿¡ãããã³ã«ã§ããSNMPã¯äžè¬çã«ãããã¯ãŒã¯æ©åšãã³ã³ãã¥ãŒã¿ãªã©ã®ç£èŠãèšå®ããããã¯ãŒã¯çµç±ã§è¡ãéã«äœ¿çšãããŸãã
æ¬æ©ã¯ SNMPãšãŒãžã§ã³ããæèŒããããŒãã®éä¿¡ãããŒããŠã§ã¢ã®ç¶æ ãç£èŠããããšãã§ããŸããSNMP察å¿ã®ãããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšããããšã§ããããã®æ å ±ã«ã¢ã¯ã»ã¹ããããšãå¯èœã§ããæ¬æ©ã®å èµãšãŒãžã§ã³ããžã®ã¢ã¯ã»ã¹æš©ã¯ã³ãã¥ããã£å (Community Strings)ã«ããèšå®ãããŸãããã®ãããæ¬æ©ã«ã¢ã¯ã»ã¹ããããã«ã¯ãäºåã«ç®¡çãœãããŠã§ã¢ã®ã³ãã¥ããã£åãé©åãªå€ã«èšå®ããå¿ èŠããããŸãã
æ¬æ©ã¯ãSNMPããŒãžã§ã³ 1,2c,3ããµããŒããããšãŒãžã§ã³ããæèŒããããŒãã®éä¿¡ãããŒããŠã§ã¢ã®ç¶æ ãç£èŠããããšãã§ããŸãããããã¯ãŒã¯äžã®ãããŒãžã¡ã³ãã¹ããŒã·ã§ã³ã¯ããããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšãããããã®æ å ±ã«ã¢ã¯ã»ã¹ããããšãå¯èœã§ãã
SNMPv1,v2cã䜿çšæã®ã¢ã¯ã»ã¹èªèšŒã¯ã³ãã¥ããã£åã«ãã£ãŠã®ã¿è¡ãããŸãããSNMPv3ã§ã¯ãããŒãžã£ãšãšãŒãžã§ã³ãéã亀æããã¡ãã»ãŒãžãèªèšŒãæå·åããããšã«ãã£ãŠãæ©åšãžã®ã»ãã¥ã¢ãªã¢ã¯ã»ã¹ãæäŸããŠããŸãã
SNMPv3ã§ã¯ãã»ãã¥ãªãã£ã¢ãã«ããã³ã»ãã¥ãªãã£ã¬ãã«ãå®çŸ©ãããŸããã»ãã¥ãªãã£ã¢ãã«ã¯ããŠãŒã¶ãŒããã³ããŠãŒã¶ãŒãå±ããã°ã«ãŒããèšå®ããããã»ã¹ã§ããã»ãã¥ãªãã£ã¬ãã«ã¯ãã»ãã¥ãªãã£ã¢ãã«ã§èš±å¯ãããã»ãã¥ãªãã£ã®ã¬ãã«ã§ããã»ãã¥ãªãã£ã¢ãã«ãšã»ãã¥ãªãã£ã¬ãã«ã®çµã¿åããã«ãã£ãŠãSNMPãã±ããã®åãæ±ãã«éããŠäœ¿çšãããããã»ã¹ã決å®ãããŸããã»ãã¥ãªãã£ã¢ãã«ã«ã¯ SNMPv1ãSNMPv2cããã³ SNMPv3ã® 3çš®é¡ãå®çŸ©ãããŠããŸãã
[泚æ ]ãæ¢å®çŸ©ã®ããã©ã«ãã°ã«ãŒããšãã¥ãŒã¯ã·ã¹ãã ããåé€å¯èœã§ãããã®åŸã«ã¢ã¯ã»ã¹ã«å¿ èŠãªãã«ã¹ã¿ãã€ãºã°ã«ãŒããšãã¥ãŒãå®çŸ©ããããšãã§ããŸãã
SNMPv3ã»ãã¥ãªãã£ã¢ãã«ãšã¬ãã«ã
Model Level Group Read View Write View Notify View security
v1 noAuthNoPrivpublic(read only)
defaultview none none Community string only
v1 noAuthNoPrivprivate(read/write)
defaultviewdefaultview none Community string only
v1 noAuthNoPrivuser defined
user defined
user defined
user defined
Community string only
v2c noAuthNoPrivpublic(read only)
defaultview none none Community string only
v2c noAuthNoPrivprivate(read/write)
defaultview defaultview none Community string only
v2c noAuthNoPrivuser defined
user defined
user defined
user defined
Community string only
v3 noAuthNoPrivuser defined
user defined
user defined
user defined
A user name match only
v3 AuthNoPrivuser defined
user defined
user defined
user defined
Provides userauthentication via MD5 orSHA algorithms
v3 AuthPrivuser defined
user defined
user defined
user defined
Provides userauthentication via MD5 orSHA algorithms and dataprivacy using DES 56-bitencryption
273FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
æ©èœè§£èª¬
SNMPv1/2c管çã¢ã¯ã»ã¹ã®èšå®
ã¹ã€ããã« SNMPv1ãŸã㯠v2c管çã¢ã¯ã»ã¹ãèšå®ããã«ã¯ã以äžã®ã¹ããããè¡ã£ãŠãã ããã
ïŒ1ïŒAdministration > SNMP (Configure Global)ããŒãžã䜿çšããã¹ã€ããäžã® SNMPãšãã©ãããããŒãžã£ãæå¹ã«ããŸãã
ïŒ2ïŒUse the Administration > SNMP (Configure User - Add Community)ããŒãžã䜿çšãã管çã¢ã¯ã»ã¹ã®ããã«èªå¯ãããã³ãã¥ããã£ã¹ããªã³ã°ãèšå®ããŸãã
ïŒ3ïŒ Administration > SNMP (Configure Trap)ããŒãžã䜿çšãããã®ã¹ã€ããã«ãã£ãŠããŒã€ãã³ãã管çã¹ããŒã·ã§ã³ã«ã¬ããŒããè¡ãããã«ããã©ãããããŒãžã£ãæå®ããŸãã
SNMPv3管çã¢ã¯ã»ã¹ã®èšå®
ïŒ1ïŒ Administration > SNMP (Configure Global)ããŒãžã䜿çšããã¹ã€ããäžã® SNMPãšãã©ãããããŒãžã£ãæå¹ã«ããŸãã
ïŒ2ïŒ Administration > SNMP (Configure Trap)ããŒãžã䜿çšãããã®ã¹ã€ããã«ãã£ãŠããŒã€ãã³ãã管çã¹ããŒã·ã§ã³ã«ã¬ããŒããè¡ãããã«ããã©ãããããŒãžã£ãæå®ããŸãã
ïŒ3ïŒAdministration > SNMP (Configure Engine)ããŒãžã䜿çšããããŒã«ã«ãšã³ãžã³ ID
ãå€æŽããŸããããã©ã«ããšã³ãžã³ IDãå€æŽãããå Žåãä»ã®ãã©ã¡ãŒã¿ã®èšå®åã«è¡ã£ãŠãã ããã
ïŒ4ïŒ Administration > SNMP (Configure View)ããŒãžã䜿çšããã¹ã€ãã MIBããªãŒã®readãwriteã¢ã¯ã»ã¹ãã¥ãŒãæå®ããŸãã
ïŒ5ïŒAdministration > SNMP (Configure User)ããŒãžã䜿çšããèŠæ±ãããã»ãã¥ãªãã£ã¢ãã« (SNMP v1ãv2cãv3) ãšã»ãã¥ãªãã£ã¬ãã«ïŒauthenticationããã³ privacyïŒãšå ±ã« SNMPãŠãŒã¶ãŒã°ã«ãŒããèšå®ããŸãã
ïŒ6ïŒAdministration > SNMP (Configure Group)ããŒãžã䜿çšããç¹å®ã®èªèšŒãšãã©ã€ãã·ãŒãã¹ã¯ãŒããšå ±ã«ãSNMPãŠãŒã¶ãã°ã«ãŒãã«å²ãåœãŠãŸãã
274 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.9 SNMPã°ããŒãã«èšå®
Administration > SNMP (Configure Global)ããŒãžã䜿çšããå šãŠã®ç®¡çã¯ã©ã€ã¢ã³ãã®SNMPv3ãµãŒãã¹ãšãã©ãããããŒãžã£ãæå¹ã«ããŸãã
èšå®ã»è¡šç€ºé ç®
Agent Status
ãã§ãã¯ãå ¥ããããšã§ãSNMPãšãŒãžã§ã³ããæå¹ã«ãªããŸã
Authentication Traps*
èªèšŒæã«äžæ£ãªãã¹ã¯ãŒããéä¿¡ãããå Žåã«ãã©ãããçºè¡ãããŸãïŒåæèšå®ïŒæå¹ïŒ
Link-up and Link-down Traps*
Link-upå㯠Link-downæã«ãã©ãããçºè¡ãããŸãïŒåæèšå®ïŒæå¹ïŒ
*ãããã¯æ§åŒã®éç¥ã§ãããSNMPv3ãã¹ã䜿çšæãéç¥ãã¥ãŒïŒP279ïŒã®å¯Ÿå¿ããé ç®ã«é¢é£ããŠæå¹ã«ãªããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒSNMPãšå¿ èŠãªãã©ãã察å¿ãæå¹ã«ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
275FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ããŒã«ã«ãšã³ãžã³ IDã®èšå®
SNMPv3ãšã³ãžã³ã¯ãã¹ã€ããäžã®ç¬ç«ãã SNMPãšãŒãžã§ã³ãã§ãããã®ãšã³ãžã³ã¯ã¡ãã»ãŒãžã®åéãé 延ããã³ãªãã€ã¬ã¯ã·ã§ã³ãé²æ¢ããŸãããšã³ãžã³ IDã¯ããŠãŒã¶ãŒãã¹ã¯ãŒããšçµã¿åãããŠãSNMPv3ãã±ããã®èªèšŒãšæå·åãè¡ãããã®ã»ãã¥ãªãã£ããŒãçæããŸãã
æ©èœè§£èª¬
ããŒã«ã«ãšã³ãžã³ IDã¯ã¹ã€ããã«ããããŠåºæã«ãªãããã«èªåçã«çæãããŸãããããããã©ã«ããšã³ãžã³ IDãšãã³ãŸããããŒã«ã«ãšã³ãžã³ IDãåé€ãŸãã¯å€æŽãããå Žåãå šãŠã® SNMPãŠãŒã¶ãŒã¯ã¯ãªã¢ãããŸãããã®ããæ¢åã®ãŠãŒã¶ãŒã®åæ§æãè¡ãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Engine ID
æ°ãããšã³ãžã³ ID㯠9ãã 64ã® 16é²æ°ïŒ16é²åœ¢åŒã® 5ãã 32ã® 8ãªã¯ãããïŒã§æå®ããããšãå¯èœã§ããããå端ãªçªå·ãæå®ãããæãåŸçœ® 0ãæåŸã®ãªã¯ããããåããããã«è¿œå ãããŸããäŸãã°ã"123456789"ã®å€ã¯ "1234567890"ãšåçã§ãã.
èšå®æ¹æ³
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure EngineããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããSet Engine IDããéžæããŸãã
ïŒ4ïŒãšã³ãžã³ IDãå ¥åããïŒ SaveïŒãã¯ãªãã¯ããŸãã
276 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ãªã¢ãŒããšã³ãžã³ IDã®èšå®
ãªã¢ãŒãããã€ã¹äžã® SNMPv3ãŠãŒã¶ãŒãžã€ã³ãã©ãŒã ã¡ãã»ãŒãžãéãå Žåãæåã«ãªã¢ãŒããšã³ãžã³ IDãèšå®ããŸãããªã¢ãŒããšã³ãžã³ IDã¯ããªã¢ãŒããã¹ãã§èªèšŒãšæå·åãã±ããã®ã»ãã¥ãªãã£ãã€ãžã§ã¹ããèšç®ããããã«äœ¿çšãããŸãã
æ©èœè§£èª¬
SNMPãã¹ã¯ãŒãã¯ãä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸããã€ã³ãã©ãŒã ã®ä¿¡é Œã§ãã SNMPãšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããã®ããããããã·ãªã¯ãšã¹ããŸãã¯ã€ã³ãã©ãŒã ãéä¿¡ããåã«ãªã¢ãŒããšãŒãžã§ã³ãã®SNMPãšã³ãžã³ IDãèšå®ããå¿ èŠããããŸããïŒè©³ãã㯠P290 ããã©ãããããŒãžã£ã®æå®ãããã³ P288 ãSNMPv3ãªã¢ãŒããŠãŒã¶ãŒã®èšå®ããåç §ããŠãã ããïŒ
èšå®ã»è¡šç€ºé ç®
Remote Engine ID
æ°ãããšã³ãžã³ ID㯠9ãã 64ã® 16é²æ°ïŒ16é²åœ¢åŒã® 5ãã 32ã® 8ãªã¯ãããïŒã§æå®ããããšãå¯èœã§ããããå端ãªçªå·ãæå®ãããæãåŸçœ® 0ãæåŸã®ãªã¯ããããåããããã«è¿œå ãããŸããäŸãã°ã"123456789"ã®å€ã¯ "1234567890"ãšåçã§ãã
Remote IP Host
æå®ããããšã³ãžã³ IDã䜿çšããããªã¢ãŒã管çã¹ããŒã·ã§ã³ã® IPã¢ãã¬ã¹ã
277FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ãªã¢ãŒã SNMPãšã³ãžã³ IDã®èšå®
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure EngineããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd Remote EngineããéžæããŸãã
ïŒ4ïŒãšã³ãžã³ IDãå ¥åããïŒ SaveïŒãã¯ãªãã¯ããŸãã
ãªã¢ãŒã SNMPãšã³ãžã³ IDã®è¡šç€º
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure EngineããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow Remote EngineããéžæããŸãã
278 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
SNMPv3ãã¥ãŒã®èšå®
SNMPãã¥ãŒãšã¯ãSNMPãªããžã§ã¯ããšããããã®ãªããžã§ã¯ãã«ã€ããŠäœ¿çšå¯èœãªã¢ã¯ã»ã¹æš©éãšå¯Ÿå¿é¢ä¿ã瀺ããç©ã§ãã
äºåã«å®çŸ©ãããŠãããã¥ãŒïŒããã©ã«ããã¥ãŒïŒã«ã¯å šäœã® MIBããªãŒãžã®ã¢ã¯ã»ã¹ãå«ãŸããŸãã
èšå®ã»è¡šç€ºé ç®
Add View
View Name
SNMPãã¥ãŒåïŒ1-64æåïŒ
OID Subtrees
ãã¥ãŒã®å 容ã衚瀺ãããŸã
Type
[OID Subtrees]ã§æå®ãã OIDããåç §å¯èœãªç¯å²ã«å«ãïŒincludedïŒãå«ãŸãªãïŒexcludedïŒããéžæããŸã
Add OID Subtree
View Name
ãAdd ViewãããŒãžã§èšå®ããã SNMPãã¥ãŒãªã¹ã
OID Subtrees
ãã¥ãŒã®å 容ã衚瀺ãããŸã
Type
[OID Subtrees]ã§æå®ãã OIDããåç §å¯èœãªç¯å²ã«å«ãïŒincludedïŒãå«ãŸãªãïŒexcludedïŒããéžæããŸã
279FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ã¹ã€ããã® MIBããŒã¿ããŒã¹ã® SNMPãã¥ãŒãèšå®
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ViewããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd ViewããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
SNMPv3ãã¥ãŒã衚瀺
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ViewããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow ViewããéžæããŸãã
280 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
OIDãµãããªãŒã SNMPv3ãã¥ãŒãžè¿œå
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ViewããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd OID SubtreeããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
SNMPv3ãã¥ãŒã«èšå®ããã OIDãµãããªãŒã衚瀺
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ViewããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow OID SubtreeããéžæããŸãã
ïŒ4ïŒæ¢åã®ãªã¹ããããã¥ãŒåãéžæããŠãã ããã
281FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
SNMPv3ã°ã«ãŒãã®èšå®
SNMPv3ã°ã«ãŒãã¯ãç¹å®ã®ã»ãã¥ãªãã£ã¢ãã«ã«å±ãããŠãŒã¶ãŒã®éåã§ããã°ã«ãŒãã¯ãã®ã°ã«ãŒãã«å±ããå šãŠãŒã¶ãŒã®ã¢ã¯ã»ã¹ããªã·ãŒãå®çŸ©ããŸããã¢ã¯ã»ã¹ããªã·ãŒã«ãã£ãŠãèªã¿åããæžã蟌ã¿ããŸãã¯åä¿¡ã§ãããã©ããéç¥ã®å¶éãè¡ãããŸãã
èšå®ã»è¡šç€ºé ç®
Group Name
ã°ã«ãŒãåïŒ1-32æåïŒ
Security Model
ã»ãã¥ãªãã£ã¢ãã«ïŒ1,v2c,v3ïŒ
Security Lebel
ïŒ noAuthNoPrivïŒ èªèšŒãæå·åãè¡ããŸãã
ïŒ AuthNoPrivïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸããïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿èšå®å¯ïŒ
ïŒ AuthPrivïŒ èªèšŒãšæå·åãè¡ããŸãïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿èšå®å¯ïŒ
Read View
Readã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒç¯å²ïŒ1-64æåïŒ
Write View
Witeã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒç¯å²ïŒ1-64æåïŒ
Notify View
éç¥ãã¥ãŒãèšå®ããŸããäžè¡šã«ãŠãµããŒãããéç¥ã¡ãã»ãŒãžã瀺ããŸããïŒç¯å²ïŒ1-64æåïŒ
Object Label Object ID
RFC1493Traps
newRoot 1.3.6.1.2.1.17.0.1
topologyChange 1.3.6.1.2.1.17.0.2
SNMPv2 Traps
coldStart 1.3.6.1.6.3.1.1.5.1
warmStart 1.3.6.1.6.3.1.1.5.2
linkDown* 1.3.6.1.6.3.1.1.5.3
linkUp* 1.3.6.1.6.3.1.1.5.4
authentication Failure* 1.3.6.1.6.3.1.1.5.5
RMON Events(V2)
risingAlarm 1.3.6.1.2.1.16.0.1
fallingAlarm 1.3.6.1.2.1.16.0.2
Private Traps
swPowerStatus Change Trap 1.3.6.1.4.1.202.20.56.63.2.1.0.1
swPortSecurityTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.36
swIpFilter RejectTrap 1.3.6.1.4.1.202.20.56.63.2.1.0.40
swAuthenticationFailure 1.3.6.1.4.1.25574.10.1.11.2.1.0.66
swAuthenticationSuccess 1.3.6.1.4.1.25574.10.1.11.2.1.0.67
swAtcBcastStormAlarmFireTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.70
282 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
*ãããã¯æ§åŒã®éç¥ã§ãããSNMPèšå®ã¡ãã¥ãŒäžã®å¯Ÿå¿ãããã©ãããšé¢é£ããŠæå¹ã«ãªããŸãã
swAtcBcastStormAlarmClearTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.71
swAtcBcastStormTcApplyTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.72
swAtcBcastStormTcReleaseTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.73
swAtcMcastStormAlarmFireTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.74
swAtcMcastStormAlarmClearTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.75
swAtcMcastStormTcApplyTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.76
swAtcMcastStormTcReleaseTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.77
swLoopbackDetectionTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.92
networkAccessPortLinkDetectionTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.96
autoUpgradeTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.104
swCpuUtiRisingNotification 1.3.6.1.4.1.25574.10.1.11.2.1.0.107
swCpuUtiFallingNotification 1.3.6.1.4.1.25574.10.1.11.2.1.0.108
swMemoryUtiRisingThresholdNotification 1.3.6.1.4.1.25574.10.1.11.2.1.0.109
swMemoryUtiFallingThresholdNotification 1.3.6.1.4.1.25574.10.1.11.2.1.0.110
dhcpRougeServerAttackTrap 1.3.6.1.4.1.25574.10.1.11.2.1.0.114
283FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
SNMPã°ã«ãŒãã®èšå®
ïŒ1ïŒ[ Administration ] â [ SNMP ] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GroupããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
SNMPã°ã«ãŒãã®è¡šç€º
ïŒ1ïŒ[ Administration ] â [ SNMP ] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GroupããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
284 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.10 ã³ãã¥ããã£åã®èšå®
管çã¢ã¯ã»ã¹ã®èªèšŒã®ããã®ã³ãã¥ããã£åãæ倧 5ã€èšå®ããããšãã§ããŸããIPãã©ãããããŒãžã£ã§äœ¿çšãããã³ãã¥ããã£åããã¹ãŠããã«ãªã¹ããããŠããŸãã
ã»ãã¥ãªãã£ã®ãããåæèšå®ã®ã³ãã¥ããã£åãåé€ããããšãæšå¥šããŸãã
èšå®ã»è¡šç€ºé ç®
Community String
SNMPã§ã®ã¢ã¯ã»ã¹ãè¡ãéã«ãã¹ã¯ãŒãã®åœ¹å²ãæããã³ãã¥ããã£å
ïŒåæèšå®ïŒ"public"ïŒRead-Onlyã¢ã¯ã»ã¹ïŒ, "private"ïŒRead/Writeã¢ã¯ã»ã¹ïŒãèšå®ç¯å²ïŒ1-32æå , 倧æåå°æåã¯åºå¥ãããŸãïŒ
Access Mode
ã³ãã¥ããã£åãžã®ã¢ã¯ã»ã¹æš©ãèšå®ããŸã :
ïŒ Read-Only â èªã¿åãå°çšã¢ã¯ã»ã¹ãšãªããŸãã管çãœãããŠã§ã¢ãã㯠MIBãªããžã§ã¯ãã®ååŸã®ã¿ãã§ããŸãã
ïŒ Read/Write â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ãšãªããŸããèªå¯ããã管çã¹ããŒã·ã§ã³ã¯ MIBãªããžã§ã¯ãã®ååŸãšå€æŽã®äž¡æ¹ãå¯èœã§ãã
èšå®æ¹æ³
ã³ãã¥ããã£åã®èšå®
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸããïŒ3ïŒãActionããªã¹ããããAdd CommunityããéžæããŸããïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã³ãã¥ããã£åã®è¡šç€º
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸããïŒ3ïŒãActionããªã¹ããããShow CommunityããéžæããŸãã
285FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
SNMPv3ããŒã«ã«ãŠãŒã¶ãŒã®èšå®
ããããã® SNMPv3ãŠãŒã¶ãŒã¯åºæã®ååãæã¡ãŸããããã§ã¯ãåãŠãŒã¶ãŒã®æå±ã°ã«ãŒããã»ãã¥ãªãã£ã¬ãã«çãèšå®ããŸããSNMP v3ã§ã¯ããŠãŒã¶ãŒãæå±ããã°ã«ãŒãã«ãã£ãŠã¢ã¯ã»ã¹å¶éãå®çŸ©ãããŸãã
èšå®ã»è¡šç€ºé ç®
User Name
SNMPv3ãŠãŒã¶ãŒåïŒ1-32æåïŒ
Group Name
æ¢åã®ã°ã«ãŒãããéžæãŸãã¯æ°èŠã°ã«ãŒããäœæããŸãïŒ1-32æåïŒ
Security Model
ã»ãã¥ãªãã£ã¢ãã«ãéžæããŸãïŒv1,v2c,v3ïŒ
Security Level
ã»ãã¥ãªãã£ã¬ãã«
ïŒ noAuthNoPrivïŒ èªèšŒãæå·åãè¡ããŸããïŒåæèšå®ïŒ
ïŒ AuthNoPrivïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸãã
ïŒ AuthPrivïŒ èªèšŒãšæå·åãè¡ããŸã
Authentication Protocol
èªèšŒçšãããã³ã«ã®éžæãMD5ãŸã㯠SHAïŒåæèšå®ïŒMD5ïŒ
Authentication Password
èªèšŒçšãã¹ã¯ãŒãïŒæå° 8æåïŒ
Privacy Protocol
æå·åãããã³ã«ãDES56bitã®ã¿äœ¿çšå¯ã
Privacy Password
ãã©ã€ãã·ãŒãã¹ã¯ãŒãïŒæå° 8æåïŒ
286 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
SNMPv3ããŒã«ã«ãŠãŒã¶ã®èšå®
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd SNMPv3 Local UserããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
SNMPv3ããŒã«ã«ãŠãŒã¶ã®è¡šç€º
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow SNMPv3 Local UserããéžæããŸãã
287FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
SNMPv3ãªã¢ãŒããŠãŒã¶ãŒã®èšå®
Administration > SNMP (Configure User - Add SNMPv3 Remote User)ããŒãžã䜿çšããããŒã«ã«ã¹ã€ããããéä¿¡ããã SNMPv3éç¥ã¡ãã»ãŒãžã®ãœãŒã¹ãèå¥ããŸãã
ããããã® SNMPv3ãŠãŒã¶ãŒã¯åºæã®ååãæã¡ãŸãã
æ©èœè§£èª¬
⢠SNMP v3ã§ã¯ããŠãŒã¶ãŒãæå±ããã°ã«ãŒãã«ãã£ãŠã¢ã¯ã»ã¹å¶éãå®çŸ©ãããŸãããªã¢ãŒãããã€ã¹äžã® SNMPãŠãŒã¶ãŒãžã€ã³ãã©ãŒã ã¡ãã»ãŒãžãéãããã«ãæåã«ããŠãŒã¶ãŒãå±ãããªã¢ãŒãããã€ã¹äžã® SNMPãšãŒãžã§ã³ããž IDãèšå®ããŸãããªã¢ãŒããšã³ãžã³ IDã¯ããªã¢ãŒããã¹ãã§èªèšŒãšæå·åãã±ããã®ã»ãã¥ãªãã£ãã€ãžã§ã¹ããèšç®ããããã«äœ¿çšãããŸããïŒè©³çŽ°ã¯ P290 ããã©ãããããŒãžã£ã®æå®ãããã³ P277 ããªã¢ãŒããšã³ãžã³ IDã®èšå®ããåç §ããŠãã ããïŒ
èšå®ã»è¡šç€ºé ç®
User Name
SNMPv3ãŠãŒã¶ãŒåïŒ1-32æåïŒ
Group Name
ã°ã«ãŒãåãéžæããŸãïŒ1-32æåïŒ
Remote IP
ãŠãŒã¶ãŒãå±ãããªã¢ãŒãããã€ã¹ã®ã€ã³ã¿ãŒãããã¢ãã¬ã¹
Security Model
ã»ãã¥ãªãã£ã¢ãã«ïŒv1,v2c,v3ãåæèšå®ïŒv3ïŒ
Security Lebel
ã»ãã¥ãªãã£ã¬ãã«
ïŒ noAuthNoPrivïŒ èªèšŒãæå·åãè¡ããŸããïŒåæèšå®ïŒ
ïŒ AuthNoPrivïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸãã
ïŒ AuthPrivïŒ èªèšŒãšæå·åãè¡ããŸã
Authentication Protocol
èªèšŒçšãããã³ã«ã®éžæãMD5ãŸã㯠SHAïŒåæèšå®ïŒMD5ïŒ
Authentication Password
èªèšŒçšãã¹ã¯ãŒãïŒæå° 8æåïŒ
Privacy Protocol
æå·åãããã³ã«ãDES56bitã®ã¿äœ¿çšå¯ã
Privacy Password
ãã©ã€ãã·ãŒãã¹ã¯ãŒãïŒæå° 8æåïŒ
288 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
SNMPv3ãªã¢ãŒããŠãŒã¶ã®èšå®
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd SNMPv3 Remote UserããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
SNMPv3ãªã¢ãŒããŠãŒã¶ã®è¡šç€º
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure UserããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow SNMPv3 Remote UserããéžæããŸãã
289FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ãã©ãããããŒãžã£ã®æå®
æ¬æ©ã®ç¶æ ã«å€æŽããã£ãå Žåã«æ¬æ©ãããã©ãããããŒãžã£ã«å¯ŸããŠãã©ãããåºãããŸãããã©ãããæå¹ã«ããããã«ã¯ãã©ãããåãåããã©ãããããŒãžã£ãæå®ããå¿ èŠããããŸãã
èªèšŒå€±æã¡ãã»ãŒãžåã³ä»ã®ãã©ããã¡ãã»ãŒãžãåä¿¡ãã管ç端æ«ãæ倧 5ã€ãŸã§æå®ããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ã¹ã€ããã¯ãåæèšå®ã§ãã©ããã¡ãã»ãŒãžã®éç¥ãè¡ããŸããããã©ããã¡ãã»ãŒãžã®åãåãåŽã¯ã¹ã€ãããžå¿çãéããŸããããã®çºååãªä¿¡é Œæ§ã¯ç¢ºä¿ã§ããŸãããã€ã³ãã©ãŒã ã䜿çšããããšã«ãããéèŠæ å ±ããã¹ãã«åãåãããã®ãä¿èšŒããããšãå¯èœã§ããã€ã³ãã©ãŒã ã䜿çšããå Žåãã¹ã€ããã¯å¿çãåãåããŸã§ã®éãæ å ±ãã¡ã¢ãªå ã«ä¿æããªããŠã¯ãªããªãããå€ãã®ã·ã¹ãã ãªãœãŒã¹ã䜿çšããŸãããŸãã€ã³ãã©ãŒã ã¯ãããã¯ãŒã¯ãã©ããã¯ã«ã圱é¿ãäžããŸãããããã®åœ±é¿ãèæ ®ããäžã§ãã©ãããŸãã¯ã€ã³ãã©ãŒã ã®äœ¿çšã決å®ããŠãã ããã
SNMPv2ãã¹ããžã€ã³ãã©ãŒã ãéä¿¡ããã«ã¯ã以äžã®ã¹ããããå®äºãããŠãã ããã
ïŒ1ïŒSNMPãšãŒãžã§ã³ããæå¹ã«ããŸãã ïŒP275ïŒ
ïŒ2ïŒå¿ èŠãšãããéç¥ã¡ãã»ãŒãžã§ãã¥ãŒãäœæããŸããïŒP279ïŒ
ïŒ3ïŒå¿ èŠãšãããéç¥ãã¥ãŒãå«ããã°ã«ãŒãïŒãConfigure Trap - Add pageãããŒãžïŒP282ïŒã§æå®ãããã³ãã¥ããã£ã¹ããªã³ã°ãããããïŒãèšå®ããŸãã
ïŒ4ïŒãã©ããéç¥ãæå¹ã«ããŸãã
SNMPv3ãã¹ããžã€ã³ãã©ãŒã ãéä¿¡ããã«ã¯ã以äžã®ã¹ããããå®äºãããŠãã ããã
ïŒ1ïŒSNMPãšãŒãžã§ã³ããæå¹ã«ããŸããïŒP275ïŒ
ïŒ2ïŒã¡ãã»ãŒãžäº€æããã»ã¹ã§äœ¿çšããããããŒã«ã« SNMPv3ãŠãŒã¶ãäœæããŸããïŒP286ïŒ
ïŒ3ïŒå¿ èŠãšãããéç¥ã¡ãã»ãŒãžã§ãã¥ãŒãäœæããŸããïŒP279ïŒ
ïŒ4ïŒå¿ èŠãšãããéç¥ãã¥ãŒãå«ããã°ã«ãŒããäœæããŸããïŒP282ïŒ
ïŒ5ïŒãã©ããéç¥ãæå¹ã«ããŸãã
èšå®ã»è¡šç€ºé ç®
SNMP Version1
IP Address
éç¥ã¡ãã»ãŒãžãåãåãæ°ãã管çã¹ããŒã·ã§ã³ã® IPã¢ãã¬ã¹
Version
éç¥ãéããã©ããã SNMPv1ãv2cãŸã㯠v3ããéžæããŸããïŒåæèšå®ïŒv1ïŒ
290 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Community String
æ°ãããã©ãããããŒãžã£ãšã³ããªã®æå¹ãªã³ãã¥ããã£ã¹ããªã³ã°ãæå®ãïŒ1-32æåã倧æåå°æåãåºå¥ããŸããïŒãã®é ç®ã¯ Configure Trap - AddããŒãžã§ãèšå®ã§ããŸãããConfigure User - Add CommunityããŒãžã§å®çŸ©ããããšãæšå¥šããŸãã
UDP Port
ãã©ãããããŒãžã£ã§äœ¿çšãã UDPããŒãçªå·ïŒåæèšå®ïŒ162ïŒ
SNMP Version2c
IP Address
éç¥ã¡ãã»ãŒãžãåãåãæ°ãã管çã¹ããŒã·ã§ã³ã® IPã¢ãã¬ã¹
Version
éç¥ãéããã©ããã SNMPv1ãv2cãŸã㯠v3ããéžæããŸãã
Notification Type
⢠Traps ïŒ éç¥ã¯ãã©ããã¡ãã»ãŒãžãšããŠéä¿¡ãããŸãã
⢠Inform ïŒ éç¥ã¯éç¥ã¡ãã»ãŒãžãšããŠéä¿¡ãããŸããïŒåæèšå®ïŒãã©ããïŒ
⢠TimeoutïŒéç¥ã¡ãã»ãŒãžãåéããåã«ãæ¿èªãåŸ ã€ç§æ°ïŒç¯å²ïŒ0-2147483647ã»ã³ãã»ã«ã³ããåæèšå®ïŒ1500ã»ã³ãã»ã«ã³ãïŒ
⢠Retry timesïŒã¬ã·ããšã³ããåãåã£ãããšãç¥ãããªãå Žåã«ãéç¥ã¡ãã»ãŒãžãåéããæ倧æ°ïŒç¯å²ïŒ0-255ãåæèšå®ïŒ3ïŒ
Community String
æ°ãããã©ãããããŒãžã£ãšã³ããªã®æå¹ãªã³ãã¥ããã£ã¹ããªã³ã°ãæå®ïŒ1-32æåã倧æåå°æåãåºå¥ããŸããïŒãã®é ç®ã¯ Configure Trap - AddããŒãžã§ãèšå®ã§ããŸãããConfigure User - Add CommunityããŒãžã§å®çŸ©ããããšãæšå¥šããŸãã
UDP Port
ãã©ãããããŒãžã£ã§äœ¿çšãã UDPããŒãçªå·ïŒåæèšå®ïŒ162ïŒ
SNMP Version3
IP Address
éç¥ã¡ãã»ãŒãžãåãåãæ°ãã管çã¹ããŒã·ã§ã³ã® IPã¢ãã¬ã¹
Version
éç¥ãéããã©ããã SNMPv1ãv2cãŸã㯠v3ããéžæããŸãã
Notification Type
⢠Traps ïŒ éç¥ã¯ãã©ããã¡ãã»ãŒãžãšããŠéä¿¡ãããŸãã
⢠Inform ïŒ éç¥ã¯éç¥ã¡ãã»ãŒãžãšããŠéä¿¡ãããŸããïŒåæèšå®ïŒãã©ããïŒ
⢠TimeoutïŒéç¥ã¡ãã»ãŒãžãåéããåã«ãæ¿èªãåŸ ã€ç§æ°ïŒç¯å²ïŒ0-2147483647ã»ã³ãã»ã«ã³ããåæèšå®ïŒ1500ã»ã³ãã»ã«ã³ãïŒ
⢠Retry timesïŒã¬ã·ããšã³ããåãåã£ãããšãç¥ãããªãå Žåã«ãéç¥ã¡ãã»ãŒãžãåéããæ倧æ°ïŒç¯å²ïŒ0-255ãåæèšå®ïŒ3ïŒ
291FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Local User Name
ããŒã«ã«ã¹ã€ããããéä¿¡ããã SNMPv3ãã©ããã¡ãã»ãŒãžã®ãœãŒã¹ãèå¥ããããã«äœ¿çšãããããŒã«ã«ãŠãŒã¶åïŒç¯å²ïŒ1-32æåïŒæå®ããããŠãŒã¶ã®ã¢ã«ãŠã³ããäœæãããŠããªãå Žåéã«ã¯ (P383)ã1ã€ãèªåã§çæãããŸãã
Remote User Name
ããŒã«ã«ã¹ã€ããããéä¿¡ããã SNMPv3éç¥ã¡ãã»ãŒãžã®ãœãŒã¹ãèå¥ããããã«äœ¿çšãããããŒã«ã«ãŠãŒã¶åïŒç¯å²ïŒ1-32æåïŒæå®ããããŠãŒã¶ã®ã¢ã«ãŠã³ããäœæãããŠããªãå Žåéã«ã¯ (P383)ã1ã€ãèªåã§çæãããŸãã
UDP Port
ãã©ãããããŒãžã£ã§äœ¿çšãã UDPããŒãçªå·ïŒåæèšå®ïŒ162ïŒ
Security Level
ã»ãã¥ãªãã£ã¬ãã«ïŒåæèšå®ïŒnoAuthNoPrivïŒ
ïŒ noAuthNoPriv ïŒ èªèšŒãæå·åãè¡ããŸããïŒåæèšå®ïŒ
ïŒ AuthNoPriv ïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸãã
ïŒ AuthPriv ïŒ èªèšŒãšæå·åãè¡ããŸã
292 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ãã©ãããããŒãžã£ã®èšå®ïŒSNMPv1ïŒ
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrapããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAdd ããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã©ãããããŒãžã£ã®èšå®ïŒSNMPv2cïŒ
293FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ãã©ãããããŒãžã£ã®èšå®ïŒSNMPv3ïŒ
ãã©ãããããŒãžã£èšå®ã®è¡šç€º
ïŒ1ïŒ[Administration] â [SNMP] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure TrapããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããshow ããéžæããŸãã
294 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.11 ãªã¢ãŒãã¢ãã¿ãªã³ã°
ãªã¢ãŒãã¢ãã¿ãªã³ã°ã¯ããªã¢ãŒãè£ çœ®ãéäŸåãåºç€ã«ãæå®ãããã€ãã³ãã®æ å ±ãåéãŸãã¯å¯ŸåŠããããšãå¯èœã«ããŸãã
æ¬æ©ã¯ãç¬ç«ããŠåºç¯å²ã®ã¿ã¹ã¯ãå®è¡ããããšãå¯èœãª RMONã«å¯Ÿå¿ããŠããããããã¯ãŒã¯ç®¡çãã©ãã£ãã¯ãå€§å¹ ã«äœæžããããšãåºæ¥ãŸãããã®æ©èœã«ãããé£ç¶çãªèšºæãšãã°æ å ±åéãè¡ããŸããæ¬æ©ã¯çµ±èšãå±¥æŽãã€ãã³ããã¢ã©ãŒã ã°ã«ãŒãããæããmini-RMONããµããŒãããŠããŸããRMONæå¹æãã·ã¹ãã ã¯æ¬¡ç¬¬ã«ãã®ç©ççã€ã³ã¿ãã§ãŒã¹ã«é¢ããæ å ±ãå¢åŒ·ãããã®æ å ±ã«é©å㪠RMONããŒã¿ããŒã¹ã°ã«ãŒããžä¿åããŸãã管çãšãŒãžã§ã³ã㯠SNMPãããã³ã«ã䜿çšããåšæçã«ã¹ã€ãããšã³ãã¥ãã±ãŒã·ã§ã³ãè¡ããŸãã
ããã¹ã€ãããèŽåœçãªã€ãã³ãã«ééããå Žåãããã¯ç®¡çãšãŒãžã§ã³ããžèªåã§ãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
RMONã¢ã©ãŒã ã®èšå®
Administration > RMON (Configure Global - Add - Alarm)ããŒãžã䜿çšããå¿çã€ãã³ããçæããããã®ãç¹å®ã®åºæºãå®çŸ©ããŸããã¢ã©ãŒã ã¯æå®ãããæéééã«æž¡ã£ãŠãã¹ããè¡ãããèšå®ããããšãå¯èœã§ãç¡å¶éãŸãã¯å€åå€ãç£èŠããããšãåºæ¥ãŸããïŒç¹å®ã®å€ã«éããçµ±èšã«ãŠã³ã¿ãŸãã¯ãèšå®ããééãè¶ ããéã§å€åããçµ±èšéïŒãŸããäžæãŸãã¯éäžãããå€ãžã®å¯ŸåŠãèšå®ããããšãå¯èœã§ãïŒã¢ã©ãŒã ãåŒãèµ·ããããåŸãçµ±èšäžã®å€ãå察ã®å¢çãæããããå€ãè¶ããããªã¬ãšãªããããå€ã®å ãžåŸéãããŸã§ããããåã³åŒãèµ·ããããªãããšã«æ³šæããŠãã ãããïŒ
æ©èœè§£èª¬
⢠ã€ã³ããã¯ã¹ã«ãŠæ¢ã«ã¢ã©ãŒã ãå®çŸ©ãããŠããå Žåãå€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Index
ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
Variable
ãµã³ãã«ããã MIBå€æ°ã®ãªããžã§ã¯ãèå¥åã"etherStatsEntry.n.n"ã¿ã€ãã®ã¿ããµã³ãã«ãããŸãã"etherStatsEntry.n"ã¯äžæçã« MIBå€æ°ãå®çŸ©ãã"etherStatsEntry.n.n"㯠MIBå€æ°ãš"etherStatsIndex"ãå®çŸ©ããŸããïŒäŸïŒ1.3.6.1.2.1.16.1.1.1.6.1㯠"etherStatsBroadcastPkts"ãã㊠1ã® "etherStatsIndex"ã瀺ããŸãïŒ
Interval
ããŒãªã³ã°ééïŒç¯å²ïŒ1-31622400ç§ïŒ
Sample Type
æå®ãããå€æ°ã®çµ¶å¯ŸçãŸãã¯çžå¯Ÿçå€åã®ãã¹ããå®è¡
⢠AbsoluteïŒå€æ°ã¯ãµã³ããªã³ã°ããªãªãã®çµããã®ãããå€ãšçŽæ¥æ¯èŒãããŸãã
⢠DeltaïŒæçµãµã³ãã«ã¯çŸåšã®å€ããåŒãããçžéããããå€ãšæ¯èŒãããŸãã
295FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Rising Threshold
äžæ¹éŸå€ã®å€ãæå®ããŸããïŒç¯å²ïŒ1-65535ïŒ
Rising Event Index
ã¢ãã¿ãããå€æ°ãäžæ¹éŸå€ã«éãããè¶ããããšã«ãã£ãŠã¢ã©ãŒã ãåŒãèµ·ããããéã«äœ¿çšãããã€ãã³ãã®ã€ã³ããã¯ã¹ãïŒç¯å²ïŒ1-65535ïŒ
Falling Threshold
äžæ¹éŸå€ã®å€ãæå®ããŸããïŒç¯å²ïŒ1-65535ïŒ
Falling Event Index
ã¢ãã¿ãããå€æ°ãäžæ¹éŸå€ã«éãããäžåã£ãããšã«ãã£ãŠã¢ã©ãŒã ãåŒãèµ·ããããéã«äœ¿çšãããã€ãã³ãã®ã€ã³ããã¯ã¹ãïŒç¯å²ïŒ1-65535ïŒ
Owner
ãã®ãšã³ããªãäœæãã人ã®ååïŒç¯å²ïŒ1-127æåïŒ
296 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
RMONã¢ã©ãŒã ã®èšå®
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãAlarmããã¯ãªãã¯ããŸãã
ïŒ5ïŒå¿ èŠãªé ç®ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
RMONã¢ã©ãŒã èšå®ã®è¡šç€º
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãAlarmããã¯ãªãã¯ããŸãã
297FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
RMONã€ãã³ãã®èšå®
Administration > RMON (Configure Global - Add - Event)ã䜿çšããã¢ã©ãŒã ãåŒãèµ·ããããæã«è¡ãè¡åãèšå®ããŸãã
å¿çã«ã¯ã¢ã©ãŒã ã®ãã®ã³ã°ãŸãã¯ãã©ãããããŒãžã£ãžã®ã¡ãã»ãŒãžã®éä¿¡ãå«ãããšãå¯èœã§ããã¢ã©ãŒã ãšå¯Ÿå¿ããã€ãã³ãã¯ãéèŠãªãããã¯ãŒã¯ããã°ã©ã ã«å³åº§ã«å¿çããæ¹æ³ãæäŸããŸãã
æ©èœè§£èª¬
⢠ã€ã³ããã¯ã¹ã§æ¢ã«ã¢ã©ãŒã ãå®çŸ©ãããŠããå Žåãå€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠以äžã® 1ã€ã®åæã€ãã³ããèšå®ãããŠããŸãããevent Index = 1ãDescription: RMON_TRAP_LOGãEvent type: log ïŒ trapãEvent community name is publicãOwner is RMON_SNMP
èšå®ã»è¡šç€ºé ç®
Index
ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
Type
éå§ã€ãã³ãã®ã¿ã€ããæå®
⢠NoneïŒã€ãã³ãã¯çæãããŸããã
⢠LogïŒã€ãã³ããåŒãèµ·ããããæãRMONãã°ãšã³ããªãçæãããŸãããã°ã¡ãã»ãŒãžã¯ã€ãã³ããã®ã³ã°ã®ææ°ã®èšå®ã«åºã¥ããŠåŠçãããŸããïŒ253 ããŒãžã®ãEvent Loggingã®èšå®ããåç §ïŒ
⢠TrapïŒèšå®ãããå šãŠã®ãã©ãããããŒãžã£ãžãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã(290 ããŒãžã®ããã©ãããããŒãžã£ã®æå®ããåç §ïŒ
⢠Log and TrapïŒã€ãã³ãã®ãã°ãšãã©ããã¡ãã»ãŒãžã®éä¿¡ã
Community
ãã©ãããªãã¬ãŒã·ã§ã³ã§ SNMPv1,v2cãã¹ãã«éä¿¡ãããããã¹ã¯ãŒãã®ãããªã³ãã¥ããã£ã¹ããªã³ã°ããã®èšå®ããŒãžã§ã³ãã¥ããã£ã¹ããªã³ã°ã®èšå®ãè¡ãããšãåºæ¥ãŸãããããã§èšå®ãè¡ãåã« P290 ããã©ãããããŒãžã£ã®æå®ãã§å®çŸ©ããããšãæšå¥šããŸããïŒç¯å²ïŒ1-32æåïŒ
Description
ãã®ã€ãã³ãã説æããã³ã¡ã³ãïŒç¯å²ïŒ1-127æåïŒ
Owner
ãã®ãšã³ããªãäœæãã人ã®ååïŒç¯å²ïŒ1-127æåïŒ
298 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
RMONã€ãã³ãã®èšå®
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãEventããã¯ãªãã¯ããŸãã
ïŒ5ïŒå¿ èŠãªé ç®ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
RMONã¢ã©ãŒã èšå®ã®è¡šç€º
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãEventããã¯ãªãã¯ããŸãã
299FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
RMONå±¥æŽãµã³ãã«ã®èšå®
Administration > RMON (Configure Interface - Add - History)ã䜿çšãããããã¯ãŒã¯äœ¿çšçããã±ããã¿ã€ãããšã©ãŒãç£èŠããããã«ãç©çã€ã³ã¿ãã§ãŒã¹äžã®çµ±èšå€ãåéããŸãã掻åã®å±¥æŽã®èšé²ã¯æç¶çãªåé¡ã远跡ããããã«äœ¿çšã§ããŸããèšé²ã¯éåžžã®ããŒã¹ã©ã€ã³æŽ»åã確ç«ããããã«äœ¿çšããããšãåºæ¥ãŸãããããã¯ãã€ãã©ãã£ãã¯ã¬ãã«ããããŒããã£ã¹ãã¹ããŒã ããã®ä»æ®éã§ã¯ãªãã€ãã³ããšé¢ä¿ã¥ããããåé¡ãæããã«ããŸãããŸãããããã¯ãŒã¯æé·ãäºæž¬ããè² è·ã倧ãããªãåã«æ¡åŒµã®ãã©ã³ãç«ãŠãããã«ã䜿çšåºæ¥ãŸãã
æ©èœè§£èª¬
⢠ããããã®ã€ã³ããã¯ã¹çªå·ã¯ã¹ã€ããã®ããŒããšåçã§ãã
⢠history collectionãæ¢ã«ã€ã³ã¿ãã§ãŒã¹ã§æå¹ã«ãªã£ãŠããå Žåãå€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠ããããã®ãµã³ãã«ã§åéãããæ å ±ã«ã¯ä»¥äžãå«ãŸããŸããinput octetsãpacketsãbroadcast packetsãmulticast packetsãundersize packetsãoversize packetsãfragmentsãjabbersãCRC alignment errorsãcollisioinsãdrop eventsã network utilizationãShow DetailsãããŒãžã§è¡šç€ºãããçµ±èšå€ã®èª¬æ㯠58 ããŒãžã®ãããŒãã»ãã©ã³ã¯çµ±èšæ å ±è¡šç€ºããåç §ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Port
ã¹ã€ããã®ããŒãçªå·
Index
ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
Interval
ããŒãªã³ã°ã€ã³ã¿ãŒãã«ïŒç¯å²ïŒ1-3600ç§ãåæèšå®ïŒ1800ç§ïŒ
Buckets
ãã®ãšã³ããªã§ãªã¯ãšã¹ãããããã±ããã®çªå·ïŒç¯å²ïŒ1-65535ãåæèšå®ïŒ50ïŒçæããããã±ããã®çªå·ã¯ãShowãããŒãžã§è¡šç€ºãããŸãã
Owner
ãã®ãšã³ããªãäœæãã人ã®ååïŒç¯å²ïŒ1-127æåïŒ
300 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ããŒãã®çµ±èšå€ãåšæçã«åé
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãHistoryããã¯ãªãã¯ããŸãã
ïŒ5ïŒããŒããéžæããŸããïŒ6ïŒå¿ èŠãªé ç®ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
èšå®ããã RMONå±¥æŽãµã³ãã«ã®è¡šç€º
ïŒ1ïŒ[Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãªã¹ãããããŒããéžæããŸããïŒ5ïŒãHistoryããã¯ãªãã¯ããŸãã
301FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
åéããã RMONå±¥æŽãµã³ãã«ã衚瀺
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow DetailsããéžæããŸãã
ïŒ4ïŒãªã¹ãããããŒããéžæããŸããïŒ5ïŒãHistoryããã¯ãªãã¯ããŸãã
302 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
RMONçµ±èšãµã³ãã«ã®èšå®
Administration > RMON (Configure Interface - Add - Statistics)ããŒãžã䜿çšããããŒãã®çµ±èšå€ãåéããŠããšã©ãŒãšå šäœã®ãã©ãã£ãã¯ã¬ãŒãã®ããã«ãããã¯ãŒã¯ãç£èŠããããšãåºæ¥ãŸãã
æ©èœè§£èª¬
⢠æ¢ã«ã€ã³ã¿ãã§ãŒã¹ã§çµ±èšå€ã®åéãæå¹ã«ãªã£ãŠããå Žåãå€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠ããããã®ãµã³ãã«ã§åéãããæ å ±ã«ã¯ä»¥äžãå«ãŸããŸããinput octetsãpacketsãbroadcast packetsãmulticast packetsãundersize packetsãoversize packetsãfragments, jabbersãCRC alignment errorsãcollisioinsãdrop eventsãnetwork utilizationãShow DetailsãããŒãžã§è¡šç€ºãããçµ±èšå€ã®èª¬æ㯠58 ããŒãžã®ãããŒãã»ãã©ã³ã¯çµ±èšæ å ±è¡šç€ºããåç §ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
Port
ã¹ã€ããã®ããŒãçªå·
Index
ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
Owner
ãã®ãšã³ããªãäœæãã人ã®ååïŒç¯å²ïŒ1-127æåïŒ
303FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ããŒãã§éåžžã®çµ±èšå€ãµã³ãã«ãæå¹ã«ããŸãã
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãStatisticsããã¯ãªãã¯ããŸãã
ïŒ5ïŒãªã¹ãããããŒããéžæããŸããïŒ6ïŒå¿ èŠãªé ç®ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
èšå®ããã RMONå±¥æŽãµã³ãã«ã®è¡šç€º
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ïŒ4ïŒãªã¹ãããããŒããéžæããŸããïŒ5ïŒãStatisticsããã¯ãªãã¯ããŸãã
304 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
åéããã RMONå±¥æŽãµã³ãã«ã衚瀺
ïŒ1ïŒ [Administration]â [RMON]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow DetailsããéžæããŸãã
ïŒ4ïŒãªã¹ãããããŒããéžæããŸããïŒ5ïŒãStatisticsããã¯ãªãã¯ããŸãã
305FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
3.13.12 ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°
ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°ã¯ 1ã€ã®ã¹ã€ãããéããäžå€®ç®¡çãæå¹ã«ãããããã¹ã€ãããã°ã«ãŒãåããæ©èœã§ããã¯ã©ã¹ã¿ãªã³ã°ããµããŒãããã¹ã€ããã¯ãããããåãããŒã«ã«ãããã¯ãŒã¯å ã«æ¥ç¶ãããŠããéããç©ççãªå Žæãã¹ã€ããã®çš®é¡ã«é¢ä¿ãªãã°ã«ãŒãåããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ã¹ã€ããã¯ã©ã¹ã¿ã¯ãã¯ã©ã¹ã¿ã®ä»ã®ãã¹ãŠã®ã¡ã³ããŒã管çããããã«äœ¿çšããã³ãã³ããŠããããæã¡ãŸãã管ç端æ«ã¯ IPã¢ãã¬ã¹ãéããŠã³ãã³ããšçŽæ¥éä¿¡ããããã« TelnetãšWebã€ã³ã¿ãã§ãŒã¹ã®äž¡æ¹ã䜿çšããããšãã§ããŸãããŸãã³ãã³ãã¯ã¯ã©ã¹ã¿ã®å éš IPã¢ãã¬ã¹ã䜿çšããŠã¡ã³ããŒã¹ã€ããã管çããŸãã
⢠ã¹ã€ãããã¯ã©ã¹ã¿ã®ã³ãã³ããŒãšããŠæ§æããçŽåŸãã³ãã³ããŒã¯ãããã¯ãŒã¯äžã®ã¯ã©ã¹ã¿ãæå¹ã«ããã¹ã€ãããèªåçã«çºèŠããŸããçºèŠãããã¹ã€ããã¯CandidateïŒåè£ïŒãšåŒã°ãã管ç端æ«ãéããŠæåã§ã¯ã©ã¹ã¿ã®ã¡ã³ããŒã«èšå®ããããšãã§ããŸãã
⢠1ã€ã®ã¯ã©ã¹ã¿ã«æ倧 100ã®åè£ãš 36åã®ã¡ã³ããŒãè¿œå ããããšãã§ããŸãã
⢠ã¹ã€ãã㯠1ã€ã®ã¯ã©ã¹ã¿ã®ã¡ã³ããŒã«ã®ã¿ãªããŸãã
⢠ã³ãã³ããšã¡ã³ããŒãæ§æããåŸãWebãšãŒãžã§ã³ãã®ã¡ãã¥ãŒããã¯ã©ã¹ã¿ã® IDãéžæããããšã§ãã¯ã©ã¹ã¿ã«åå ããã¹ã€ããã®ç®¡çãè¡ãããšãã§ããŸãã
ã¯ã©ã¹ã¿èšå®
Administration > Cluster (Configure Global)ããŒãžã䜿çšããã¹ã€ããã¯ã©ã¹ã¿ãäœæããŸãã
æ©èœè§£èª¬
⢠æåã«ãã¹ã€ããäžã§ã¯ã©ã¹ã¿ãªã³ã°ãæå¹ïŒåæèšå®ã¯ç¡å¹ïŒã«ãªã£ãŠããããšã確èªãããã®åŸã«ã¹ã€ãããã¯ã©ã¹ã¿ã³ãã³ããšããŠèšå®ããŸãããããã¯ãŒã¯ IPãµãããããšççŸããªãã¯ã©ã¹ã¿ IPããŒã«ãèšå®ããŠãã ãããããããã¡ã³ããŒã«ãªã£ãæãã¯ã©ã¹ã¿ IPã¢ãã¬ã¹ã¯ã¹ã€ããã«å²ãåœãŠããããããŠã¡ã³ããŒã¹ã€ãããšã³ãã³ãéã®ã³ãã¥ãã±ãŒã·ã§ã³ã§äœ¿çšãããŸãã
èšå®ã»è¡šç€ºé ç®
Cluster Status
ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
Commander Status
ã¹ã€ãããã¯ã©ã¹ã¿ã³ãã³ããŒãšããŠæå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
IP Pool
ã¯ã©ã¹ã¿å ã®ã¡ã³ããŒã¹ã€ãããžã® IPã¢ãã¬ã¹å²ãåœãŠã«äœ¿çšãããâinternalâ IPã¢ãã¬ã¹ããŒã«ãIPã¢ãã¬ã¹ããŒã«ã®èšå®ãã¡ã³ããŒã¹ã€ããã«å²ãåœãŠããã IPã¢ãã¬ã¹ãšããŠå éšçã«äœ¿çšãããŸããã¯ã©ã¹ã¿ã® IPã¢ãã¬ã¹ã®åœ¢åŒã¯ã10.x.x.ã¡ã³ããŒã¹ã€ããã®IDããšããæ§æã«ãªããŸããã¡ã³ããŒã«èšå®ããå¿ èŠã®ãã IPã¢ãã¬ã¹ã®æ°ã¯ 1åãã 32åã§ããïŒåæèšå®ïŒ10.254.254.1ïŒ
306 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
Role
ã¯ã©ã¹ã¿ã¹ã€ããã®çŸåšã®åœ¹å²ã衚瀺ïŒCommanderãMemberãCandidateåæèšå®ïŒCandidateïŒ
Number of Members
çŸåšã®ã¯ã©ã¹ã¿ã¡ã³ããŒæ°
Number of Candidates
çŸåšããããã¯ãŒã¯å ã§æ€çŽ¢ãããåè£ã¹ã€ãã
èšå®æ¹æ³
ïŒ1ïŒ[Admionistration] â [Cluster] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ãå ¥åãïŒ ApplyïŒãã¯ãªãã¯ããŸãã
307FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ã¯ã©ã¹ã¿ã¡ã³ããŒèšå®
åè£ã¹ã€ãããã¯ã©ã¹ã¿ã®ã¡ã³ããŒã¹ã€ãããšããŠè¿œå ããŸãã
èšå®ã»è¡šç€ºé ç®
Member ID
éžæããåè£ã¹ã€ããã«ã¡ã³ã㌠IDãèšå®ããŸããïŒç¯å²ïŒ1-36ïŒ
MAC Address
åè£ããŒãã«ãããã¹ã€ããã® MACã¢ãã¬ã¹ãéžæããŸãããããã¯ãæ¢ç¥ã®ã¹ã€ããMACã¢ãã¬ã¹ãæå®ããŸãã
308 FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
èšå®æ¹æ³
ã¯ã©ã¹ã¿ã¡ã³ããŒã®èšå®
ïŒ1ïŒ[Admionistration] â [Cluster] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MemberããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒå¿ èŠãªé ç®ãå ¥åãïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¯ã©ã¹ã¿ã¡ã³ããŒã®è¡šç€º
ïŒ1ïŒ[Admionistration] â [Cluster] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MemberããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
ã¯ã©ã¹ã¿åè£ã®è¡šç€º
ïŒ1ïŒ[Admionistration] â [Cluster] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure MemberããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããShow CandidateããéžæããŸãã
309FXC3110
Webã€ã³ã¿ãã§ãŒã¹åºæ¬ç®¡çãããã³ã«
ã¯ã©ã¹ã¿ã¡ã³ããŒã®ç®¡ç
Administration > Cluster (Show Member)ããŒãžã䜿çšããã¯ã©ã¹ã¿ã®ä»ã¹ã€ããã管çããŸãã
èšå®ã»è¡šç€ºé ç®
Member ID
ã¡ã³ããŒã¹ã€ããã® IDçªå·ïŒç¯å²ïŒ1-36ïŒ
Role
çŸåšã®ã¹ã€ããã¯ã©ã¹ã¿ã¹ããŒã¿ã¹
IP Address
ã¡ã³ãã¹ã€ããã«å²ãåœãŠããããå éšã¯ã©ã¹ã¿ IPã¢ãã¬ã¹
MAC Address
ã¡ã³ããŒã¹ã€ããã®MACã¢ãã¬ã¹ .
Description
ã¡ã³ããŒã¹ã€ããã®èª¬æ
Operate
ã¯ã©ã¹ã¿ã¡ã³ããŒããªã¢ãŒãã§ç®¡ç
èšå®æ¹æ³
ã¯ã©ã¹ã¿ã¡ã³ããŒã®ç®¡ç
ïŒ1ïŒ[Admionistration] â [Cluster] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow MemberããéžæããŸãã
ïŒ3ïŒã¯ã©ã¹ã¿ã¡ã³ããŒãªã¹ããã衚瀺ããã¡ã³ããŒãéžæããŸããïŒ4ïŒãOperateããã¯ãªãã¯ããŸãã
310 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
3.14 IPèšå®
ãããã¯ãŒã¯äžã®ã¹ã€ãããžã®ç®¡çã¢ã¯ã»ã¹çš IPã€ã³ã¿ãã§ãŒã¹ã®èšå®ã«ã€ããŠè§£èª¬ããŸãã
æ¬æ©ã¯ IPããŒãžã§ã³ 4ããã³ 6ããµããŒãããŠããããããã®ã¢ãã¬ã¹ã¿ã€ãã®ãããããéããŠåæã«ç®¡çãå¯èœã§ãã
IPv4ãŸã㯠IPv6ã¢ãã¬ã¹ãæåã§èšå®ããããèµ·åæã« IPv4ã¢ãã¬ã¹ã BOOTPãŸãã¯DHCPãµãŒããŒãããã€ã¬ã¯ãã«ååŸããããšãå¯èœã§ããIPv6ã¢ãã¬ã¹ã¯æåã§èšå®ãŸãã¯åçã«çæãããããšãå¯èœã§ãã
3.14.1 PING
IP > General > PingããŒãžã䜿çšããŠããããã¯ãŒã¯å ã®ä»ã®ããŒããž ICMP echoãªã¯ãšã¹ããã±ãããéä¿¡ããããšãåºæ¥ãŸãã
èšå®ã»è¡šç€ºé ç®
IP Address
ãã¹ãã® IPã¢ãã¬ã¹
Probe Count
éä¿¡ãããã±ããã®æ°ïŒç¯å²ïŒ1-16ïŒ
Packet Size
ãã±ããã®ãµã€ãºïŒç¯å²ïŒ32-512bytesïŒ
èšå®æ¹æ³
ïŒ1ïŒ[IP] â [General] â [Ping] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒã¿ãŒã²ããããã€ã¹ãš PINGãã©ã¡ãŒã¿ãæå®ããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
311FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
3.14.2 IPã¢ãã¬ã¹ã®èšå®ïŒIP Version4ïŒ
ãããã¯ãŒã¯çµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãããã« IPã¢ãã¬ã¹ãå¿ èŠãšãªããŸããåæèšå®ã§ã¯ãIPã¢ãã¬ã¹ã¯èšå®ãããŠããŸããã
æå㧠IPã¢ãã¬ã¹ã®èšå®ãè¡ãéã¯ã䜿çšãããããã¯ãŒã¯ã§å©çšå¯èœãª IPã¢ãã¬ã¹ãèšå®ããŠäžãããïŒæåèšå®æã®åæèšå®ã¯ãIPã¢ãã¬ã¹ :192.168.1.1ããµãããããã¹ã¯255.0.0.0ïŒãŸããä»ã®ãããã¯ãŒã¯ã»ã°ã¡ã³ãäžã®ç®¡ççš PCããã¢ã¯ã»ã¹ããå Žåã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ãå¿ èŠããããŸãã
æ¬æ©ã§ã¯ãæåã§ã® IPã¢ãã¬ã¹ã®èšå®åã³ BOOTPå㯠DHCPãµãŒããçšã㊠IPã¢ãã¬ã¹ã®ååŸãè¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Management VLAN
VLANã® ID(1-4093)ãåæèšå®ã§ã¯ãã¹ãŠã®ããŒãã VLAN 1ã«æå±ããŠããŸããããããIPã¢ãã¬ã¹ãå²ãåœãŠã VLANãèšå®ããããšã«ããã管ç端æ«ã IPã¢ãã¬ã¹ãå²ãåœãŠãä»»æã®ããŒãã«æ¥ç¶ããããšãã§ããŸãã
IP Address Mode
IPã¢ãã¬ã¹ãèšå®ããæ¹æ³ã StaticïŒæåèšå®ïŒãDHCPãBOOTPããéžæããŸããDHCPå㯠BOOTPãéžæããå ŽåããµãŒãããã®å¿çããããŸã§ IPã¢ãã¬ã¹ã®ååŸãã§ããŸãããIPã¢ãã¬ã¹ãååŸããããã®ãµãŒããžã®ãªã¯ãšã¹ãã¯åšæçã«éä¿¡ãããŸãïŒDHCPå㯠BOOTPããååŸããæ å ±ã«ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯åã³ããã©ã«ãã²ãŒããŠã§ã€ã®æ å ±ãå«ã¿ãŸãïŒ
IP Address
管çã¢ã¯ã»ã¹ãè¡ãããšãã§ãã VLANã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ãèšå®ããŸããæå¹ãª IPã¢ãã¬ã¹ã¯ã0-255ãŸã§ã®åé²æ° 4æ¡ã«ãã£ãŠè¡šçŸãããããããããªãªãã§åºåãããŸãïŒåæèšå®ïŒ192.168.1.10ïŒ
Subnet Mask
ãµãããããã¹ã¯ãèšå®ããŸããã«ãŒãã£ã³ã°ã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ãããæ°ã®èå¥ã«å©çšãããŸãïŒåæèšå®ïŒ255.255.255.0ïŒ
Gateway IP Address
管ç端æ«ãžã®ã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãèšå®ããŸãã管ç端æ«ãç°ãªã£ãã»ã°ã¡ã³ãã«ããå Žåã«ã¯ãèšå®ãå¿ èŠãšãªããŸãïŒåæèšå®ïŒ0.0.0.0ïŒ
MAC Address
æ¬æ©ã®MACã¢ãã¬ã¹ã衚瀺ããŠããŸãã
Restart DHCP
DHCPãµãŒããžæ°ãã IPã¢ãã¬ã¹ãèŠæ±ããŸãã
312 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
èšå®æ¹æ³
IPv4ã¢ãã¬ã¹ãæåã§èšå®
ïŒ1ïŒ[System] â [IP] ãã¯ãªãã¯ããŸããïŒ2ïŒç®¡ç VLANãIPã¢ãã¬ã¹ããµãããããã¹ã¯ãã²ãŒããŠã§ã€ã¢ãã¬ã¹ãå ¥åããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ã¢ãã¬ã¹ã DHCP/BOOTPããèªåã§ååŸ
ïŒ1ïŒ[System] â [IP] ãã¯ãªãã¯ããŸããïŒ2ïŒç®¡ç VLANãå ¥åããIPã¢ãã¬ã¹ã¢ãŒãã "DHCP"ãŸã㯠"BOOTP"ã«ããŸããïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããèšå®ãä¿åããŸããïŒ4ïŒæ°ããã¢ãã¬ã¹ãèŠæ±ãããããïŒ Restart DHCPïŒãã¯ãªãã¯ããŸãã
[泚æ ]ãæ¯é»æºãªã»ããæãã¹ã€ãã㯠IPèšå®ã®ãªã¯ãšã¹ãããããŒããã£ã¹ãããŸãã
[泚æ ]ã管çæ¥ç¶ã倱ã£ãŠããŸã£ãå Žåãã¹ã€ãããžã³ã³ãœãŒã«æ¥ç¶ãè¡ã "show ip interface"ã§æ°ããã¹ã€ããã¢ãã¬ã¹ã確èªããŠãã ããã
DHCPã®æŽæ°
DHCPã¯ãæ°žä¹ åã¯äžå®æéã¯ã©ã€ã¢ã³ãã« IPã¢ãã¬ã¹ã貞ãåºããŸããæå®ãããæéãéããå Žåããæ¬æ©ãä»ã®ãããã¯ãŒã¯ã»ã°ã¡ã³ããžç§»åããå Žåãæ¬æ©ãžã®ç®¡çã¢ã¯ã»ã¹ãè¡ããªããªããŸãããã®å Žåã«ã¯ãæ¬æ©ã®åèµ·åãè¡ãããã³ã³ãœãŒã«çµç±ã§ IPã¢ãã¬ã¹ã®åååŸãè¡ããªã¯ãšã¹ããéä¿¡ããŠäžããã
313FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
3.14.3 IPã¢ãã¬ã¹ã®èšå® (IP Version6)
ãã®ã»ã¯ã·ã§ã³ã§ã¯ããããã¯ãŒã¯çµç±ã®ç®¡çã¢ã¯ã»ã¹ã®ããã« IPv6ã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ãæ¹æ³ã«ã€ããŠè§£èª¬ããŸããæ¬æ©ã¯ IPv4ãš IPv6ã®äž¡æ¹ããµããŒãããŠããããããã®ã¢ãã¬ã¹ã¿ã€ãããããã§ç®¡çãããããšãå¯èœã§ããIPv4ã¢ãã¬ã¹ã®èšå®ã«é¢ããæ å ±ã¯ãP312 ãIPã¢ãã¬ã¹ã®èšå®ïŒIP Version4ïŒããåç §ããŠãã ããã
æ©èœè§£èª¬
IPv6㯠2ã€ã®ã¢ãã¬ã¹ã¿ã€ãïŒãªã³ã¯ããŒã«ã«ãŠããã£ã¹ããšã°ããŒãã«ãŠããã£ã¹ããå«ã¿ãŸãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ãåãããŒã«ã«ãµããããã«åãä»ããããå šãŠã®ããã€ã¹ã«ãã¹ã€ãããžã® IPv6ã®ã¢ã¯ã»ã¹ãå¯èœã«ããŸãããã®çš®é¡ã®ã¢ãã¬ã¹ã䜿çšãã管çãã©ãã£ãã¯ã¯ãµããããã®å€åŽã§ã«ãŒã¿ã«ãã£ãŠåãæž¡ããããããšãåºæ¥ãŸããããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯èšå®ã容æã§ãããã·ã³ãã«ãªãããã¯ãŒã¯ãåºæ¬çãªãã©ãã«ã·ã¥ãŒãã£ã³ã°ã«ã¯åœ¹ç«ã¡ãŸãããè€æ°ã»ã°ã¡ã³ãããæããã倧èŠæš¡ãªãããã¯ãŒã¯ã«æ¥ç¶ããããã«ã¯ãã°ããŒãã«ãªãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãããªã³ã¯ããŒã«ã«ãšã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã¿ã€ãã®äž¡æ¹ã¯åæ§ã«ãåçã¢ãµã€ã³ãŸãã¯æåã§èšå®ããããšãå¯èœã§ãã
IPv6ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®
Use the IP > IPv6 Configuration (Configure Global)ããŒãžã䜿çšããã¹ã€ããã® IPv6ããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããŸãã
èšå®ã»è¡šç€ºé ç®
Default Gateway
ããã©ã«ããã¯ã¹ããããã«ãŒã¿ã® IPv6ã¢ãã¬ã¹ãèšå®ããŸãã
ã»ç®¡çã¹ããŒã·ã§ã³ãç°ãªã IPv6ã»ã°ã¡ã³ãã«ããå ŽåãIPv6ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãå¿ èŠã§ãã
ã»çŽæ¥ã²ãŒããŠã§ã€ã«æ¥ç¶ãã ãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ ãã¹ã€ããã®äžã«æ§æãèšå®ãããæã®ã¿ IPv6ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ã¯æåããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒIPv6ããã©ã«ãã²ãŒããŠã§ã€ãå ¥åããŸãã
ïŒ4ïŒ[Apply]ãã¯ãªãã¯ããŸãã
314 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
IPv6ã€ã³ã¿ãã§ãŒã¹èšå®
IP > IPv6 Configuration (Configure Interface)ããŒãžã䜿çšããIPv6äžè¬èšå®ãè¡ãããšãåºæ¥ãŸãã
æ©èœè§£èª¬
⢠ã¹ã€ããã¯åžžã«ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§èšå®ãããªããŠã¯ãªããŸãããã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ããããŒã«ã«ã€ã³ã¿ãã§ãŒã¹ã§çºèŠãããå Žåãã¹ã€ããã®ã¢ãã¬ã¹èªåèšå®æ©èœã¯ãIPv6ã°ããŒãã«ã¢ãã¬ã¹ãšåæ§ã«èªåçã«ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãäœæããŸãã
⢠IPv6ã®æ瀺çæå¹åãéžæããããšã§ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãäœæãããŸãããèªåèšå®ãæå¹ã§ãªãå Žåãã°ããŒãã« IPv6ã¢ãã¬ã¹ã¯çæããŸããããã®ã±ãŒã¹ã§ã¯ã¢ãã¬ã¹ãæåã§èšå®ããŠãã ããã(P318 ãIPv6ã¢ãã¬ã¹ã®èšå®ããåç § )
⢠IPv6è¿é£æ¢çŽ¢ãããã³ã«ã¯ãIPv6ãããã¯ãŒã¯ã® v4ã¢ãã¬ã¹è§£æ±ºãããã³ã«ã«åã£ãŠä»£ãããŸããåããããã¯ãŒã¯ã»ã°ã¡ã³ãã® IPv6ããŒãã¯è¿é£æ¢çŽ¢ããäºãã®ååšãçºèŠããããäºãã®ãªã³ã¯ã¬ã€ã€ã¢ãã¬ã¹ã決å®ãããã«ãŒã¿ãçºèŠããçºã«äœ¿ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
管çã¢ã¯ã»ã¹äœ¿çšã«èšå®ããã VLANã® IDãããã©ã«ãã§ã¯ãå šãŠã®ããŒã㯠VLAN1ã¡ã³ããŒã§ããã管çã¹ããŒã·ã§ã³ã¯ VLANã IPã¢ãã¬ã¹ã«ã¢ãµã€ã³ãããŠããéããã©ã®VLANã«å±ããŠããããŒãã«ãå å ¥ããããšãå¯èœã§ããïŒç¯å²ïŒ1-4093ïŒ
Address Autoconfig
ã€ã³ã¿ãã§ãŒã¹ã§ IPv6ã¢ãã¬ã¹ã®èªåèšå®ãæå¹åãããã³ã€ã³ã¿ãã§ãŒã¹äžã§ IPv6æ©èœãæå¹åããŸããã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã¯ IPv6ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã§åãåããããã¬ãã£ãã¯ã¹ãåºã«ãããã¹ãéšã¯ã€ã³ã¿ãã§ãŒã¹èå¥åïŒã¹ã€ããã®MACã¢ãã¬ã¹ïŒã®ã¢ãã£ãã¡ã€ã EUI-64ãã©ãŒã ã䜿çšããŠèªåçã«çæãããŸãã
ã»ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã " other stateful configuration"ãã©ã°ã»ãããæã€å Žåãã¹ã€ããã¯ä»ã®ãã³ã¢ãã¬ã¹èšå®æ å ±ãç²åŸããããšè©Šã¿ãŸããïŒããã©ã«ãã²ãŒããŠã§ã€çïŒ
ã»èªåèšå®ãéžæãããªãå Žåãã¢ãã¬ã¹ã¯ " Add Interface"ããŒãžã䜿çšããæåã§èšå®ããŸãã
Enable IPv6 Explicitly
ã€ã³ã¿ãã§ãŒã¹ã§ IPv6ãæå¹ã«ããŸããã€ã³ã¿ãã§ãŒã¹ã«æ瀺çãªã¢ãã¬ã¹ãå²ãåœãŠãããæãIPv6ã¯èªåçã«æå¹ã«ãªããå šãŠã®å²ãåœãŠãããã¢ãã¬ã¹ãåãé€ããããŸã§ç¡å¹ã«åºæ¥ãŸãããïŒåæèšå®ïŒç¡å¹ïŒãã®ãã©ã¡ãŒã¿ãç¡å¹ã«ããŠããIPv6ã¢ãã¬ã¹ã§æ瀺çã«èšå®ãããã€ã³ã¿ãã§ãŒã¹ã®IPv6ã¯ç¡å¹ã«ãªããŸããã
MTU
ã€ã³ã¿ãã§ãŒã¹ã«éããã IPv6ãã±ããã®ãMaximum Transmission UnitïŒMTUïŒã®ãµã€ãºãèšå®ããŸããïŒç¯å²ïŒ1280-65535 bytesãåæèšå®ïŒ1500 bytesïŒ
315FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
ã»IPv6ã«ãŒã¿ã¯ä»ã®ã«ãŒã¿ãã転éããã IPv6ãã±ããããã©ã°ã¡ã³ãããŸããããIPv6ã«ãŒã¿ãžæ¥ç¶ããããšã³ãã¹ããŒã·ã§ã³ããæºãçºãããã©ãã£ãã¯ã¯ãã©ã°ã¡ã³ãããŸãã
ã»åãç©çåªäœäžã®å šãŠã®ããã€ã¹ã¯ãæ£ç¢ºã«çšŒåãããããåã MTUã䜿çšããªããŠã¯ãªããŸããã
ã»MTUãèšå®å¯èœã«ãªãåã«ãIPv6ã¯ã€ã³ã¿ãã§ãŒã¹ã§æå¹ã«ããªããŠã¯ãªããŸãããIPv6ã¢ãã¬ã¹ãã¹ã€ããã«ã¢ãµã€ã³ãããŠããªãå ŽåãMTUãã£ãŒã«ãã« "N/A"ã衚瀺ãããŸãã
ND DAD Attempts
éè€ã¢ãã¬ã¹æ€åºã®éã«ã€ã³ã¿ãã§ãŒã¹ã§éããããé£ç¶ãããã€ããŒèŠè«ã¡ãã»ãŒãžã®æ°ïŒç¯å²ïŒ0-600ãåæèšå®ïŒ1ïŒ
ã»0ã®å€ãèšå®ããããšã¯éè€ã¢ãã¬ã¹æ€åºãç¡å¹ã«ããŸãã
ã»ãµã¹ãã³ãç¶æ ã«ãªã£ãŠããã€ã³ã¿ãã§ãŒã¹ã§ã¯éè€ã¢ãã¬ã¹æ€åºã¯åæ¢ããŸããïŒ83 ããŒãžã®ãVLANã°ã«ãŒãã®èšå®ããåç §ïŒã€ã³ã¿ãã§ãŒã¹ããµã¹ãã³ãäžãã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããå šãŠã® IPv6ãŠããã£ã¹ãã¢ãã¬ã¹ã¯ "pending"ã«ãªããŸããã€ã³ã¿ãã§ãŒã¹ã管çäžå床ã¢ã¯ãã£ãã«ãªã£ãæãéè€ã¢ãã¬ã¹æ€åºã¯èªåçã«åéããŸãã
ã»åã¢ã¯ãã£ãåããã€ã³ã¿ãã§ãŒã¹ã¯ãå šãŠã®ãŠããã£ã¹ã IPv6ã¢ãã¬ã¹ã§éè€ã¢ãã¬ã¹æ€åºãåéããŸããéè€ã¢ãã¬ã¹æ€åºãã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§å®è¡ãããŠããéããã®ä»ã® IPv6ã¢ãã¬ã¹ã¯ " tentative"ç¶æ ã§æ®ã£ãŠããŸãããããéè€ãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãèŠã€ãããªãå Žåãéè€ã¢ãã¬ã¹æ€åºã¯æ®ãã® IPv6ã¢ãã¬ã¹ã«å¯Ÿãå®è¡ãããŸãã
ã»éè€ããã¢ãã¬ã¹ãèŠã€ãã£ãå Žåããã㯠"duplicantïŒéè€ïŒ"ã¹ããŒãã«ã»ãããããã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãããããéè€ãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãæ€åºãããå ŽåãIPv6ããã»ã¹ã¯ã€ã³ã¿ãã§ãŒã¹ã§ç¡å¹ã«ãªããŸããéè€ããã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãæ€åºãããå Žåãããã¯äœ¿çšãããŸããã
ã»ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãå€æŽãããå Žåãéè€ã¢ãã¬ã¹æ€åºã¯æ°ãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§å®è¡ãããŸãããæ¢ã«ã€ã³ã¿ãã§ãŒã¹ãšé¢é£ä»ãããã IPv6ãŠããã£ã¹ãã¢ãã¬ã¹ã«ã¯å®è¡ããŸããã
ND NS Interval
ã€ã³ã¿ãã§ãŒã¹äžã§ã® IPv6è¿é£èŠè«ã¡ãã»ãŒãžéä¿¡ééïŒç¯å²ïŒ1000-3600000ããªç§ãåæèšå®ïŒè¿é£æ€åºãªãã¬ãŒã·ã§ã³ =1000ããªç§ ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã®ã¢ããã¿ã€ãº =0ããªç§ïŒãã®å±æ§ã¯ãã¢ãã¬ã¹è§£æ±ºãŸãã¯è¿é£ã®å°éå¯èœæ§ãæ¢ãæã«ãè¿é£èŠè«ã¡ãã»ãŒãžãéä¿¡ããééãæå®ããŸããéåžžã® IPv6ãªãã¬ãŒã·ã§ã³ã®ããã«ãéåžžã«çãééã䜿çšããã®ã¯é¿ããŠãã ããã
Restart DHCPv6
IPã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã® DHCPv6èšå®ã¯çŸåšã®ãœãããŠã§ã¢ã§ã¯ãµããŒããããŠããŸãããã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã " other stateful configuration"ãã©ã°ã»ãããæã€å Žåãã¹ã€ãã㯠DHCPv6ãµãŒããããä»ã®ãã³ã¢ãã¬ã¹èšå®æ å ±ïŒããã©ã«ãã²ãŒããŠã§ã€çïŒãç²åŸããããšè©Šã¿ãŸãã
316 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ãã[Apply]ãã¯ãªãã¯ããŸãã
317FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
IPv6ã¢ãã¬ã¹ã®èšå®
IP > IPv6 Configuration (Add IPv6 Address)ããŒãžã䜿çšãããããã¯ãŒã¯äžã®ç®¡çã¢ã¯ã»ã¹çš IPv6ã€ã³ã¿ãã§ãŒã¹ãèšå®ã§ããŸãã
æ©èœè§£èª¬
â¢ å šãŠã® IPv6ã¢ãã¬ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ããã 1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
⢠ã¹ã€ããã¯åžžã«ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§èšå®ãããŸãããã®ãããIPv6æ©èœãå¯èœã«ããèšå®ããã»ã¹ããŸãã¯ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã®ã¹ã€ãããžã®å²ãåœãŠãã¢ãã¬ã¹èªåèšå®ãŸãã¯æ瀺ç IPv6æå¹åïŒP315 ãIPv6ã€ã³ã¿ãã§ãŒã¹èšå®ããåç §ïŒã¯èªåçã«ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ãçæããŸãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã®ãã¬ãã£ãã¯ã¹ã®é·ã㯠64ãããã«åºå®ãããŠãããããã©ã«ãã¢ãã¬ã¹ã®ãã¹ãéšã¯ã€ã³ã¿ãã§ãŒã¹èå¥åïŒç©çç㪠MACã¢ãã¬ã¹ïŒã®ã¢ãã£ãã¡ã€ã EUI-64(Extended Universal Identifier)ãã©ãŒã ãåºã«ããŸãã代ããã«ãããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ FE80ã§ãã«ã¢ãã¬ã¹ãå ¥åãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãæåã§èšå®ããããšãå¯èœã§ãã
⢠å€æ°ã®ãµãããããååšãã倧èŠæš¡ãªãããã¯ãŒã¯ãžæ¥ç¶ããã«ã¯ãã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãããã®ã¢ãã¬ã¹ã¿ã€ãã®èšå®ã«ã¯ããã€ãã®éžæè¢ããããŸãã
ã»ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã¯ãããŒã«ã«ãªã€ã³ã¿ãã§ãŒã¹äžã®ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ããããããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ãåãããšã«ãã£ãŠèªåçã«èšå®ãããããšãå¯èœã§ãããããŠãã€ã³ã¿ãã§ãŒã¹èå¥åã®ã¢ãã£ãã¡ã€ãEUI-64ãã©ãŒã ã䜿çšããã¢ãã¬ã¹ã®ãã¹ãéšãèªåçã«äœæããŸããïŒ315 ããŒãžã®ãIPv6ã€ã³ã¿ãã§ãŒã¹èšå®ããåç §ïŒ
ã»å šãŠã®ã®ãããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ãšãã¬ãã£ãã¯ã¹ã®é·ããæå®ããããšã«ãã£ãŠãæåã§èšå®ããããšãå¯èœã§ãããããŠãã€ã³ã¿ãã§ãŒã¹èå¥åã®ã¢ãã£ãã¡ã€ã EUI-64ãã©ãŒã ã䜿çšããèªåã§ã¢ãã¬ã¹ã®ãã¹ãéšã®ããŒãªãŒã㌠64ããããäœæããŸãã
ã»ãã«ã¢ãã¬ã¹ãšãã¬ãã£ãã¯ã¹ãå ¥åããããšã«ãã£ãŠãæåã§ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ããããšãå¯èœã§ãã
⢠ã€ã³ã¿ãã§ãŒã¹ããšã«ãè€æ°ã® IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ããããšãå¯èœã§ããã1ã€ã®ã€ã³ã¿ãã§ãŒã¹ã«ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ 1ã€ã§ãã
⢠ããŒã«ã«ã»ã°ã¡ã³ãã§ãéè€ãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãæ€åºãããå Žåãã€ã³ã¿ãã§ãŒã¹ã¯ç¡å¹ã«ãªããã³ã³ãœãŒã«ã«èŠåã¡ãã»ãŒãžã衚瀺ãããŸãããããã¯ãŒã¯ã§éè€ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãæ€åºãããå Žåãã¢ãã¬ã¹ã¯ãã®ã€ã³ã¿ãã§ãŒã¹ã§ç¡å¹ã«ãªããã³ã³ãœãŒã«ã«èŠåã¡ãã»ãŒãžã衚瀺ãããŸãã
⢠æ瀺çã¢ãã¬ã¹ãã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããæãIPV6ã¯èªåçã«æå¹ã«ãªããå²ãåœãŠãããã¢ãã¬ã¹ãåãé€ããããŸã§ç¡å¹ã«ã¯åºæ¥ãŸããã
318 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
èšå®ã»è¡šç€ºé ç®
VLAN
管çã¢ã¯ã»ã¹äœ¿çšã«èšå®ããã VLANã® IDãããã©ã«ãã§ã¯å šãŠã®ããŒã㯠VLAN1ã¡ã³ããŒã§ããã管çã¹ããŒã·ã§ã³ã¯ VLANã IPã¢ãã¬ã¹ã«ã¢ãµã€ã³ãããŠããéããã©ã®VLANã«å±ããŠããããŒãã«ãå å ¥ããããšãå¯èœã§ããïŒç¯å²ïŒ1-4093ïŒ
Address Type
ã€ã³ã¿ãã§ãŒã¹ã§èšå®ãããã¢ãã¬ã¹ã¿ã€ããå®çŸ©ã
ã»GlobalïŒãã« IPv6ã¢ãã¬ã¹ã§ IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®
ã»EUI-64ïŒExtended Universal IdentifierïŒïŒããŒãªãŒã㌠64ãããã® EUI-64ã€ã³ã¿ãã§ãŒã¹ IDã䜿çšããŠãã€ã³ã¿ãã§ãŒã¹ã® IPv6ã¢ãã¬ã¹ãèšå®
ã»ã¢ãã¬ã¹ã®ãã¹ãéšã§ããŒãªãŒã㌠64ãããã®ããã« EUI-64ãã©ãŒãããã䜿çšããæãIPv6ã¢ãã¬ã¹ãã£ãŒã«ãã«å ¥åãããå€ã¯ã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšãå«ã¿ããã¬ãã£ãã¯ã¹é·ã¯ããã€ã®é£ç¶çãªã¢ãã¬ã¹ã®ãããïŒå·ŠããïŒããã¬ãã£ãã¯ã¹ããæ§æããããã瀺ããŸããïŒã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšïŒæå®ããããã¬ãã£ãã¯ã¹é·ã 64ããããããçãå ŽåãIPv6ã¢ãã¬ã¹ãã£ãŒã«ãã§æå®ãããå€ããã€ãªãŒããŒãã¹ããããã®è¥å¹²ãå«ã¿ãŸããæå®ããããã¬ãã£ãã¯ã¹ã 64ããããè¶ ããŠããå Žåãã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã§äœ¿çšããããããã¯ã€ã³ã¿ãã§ãŒã¹èå¥åããåªå ãããŸãã
ã»IPv6ã¢ãã¬ã¹ã®é·ãã¯16ãã€ãã§ãæäžäœ8ãã€ããäžè¬ã«è£ 眮ã®MACã¢ãã¬ã¹ã«åºã¥ããŠãŠããŒã¯ãªãã¹ãèå¥åã圢æããŸããEUI-64ä»æ§ã¯æ¡åŒµããã 8ãã€ãMACã¢ãã¬ã¹ã䜿çšããããã€ã¹ã®ããã«èšèšãããŠããŸããäŸç¶ 6ãã€ã MACã¢ãã¬ã¹ïŒåãã EUI-48ãã©ãŒããããšããŠç¥ãããïŒã䜿çšããããã€ã¹ã®ãããããã¯ã¢ãã¬ã¹ã®ãŠãããŒãµã« /ããŒã«ã«ããããå転ããäžäžã® MACã¢ãã¬ã¹ã® 3ãã€ãã®éã« 16é²æ° FFFEãæ¿å ¥ããããšã«ãã£ãŠãEUI-64ãã©ãŒãããã«å€æãããªããŠã¯ãªããŸãããäŸãã°ãããããã€ã¹ã28-9F-18-1C- 82-35ã® EUI-48ã¢ãã¬ã¹ãæã€å Žåãã°ããŒãã« /ããŒã«ã«ããã㯠28ã 2Aã«å€ããŠãã EUI-64å¿ èŠæ¡ä»¶ãæºããçºãæåã«å転ãããªããŠã¯ãªããŸããããããŠã2ãã€ã FFFEã OUIïŒOrganizationally Unique IdentifierãŸã㯠Company IdentifierïŒã®éã«æ¿å ¥ãããæ®ãã®ã¢ãã¬ã¹ãã2A-9F-18-FF-FE-1C-82-35ã®ã¢ãã£ãã¡ã€ã EUI-64ã€ã³ã¿ãã§ãŒã¹èå¥åãçµæãšããŠãããããŸãã
ã»ã€ã³ã¿ãã§ãŒã¹ãç°ãªããµããããã«ä»å±ããéãããã®ãã¹ãã¢ãã¬ãã·ã³ã°ã¡ãœããã¯ãåãã€ã³ã¿ãã§ãŒã¹èå¥åã 1ã€ã®ããã€ã¹ã®è€æ°ã® IPã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšãããããšãå¯èœã«ããŸãã
ã»Link LocalïŒ IPv6ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãèšå®
ã»ã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã¯ FE80ã«ãªããŸãã
ã»ã€ã³ã¿ãã§ãŒã¹ããšã« 1ã€ã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã®ã¿èšå®ã§ããŸãã
ã»æå®ãããã¢ãã¬ã¹ãã€ã³ã¿ãã§ãŒã¹ã§èªåçã«çæããããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã«çœ®ãæããããŸãã
IPv6 Address
ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠããã IPv6ã¢ãã¬ã¹
319FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAdd IPv6 AddressããéžæããŸãã
ïŒ3ïŒèšå®ãè¡ã VLANãæå®ããã¢ãã¬ã¹ã¿ã€ããéžæããŸããIPv6ã¢ãã¬ã¹ãšãã¬ãã£ãã¯ã¹é·ãå ¥åããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
320 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
IPv6ã¢ãã¬ã¹ã®è¡šç€º
Use the IP > IPv6 Configuration (Show IPv6 Address)ããŒãžã䜿çšããã€ã³ã¿ãã§ãŒã¹ã«ã¢å²ãåœãŠããã IPv6ã¢ãã¬ã¹ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
管çã¢ã¯ã»ã¹äœ¿çšã«èšå®ããã VLANã® IDãããã©ã«ãã§ã¯ãå šãŠã®ããŒã㯠VLAN1ã¡ã³ããŒã§ããã管çã¹ããŒã·ã§ã³ã¯ãVLANã IPã¢ãã¬ã¹ã«ã¢ãµã€ã³ãããŠããéããã©ã®VLANã«å±ããŠããããŒãã«ãå å ¥ããããšãå¯èœã§ããïŒç¯å²ïŒ1-4093ïŒ
IP Address Type
IPã¢ãã¬ã¹ã¿ã€ãïŒã°ããŒãã«ãEUI-64ããªã³ã¯ããŒã«ã«ïŒã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠããããŠããã£ã¹ãã¢ãã¬ã¹ã«å ãããã¹ãã¯åãã all-nodesãã«ããã£ã¹ãã¢ãã¬ã¹ FF01::1ïŒinterface-local scopeïŒãš FF02::1ïŒlink-local scopeïŒãèŽåããããšãèŠæ±ããŸãã
FF01::1/16ã¯ãIPv6ããŒãã«ä»å ãããå šãŠã®éåžžé§ã€ã³ã¿ãã§ãŒã¹ããŒã«ã«ãã«ããã£ã¹ãã¢ãã¬ã¹ã§ãFF02::1/16ã¯ãIPv6ããŒãã«ä»å ãããå šãŠã®ãªã³ã¯ããŒã«ã«ãã«ããã£ã¹ãã¢ãã¬ã¹ã§ãã
ã€ã³ã¿ãã§ãŒã¹ããŒã«ã«ãã«ããã£ã¹ãã¢ãã¬ã¹ã¯ãã«ããã£ã¹ããã©ãã£ãã¯ã®ã«ãŒãããã¯è»¢éã«ã®ã¿äœ¿çšãããŸãããªã³ã¯ããŒã«ã«ãã«ããã£ã¹ãã¢ãã¬ã¹ã¯ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ã«ãã£ãŠäœ¿çšãããã¿ã€ããšåãã¿ã€ããã«ããŒããŸãã
IPv6㯠IPv4ã®ã¢ãã¬ã¹è§£æ±ºãããã³ã«ã§äœ¿çšããããããŒããã£ã¹ãã¡ãœããããµããŒãããªããããè¿é£ããŒãã®MACã¢ãã¬ã¹ã解決ããããã« solicited-nodeãã«ããã£ã¹ãã¢ãã¬ã¹ïŒlink-local scope FF02ïŒã䜿çšãããŸãã
Configuration Mode
ãã®ã¢ãã¬ã¹ãæåèšå®ã§ãèªåçã«çæããããåŠãã瀺ããŸãã
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow IPv6 AddressããéžæããŸãã
ïŒ3ïŒãªã¹ããã VLANãéžæããŸãã
321FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
IPv6è¿é£ãã£ãã·ã¥ã®è¡šç€º
IP > IPv6 Configuration (Show IPv6 Neighbor Cache)ã䜿çšãããã€ããŒããã€ã¹ã«çºèŠãããIPv6ã¢ãã¬ã¹ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow IPv6 NeighborsããéžæããŸãã
IPv6è¿é£ã®è¡šç€º
ãã£ãŒã«ã 解説
IPv6 Address è¿é£ã® IPV6ã¢ãã¬ã¹
Age ã¢ãã¬ã¹ãå°éå¯èœãšããŠå®èšŒãããŠããã®æéïŒç§ïŒéçãšã³ããªã¯ " Permanent"ãšç€ºãããŸãã
Link-layer Addr ç©çå±€ MACã¢ãã¬ã¹
State
è¿é£ã®ãã£ãã·ã¥ãšã³ããªã®ç¶æ ãæå®ããŸãã IPv6 è¿é£æ€åºãã£ãã·ã¥å ã®åçãšã³ããªã®ç¶æ ã¯ã以äžã®ãšããã§ãã
INCMP (Incomplete)ïŒãšã³ããªäžã§ã¢ãã¬ã¹è§£æ±ºãå®è¡äžã§ãã è¿é£èŠè«ã¡ãã»ãŒãžããã¿ãŒã²ããã®èŠè«ããããã«ããã£ã¹ãã¢ãã¬ã¹ã«éä¿¡ãããŸãããã察å¿ããè¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžããŸã åä¿¡ãããŠããŸãããREACH ïŒå°éå¯èœïŒïŒè¿é£ãžã®è»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ã確èªã¡ãã»ãŒãžïŒæ£åžžïŒããæåŸã® Reachable TimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒå ã«åä¿¡ãããŸããã REACHïŒå°éïŒç¶æ ã®éã¯ãããã€ã¹ã¯ãã±ããã®éä¿¡äžã«ç¹å¥ãªåäœãããŸãããSTALEïŒè»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ãæåŸã®ç¢ºèªã¡ãã»ãŒãžïŒæ£åžžïŒãåä¿¡ãããŠãããReachableTimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒãè¶ ããæéãçµéããŸããã STALEïŒæéåãïŒç¶æ ã®éã¯ãããã€ã¹ã¯ãã±ãããéä¿¡ããããŸã§ç¹å¥ãªåäœãããŸããDELAYïŒè»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ãæåŸã®ç¢ºèªã¡ãã»ãŒãžïŒæ£åžžïŒãåä¿¡ãããŠãããReachableTimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒãè¶ ããæéãçµéããŸããã ååã® DELAY_FIRST_PROBE_TIME ç§å ã«ãã±ãããéä¿¡ãããŸããã DELAYïŒé 延ïŒç¶æ ã«å ¥ã£ãŠãã DELAY_FIRST_PROBE_TIME ç§å ã«å°éå¯èœæ§ç¢ºèªãåä¿¡ãããªãå Žåã¯ãè¿é£èŠæ±ã¡ãã»ãŒãžãéä¿¡ããç¶æ ã PROBEïŒèª¿æ»ïŒã«å€ããŸãã
PROBEïŒå°éå¯èœæ§ç¢ºèªãåä¿¡ããããŸã§ãè¿é£èŠè«ã¡ãã»ãŒãžã RetransTimer ããªç§ééã§åéä¿¡ããããšã§ãå°éå¯èœæ§ç¢ºèªãã¢ã¯ãã£ãã«æ±ããããŸããUNKNOïŒæªç¥ã®ç¶æ
以äžã®ç¶æ ã¯éçãšã³ããªã«äœ¿çšãããŸããINCMP (Incomplete)
REACH (Reachable)
VLAN å°éããã¢ãã¬ã¹ã® VLANã€ã³ã¿ãã§ãŒã¹
322 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
IPv6çµ±èšã®è¡šç€º
IP > IPv6 Configuration (Show Statistics)ã䜿çšãããã®ã¹ã€ãããçµéããŠãã IPv6ãã©ãã£ãã¯ã®çµ±èšã衚瀺ããããšãåºæ¥ãŸãã
æ©èœè§£èª¬
⢠IPv6ïŒããŒãžã§ã³ 6ã¢ãã¬ã¹ã®ã€ã³ã¿ãŒããããããã³ã«ã¯ããœãŒã¹ãããã£ã¹ãã£ããŒã·ã§ã³ãžã®ããŒã¿ã®éä¿¡ãããã¯ã¡ã«ããºã ãæäŸããŸãããããŠãããã§ãããã®ãããã¯ãŒã¯è£ 眮ã¯åºå®é·ã¢ãã¬ã¹ã«ãã£ãŠèå¥ãããŸããã€ã³ã¿ãŒããããããã³ã«ã¯ãŸããå¿ èŠãªå Žåã« "small packet"ãããã¯ãŒã¯ãéããŠã®äŒéã®ããããã³ã°ãã±ããã®ãã©ã°ã¡ã³ããšåã¢ã»ã³ããªãæäŸããŸãã
⢠ICMPv6ïŒããŒãžã§ã³ 6ã® Internet Control Message Protocolã¯ãIPv6ãã±ããåŠçãšã©ãŒãã¬ããŒãããããã®ã¡ãã»ãŒãžãã±ããã転éãããããã¯ãŒã¯ã¬ã€ã€ãããã³ã«ã§ããICMPã¯ã€ã³ã¿ãŒããããããã³ã«ã«ãšã£ãŠãäžå¯æ¬ ãªéšåã§ããICMPã¡ãã»ãŒãžã¯ãããŒã¿ã°ã©ã æªå°éãã²ãŒããŠã§ã€ãããŒã¿ã°ã©ã 転éãè¡ããããã¡ãªã³ã°å®¹éãæããªãæãªã©ãæ§ã ãªç¶æ ã®ã¬ããŒãã«äœ¿çšãããŸããICMPã¯ãŸããç¹å®ã®ç®çå°ã«äœ¿ãããé©åãªã«ãŒãïŒãã¯ã¹ããããã«ãŒã¿ïŒã«ã€ããŠã®æ å ±ããã£ãŒãããã¯ããããã«ã䜿çšãããŸãã
⢠UDPïŒ User Datagram Protocolã¯ãã±ãã亀æéä¿¡ã®ããŒã¿ã°ã©ã ã¢ãŒããæäŸããŸããåºç€ããªããã©ã³ã¹ããŒãã¡ã«ããºã ãšã㊠IPã䜿çšããIPã®ãããªãµãŒãã¹ãžã®ã¢ã¯ã»ã¹ãæäŸããŸããUDPãã±ãã㯠IPãã±ãããšå šãåãããã«å±ããããŸããTCPãè€éããããé ãããããŸãã¯äžèŠã®å ŽåãUDPã¯æèŠã§ãã
èšå®ã»è¡šç€ºé ç®
IPv6çµ±èšã®è¡šç€º
ãã£ãŒã«ã 解説
IPv6çµ±èš
IPv6åä¿¡
Total ãšã©ãŒã§åä¿¡ãããã®ãå«ããã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ããå ¥åããŒã¿ã°ã©ã ã®ç·æ°ã
Header ErrorsIPv6 ãããã®ãšã©ãŒãåå ã§ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ãããŒãžã§ã³çªå·ã®äžäžèŽããã®ä»ã®ãã©ãŒããããšã©ãŒããããæ°ã®èš±å®¹å€è¶ éãIPv6 ãªãã·ã§ã³ã®åŠçã§æ€åºããããšã©ãŒãªã©ãå«ãŸããŸãã
Too Big Errors ãµã€ãºãéä¿¡ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ MTU ãè¶ ããããã«è»¢éã§ããªãã£ãåä¿¡ããŒã¿ã°ã©ã ã®æ°ã
No Routes éä¿¡å ã«éä¿¡ããããã®ã«ãŒããæ€åºãããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
Address Errors
IPv6 ããããŒã®éä¿¡å ãã£ãŒã«ãå ã® IPv6 ã¢ãã¬ã¹ããã®ãšã³ãã£ãã£ã§åä¿¡ã§ããæå¹ãªã¢ãã¬ã¹ã§ãªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ãã«ã¯ãç¡å¹ãªã¢ãã¬ã¹ïŒ::0 ãªã©ïŒããã³ãµããŒããããŠããªãã¢ãã¬ã¹ïŒæªå²ãåœãŠã®ãã¬ãã£ãã¯ã¹ãæã€ã¢ãã¬ã¹ãªã©ïŒãå«ãŸããŸãã IPv6 ã«ãŒã¿ãŒã§ã¯ãªãããã®ããã«ããŒã¿ã°ã©ã ã転éããªããšã³ãã£ãã£ã«ã€ããŠã¯ããã®ã«ãŠã³ã¿ã®å€ã«ã¯ç Žæ£ãããããŒã¿ã°ã©ã ã®æ°ãå«ãŸããŸããéä¿¡å ã¢ãã¬ã¹ãããŒã«ã«ã¢ãã¬ã¹ã§ã¯ãªãã£ãããã§ãã
323FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
Unknown Protocols
æ£åžžã«åä¿¡ãããã®ã®ããããã³ã«ãäžæã§ãããããµããŒããããŠããªãããšãåå ã§ç Žæ£ãããããŒã«ã«ã¢ãã¬ã¹æå®ã®ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ããŒã¿ã°ã©ã ã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
Truncated Packets ããŒã¿ã°ã©ã ãã¬ãŒã ã®ããŒã¿éã足ããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
Discards
åŠçã®ç¶ç¶ã劚ãããããªåé¡ãçºçããŠããªãã«ããããããïŒãããã¡é åã®äžè¶³ãªã©ã®çç±ã§ïŒç Žæ£ãããå ¥å IPv6 ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã®å€ã«ã¯ãåæ§æã®åŸ æ©äžã«ç Žæ£ãããããŒã¿ã°ã©ã ã®æ°ã¯å«ãŸããŸããã
Delivers
IPv6 ãŠãŒã¶ãŒãããã³ã«ã«æ£åžžã«éä¿¡ãããããŒã¿ã°ã©ã ã®ç·æ°ïŒICMP ãå«ãïŒã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ããŒã¿ã°ã©ã ã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
Reassembly RequestDatagrams
ãã®ã€ã³ã¿ãã§ãŒã¹ã§åæ§æãããå¿ èŠããããåä¿¡ãã IPv6 ãã©ã°ã¡ã³ãã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ãã©ã°ã¡ã³ãã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
Reassembled Succeeded
æ£åžžã«åæ§æããã IPv6 ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
Reassembled Failed
IPv6 åæ§æã¢ã«ãŽãªãºã ã«ãã£ãŠæ€åºããããšã©ãŒã®æ°ïŒã¿ã€ã ã¢ãŠããªã©ããšã©ãŒã®çš®é¡ã¯åããŸããïŒã ã¢ã«ãŽãªãºã ã«ãã£ãŠã¯ïŒç¹ã« RFC 815 å ã®ã¢ã«ãŽãªãºã ïŒãã©ã°ã¡ã³ããåä¿¡æã«çµåããŠããŸãããã®æ°ã远跡ã§ããªãããããã®å€ã¯å¿ ãããç Žæ£ããã IPv6 ãã©ã°ã¡ã³ãã®æ°ã§ãããšã¯éããŸããã ãã®ã«ãŠã³ã¿ã¯ããããã®ãã©ã°ã¡ã³ãã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
IPv6éä¿¡
Forwards Datagrams
ãã®ãšã³ãã£ãã£ãåä¿¡ããæçµéä¿¡å ã«è»¢éããåºåããŒã¿ã°ã©ã ã®æ°ã IPv6 ã«ãŒã¿ãŒãšããŠåäœããªããšã³ãã£ãã£ã§ã¯ããã®ã«ãŠã³ã¿ã®å€ã«ã¯ããã®ãšã³ãã£ãã£ãä»ã㊠Source-Route ïŒéä¿¡å ã«ãŒãæå®ïŒãããSource-Route ãé©åã«åŠçããããã±ããã®æ°ã®ã¿ãå«ãŸããŸãã æ£åžžã«è»¢éãããããŒã¿ã°ã©ã ã®å Žåã¯ãåºåã€ã³ã¿ãã§ãŒã¹ã®ã«ãŠã³ã¿ãã€ã³ã¯ãªã¡ã³ããããŸãã
Requests
ããŒã«ã« IPv6ãŠãŒã¶ãããã³ã«ïŒICMPãå«ãïŒããã©ã³ã¹ããã·ã§ã³ã®èŠè«ã§ IPv6ã«äŸçµŠãã pv6ããŒã¿ã°ã©ã ã®ç·æ°"ipv6IfStatsOutForwDatagrams"ã§ã«ãŠã³ããããããŒã¿ã°ã©ã ã¯ãã®ã«ãŠã³ã¿ã«å«ãŸããŸããã
Discards åŠçã®ç¶ç¶ã劚ãããããªåé¡ãçºçããŠããªãã«ããããããïŒãããã¡é åã®äžè¶³ãªã©ã®çç±ã§ïŒç Žæ£ãããå ¥å IPv6 ããŒã¿ã°ã©ã ã®æ°ã
No Routes éä¿¡å ã«éä¿¡ããããã®ã«ãŒããæ€åºãããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
Generated Fragments
ãã®åºåã€ã³ã¿ãã§ãŒã¹ã§è¡ããããã©ã°ã¡ã³ãåã«ãã£ãŠçæãããåºåããŒã¿ã°ã©ã ãã©ã°ã¡ã³ãã®æ°ã
Fragment Succeeded
ãã®åºåã€ã³ã¿ãã§ãŒã¹ã§æ£åžžã«ãã©ã°ã¡ã³ãåããã IPv6 ããŒã¿ã°ã©ã ã®æ°ã
Fragment Failed ãã®ã€ã³ã¿ãã§ãŒã¹ã§ãã©ã°ã¡ã³ãåã§ããªãã£ãåºåããŒã¿ã°ã©ã ã®æ°ã
ICMPv6çµ±èš
IPv6çµ±èšã®è¡šç€º
324 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
ICMPv6åä¿¡
Input
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã¡ãã»ãŒãžã®ç·æ°ãipv6IfIcmpInErrors ã«ãã£ãŠã«ãŠã³ããããã¡ãã»ãŒãžããã¹ãŠå«ãŸããŸãã ãã®ã€ã³ã¿ãã§ãŒã¹ã¯ãICMP ã¡ãã»ãŒãžã®å®å ãšãããã€ã³ã¿ãã§ãŒã¹ã§ãããå¿ ãããã¡ãã»ãŒãžã«ãšã£ãŠã®å ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå¯èœæ§ããããŸãã
Errorsã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã®ã® ICMP ç¹æã®ãšã©ãŒïŒç¡å¹ãª ICMP ãã§ãã¯ãµã ãç¡å¹ãªã¡ãã»ãŒãžé·ãªã©ïŒããããšå€æããã ICMP ã¡ãã»ãŒãžã®ç·æ°ã
Destination UnreachableMessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP éä¿¡å å°éäžèœã¡ãã»ãŒãžã®æ°ã
Packet Too Big Messages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã "ICMP Packet Too Big"ïŒICMP ãã±ããã倧ããããŸãïŒã¡ãã»ãŒãžã®æ°ã
Time Exceeded Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP æéè¶ éã¡ãã»ãŒãžã®æ°ã
Parameter ProblemMessages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãã©ã¡ãŒã¿åé¡ã¡ãã»ãŒãžã®æ°ã
Echo Request Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãšã³ãŒïŒèŠæ±ïŒã¡ãã»ãŒãžã®æ°ã
Echo Reply Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãšã³ãŒå¿çã¡ãã»ãŒãžã®æ°ã
Redirect Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
Group Membership QueryMessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããã¯ãšãªãŒã¡ãã»ãŒãžã®æ°ã
Group MembershipResponse Messages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããå¿çã¡ãã»ãŒãžã®æ°ã
Group MembershipReduction Messages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããåãæ¶ãã¡ãã»ãŒãžã®æ°ã
Router Solicit Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã«ãŒã¿ãŒèŠè«ã¡ãã»ãŒãžã®æ°ã
Router AdvertisementMessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã«ãŒã¿ãŒã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
Neighbor Solicit Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP è¿é£èŠè«ã¡ãã»ãŒãžã®æ°ã
Neighbor AdvertisementMessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP è¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
Redirect Messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ãªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
ICMPv6éä¿¡
Outputãã®ã€ã³ã¿ãã§ãŒã¹ãéä¿¡ãè©Šã¿ã ICMP ã¡ãã»ãŒãžã®ç·æ°ã ãã®ã«ãŠã³ã¿å€ã«ã¯ãicmpOutErrors ã«ãã£ãŠã«ãŠã³ããããæ°ãå«ãŸããŸãã
Destination UnreachableMessages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP éä¿¡å å°éäžèœã¡ãã»ãŒãžã®æ°ã
Packet Too Big Messages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã "ICMP Packet Too Big"ïŒICMP ãã±ããã倧ããããŸãïŒã¡ãã»ãŒãžã®æ°ã
IPv6çµ±èšã®è¡šç€º
325FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
Time Exceeded Messages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP æéè¶ éã¡ãã»ãŒãžã®æ°ã
Parameter ProblemMessage ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ãã©ã¡ãŒã¿åé¡ã¡ãã»ãŒãžã®æ°ã
Echo Reply Messages ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ãšã³ãŒå¿çã¡ãã»ãŒãžã®æ°ã
Router Solicit Messages ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ã«ãŒã¿ãŒèŠè«ã¡ãã»ãŒãžã®æ°ã
Neighbor AdvertisementMessages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP è¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
Redirect Messages éä¿¡ããããªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
Group MembershipResponse Messages
éä¿¡ããã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããå¿çã¡ãã»ãŒãžã®æ°ã
Group MembershipReduction Messages
éä¿¡ããã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããåãæ¶ãã¡ãã»ãŒãžã®æ°ã
UDPçµ±èš
Input UDPãŠãŒã¶ã«éä¿¡ããã UDPããŒã¿ã°ã©ã ã®ç·æ°ã
No Port Errors åä¿¡ãããç®çå°ããŒãã«ã¢ããªã±ãŒã·ã§ã³ãç¡ãã£ãããŒã¿ã°ã©ã ã®ç·æ°ã
Other Errors ç®çå°ããŒãã§ãã¢ããªã±ãŒã·ã§ã³ã®æ¬ åŠä»¥å€ã®çç±ã§éä¿¡ãããããšãåºæ¥ãªãã£ãåä¿¡ UDPããŒã¿ã°ã©ã ã®æ°ã
Output ãã®ãšã³ãã£ãã£ããéä¿¡ããã UDPããŒã¿ã°ã©ã ã®ç·æ°ã
IPv6çµ±èšã®è¡šç€º
326 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow StatisticsããéžæããŸãã
ïŒ3ïŒãIPv6ãããICMPv6ãããUDPããã¯ãªãã¯ããŸãã
ïŒIPv6ïŒ
ïŒICMPv6ïŒ
327FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPèšå®
ïŒUDPïŒ
å¿çåŽãã£ã¹ãã£ããŒã·ã§ã³ã® MTUã衚瀺
IP > IPv6 Configuration (Show MTU)ããŒãžã䜿çšããmaximum transmission unit (MTU)ãã£ãã·ã¥ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
èšå®æ¹æ³
ïŒ1ïŒ[IP]â [IPv6 Configuration] ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow MTUããéžæããŸãã
MTUã®è¡šç€º
ãã£ãŒã«ã 解説
MTUãã®ç®çå°ããè¿ããã ICMP" packet-too-big"ã¡ãã»ãŒãžã«å«ãŸããã調æŽãããMTU
Since ICMP "packet-too-big"ã¡ãã»ãŒãžããã®ç®çå°ããåä¿¡ãããŠããã®æé
Destination Address ICMP "packet-too-big"ã¡ãã»ãŒãžãéãããã¢ãã¬ã¹
328 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
3.15 IPãµãŒãã¹
æ¬æ©ã® Domain Name Service (DNS)ã®èšå®ã«ã€ããŠè§£èª¬ããŸãããã®é ç®ã«å«ãŸãã DHCPã¹ããŒãã³ã°ã«é¢ããæ å ±ã¯ 247 ããŒãžã®ãDHCPã¹ããŒãã³ã°ããåç §ããŠãã ããã
æ¬æ©ã® DNSãµãŒãã¹ã¯ãéçãªããŒãã«ãšã³ããªã䜿çšãããããããã¯ãŒã¯äžã®ãã®ä»ã®ããŒã ãµãŒããŒãžã®ããã€ã¬ã¯ã·ã§ã³ã«ãã£ãŠããã¹ãåã IPã¢ãã¬ã¹ã«ãããããããšãå¯èœã«ããŸãã
ã¯ã©ã€ã¢ã³ãè£ çœ®ãæ¬æ©ã DNSãµãŒããŒãšããŠæåããæãã¯ã©ã€ã¢ã³ãã¯ã¹ã€ããã« DNSã¯ãšãªã転éããè¿çãåŸ ã€ããšã«ãã£ãŠãIPã¢ãã¬ã¹ã®äžã«ãã¹ãå解決ãè©Šã¿ãŸãã
ãã¡ã€ã³åã® IPã¢ãã¬ã¹ãžã®ãããã³ã°ã䜿çšãããã¡ã€ã³åããã¢ãã¬ã¹ãžã®å€æã«äœ¿çšãããåæãã¡ã€ã³åãŸã㯠1ã€ä»¥äžã®ããŒã ãµãŒããŒãæå®ããããšã«ãã£ãŠãDNSããŒãã«å ã®é ç®ã¯æåã§èšå®ããããšãå¯èœã§ãã
329FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
3.15.1 DNSïŒDomain Name ServiceïŒ
æ¬æ©ã® DNS(Domain Naming System) ãµãŒãã¹ã¯ããã¡ã€ã³åãš IP ã¢ãã¬ã¹ã®ãããã³ã°ãè¡ãªã DNS ããŒãã«ã®æåã§ã®èšå®ãè¡ãªããä»ãããã©ã«ããã¡ã€ã³åã®èšå®åã¯ã¢ãã¬ã¹å€æãè¡ãªãããã®è€æ°ã®ããŒã ãµãŒãã®æå®ãè¡ãªãããšãã§ããŸãã
DNS ãµãŒãã¹ã®äžè¬èšå®
IP Service > DNS - General (Configure Global) ããŒãžã䜿çšãããã¡ã€ã³ã«ãã¯ã¢ããã®æå¹åããã³ããã©ã«ããã¡ã€ã³åã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠ã¹ã€ãã㧠DNS ãµãŒãã¹ãæå¹ã«ããããããŸãæåã«äžã€ä»¥äžã®ããŒã ãµãŒããŒãèšå®åŸããã¡ã€ã³ã«ãã¯ã¢ããã¹ããŒã¿ã¹ãæå¹ã«ããŸãã
èšå®ã»è¡šç€ºé ç®
Domain Lookup
DNS ãã¹ãåã»ã¢ãã¬ã¹å€æãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Default Domain Name
äžå®å šãªãã¹ãåã«ä»å ããããã©ã«ããã¡ã€ã³åãæå®ããŸããïŒç¯å²ïŒ1-127æåïŒ
èšå®æ¹æ³
ïŒ1ïŒ[IP Service] â [DNS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure GlobalããéžæããŸãã
ïŒ3ïŒãã¡ã€ã³ã«ãã¯ã¢ãããæå¹ã«ããããã©ã«ããã¡ã€ã³åãèšå®ããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
330 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
ãã¡ã€ã³ããŒã ãªã¹ãã®èšå®
IP Service > DNS - General (Add Domain Name)ããŒãžã䜿çšãããã¡ã€ã³ããŒã ã®ãªã¹ããèšå®ã§ããŸãã
æ©èœè§£èª¬
⢠DNS ã¯ã©ã€ã¢ã³ãããåä¿¡ããäžå®å šãªãã¹ãåã«ä»å ããããã©ã«ããã¡ã€ã³åãŸãã¯ãã¡ã€ã³ããŒã ãªã¹ããæå®ããããšãå¯èœã§ãã
⢠ãã¡ã€ã³ãªã¹ããååšããªãå Žåãããã©ã«ããã¡ã€ã³åã䜿ãããŸãããã¡ã€ã³ãªã¹ããååšããå Žåã®ã¯ããã©ã«ããã¡ã€ã³åã¯äœ¿çšãããŸããã
⢠æ¬æ©ã® DNS ãµãŒããäžå®å šãªãã¹ãåãåä¿¡ãããã¡ã€ã³åãªã¹ããæå®ãããå Žåãæ¬æ©ã¯è¿œå ãããªã¹ãå ã®åãã¡ã€ã³åããã¹ãåã«å ããäžèŽããç¹å®ã®ããŒã ãµãŒãã確èªããŠããã¡ã€ã³ãªã¹ãã«ããåäœããŸãã
èšå®ã»è¡šç€ºé ç®
Domain Name
ãã¹ãåãïŒç¯å²ïŒ1-68æåïŒ
èšå®æ¹æ³
ãã¡ã€ã³ããŒã ãªã¹ãã®äœæ
ïŒ1ïŒ[IP Service] â [DNS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAdd Domain NameããéžæããŸãã
ïŒ3ïŒ1床㫠1ã€ã®ãã¡ã€ã³ããŒã ãå ¥åããŠãã ããã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã¡ã€ã³ããŒã ãªã¹ãã®è¡šç€º
ïŒ1ïŒ[IP Service] â [DNS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow Domain NamesããéžæããŸãã
331FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
ããŒã ãµãŒããªã¹ãã®èšå®
IP Service > DNS - General (Add Name Server)ããŒãžã䜿çšããããŒã ãµãŒãã®ãªã¹ããèšå®åºæ¥ãŸãã
æ©èœè§£èª¬
⢠ã¹ã€ãã㧠DNS ãµãŒãã¹ãæå¹ã«ããããããŸãæåã«äžã€ä»¥äžã®ããŒã ãµãŒããŒãèšå®åŸããã¡ã€ã³ã«ãã¯ã¢ããã¹ããŒã¿ã¹ãæå¹ã«ããŸãã
⢠äžã€ä»¥äžã®ãµãŒããæå®ãããŠããæããµãŒãã¯å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ãã«ãªã¯ãšã¹ããéä¿¡ãç¶ããŸãã
⢠ããŒã ãµãŒããåé€ãããå ŽåãDNS æ©èœã¯èªåã§ç¡å¹ã«ãªããŸãã
èšå®ã»è¡šç€ºé ç®
Name Server IP Address
name-to-address解決ã®çºã«äœ¿çšãããããã¡ã€ã³ããŒã ãµãŒãã®ã¢ãã¬ã¹ãæå®ããŸããããŒã ãµãŒããªã¹ãã«ã¯ãæ倧 6ã€ã® IPã¢ãã¬ã¹ãè¿œå ããããšãåºæ¥ãŸãã
èšå®æ¹æ³
ããŒã ãµãŒããŒãªã¹ãã®äœæ
ïŒ1ïŒ[IP Service] â [DNS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAdd Name ServerããéžæããŸãã
ïŒ3ïŒ1床㫠1ã€ã®ããŒã ãµãŒããŒãå ¥åããŠãã ããã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒã ãµãŒããŒãªã¹ãã®è¡šç€º
ïŒ1ïŒ[IP Service] â [DNS]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow Name ServersããéžæããŸãã
332 FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
3.15.2 éç DNS ãã¹ãã®ã¢ãã¬ã¹ãšã³ããª
DNS ããŒãã«ã®ãã¹ãåãš IP ã¢ãã¬ã¹ã®ãããã³ã°ã®éçèšå®ãè¡ãªããŸãã
æ©èœè§£èª¬
⢠ãµãŒããä»ã®ãããã¯ãŒã¯æ©åšã¯è€æ°ã® IP ã¢ãã¬ã¹ã«ããè€æ°æ¥ç¶ããµããŒãããŠããŸãã2 ã€ä»¥äžã® IP ã¢ãã¬ã¹ãéçããŒãã«ãããŒã ãµãŒãããã®å¿çã«ãããã¹ãåãšé¢é£ä»ãããå ŽåãDNS ã¯ã©ã€ã¢ã³ãã¯æ¥ç¶ã確ç«ãããŸã§åã¢ãã¬ã¹ã«æ¥ç¶ãè©Šã¿ãŸãã
èšå®ã»è¡šç€ºé ç®
Host Nameãã¹ãåïŒèšå®ç¯å²ïŒ1-127 æåïŒ
IP Addressãã¹ãåã«é¢é£ä»ããããã€ã³ã¿ãŒãããã¢ãã¬ã¹
èšå®æ¹æ³
DNSããŒãã«ã®éçãšã³ããªãèšå®
ïŒ1ïŒ[IP Service] â [DNS]â [Static Host Table]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããAddããéžæããŸããïŒ3ïŒãã¹ãåãšå¯Ÿå¿ããã¢ãã¬ã¹ãå ¥åããŸããïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
DNSããŒãã«ã®éçãšã³ããªã衚瀺
ïŒ1ïŒ[IP Service] â [DNS]â [Static Host Table]ãã¯ãªãã¯ããŸããïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
333FXC3110
Webã€ã³ã¿ãã§ãŒã¹IPãµãŒãã¹
3.15.3 DNS ãã£ãã·ã¥ã®è¡šç€º
DNS ãã£ãã·ã¥ã®å 容ã衚瀺ããŸãã
æ©èœè§£èª¬
⢠ãµãŒããŒãŸãã¯ãã®ä»ã®ãããã¯ãŒã¯è£ 眮ã¯ãäžã€ä»¥äžã®è€æ° IPã¢ãã¬ã¹çµç±ã®æ¥ç¶ããµããŒãããŠããŸãã1ã€ä»¥äžã® IPã¢ãã¬ã¹ããããŒã ãµãŒããŒããæ»ã£ãŠããæ å ±ã«ãã£ãŠãã¹ãåã«é¢é£ä»ããããŠããå ŽåãDNSã¯ã©ã€ã³ãã¯ãã¿ãŒã²ããè£ çœ®ãšã®æ¥ç¶ã確ç«ãããŸã§ãããããã®ã¢ãã¬ã¹ãé£ç¶ããŠè©Šã¿ãããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
No
åãªãœãŒã¹ã¬ã³ãŒãã®ãšã³ããªçªå·
Flag
ãã£ãã·ã¥ãšã³ããªã®ãã©ã°ã¯åžžã« "4"
Type
æšæºçåã¯ãã©ã€ããªåãæå®ããããCNAMEããæ¢åã®ãšã³ããªãšåã IP ã¢ãã¬ã¹ããããã³ã°ãããŠããå€æ°ã®ãã¡ã€ã³åãæå®ããããALIASã
IP
ã¬ã³ãŒãã«é¢é£ãã IP ã¢ãã¬ã¹
TTL
ããŒã ãµãŒãã«ããå ±åãããçåå¯èœæé
Domain
ã¬ã³ãŒãã«é¢é£ãããã¡ã€ã³å
èšå®æ¹æ³
ïŒ1ïŒ[IP Service] â [DNS]â [Cache]ãã¯ãªãã¯ããŸãã
334 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.16 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ãã¯ãããªã«ã³ãã¡ã¬ã³ã¹ãã¹ããªãŒãã³ã°ãªã©ã®ãªã¢ã«ã¿ã€ã ã¢ããªã±ãŒã·ã§ã³ã®åäœããµããŒãããŸãããã«ããã£ã¹ããµãŒãã¯åã¯ã©ã€ã¢ã³ãã«å¯Ÿãç°ãªãã³ãã¯ã·ã§ã³ã確ç«ããããšãã§ããŸããããããã¯ãŒã¯ã«ãããŒããã£ã¹ããè¡ããµãŒãã¹ãšãªãããã«ããã£ã¹ããå¿ èŠãšãããã¹ãã¯æ¥ç¶ãããŠãããã«ããã£ã¹ããµãŒã /ã«ãŒã¿ãšå ±ã«ç»é²ãããŸãããŸãããã®æ¹æ³ã¯ãã«ããã£ã¹ããµãŒãã«ãããããã¯ãŒã¯ã®ãªãŒãããããåæžããŸãããããŒããã£ã¹ããã©ãã£ãã¯ã¯åãã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«ãã£ãŠæ¬ãµãŒãã¹ã«å å ¥ããŠãããã¹ãã«ã®ã¿è»¢éãããããåŠçãããŸãã
æ¬æ©ã§ã¯æ¥ç¶ããããã¹ãããã«ããã£ã¹ããµãŒãã¹ãå¿ èŠãšããã IGMP (Internet Group Management Protocol)ã®ã¯ãšãªã䜿çšããŸãããµãŒãã¹ã«åå ãèŠæ±ããŠãããã¹ããå«ãããŒããç¹å®ãããã®ããŒãã«ã®ã¿ããŒã¿ãéããŸãããŸãããã«ããã£ã¹ããµãŒãã¹ãåä¿¡ãã€ã¥ããããã«ãµãŒãã¹ãªã¯ãšã¹ããé£æ¥ãããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«åºããŸãããã®æ©èœããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãšåŒã³ãŸãã
IPãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã®ç®çã¯ãã¹ã€ããã®ãããã¯ãŒã¯ããã©ãŒãã³ã¹ãæé©åãããã«ããã£ã¹ããã±ããããã«ããã£ã¹ãã°ã«ãŒããã¹ãåã¯ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããã«æ¥ç¶ãããããŒãã®ã¿ã«è»¢éãããµããããå ã®å šãŠã®ããŒãã«ãã©ããã£ã³ã°ããã®ãé²ããŸãã
3.16.1 ã¬ã€ã€ 2ãIGMPïŒSnooping and QueryïŒ
IGMP Snooping and QueryïŒãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããããã¯ãŒã¯äžã®ä»ã®æ©åšã§ãµããŒããããŠããªãå ŽåãIGMP Snoopingåã³ Queryãå©çšãããã«ããã£ã¹ãã¯ã©ã€ã¢ã³ããšãµãŒãéã§ã® IGMPãµãŒãã¹ãªã¯ãšã¹ãã®ééãç£èŠããåçã«ãã«ããã£ã¹ããã©ãã£ãã¯ã転éããããŒãã®èšå®ãè¡ãªãããšãã§ããŸããIGMPv3 ã¹ããŒãã³ã°ã䜿çšæãIGMPããŒãžã§ã³ 1,2,3ãã¹ãããã®ãµãŒãã¹ãªã¯ãšã¹ãã¯å šãŠ IGMPv3ã¬ããŒããšããŠãäžæµã®ã«ãŒã¿ãžè»¢éãããŸããIGMPv3 ã¹ããŒãã³ã°ã«ãã£ãŠæäŸãããäž»ãªæ¡åŒµã¯ãäžæµã® IGMPv3ãã¹ããèŠæ±ãŸãã¯æ絶ããç¹å®ã®ãã«ããã£ã¹ããœãŒã¹ã«é¢ããæ å ±ã®èšé²ã»è¿œè·¡ã§ããIGMPv3ãã¹ãã®ã¿ç¹å®ã®ãã«ããã£ã¹ããœãŒã¹ãããµãŒãã¹ãèŠæ±åºæ¥ãŸããäžæµã®ãã¹ããç¹å®ã®ãã«ããã£ã¹ããµãŒãã¹ã®ãœãŒã¹ãããµãŒãã¹ãèŠæ±ããæããããã®ãœãŒã¹ã¯å šãŠ Includeãªã¹ãã«çœ®ããããã©ãã£ãã¯ã¯ãããã®ãœãŒã¹ã®ãããããããã¹ããžè»¢éãããŸããIGMPv3ãã¹ãã¯ãŸããæå®ä»¥å€ã®å šãŠã®ãœãŒã¹ããã®ãµãŒãã¹è»¢éã®èŠæ±ãè¡ããŸãããã®å Žåããã©ãã£ãã¯ã¯ Excludeãªã¹ãã®ãœãŒã¹ãããã£ã«ã¿ããããã®ä»å šãŠã®äœ¿çšå¯èœãªãœãŒã¹ãã転éãããŸãã
[ 泚æ ]ãã¹ã€ããã IGMPv3 ã¹ããŒãã³ã°ã䜿çšããããèšå®ãããŠããæãããããã®VLAN ã§æ€çŽ¢ããã IGMP ã¯ãšãªãã±ããã®ããŒãžã§ã³ã«äŸåããã¹ããŒãã³ã°ããŒãžã§ã³ã¯ããŒãžã§ã³ 2ãŸã㯠1ã«ããŠã³ã°ã¬ãŒããããŸãã
[ 泚æ ]ãã¹ã€ããäžã®ãã«ããã£ã¹ãã«ãŒã¿ããŒããæå¹ã«ãªããªãéããIGMP ã¹ããŒãã³ã°ã¯æ©èœããŸããããã㯠2ã€ã®å 1ã€ã§éæãå¯èœã§ããéçã«ãŒã¿ããŒãã¯æåã§èšå®ãå¯èœã§ããïŒ339 ããŒãžã®ããã«ããã£ã¹ãã«ãŒã¿ã®éçã€ã³ã¿ãã§ãŒã¹ãèšå®ããåç §ïŒãã®ã¡ãœããã䜿çšããã«ãŒã¿ãŒããŒãã¯ã¿ã€ã ã¢ãŠãããããæ瀺çã«åé€ããããŸã§æ©èœãç¶ããŸããã¹ã€ããã«é Œããã 1ã€ã®ã¡ãœããã¯ããã«ããã£ã¹ãã«ãŒãã£ã³ã°ãããã³ã«ãã±ãããŸã¯ã IGMPã¯ãšãªãã±ãããããŒãã§æ€åºãããæããã«ããã£ã¹ãã«ãŒãã£ã³ã°ããŒããåçã«äœæããŸãã
335FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
éç IGMPã«ãŒã¿ã€ã³ã¿ãã§ãŒã¹ïŒ IGMP Snoopingã IGMPã¯ãšãªã¢ãæ€çŽ¢ã§ããªãå Žåãæå㧠IGMPã¯ãšãªã¢ïŒãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããïŒã«æ¥ç¶ãããæ¬æ©ã®ã€ã³ã¿ãã§ãŒã¹ã®æå®ãè¡ãªãããšãã§ããŸãããã®åŸãæå®ããã€ã³ã¿ãã§ãŒã¹ã¯æ¥ç¶ãããã«ãŒã¿ /ã¹ã€ããã®ãã¹ãŠã®ãã«ããã£ã¹ãã°ã«ãŒãã«åå ãããã«ããã£ã¹ããã©ãã£ãã¯ã¯æ¬æ©å ã®é©åãªã€ã³ã¿ãã§ãŒã¹ã«è»¢éãããŸãã
éç IGMPãã¹ãã€ã³ã¿ãã§ãŒã¹ïŒç¢ºå®ã«ã³ã³ãããŒã«ããå¿ èŠã®ãããã«ããã£ã¹ãã¢ããªã±ãŒã·ã§ã³ã«å¯ŸããŠã¯ãç¹å®ã®ããŒãã«å¯ŸããŠæåã§ãã«ããã£ã¹ããµãŒãã¹ãæå®ããããšãã§ããŸããïŒP341åç §ïŒ
IGMPã¹ããŒãã³ã°ãšãããã·ã¬ããŒãã£ã³ã°ïŒæ¬æ©ã¯ Last Leaveã¯ãšãªãµãã¬ãã·ã§ã³ïŒDSL Forum TR-101, April 2006ã§å®çŸ©ãããŠããïŒããµããŒãããŠããŸãã
â Last LeaveïŒIGMPãã¹ãããæ¥ã IGMP Leaveãã€ã³ã¿ãŒã»ããã»äœµåããèŠçŽããŸããIGMP Leaveã¯å¿ èŠãªæã ãïŒæåŸã®ãŠãŒã¶ããã«ããã£ã¹ãã°ã«ãŒãããå»ãæïŒã¢ããã¹ããªãŒã ã«äžç¶ãããŸãã
â Query SuppressionïŒIGMPã«æå®ãããã¯ãšãªããã¯ã©ã€ã¢ã³ãããŒããžéä¿¡ãããªãæ¹æ³ã§ IGMPã¯ãšãªãã€ã³ã¿ãŒã»ããããåŠçããŸãã
IGMP Snooping ãšã¯ãšãªãã©ã¡ãŒã¿ã®èšå®
ãã«ããã£ã¹ããã©ãã£ãã¯ã®è»¢éèšå®ãè¡ããŸããIGMPã¯ãšãªåã³ãªããŒãã¡ãã»ãŒãžã«åºã¥ãããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠãšããããŒãã«ã®ã¿éä¿¡ããŸãããã¹ãŠã®ããŒãã«éä¿¡ããããŒããã£ã¹ããããããã¯ãŒã¯ããã©ãŒãã³ã¹ã®äœäžãæãããšãé²ããŸãã
æ©èœè§£èª¬
⢠IGMP Snooping â æ¬æ©ã¯ãIGMPã¯ãšãªã® snoopãåãããªããŒããã±ããã IPãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããéã§è»¢éããIPãã«ããã£ã¹ããã¹ãã°ã«ãŒããIPãã«ããã£ã¹ãã°ã«ãŒãã¡ã³ããŒã«èšå®ããŸããIGMPãã±ããã®ééãç£èŠããã°ã«ãŒãç»é²æ å ±ãæ€ç¥ããããã«åŸã£ãŠãã«ããã£ã¹ããã£ã«ã¿ã®èšå®ãè¡ããŸãã
[泚æ ]ãæåã«åä¿¡ãè¡ãããéãæ°ç§ã®éæªç¥ã®ãã«ããã£ã¹ããã©ãã£ãã¯ã VLANå ã®å šãŠã®ããŒãã«ãã©ããã£ã³ã°ãããŸãããã«ããã£ã¹ãã«ãŒã¿ããŒãã VLANã«ååšããŠããå ŽåãIGMPã¹ããŒãã³ã°ãåããããããšã§ããã©ãã£ãã¯ã¯ãã£ã«ã¿ãããŸããã«ãŒã¿ããŒãã VLANã«ååšããªãããŸãã¯ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ããŒãã«ãæ¢ã«äžæ¯ã®å Žåãã¹ã€ããã¯ããã©ãã£ãã¯ã VLANå ãžãã©ããã£ã³ã°ãç¶ããŸããã
⢠IGMP Querier â ã«ãŒã¿åã¯ãã«ããã£ã¹ã察å¿ã¹ã€ããã¯ãå®æçã«ãã¹ãã«å¯Ÿããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠãã©ããã質åããŸãããããã® LANäžã«2ã€ä»¥äžã® IPãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ãããååšããå Žåã1ã€ã®ããã€ã¹ã"ã¯ãšãªã¢ "ãšãªããŸãããã®åŸããã«ããã£ã¹ããµãŒãã¹ãåãç¶ããããã«æ¥ç¶ããããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«å¯ŸããµãŒãã¹ãªã¯ãšã¹ããåºããŸãã
[ 泚æ ]ããã«ããã£ã¹ãã«ãŒã¿ã¯ãããã®æ å ±ããDVMRP ã PIM ãªã©ã®ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ãããã³ã«ãšå ±ã«ãã€ã³ã¿ãŒãããã® IP ãã«ããã£ã¹ãããµããŒãããããã«äœ¿çšããŸãã
336 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®ã»è¡šç€ºé ç®
IGMP Snooping Status
æå¹æãã¹ã€ããã¯ãããã¯ãŒã¯ãã©ãã£ãã¯ãã¢ãã¿ããã©ã®ãã¹ãããã«ããã£ã¹ããã©ãã£ãã¯ãæãã§ãããã決å®ããŸããïŒåæèšå®ïŒç¡å¹ïŒIGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§æå¹ã®æãIGMPã¹ããŒãã³ã°ã® VLANã€ã³ã¿ãã§ãŒã¹ããšã®èšå®ãåªå ãããŸããïŒP343 ãã€ã³ã¿ãã§ãŒã¹æ¯ã® IGMP Snoopingèšå®ããåç §ïŒIGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§ç¡å¹ã®æãVLANããšã®ã¹ããŒãã³ã°ã®èšå®ã¯äŸç¶è¡ããŸãããã€ã³ã¿ãã§ãŒã¹èšå®ã¯ã¹ããŒãã³ã°ãã°ããŒãã«ã§å床æå¹ã«ãªããŸã§å¹åãçºããŸããã
Proxy Reporting Status
ãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒãã®ã³ãã³ãã§ãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ãªã£ãŠããæãã¹ã€ãã㯠Last LeaveãQuery Suppressionãå«ãã"IGMP Snooping with Proxy Reporting" ïŒDSL Forum TR-101, April 2006ã§å®çŸ©ïŒãå®è¡ããŸãã
TCN Flood
ã¹ããã³ã°ããªãŒããããžå€æŽéç¥ïŒTCNïŒãçããéããã«ããã£ã¹ããã©ãã£ãã¯ã®ãã©ããã£ã³ã°ãæå¹ã«ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
TCN Query Solicit
ã¹ããã³ã°ããªãŒããããžå€æŽéç¥ïŒTCNïŒãçããéãGMPéåžžã¯ãšãªèŠè«ãéä¿¡ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Router Alert Option
ã«ãŒã¿ã¢ã©ãŒããªãã·ã§ã³ãå«ãŸãªããå šãŠã® IGMPv2/v3ãã±ãããç Žæ£ããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Unregistered Data Flooding
ä»å±ãã VALNãžæªç»é²ã®ãã«ããã£ã¹ããã©ãã£ãã¯ããã©ããããŸããïŒåæèšå®ïŒç¡å¹ïŒ
Version Exclusive
IGMPããŒãžã§ã³å±æ§ã«ãã£ãŠãèšå®ãããçŸåšã®ããŒãžã§ã³ãšç°ãªãããŒãžã§ã³ã䜿çšããŠãããåä¿¡ãã IGMPã¡ãã»ãŒãžãç Žæ£ããŸãã
IGMP Unsolicited Report Interval
ã¢ããã¹ããªãŒã ã€ã³ã¿ãã§ãŒã¹ãããããã·ã¬ããŒãã£ã³ã°æå¹æã«éèŠè« IGMPã¬ããŒããéä¿¡ããééãæå®ïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ400ç§ïŒ
Router Port Expire Time
æéãåããåã«ã¯ãšãªã¢ãæ¢ãŸã£ãåŸãã¹ã€ãããåŸ ã€æéïŒç¯å²ïŒ1-65535ãæšå¥šç¯å²ïŒ30-500ç§ãåæèšå®ïŒ300ïŒ
IGMP Snooping Version
ãããã¯ãŒã¯äžã®ä»ã®ããã€ã¹ãšäºæããããããããã³ã«ããŒãžã§ã³ãèšå®ããŸããããã¯ã¹ã€ãããã¹ããŒãã³ã°ã¬ããŒããéä¿¡ããããã«äœ¿çšãã IGMPããŒãžã§ã³ã§ããïŒç¯å²ïŒ1-3ãåæèšå®ïŒ2ïŒ
Querier Status
æå¹æãã¹ã€ããã¯ãã¹ãã«ãã«ããã£ã¹ããã©ãã£ãã¯ãåãåãããšãæãã蚪ãã責任ãæã€ã¯ãšãªã¢ãšããŠåäœããŸãããã®æ©èœã¯ IGMPv3 snoopingã§ã¯ãµããŒããããŠããŸããïŒåæèšå®ïŒç¡å¹ïŒ
337FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
DNSããŒãã«ã®éçãšã³ããªãèšå®
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [General]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒå¿ èŠã«å¿ããIGMPèšå®ã®èª¿æŽãè¡ããŸãã
ïŒ3ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
338 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ãã«ãŒã¿ã®éçã€ã³ã¿ãã§ãŒã¹ãèšå®
ãããã¯ãŒã¯æ¥ç¶ç¶æ³ã«ãããIGMP snoopingã«ãã IGMPã¯ãšãªã¢ãé 眮ãããªãå ŽåããããŸããIGMPã¯ãšãªã¢ãšãªããã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ãããæ¥ç¶ãããŠããã€ã³ã¿ãã§ãŒã¹ïŒããŒãåã¯ãã©ã³ã¯ïŒãå€æããŠããå Žåãã«ãŒã¿ããµããŒããããã«ããã£ã¹ãã°ã«ãŒããžã®ã€ã³ã¿ãã§ãŒã¹ïŒåã³ VLANïŒã®åå èšå®ãæåã§è¡ããŸããããã«ãããæ¬æ©ã®ãã¹ãŠã®é©åãªã€ã³ã¿ãã§ãŒã¹ãžãã«ããã£ã¹ããã©ãã£ãã¯ãæž¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããããéããããã«ããã£ã¹ããã©ãã£ãã¯ãåä¿¡ãã転éãã VLANãéžæããŸããïŒ1-4093ïŒ
Interface
ããŒããŸãã¯ãã©ã³ã¯ãã¹ã¯ããŒã«ããŠã³ãªã¹ãããéžæããŸãã
Port/Trunk
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ãæå®ããŸãã
339FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
ãã«ããã£ã¹ãã«ãŒã¿ã®éçã€ã³ã¿ãã§ãŒã¹ãèšå®
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Multicast Router]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAdd Static Multicast RouterããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ãèšå®ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããéçã€ã³ã¿ãã§ãŒã¹ã衚瀺
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Multicast Router]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow Static Multicast RouterããéžæããŸãã
ïŒ3ïŒæ å ±ã衚瀺ãã VLANãéžæããŸãã
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããå šãŠã®ã€ã³ã¿ãã§ãŒã¹ã衚瀺
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Multicast Router]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããCurrent Multicast RouterããéžæããŸãã
ïŒ3ïŒæ å ±ã衚瀺ãã VLANãéžæããŸãã
340 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ããµãŒãã¹ãžã€ã³ã¿ãã§ãŒã¹ãã¢ãµã€ã³
ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã¯ãP336 ãIGMP Snooping ãšã¯ãšãªãã©ã¡ãŒã¿ã®èšå®ãã®éããIGMP snoopingãš IGMPã¯ãšãªã¡ãã»ãŒãžã䜿çšããåçã«èšå®ããããšãã§ããŸããäžéšã®ã¢ããªã±ãŒã·ã§ã³ã§ã¯ããã«çŽ°ããèšå®ãå¿ èŠãªãããéçã«ãã«ããã£ã¹ããµãŒãã¹ã®èšå®ãè¡ãå¿ èŠããããŸããåã VLANã«åå ãããã¹ãã®æ¥ç¶ããããã¹ãŠã®ããŒããå ãããã®åŸ VLANã°ã«ãŒãã«ãã«ããã£ã¹ããµãŒãã¹ã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠éçãã«ããã£ã¹ãã¢ãã¬ã¹ã¯ã¿ã€ã ã¢ãŠããèµ·ãããŸããã
⢠ãã«ããã£ã¹ãã¢ãã¬ã¹ãç¹å®ã® VLANã«èšå®ãããå Žåãé¢é£ãããã©ãã£ãã¯ã¯ VLANå ã®ããŒãã«ã®ã¿è»¢éãããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããããã®ãã«ããã£ã¹ããã©ãã£ãã¯ãåä¿¡ãã転éããVLANãéžæããŸããïŒç¯å²ïŒ1-4093ïŒ
Interface
ããŒã (Port)åã¯ãã©ã³ã¯ (Trunk)ãã¹ã¯ããŒã«ããŠã³ãªã¹ãã§éžæããŸãã
Port/Trunk
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã®çªå·ãæå®ããŸãã
Multicast IP
ãã«ããã£ã¹ããµãŒãã¹ãè¡ã IPã¢ãã¬ã¹ãå ¥åããŸãã
341FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
ã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ããµãŒãã¹ãžéçã«è¿œå
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [IGMP Member]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããAdd Static MemberããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ãèšå®ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ãã«ããã£ã¹ããµãŒãã¹ã«ã¢ãµã€ã³ãããéçã€ã³ã¿ãã§ãŒã¹ã®è¡šç€º
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [IGMP Member]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShow Static MemberããéžæããŸãã
ïŒ3ïŒæ å ±ã衚瀺ãã VLANãéžæããŸãã
ãã«ããã£ã¹ããµãŒãã¹ã«ã¢ãµã€ã³ãããéçã»åçå šãŠã®ã€ã³ã¿ãã§ãŒã¹ã衚瀺
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [IGMP Member]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããCurrent MemberããéžæããŸãã
ïŒ3ïŒæ å ±ã衚瀺ãã VLANãéžæããŸãã
342 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ã€ã³ã¿ãã§ãŒã¹æ¯ã® IGMP Snoopingèšå®
Multicast > IGMP Snooping > Interface (Configure) ããŒãžã䜿çšããVLANã€ã³ã¿ãã§ãŒã¹ã® IGMPã¹ããŒãã³ã°å±æ§ãèšå®ããŸããã¹ããŒãã³ã°ãã°ããŒãã«ã§èšå®ããã«ã¯ãP336 ãIGMP Snooping ãšã¯ãšãªãã©ã¡ãŒã¿ã®èšå®ããåç §ããŠãã ããã
æ©èœè§£èª¬
ãã«ããã£ã¹ãã¹ã«ãŒã¿ãã£ã¹ã«ããª
ãã«ããã£ã¹ãã«ãŒã¿ãèå¥ããããã«äœ¿ãããã¡ã«ããºã ã«ã¯å€ãã®ç©ããããŸãããããã¯ãã«ããã£ã¹ãã«ãŒã¿ãšç°ãªããã³ãã®ã¹ããŒãã³ã°ã¹ã€ããéã§äºææ§ã®åé¡ãåŒãèµ·ãããŸããããã®åé¡ã®è§£æ±ºçãšããŠãIGMPã¹ããŒãã³ã°ãšãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããã€ã¹ã®ããã« Multicast Router Discovery (MRD)ãããã³ã«ãéçºãããŸãããMRDã¯ãã«ããã£ã¹ãã«ãŒã¿ã«ä»éããŠããã€ã³ã¿ãã§ãŒã¹ã§äœ¿çšãããIGMP䜿çšå¯èœè£ 眮ãããã«ããã£ã¹ããœãŒã¹ãšã°ã«ãŒãã¡ã³ããŒã·ããã¡ãã»ãŒãžãã©ããžéä¿¡ãããã決å®ããããšãå¯èœã«ããŸãããã«ããã£ã¹ããœãŒã¹ããŒã¿ãšã°ã«ãŒãã¡ã³ããŒã·ããã¬ããŒãã¯ãã»ã°ã¡ã³ãå ã®å šãŠã®ãã«ããã£ã¹ãã«ãŒã¿ã§åä¿¡ãããå¿ èŠããããŸããã°ã«ãŒãã¡ã³ããŒã·ãããããã³ã«ã¯ãšãªã¡ãã»ãŒãžã䜿çšããŠããã«ããã£ã¹ãã«ãŒã¿ãçºèŠããããšã¯ãã¯ãšãªãµãã¬ãã·ã§ã³ã®çç±ã§äžååã§ããåŸã£ãŠãMRDã¯ç¹å®ã®ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ãããã³ã«ã«é Œãããã«ããã£ã¹ãã«ãŒã¿ãèå¥ãããæšæºåãããæ¹æ³ãæäŸããŸãã
[泚æ ]ãMRDãã©ããã®æšå¥šãããåæå€ã¯ã¹ã€ããã«å®è£ ãããŸãã
ãã«ããã£ã¹ãã«ãŒã¿ãã£ã¹ã«ããªãŒã¯ããã«ããã£ã¹ãã«ãŒã¿ãçºèŠããããã«ã以äžã®3ã€ã®ã¡ãã»ãŒãžã¿ã€ãã䜿çšããŸãã
⢠Multicast Router AdvertisementïŒã¢ããã¿ã€ãºã¡ã³ãã¯ã«ãŒã¿ã«ãã£ãŠãIPãã«ããã£ã¹ã転éãæå¹åãããã¢ããã¿ã€ãºãããŸãããããã®ã¡ãã»ãŒãžã¯ããã«ããã£ã¹ã転éãæå¹æãå šãŠã®ã«ãŒã¿ã€ã³ã¿ãã§ãŒã¹äžã§åšæçã«éèŠè«ãéä¿¡ããŸãã以äžã®ã€ãã³ãã®çºçäžã§éä¿¡ãããŸãã
⢠åšæçïŒã©ã³ãã ïŒã¿ã€ããŒã®å€±å¹
⢠ã«ãŒã¿ã®ã¹ã¿ãŒãã¢ããæé ã®äžéšãšããŠâ¢ ãã«ããã£ã¹ããã©ã¯ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ã®åèµ·åäž
⢠èŠè«ã¡ãã»ãŒãžã®åé æ
⢠Multicast Router Solicitation ïŒããã€ã¹ã¯ããã«ããã£ã¹ãã«ãŒã¿ããã®èŠè«ã¢ããã¿ã€ãºãã¡ã³ãã¡ãã»ãŒãžã«åŸã£ãŠèŠè«ã¡ãã»ãŒãžãéä¿¡ããŸãããããã®ã¡ãã»ãŒãžã¯ãã€ã¬ã¯ãã«ä»éãããªã³ã¯ã«ãã«ããã£ã¹ãã«ãŒã¿ãçºèŠããããã«äœ¿çšãããŸããèŠè«ã¡ãã»ãŒãžã¯ãŸãããã«ããã£ã¹ããã©ã¯ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ãåæåãŸãã¯æåæåãããæã«éãããŸããIPãã«ããã£ã¹ããã©ã¯ãŒãã£ã³ã°ãšMRDæå¹ã®ã€ã³ã¿ãã§ãŒã¹ã§èŠè«ã¡ãã»ãŒãžãåä¿¡ãããšããã«ãã«ãŒã¿ã¯ã¢ããã¿ã€ãºã¡ã³ããè¿çããŸãã
⢠Multicast Router Termination ïŒãããã®ã¡ãã»ãŒãžã¯ãã«ãŒã¿ãã€ã³ã¿ãã§ãŒã¹ã§ IPãã«ããã£ã¹ãã«ãŒãã£ã³ã°æ©èœãåæ¢ããæã«éä¿¡ãããŸããã¿ãŒãããŒã·ã§ã³ã¡ãã»ãŒãžã¯ä»¥äžã®ç¶æ ã§ããã«ããã£ã¹ãã«ãŒã¿ã«ãã£ãŠéä¿¡ãããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã§ãã«ããã£ã¹ããã©ã¯ãŒãã£ã³ã°ãç¡å¹â¢ ã€ã³ã¿ãã§ãŒã¹ãç¡å¹â¢ ã«ãŒã¿ãã°ããŒãã«ã§ã·ã£ããããŠã³
343FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ã¢ããã¿ã€ãºã¡ã³ãããã³ã¿ãŒãããŒã·ã§ã³ã¡ãã»ãŒãžã¯å šãŠã®ã¹ããŒããŒãºãã«ããã£ã¹ãã¢ãã¬ã¹ãžéãããŸããèŠè«ã¡ãã»ãŒãžã¯å šãŠã®ã«ãŒã¿ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ãžéãããŸãã
[泚æ ]ãMRDã¡ãã»ãŒãžã¯ IGMP ã¹ããŒãã³ã°ãŸãã¯ã«ãŒãã£ã³ã°ãæå¹ãª VLANã®å šãŠã®ããŒãã«ãã©ãããããŸããMRD ããµããŒãããªãå€ãã¹ã€ãããåãããã«ããã£ã¹ãã«ãŒã¿ããŒããåŠç¿ã§ããããšãä¿èšŒããããã«ãã¹ã€ãã㯠VLAN ã«ä»å±ããå šãŠã®ããŒããžç©ºçœïŒ0.0.0.0ïŒã®ãœãŒã¹ã¢ãã¬ã¹ãæããªã IGMP ã®äžè¬çãªã¯ãšãªãã±ããããã©ããããŸãã空çœã®ãœãŒã¹ã¢ãã¬ã¹ãæ〠IGMPãã±ããã¯ãã·ã¹ãã ããã«ããã£ã¹ããã©ããã£ã³ã°ã¢ãŒãã§åäœããŠããæã®ã¿VLANã®å šãŠã®ããŒããžãã©ãããããŸããïŒæ°ãã VLAN ãŸãã¯æ°ããã«ãŒã¿ããŒãã確ç«ãããããŸãã¯ã¹ããã³ã°ããªãŒããããžã«å€åãèµ·ãã£ãæçïŒãããªããã°ããã®çš®é¡ã®ãã±ããã¯åšç¥ã®ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããŒãã®ã¿ãžè»¢éãããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
èšå®ãè¡ã VLANã® IDïŒç¯å²ïŒ1-4093ïŒ
IGMP Snooping Status
ãã¹ãã¯ãã«ããã£ã¹ããã©ãã£ãã¯ã®åä¿¡ãæ±ããŸãããã㯠IGMPã¹ããŒãã³ã°ãšããŠåç §ãããŸããïŒåæèšå®ïŒç¡å¹ïŒIGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§æå¹ã®æãïŒP336ïŒIGMPã® VLANããšã®ã€ã³ã¿ãã§ãŒã¹èšå®ãåªå ãããŸããIGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§ç¡å¹ã®æãã¹ããŒãã³ã°ã¯äŸç¶ VLANã€ã³ã¿ãã§ãŒã¹ããšã«èšå®ãããããšãå¯èœã§ãããã¹ããŒãã³ã°ãã°ããŒãã«ã§å床æå¹ã«ãªããŸã§ãå¹åãçºããŸããã
Version Exclusive
åä¿¡ããããIGMPããŒãžã§ã³å±æ§ã«ãã£ãŠçŸåšã®èšå®ãšç°ãªãããŒãžã§ã³ã䜿çšããå šãŠã® IGMPã¡ãã»ãŒãžãç Žæ£ããŸãïŒãã«ããã£ã¹ããããã³ã«ãã±ãããé€ãïŒïŒåæèšå®ïŒç¡å¹ïŒversion exclusiveã VLANã§ç¡å¹ã®å Žåããã®èšå®ã¯Multicast>IGMP Snooping>GeneralããŒãžã§è¡ãããã°ããŒãã«èšå®ãåºã«ãªããŸããVLANã§æå¹ã®å Žåããã®èšå®ã¯ã°ããŒãã«èšå®ãããåªå ãšãªããŸãã
Immediate Leave Status
芪 VLAN㧠Immediate Leaveãæå¹ã§ãããããŒã㧠Leaveãã±ãããåä¿¡ãããéããã«ããã£ã¹ããµãŒãã¹ã®ã¡ã³ããŒããŒããå³åº§ã«åé€ããŸããïŒåæèšå®ïŒç¡å¹ïŒImmediate Leaveã䜿çšãããªãå ŽåãIGMPïœ2ã°ã«ãŒã Leaveã¡ãã»ãŒãžãåä¿¡ãããæã«ãã«ããã£ã¹ãã«ãŒã¿ïŒãŸãã¯ã¯ãšãªã¢ïŒã group-specific queryã¡ãã»ãŒãžãéä¿¡ããŸããæå®ããã¿ã€ã ã¢ãŠãæéã®å ã«ãã¹ããã¯ãšãªãžè¿çããªãå Žåã«éããã«ãŒã¿ /ã¯ãšãªã¢ã¯ãã©ãã£ãã¯ã®è»¢éãåæ¢ããŸãã
Multicast Router Discovery
MRDã¯ã©ã®ã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ãã«ãŒã¿ã«ä»å±ããŠããããçºèŠããããã«äœ¿çšãããŸãã
General Query Suppression
äžæµãã«ããã£ã¹ããã¹ãã«å±ããŠããããŒã以å€ã®ãéåžžã®ã¯ãšãªãæå¶ããŸããïŒåæèšå®ïŒç¡å¹ïŒããã©ã«ãã§ãéåžžã®ã¯ãšãªã¡ãã»ãŒãžã¯ãããããåä¿¡ããããã«ããã£ã¹ãã«ãŒã¿ãé€ãå šãŠã®ããŒããžãã©ãããããŸããéåžžã¯ãšãªãµãã¬ãã·ã§ã³ãæå¹ã®å Žåããããã®ã¡ãã»ãŒãžã¯ãã«ããã£ã¹ããµãŒãã¹ã«å å ¥ããŠããäžæµããŒããžã®ã¿è»¢éãããŸãã
344 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
Proxy Reporting
ãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ããŸãïŒåæèšå®ïŒã°ããŒãã«èšå®ã«åºã¥ãïŒæ¬ã³ãã³ãã«ãŠãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ãããšãã¹ã€ãã㯠last leave ãšã¯ãšãªãµãã¬ãã·ã§ã³ ãå«ãã"IGMP Snooping with Proxy Reporting"ãè¡ããŸããïŒDSL Forum TR-101, April 2006ã§å®çŸ©ïŒæåŸã®ã¡ã³ããŒããã«ããã£ã¹ãã°ã«ãŒããå»ã£ãæãlast leaveã¯ãããã·ã¯ãšãªãéããŸããã¯ãšãªãµãã¬ãã·ã§ã³ã¯ç¹å®ã®ã¯ãšãªãšéåžžã®ã¯ãšãªã®ãããããã¢ããã¹ããªãŒã ãã«ããã£ã¹ãã«ãŒã¿ãããã¹ããžã®è»¢éãè¡ãããªãããšãæå³ããŸãã
Interface Version
ãããã¯ãŒã¯äžã®ä»ããã€ã¹ãšã®äºææ§ã®çºããããã³ã«ããŒãžã§ã³ãèšå®ããŸãã
ããã¯ãã¹ã€ãããã¹ããŒãã³ã°ã¬ããŒããéä¿¡ããããã«äœ¿çšãã IGMPããŒãžã§ã³ã§ããïŒç¯å²ïŒ1-3ãåæèšå®ïŒ2ïŒãã®å±æ§ã¯ãIGMPã¹ããŒãã³ã°ã§äœ¿çšããã IGMPã¬ããŒã /ã¯ãšãªã®ããŒãžã§ã³ãèšå®ããŸããããŒãžã§ã³ 1-3ã®å šãŠããµããŒããããããŒãžã§ã³ 2ãš 3ã«ã¯äžäœäºææ§ãããã®ã§ãã¹ã€ããã¯äœ¿çšããŠããã¹ããŒãã³ã°ããŒãžã§ã³ã«é¢ããããä»ã®ããã€ã¹ãšåäœããããšãå¯èœã§ãã
Query Interval
IGMP ãããã·éåžžã¯ãšãªã®éä¿¡ééïŒç¯å²ïŒ2-31744ç§ãåæèšå®ïŒ125ç§ïŒ
Query Response Interval
ã·ã¹ãã ããããã·éåžžã¯ãšãªãžã®è¿çãåŸ ã€æ倧æéïŒç¯å²ïŒ10-31744ç§ãåæèšå®ïŒ10ç§ïŒ
Last Member Query Interval
group-specificãŸã㯠group-and-source-specificã¯ãšãªã¡ãã»ãŒãžãžã®è¿çãåŸ ã€ééïŒç¯å²ïŒ1-31744ç§ãåæèšå®ïŒ1ç§ïŒãã«ããã£ã¹ããã¹ããã°ã«ãŒããå»ãæãIGMP leaveã¡ãã»ãŒãžãéä¿¡ããŸããLeaveã¡ãã»ãŒãžãã¹ã€ããã§åä¿¡ãããéããã㯠IGMP groupspecificãŸã㯠group-and-source-specificã¯ãšãªã¡ãã»ãŒãžãéä¿¡ããããšã§ããã®ãã¹ããã°ã«ãŒããå»ãæåŸã®ã¡ã³ããŒã§ãããã©ããã調ã¹ãŸãã
Last Member Query Count
ã·ã¹ãã ããã以äžã®ããŒã«ã«ã¡ã³ããŒãååšããªãããšãä»®å®ããåã«éä¿¡ããããIGMP proxy groupspecificãŸã㯠group-and-source-specificã¯ãšãªã¡ãã»ãŒãžã®æ°ãïŒç¯å²ïŒ1-255ãåæèšå®ïŒ2ïŒãã®å±æ§ã¯ IGMPã¹ããŒãã³ã°ãããã·ã¬ããŒãã£ã³ã°ãŸã㯠IGMPã¯ãšãªã¢ãæå¹ã®å Žåã®ã¿å¹åãçºããŸãã
Proxy Query Address
IGMPãããã·ã¬ããŒãã£ã³ã°ã䜿çšããããŒã«ã«ã§çæãããã¯ãšãªãšã¬ããŒãã¡ãã»ãŒãžã®éçãœãŒã¹ã¢ãã¬ã¹ïŒåæèšå®ïŒ0.0.0.0ïŒ
345FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
VLAN㧠IGMP snoopingãèšå®ã
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Interface]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigureããéžæããŸãã
ïŒ3ïŒèšå®ãè¡ã VLANãéžæããå¿ èŠãªãã©ã¡ãŒã¿ãæŽæ°ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
IGMP snoopingã®ã€ã³ã¿ãã§ãŒã¹èšå®ã衚瀺
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Interface]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããShowããéžæããŸãã
346 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMP Snoopingã§çºèŠããããã«ããã£ã¹ãã°ã«ãŒãã衚瀺
Multicast > IGMP Snooping > Forwarding EntryããŒãžã䜿çšããIGMP Snoopingã§åŠç¿ããã転éãšã³ããªã衚瀺ããŸãã
æ©èœè§£èª¬
⢠ãã«ããã£ã¹ãã°ã«ãŒãã®æ å ±ã衚瀺ããã«ã¯ãæåã«ã¹ã€ããäžã§ IGMP Snoopingãæå¹ã«ããŠãã ããã
èšå®ã»è¡šç€ºé ç®
VLAN
VLAN IDïŒç¯å²ïŒ1-4093ïŒ
Source Address
æå®ãããã°ã«ãŒããžã®ããã«ããã£ã¹ããµãŒããŒéä¿¡ãã©ãã£ãã¯ã®å ã® 1ã€ã®ã¢ãã¬ã¹
Interface
ããŒããŸãã¯ãã©ã³ã¯
èšå®æ¹æ³
IGMP Snoopingã§çºèŠããããã«ããã£ã¹ãã°ã«ãŒãã衚瀺
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Forwarding Entry]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒæ å ±ã衚瀺ãã VLANãéžæããŸãã
347FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.16.2 IGMP ãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°
ç¹å®ã®å®æ賌èªå¥çŽã«åºã¥ãã IP/TVãµãŒãã¹çã®ç°å¢ã«ãããŠã管çè ãããšã³ããŠãŒã¶ãŒã®å ¥æã§ãããã«ããã£ã¹ããµãŒãã¹ã®å¶åŸ¡ãåžæããã±ãŒã¹ããããŸããIGMPãã£ã«ã¿ãªã³ã°ã¯ãæå®ãããã¹ã€ããããŒãäžã®ãã«ããã£ã¹ããµãŒãã¹ãžã®ã¢ã¯ã»ã¹å¶éããããåæã«ã¢ã¯ã»ã¹ã§ãããã«ããã£ã¹ãã°ã«ãŒãã®æ°ã調æŽããããšã«ãã£ãŠããã®æ¡ä»¶ãæºããããšãå¯èœã§ãã
IGMPãã£ã«ã¿ãªã³ã°æ©èœã䜿çšããããšã«ããããããã¡ã€ã«ãç¹å®ã®ãã«ããã£ã¹ãã°ã«ãŒãã®ã¹ã€ãã ããŒãã«å²ãåœãŠãããŒãåäœã§ãã«ããã£ã¹ãå å ¥ããã£ã«ã¿ãªã³ã°ã§ããŸããIGMPãã£ã«ã¿ãããã¡ã€ã«ã¯ãäžã€ãŸãã¯è€æ°ã®ã¢ãã¬ã¹ãå«ãç¯å²ãæå®ããããšãå¯èœã§ãããã ããããŒãã«å²ãåœãŠããããããã¡ã€ã«ã¯ïŒã€ã®ã¿ã§ããã¢ã¯ã»ã¹ãæåŠãã IGMPãããã¡ã€ã«ãã¹ã€ãã ããŒãã«é©çšãããå ŽåãIPãã«ããã£ã¹ããã©ãã£ãã¯ã®ã¹ããªãŒã ãèŠæ±ãã IGMP Joinã¬ããŒãã¯å»æ£ãããããŒãã¯ãã®ã°ã«ãŒãããã® IPãã«ããã£ã¹ã ãã©ãã£ãã¯ãåä¿¡ã§ããªããªããŸãããã«ããã£ã¹ã ã°ã«ãŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ãããŠããå Žåã¯ãããŒãããã®ã¬ããŒã転éã¯ãããéåžžã®åŠçãè¡ãããŸãã
IGMPã¹ããããªã³ã°ã¯ãåæã«å å ¥ãå¯èœãªãã«ããã£ã¹ãã°ã«ãŒãããŒãã®æ倧å€ãèšå®ããŸããã°ã«ãŒãæ°ããèšå®ããæ倧å€ã«éããæãã¹ã€ããã¯ãã©ã¡ããæåŠãããã眮ãæããã®å ã©ã¡ããã®åŠçãè¡ãããšãã§ããŸãããæåŠãããèšå®ã«ãªã£ãŠããå Žåãå šãŠã®æ°èŠ IGMPjoinã¬ããŒãã¯ç Žæ£ãããŸããã眮ãæããèšå®ã«ãªã£ãŠããå Žåãã¹ã€ããã¯ã©ã³ãã ã«æ¢åã®ã°ã«ãŒããåãå»ããæ°ãããã«ããã£ã¹ãã°ã«ãŒãã«çœ®ãæããŸãã
IGMP ãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°ã®æå¹
IGMPãã£ã«ã¿ãªã³ã°ããã³ IGMPã¹ããããªã³ã°ãã¹ã€ããäžã§å®è¡ããããããŸãæåã«ãèšå®ãæå¹ã«ããIGMPãããã¡ã€ã«çªå·ãäœæããŸãã
èšå®ã»è¡šç€ºé ç®
IGMP Filter Status
IGMPãã£ã«ã¿ãªã³ã°ããã³ã¹ããããªã³ã°ããã¹ã€ããäžã§æå¹ã«ããŸããïŒåæèšå® :ç¡å¹ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure GeneralããéžæããŸãã
ïŒ3ïŒIGMPãã£ã«ã¿ã¹ããŒã¿ã¹ãæå¹ /ç¡å¹ã«ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
348 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMPãã£ã«ã¿ãããã¡ã€ã«ã®èšå®
IGMPãããã¡ã€ã«çªå·ãäœæåŸããã«ããã£ã¹ãã°ã«ãŒãã®ãã£ã«ã¿ãžã®èšå®ãããã³ã¢ã¯ã»ã¹ã¢ãŒãã®èšå®ãè¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Add
Profile ID
IGMPãããã¡ã€ã«ãäœæãïŒç¯å²ïŒ1-4294967295ïŒ
Access Mode
ãããã¡ã€ã«ã®ã¢ã¯ã»ã¹ã¢ãŒããèšå®ããŸããPermitïŒèš±å¯ïŒãŸã㯠denyïŒæåŠïŒãæå®ããŠãã ãããïŒåæèšå®ïŒDenyïŒæåŠïŒïŒ
Add Multicast Group Range
Profile ID
IGMPãããã¡ã€ã«èšå®ãéžæã
Start Multicast IP Address
ãã«ããã£ã¹ãã°ã«ãŒãç¯å²ã®æåã®ã¢ãã¬ã¹
End Multicast IP Address
ãã«ããã£ã¹ãã°ã«ãŒãç¯å²ã®æåŸã®ã¢ãã¬ã¹
349FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
IGMPãã£ã«ã¿ãããã¡ã€ã«ã®äœæãšã¢ã¯ã»ã¹ã¢ãŒãã®èšå®
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure ProfileããéžæããŸãã
ïŒ3ïŒãActionããªã¹ããããAddããéžæããŸãã
ïŒ4ïŒãããã¡ã€ã«çªå·ãå ¥åããã¢ã¯ã»ã¹ã¢ãŒããèšå®ããŸããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
IGMPãã£ã«ã¿ãããã¡ã€ã«ã®è¡šç€º
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ProfileããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
350 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMPãã£ã«ã¿ãããã¡ã€ã«ã«ãã«ããã£ã¹ãã°ã«ãŒãã®ç¯å²ãè¿œå
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ProfileããéžæããŸããïŒ3ïŒãActionããªã¹ããããAdd Multicast Group RangeããéžæããŸããïŒ4ïŒèšå®ãè¡ããããã¡ã€ã«ãéžæãããã«ããã£ã¹ãã°ã«ãŒãã¢ãã¬ã¹ãŸãã¯ç¯å²ãè¿œå ããŸ
ããïŒ5ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
IGMPãã£ã«ã¿ãããã¡ã€ã«ã«èšå®ããããã«ããã£ã¹ãã°ã«ãŒãã®è¡šç€º
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure ProfileããéžæããŸããïŒ3ïŒãActionããªã¹ããããShow Multicast Group RangeããéžæããŸããïŒ4ïŒæ å ±ã衚瀺ãããããã¡ã€ã«ãéžæããŸãã
351FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMPãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°ã®èšå®ïŒããŒãïŒ
IGMPãããã¡ã€ã«ã®èšå®ãè¡ããšãããããã€ã³ã¿ãã§ãŒã¹ã«é©çšããããšãã§ããŸãããŸããIGMPã¹ããããªã³ã°ã®èšå®ãè¡ãããšã§ãã€ã³ã¿ãŒãã§ã€ã¹ãå å ¥ã§ãã IGMPã°ã«ãŒãã®æ倧æ°ãèšå®ããããšãã§ããŸãã
æ©èœè§£èª¬
⢠IGMPã¹ããããªã³ã°ã¯ãåæã«å å ¥ãå¯èœãªãã«ããã£ã¹ãã°ã«ãŒãããŒãã®æ倧å€ãèšå®ããŸããã°ã«ãŒãæ°ããèšå®ããæ倧å€ã«éããæãã¹ã€ããã¯ãã©ã¡ããæåŠãããã眮ãæããã®å ã©ã¡ããã®åŠçãè¡ãããšãã§ããŸãããæåŠãããèšå®ã«ãªã£ãŠããå Žåãå šãŠã®æ°èŠ IGMP joinã¬ããŒãã¯ç Žæ£ãããŸããã眮ãæããèšå®ã«ãªã£ãŠããå Žåãã¹ã€ããã¯ã©ã³ãã ã«æ¢åã®ã°ã«ãŒããåãå»ããæ°ãããã«ããã£ã¹ãã°ã«ãŒãã«çœ®ãæããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯èå¥åã
Profile ID
æ¢åã®ãããã¡ã€ã«ãã€ã³ã¿ãã§ãŒã¹ã«é©çšãããããã¡ã€ã«çªå·ãéžæããŸãã
Max Multicast Groups
åæã«å å ¥ãå¯èœãªãã«ããã£ã¹ãã°ã«ãŒãã®æ倧å€ãèšå®ããŸããïŒç¯å²ïŒ0ïŒ 255ãåæèšå®ïŒ255ïŒ
Current Multicast Groups
çŸåšå å ¥ããŠãããã«ããã£ã¹ãã°ã«ãŒãã衚瀺ããŸãã
Throttling Action Mode
ã°ã«ãŒãæ°ããèšå®ããæ倧å€ã«éããæã®åŠçãéžæãïŒåæèšå®ïŒdenyïŒ
ïŒ denyæ°èŠã®ã¬ããŒãã¯ç Žæ£ãããŸãã
ïŒ replaceæ¢åã®ãã«ããã£ã¹ãã°ã«ãŒãã¯ãæ°ããã°ã«ãŒããžçœ®ãæããããŸãã
Throttling Status
ã€ã³ã¿ãã§ãŒã¹äžã§ãã¹ããããªã³ã°ã®åäœãå®è¡ããããã©ããã衚瀺ããŸããïŒãªãã·ã§ã³ïŒtrueãŸã㯠FalseïŒ
352 FXC3110
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
ïŒ1ïŒ[Multicast] â [IGMP Snooping]â [Filtering]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒã€ã³ã¿ãã§ãŒã¹ãžã¢ãµã€ã³ãããããã¡ã€ã«ãéžæãããã«ããã£ã¹ãã°ã«ãŒãã«èš±å¯ããæ倧æ°ãšã¹ããããªã³ã°ã¢ã¯ã·ã§ã³ã¢ãŒããèšå®ããŸãã
ïŒ4ïŒïŒ ApplyïŒãã¯ãªãã¯ããŸãã
353FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
3.17 MVRïŒMulticast VLAN RegistrationïŒ
Multicast VLAN Registration(MVR)ã¯ãµãŒãã¹ãããã€ãã®ãããã¯ãŒã¯äžã®ãVLANã«ãã«ããã£ã¹ãã®ãã©ãã£ãã¯ïŒäŸïŒãã¬ããã£ã³ãã«ããããªã»ãªã³ã»ããã³ãïŒãéä¿¡ããããã«äœ¿çšãããã·ã³ã°ã«ãããã¯ãŒã¯ãžã®éä¿¡ã管çãããããã³ã«ã§ããMVRãããã¯ãŒã¯ã«å ¥ãã©ã®ãã«ããã£ã¹ããã©ãã£ãã¯ããæ¥ç¶ããããã¹ãŠã® Subscribersã«éä¿¡ãããŸãããã®ãããã³ã«ã¯åçãªç£èŠã«å¿ èŠãªãªãŒããŒãããã®ããã»ã¹ãèããæžå°ãããæ£åžžãªãã«ããã£ã¹ã VLANã®ããé éããªãŒãèšç«ããããšãã§ããŸããããã¯ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ãããã³ã«ã䜿çšããã«ãåºå€§ãªãããã¯ãŒã¯ã®äžã«å ±éã®ãã«ããã£ã¹ããµãŒãã¹ã®ãµããŒããå¯èœã«ããŸãã
æ©èœè§£èª¬
MVRã®äžè¬çãªèšå®æé
ïŒ1ïŒã¹ã€ããå šäœã« MVRãæå¹ã«ããŠãMVRã«äœ¿çšãã VLAN IDãéžæããŸãã次ã«ãã©ãã£ãã¯ãæµããã«ããã£ã¹ãã°ã«ãŒããè¿œå ããŸãã
ïŒ2ïŒãœãŒã¹ããŒããã¬ã·ãŒããŒããŒããšã㊠MVRã«åå ããã€ã³ã¿ãã§ãŒã¹ãèšå®ããŸãã
ïŒ3ïŒé·æééä¿¡ããå®å®ããŠãã¹ãã«é¢é£ä»ãããããã«ããã£ã¹ãã¹ããªãŒã ã®ããããã«ããã£ã¹ãã°ã«ãŒããåå ããã€ã³ã¿ãã§ãŒã¹ã«åºå®çã«çµã³ã€ããããšãã§ããŸãã(358 ããŒãžã®ãéçãã«ããã£ã¹ãã°ã«ãŒããã€ã³ã¿ãã§ãŒã¹ãžè¿œå ããåç § )
TV TV
ãµãã©ã€ããµãŒãã¹ãã«ããã£ã¹ãã«ãŒã¿
ã¬ã€ã€2ã¹ã€ãã ãµãŒãã¹ãããã¯ãŒã¯
ãœãŒã¹ããŒã
ã¬ã·ãŒãããŒã
STB STB
PC
ãã«ããã£ã¹ããµãŒã
354 FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
ã°ããŒãã«MVRèšå®
MVR(Multicast VLAN Registration)ã®ã°ããŒãã«èšå®ã¯ãã¹ã€ããå šäœã§ã®MVRã®æå¹ /ç¡å¹ããµãŒãã¹ãããã€ãã«ãã£ãŠãµããŒããããéåžžãã«ããã£ã¹ãã¹ããªãŒã ã®åç¬ãã£ã³ãã«ã®åœ¹ããã VLANã®éžæããã«ããã£ã¹ãã°ã«ãŒãã¢ãã¬ã¹ãããããã®ãµãŒãã¹ã®ããMVR VLANãžã®å²ãåœãŠãå«ã¿ãŸãã
æ©èœè§£èª¬
⢠IGMPã¹ããŒãã³ã°ãš MVRã¯æ倧 256ã°ã«ãŒããå ±æããŸãããã®éçãè¶ éããŠåä¿¡ããããã«ããã£ã¹ãã¹ããªãŒã ã¯é¢é£ä»ãããã VLANã®å šãŠã®ããŒããžãã©ããã£ã³ã°ãããŸãã
èšå®ã»è¡šç€ºé ç®
MVR Status
ã¹ã€ããã® MVRæ©èœã®æå¹ã»ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
MVR VLAN
ã¹ããªãŒãã³ã°ã®ãã£ã³ãã«ãšããŠåäœãã VLAN IDãæå®ã
MVR Running Status
MVRç°å¢ã«ãããŠãå šãŠã®å¿ èŠæ¡ä»¶ãæºããããŠãããåŠãã衚瀺ããŸãã
MVR Group IP
MVRãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹ãïŒç¯å²ïŒ 224.0.1.0 - 239.255.255.255ãåæèšå®ïŒ MVR VLANã«ã°ã«ãŒãã¯ãããŸããïŒ
Count
é£ç¶ãã MVRã°ã«ãŒãã¢ãã¬ã¹ã®æ°ãïŒç¯å²ïŒ1-255ãåæèšå®ïŒ0ïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Multicast] â [MVR]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããConfigure GeneralããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
355FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
MVRã€ã³ã¿ãã§ãŒã¹ã®èšå®
MVRã«åå ããããããã®ã€ã³ã¿ãã§ãŒã¹ã¯ãMVRã®ãœãŒã¹ããŒããã¬ã·ãŒããŒããŒããšããŠèšå®ããªããŠã¯ãããŸããããã«ããã£ã¹ããåä¿¡ããŠãããã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ãããŠãããµãã¹ã¯ã©ã€ãã 1ã€ã ãã®å Žåãå³æè±éæ©èœãæå¹ã«ããããšãã§ããŸãã
æ©èœè§£èª¬
⢠1ã€ãããã¯ãã以äžã®ã€ã³ã¿ãã§ãŒã¹ã MVRãœãŒã¹ããŒããšããŠèšå®ããããšãã§ããŸãã
⢠MVRã¬ã·ãŒããŒããŒãã¯ãã©ã³ã¯ã®ã¡ã³ããŒã«ããããšãã§ããªããã¬ã·ãŒããŒããŒãã¯è€æ°ã® VLANã«å±ããããšãã§ããããMVRã®ã¡ã³ããŒã«ãšããŠèšå®ããã¹ãã§ã¯ãããŸããã
⢠IGMP Snoopingã¯ããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã®æšæºã«ãŒã«ã䜿çšã㊠MVRã®ãã«ããã£ã¹ãã°ã«ãŒãã«åçã«åå ãé¢è±ãããœãŒã¹ããŒããã¬ã·ãŒããŒããŒããå²åœãŠãããšãã§ããŸãããã«ããã£ã¹ãã°ã«ãŒãã¯ãœãŒã¹ããŒããã¬ã·ãŒããŒããŒãã«åºå®çã«å²ãåœãŠãããšãã§ããŸãã
⢠Immediate Leaveæ©èœã¯ã¬ã·ãŒããŒããŒãã®ã¿ã«é©çšãããŸããæå¹ã«ãããšããã¬ã·ãŒããŒããŒãã¯é¢è±ã¡ãã»ãŒãžã«èšé²ããããã«ããã£ã¹ãã°ã«ãŒãããå³åº§ã«åãé€ãããŸããImmediate Leaveãç¡å¹ã«ãããšããã¹ã€ããã¯ã°ã«ãŒããªã¹ãããããŒããåãé€ãåã«ãã«ããã£ã¹ãã°ã«ãŒãã®ãµãã¹ã¯ã©ã€ããæ®ã£ãŠããå Žåãã¬ã·ãŒããŒããŒãã«ç¹å®ã®ã°ã«ãŒãã®ã¯ãšãªãéä¿¡ã決å®ããããã®è¿äºãåŸ ã€ãšãããæšæºã®ã«ãŒã«ã«åŸããŸããImmediate Leaveæ©èœã§é¢è±ãããŸã§ã®æéãçãããããšãã§ããŸãããåãã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ãããŠããã°ã«ãŒãã¡ã³ããŒãžã®ãµãŒãã¹ãæ··ä¹±ãããããšãé¿ããããã1ã€ã®ãã«ããã£ã¹ãã®ãµãã¹ã¯ã©ã€ããããŒãã«æ¥ç¶ãããŠããå Žåã®ã¿æå¹ã«ããŠãã ãããImmediate Leaveæ©èœã¯ããŒãã«åºå®çã«å²ãåœãŠããããã«ããã£ã¹ãã°ã«ãŒãã«ã¯é©çšãããŸããã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãèå¥åã
Type
æ¬æ©ã§ã¯ä»¥äžã«ã€ã³ã¿ãã§ãŒã¹ã¿ã€ãããµããŒãããŠããŸãã
ïŒSourceïŒMVR VLANã«ã¢ãµã€ã³ãããã°ã«ãŒããžãã«ããã£ã¹ãããŒã¿ãéåä¿¡ã§ããã¢ãããªã³ã¯ããŒã
ïŒReceiverïŒMVR VLANãéããŠéä¿¡ããããã«ããã£ã¹ãããŒã¿ãåä¿¡ã§ããå å ¥è ããŒãã
ïŒ Non-MVRïŒ MVR VLANã«åå ããªãã€ã³ã¿ãã§ãŒã¹ïŒåæèšå®ïŒ
Oper. Status
ãªã³ã¯ã¹ããŒã¿ã¹ã衚瀺ã
MVR Status
MVRã¹ããŒã¿ã¹ã衚瀺ã
Immediate Leave
å³æè±éåŠçãLeaveã¡ãã»ãŒãžãåãåããšããã«ã€ã³ã¿ãã§ã€ã¹ã転éããŒãã«ããåé€ã§ããããã«ããŸãã
356 FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
èšå®æ¹æ³
ïŒ1ïŒ[Multicast] â [MVR]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãActionããªã¹ããããConfigure InterfaceããéžæããŸãã
ïŒ3ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
357FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
éçãã«ããã£ã¹ãã°ã«ãŒããã€ã³ã¿ãã§ãŒã¹ãžè¿œå
é·æééä¿¡ããå®å®ããŠãã¹ãã«é¢é£ä»ãããããã«ããã£ã¹ãã¹ããªãŒã ã®ããããã«ããã£ã¹ãã°ã«ãŒããåå ããã€ã³ã¿ãã§ãŒã¹ã«åºå®çã«çµã³ã€ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãèå¥åã
VLAN
VLANèå¥åã
Group IP Address
éžæãããããŒããžéä¿¡ãããã«ããã£ã¹ããµãŒãã¹ãå®çŸ©ããŸãã
èšå®æ¹æ³
éç MVRãããŒããžã¢ãµã€ã³ã
ïŒ1ïŒ[Multicast] â [MVR]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure Static GroupããéžæããŸããïŒ3ïŒãActionããªã¹ããããAddããéžæããŸããïŒ4ïŒå¿ èŠãªé ç®ã®èšå®ãè¡ããïŒ ApplyïŒãã¯ãªãã¯ããŸãã
ããŒãã«ã¢ãµã€ã³ãããéç MVRã°ã«ãŒãã衚瀺ã
ïŒ1ïŒ[Multicast] â [MVR]ãã¯ãªãã¯ããŸããïŒ2ïŒãStepããªã¹ããããConfigure Static GroupããéžæããŸããïŒ3ïŒãActionããªã¹ããããShowããéžæããŸãã
358 FXC3110
Webã€ã³ã¿ãã§ãŒã¹MVRïŒMulticast VLAN RegistrationïŒ
MVRã¬ã·ãŒãã°ã«ãŒãã®è¡šç€º
Multicast > MVR (Show Member)ããŒãžã䜿çšããMVRã¬ã·ãŒãã°ã«ãŒãã«ã¢ãµã€ã³ãããã€ã³ã¿ãã§ãŒã¹ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Group IP Address
MVRã¬ã·ãŒã VLANã«ã¢ãµã€ã³ããããã«ããã£ã¹ãã°ã«ãŒã
Source IP Address
ãã«ããã£ã¹ããµãŒãã¹ã®ãœãŒã¹ã¢ãã¬ã¹ã衚瀺
VLAN
ãã«ããã£ã¹ããµãŒãã¹ã§åä¿¡ããã MVR VLANã°ã«ãŒãã衚瀺
Forwarding Port
MVR VLANãéããŠæäŸããããã«ããã£ã¹ããµãŒãã¹ã®ã€ã³ã¿ãã§ãŒã¹ãšãµãã¹ã¯ã©ã€ãã衚瀺
èšå®æ¹æ³
ïŒ1ïŒ[Multicast] â [MVR]ãã¯ãªãã¯ããŸãã
ïŒ2ïŒãStepããªã¹ããããShow MemberããéžæããŸãã
359FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
4.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
4.1.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãžã®ã¢ã¯ã»ã¹
ã³ã³ãœãŒã«ããŒããåã¯ãããã¯ãŒã¯ãã Telnetçµç±ã§ç®¡çã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããå ŽåãUnixã®ã³ãã³ãã«äŒŒãã³ãã³ãããŒãšãã©ã¡ãŒã¿ã®ããã³ããïŒã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ /CLIïŒã«ããæ¬æ©ã®èšå®ãè¡ããŸãã
4.1.2 ã³ã³ãœãŒã«æ¥ç¶
ã³ã³ãœãŒã«ããŒããžã®æ¥ç¶ã¯ä»¥äžã®æé ã§è¡ããŸãã
ïŒ1ïŒã³ã³ãœãŒã«ããã³ããã§ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããŸããåæèšå®ã®ãŠãŒã¶å㯠"admin"ãš "guest"ããã¹ã¯ãŒããåãã "admin"ãš "guest"ãšãªã£ãŠããŸãã管çè ãŠãŒã¶åãšãã¹ã¯ãŒãïŒåæèšå®ã§ã¯ã©ã¡ãã "admin"ïŒãå ¥åããå ŽåãCLI
ã«ã¯ "Console#"ãšè¡šç€ºãã Privileged Execã¢ãŒããšãªããŸããäžæ¹ã²ã¹ããŠãŒã¶åãšãã¹ã¯ãŒãïŒåæèšå®ã§ã¯ã©ã¡ãã "guest"ïŒãå ¥åããå ŽåãCLIã«ã¯"Console>"ãšè¡šç€ºãã Normal Execã¢ãŒããšãªããŸãã
ïŒ2ïŒãŠãŒã¶åãšãã¹ã¯ãŒããå ¥ååŸã¯ãå¿ èŠã«å¿ããã³ãã³ããå ¥åããæ¬æ©ã®èšå®ãåã³çµ±èšæ å ±ã®é²èŠ§ãè¡ããŸãã
ïŒ3ïŒçµäºæã«ã¯ "quit"å㯠"exit"ã³ãã³ãã䜿çšãã»ãã·ã§ã³ãçµäºããŸãã
ã³ã³ãœãŒã«ããŒãããã·ã¹ãã ã«æ¥ç¶ãããšä»¥äžã®ãã°ã€ã³ç»é¢ã衚瀺ãããŸãã
4. ã³ãã³ã ã©ã€ã³ã€ã³ã¿ãã§ãŒã¹
User Access Verification
Username: adminPassword:
CLI session with the FXC3110 is opened. To end the CLI session, enter [Exit].
Console#
360 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
4.1.3 Telnetæ¥ç¶
Telnetãå©çšãããšãããã¯ãŒã¯çµç±ã§ã®ç®¡çãå¯èœãšãªããŸããTelnetãè¡ãã«ã¯ç®¡ç端æ«åŽãšæ¬æ©åŽã®ã©ã¡ãã«ã IPã¢ãã¬ã¹ãäºåã«èšå®ããå¿ èŠããããŸãããŸããç°ãªããµããããããã¢ã¯ã»ã¹ããå Žåã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ãããããŠèšå®ããå¿ èŠããããŸãã
[泚æ ]ãå·¥å Žåºè·æã«ã¯ãæ¬æ©ã¯ DHCP ãµãŒããŒçµç±ã§ IP ã¢ãã¬ã¹ãå²ãæ¯ãããèšå®ã«ãªã£ãŠããŸãã
IPã¢ãã¬ã¹ãšããã©ã«ãã²ãŒããŠã§ã€ã®èšå®äŸã¯ä»¥äžã®éãã§ãã
æ¬æ©ãå€éšãšæ¥ç¶ããããããã¯ãŒã¯ã«æ¥ç¶ããå Žåã«ã¯ãç»é²ããã IPã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸããç¬ç«ãããããã¯ãŒã¯ã®å Žåã«ã¯å éšã§èªç±ã« IPã¢ãã¬ã¹ãå²ãåœãŠãããšãã§ããŸãã
æ¬æ©ã® IPã¢ãã¬ã¹ãèšå®ããåŸã以äžã®æé 㧠Telnetã»ãã·ã§ã³ãéå§ããããšãã§ããŸãã
ïŒ1ïŒãªã¢ãŒããã¹ããã Telnetã³ãã³ããšæ¬æ©ã® IPã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ2ïŒããã³ããäžã§ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããŸããPrivileged Execã¢ãŒãã®å Žåã«ã¯ "Vty-0#"ãšè¡šç€ºãããŸããNormal Execã¢ãŒãã®å Žåã«ã¯ "Vty-0>"ãšè¡šç€ºãããŸãã
ïŒ3ïŒãŠãŒã¶åãšãã¹ã¯ãŒããå ¥ååŸã¯ãå¿ èŠã«å¿ããã³ãã³ããå ¥åããæ¬æ©ã®èšå®ãåã³çµ±èšæ å ±ã®é²èŠ§ãè¡ããŸãã
ïŒ4ïŒçµäºæã«ã¯ "quit"å㯠"exit"ã³ãã³ãã䜿çšãã»ãã·ã§ã³ãçµäºããŸãã
[泚æ ]ã åæã«æ倧 4ã»ãã·ã§ã³ãŸã§ã® Telnetæ¥ç¶ãå¯èœã§ãã
Console(config)#interface vlan 1Console(config-if)#ip address 10.1.0.254 255.255.255.0Console(config-if)#exitConsole(config)#ip default-gateway 10.1.0.254
Username: adminPassword:
CLI session with the FXC3110 is opened. To end the CLI session, enter [Exit].
Vty-0#
361FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
4.2 ã³ãã³ãå ¥å
4.2.1 ããŒã¯ãŒããšåŒæ°
CLIã³ãã³ãã¯ããŒã¯ãŒããšåŒæ°ã®ã°ã«ãŒãããæ§æãããŸããããŒã¯ãŒãã«ããã³ãã³ãã決å®ããåŒæ°ã«ããèšå®ãã©ã¡ãŒã¿ãå ¥åããŸãã
äŸãã°ã"show interfaces status ethernet 1/5"ãšããã³ãã³ãã®å Žåã"show interfaces"ãš"status"ãšããããŒã¯ãŒããã³ãã³ããªãã"ethernet"ãš "1/5"ãããããã€ã³ã¿ãã§ãŒã¹ãšãŠããã /ããŒããæå®ããåŒæ°ãšãªããŸãã
以äžã®æé ã§ã³ãã³ãã®å ¥åãè¡ããŸãã
⢠簡åãªã³ãã³ããå ¥åããå Žåã¯ãã³ãã³ãããŒã¯ãŒããå ¥åããŸãã
⢠è€æ°ã®ã³ãã³ããå ¥åããå Žåã¯ãåã³ãã³ããå¿ èŠãšãããé çªã§å ¥åããŸããäŸãã° Privileged Execã³ãã³ãã¢ãŒããæå¹ã«ããŠãèµ·åèšå®ã衚瀺ããããã«ã¯ã以äžã®ããã«ã³ãã³ããå ¥åããŸãã
⢠ãã©ã¡ãŒã¿ãå¿ èŠãšããã³ãã³ããå ¥åããå Žåã¯ãã³ãã³ãããŒã¯ãŒãã®åŸã«å¿ èŠãªãã©ã¡ãŒã¿ãå ¥åããŸããäŸãã°ã管çè ãã¹ã¯ãŒããèšå®ããå Žåã«ã¯ã以äžã®ããã«ã³ãã³ããå ¥åããŸãã
4.2.2 ã³ãã³ãã®çç¥
CLIã§ã¯ã³ãã³ãã®çç¥ãè¡ãããšãã§ããŸããäŸãã° "configuration"ãšããã³ãã³ãã"con"ãšå ¥åããã ãã§ãã³ãã³ããšããŠèªèãããŸããäœããçç¥ãããã®ãè€æ°ã®ã³ãã³ããšãªãåŸãå Žåã«ã¯ãã·ã¹ãã ããå床ã³ãã³ãã®å ¥åãèŠæ±ãããŸãã
Console>enablepassword:Console#show startup-config
Console(config)#username admin password 0 smith
362 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
4.2.3 ã³ãã³ãäžã§ã®ãã«ãã®è¡šç€º
ã³ãã³ãäžã§ "help"ã³ãã³ããå ¥åããããšã§ãç°¡åãªãã«ãã衚瀺ãããŸãããŸã "?"ãšå ¥åãããšããŒã¯ãŒãããã©ã¡ãŒã¿ã®ã³ãã³ãææ³ã衚瀺ãããŸãã
ã³ãã³ãã®è¡šç€º
ã³ãã³ãäžã§ "?"ãšå ¥åãããšãçŸåšã®ã³ãã³ãã¯ã©ã¹ã®ç¬¬äžéå±€ã«ãããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãããŸãç¹å®ã®ã³ãã³ãã®ããŒã¯ãŒãã衚瀺ããããšãã§ããŸããäŸãã° "show ?"ãšå ¥åãããšã"show"ã³ãã³ãå ã§äœ¿çšã§ããã³ãã³ãäžèŠ§ã衚瀺ãããŸãã
Console#show ? access-group Access groups access-list Access lists accounting Uses the specified accounting list arp Information of ARP cache authorization Enables EXEC accounting auto-traffic-control Auto traffic control information banner Banner info bridge-ext Bridge extension information cable-diagnostics Shows the information of cable diagnostics calendar Date and time information class-map Displays class maps cluster Display cluster dns DNS information dot1q-tunnel dot1q-tunnel dot1x 802.1X content garp GARP properties gvrp GVRP interface information history Shows history information hosts Host information interfaces Shows interface information ip IP information ipv6 IPv6 information lacp LACP statistics line TTY line information lldp LLDP log Log records logging Logging setting loop Shows the information of loopback mac MAC access list mac-address-table Configuration of the address table mac-vlan MAC-based VLAN information management Shows management information mvr multicast vlan registration network-access Shows the entries of the secure port. nlm Show notification log policy-map Displays policy maps port Port characteristics power Shows power power-save Shows the power saving information process Device process protocol-vlan Protocol-VLAN information public-key Public key information qos Quality of Service queue Priority queue information radius-server RADIUS server information reload Shows the reload settings rmon Remote monitoring information rspan Display status of the current RSPAN configuration
ïŒç¶ãïŒ
363FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
"show interfaces ?"ãšå ¥åããå Žåã«ã¯ã以äžã®ãããªæ å ±ã衚瀺ãããŸãã
4.2.4 ããŒã¯ãŒãã®æ€çŽ¢
ããŒã¯ãŒãã®äžéšãšå ±ã« "?"ãå ¥åãããšãå ¥åããæååããå§ãŸããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãïŒå ¥åããéã«æååãš "?"ã®éã«ã¹ããŒã¹ã空ããªãã§äžããïŒäŸãã°ã"s?"ãšå ¥åãããšã以äžã®ããã« "s"ããå§ãŸããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãã
4.2.5 ã³ãã³ãã®ãã£ã³ã»ã«
å€ãã®ã³ãã³ãã«ãããŠãã³ãã³ãã®åã« "no"ãšå ¥åããããšã§ã³ãã³ãå®è¡ã®åãæ¶ããåã¯åæèšå®ãžã®ãªã»ãããè¡ãããšãã§ããŸããäŸãã°ã"logging"ã³ãã³ãã§ã¯ãã¹ããµãŒãã«ã·ã¹ãã ã¡ãã»ãŒãžãä¿åããŸãã"no logging"ã³ãã³ãã䜿çšãããšã·ã¹ãã ã¡ãã»ãŒãžã®ä¿åãç¡å¹ãšãªããŸãã
æ¬ããã¥ã¢ã«ã§ã¯ãåã³ãã³ãã®è§£èª¬ã§ "no"ãå©çšããŠã³ãã³ãã®ãã£ã³ã»ã«ãã§ããå Žåã«ã¯ãã®æšã®èšèŒãããŠãããŸãã
4.2.6 ã³ãã³ãå ¥åå±¥æŽã®å©çš
CLIã§ã¯å ¥åãããã³ãã³ãã®å±¥æŽãä¿åãããŠããŸãããâãããŒãæŒãããšã§ã以åå ¥åããå±¥æŽã衚瀺ãããŸãã衚瀺ãããå±¥æŽã¯ãåã³ã³ãã³ããšããŠå©çšããããšãã§ããä»ãå±¥æŽã«è¡šç€ºãããã³ãã³ãã®äžéšãä¿®æ£ããŠå©çšããããšãã§ããŸãã
ãŸãã"show history"ã³ãã³ãã䜿çšãããšæè¿å©çšããã³ãã³ãã®äžèŠ§ã衚瀺ãããŸãã
ïŒç¶ãïŒ running-config Information on the running configuration snmp Simple Network Management Protocol configuration and statistics sntp Simple Network Time Protocol configuration spanning-tree Spanning-tree configuration ssh Secure shell server connections startup-config Startup system configuration subnet-vlan IP subnet-based VLAN information system System information tacacs-server TACACS server information tech-support Technical information time-range Time range traffic-segmentation Traffic segmentation information upgrade Shows upgrade information users Information about users logged in version System hardware and software versions vlan Shows virtual LAN settings voice Shows the voice VLAN information web-auth Shows web authentication configuration
Console#show interfaces ? counters Interface counters information protocol-vlan Protocol-VLAN information status Shows interface status switchport Shows interface switchport informationConsole#show interfaces
Console#show s?
snmp ããsntp spanning-tree ãssh startup-configsubnet-vlan system
364 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
4.2.7 ã³ãã³ãã¢ãŒã
ã³ãã³ãã»ãã㯠Execãš Configurationã¯ã©ã¹ã«ãã£ãŠåå²ãããŸããExecã³ãã³ãã¯æ å ±ã®è¡šç€ºãšçµ±èšæ å ±ã®ãªã»ãããäž»ã«è¡ããŸããäžæ¹ã® Configurationã³ãã³ãã§ã¯ãèšå®ãã©ã¡ãŒã¿ã®å€æŽããã¹ã€ããã®åçš®æ©èœã®æå¹åãªã©ãè¡ããŸãã
ãããã®ã¯ã©ã¹ã¯è€æ°ã®ã¢ãŒãã«åããã䜿çšã§ããã³ãã³ãã¯ããããã®ã¢ãŒãæ¯ã«ç°ãªããŸãã"?"ã³ãã³ããå ¥åãããšãçŸåšã®ã¢ãŒãã§äœ¿çšã§ãããã¹ãŠã®ã³ãã³ãã®äžèŠ§ã衚瀺ãããŸããã³ãã³ãã®ã¯ã©ã¹ãšã¢ãŒãã¯ä»¥äžã®è¡šã®éãã§ãã
â» Global Configurationã¢ãŒããžã¯ãPrivileged Execã¢ãŒãã®å Žåã®ã¿ã¢ã¯ã»ã¹å¯èœã§ããä»ã®Configurationã¢ãŒãã䜿çšããå Žåã¯ãGlobal Configurationã¢ãŒãã«ãªãå¿ èŠããããŸãã
4.2.8 Execã³ãã³ã
ã³ã³ãœãŒã«ãžã®æ¥ç¶ã«ãŠãŒã¶å "guest"ã§ãã°ã€ã³ããå ŽåãNormal Execã¢ãŒãïŒã²ã¹ãã¢ãŒãïŒãšãªããŸãããã®å Žåãäžéšã®ã³ãã³ããã䜿çšã§ãããã³ãã³ãã®äœ¿çšã«å¶éããããŸãããã¹ãŠã®ã³ãã³ãã䜿çšããããã«ã¯ãå床ãŠãŒã¶å "admin"ã§ã»ãã·ã§ã³ãéå§ãããã"enable"ã³ãã³ãã䜿çšã㊠Privileged Execã¢ãŒãïŒç®¡çè ã¢ãŒãïŒãžç§»è¡ããŸãïŒç®¡çè ã¢ãŒãçšã®ãã¹ã¯ãŒããèšå®ããŠããå Žåã«ã¯å¥éãã¹ã¯ãŒãã®å ¥åãå¿ èŠã§ãïŒ
Normal Execã¢ãŒãã®å Žåã«ã¯ã³ãã³ãããã³ããã®è¡šç€ºã "Console>"ãšè¡šç€ºãããŸããPrivileged Execã¢ãŒãã®å Žåã«ã¯ "Console#"ãšè¡šç€ºãããŸããPrivileged Execã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ã以äžã®ã³ãã³ããšãã¹ã¯ãŒããå ¥åããŸãã
ã¯ã©ã¹ ã¢ãŒã
ExecNormalPrivileged
Configuration GlobalïŒâ»ïŒ
Access Control ListClass MapIGMP ProfileInterfaceLineMultiple Spanning TreePolicy MapTime RangeVLAN Database
Username: adminPassword:[admin login password]
CLI session with the FXC3110 is opened. To end the CLI session, enter [Exit].
Console#
Username: guestPassword: [guest login password]
CLI session with the FXC3110 is opened. To end the CLI session, enter [Exit].
Console#enablePassword: [privileged level password]Console#
365FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
4.2.9 Configurationã³ãã³ã
Configurationã³ãã³ã㯠Privileged ExecïŒç®¡çè ïŒã¢ãŒãå ã®ã³ãã³ãã§ãæ¬æ©ã®èšå®å€æŽãè¡ãéã«äœ¿çšããŸãããããã®ã³ãã³ãã¯ã©ã³ãã³ã°ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã®ã¿ãå€æŽãããåèµ·åæã«ã¯ä¿åãããŸãããé»æºãåã£ãæã«ãã©ã³ãã³ã°ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ãä¿åããããã«ã¯ã"copy running-config startup-config"ã³ãã³ãã䜿çšããŸããConfigurationã³ãã³ãã¯è€æ°ã®ç°ãªãã¢ãŒãããããŸãã
⢠Global Configuration â "hostname"ã"snmp-server community"ã³ãã³ããªã©ã·ã¹ãã é¢é£ã®èšå®å€æŽãè¡ãããã®ã¢ãŒãã§ãã
⢠Access Control List Configuration â ãã±ãããã£ã«ã¿ãªã³ã°ãè¡ãªãããã®ã¢ãŒãã§ãã
⢠Class Map Configurationâ DiffServe ã¯ã©ã¹ããããäœæããããã®ã¢ãŒãã§ãã
⢠IGMP Profileâ DiffServe ã¯ã©ã¹ããããäœæããããã®ã¢ãŒãã§ãã
⢠Interface Configuration âãããã¡ã€ã«ã°ã«ãŒããèšå®ããIGMPãã£ã«ã¿ãããã¡ã€ã«èšå®ããŒãžãžå ¥ããŸãã
⢠Line Configuration â "parity"ã "databits"ãªã©ã³ã³ãœãŒã«ããŒãé¢é£ã®èšå®ãè¡ãããã®ã¢ãŒãã§ãã
⢠Multiple Spanning Tree Configuration â MST ã€ã³ã¹ã¿ã³ã¹é¢é£ã®èšå®ãè¡ãªãããã®ã¢ãŒãã§ãã
⢠Policy Map Configuration â ãã±ãããã£ã«ã¿ãªã³ã°ãè¡ãªãããã®ã¢ãŒãã§ãã
⢠Time Range â ACLçã®æ©èœã§äœ¿çšããã¿ã€ã ã¬ã³ãžãèšå®ããŸãã
⢠VLAN Configuration â VLANã°ã«ãŒããèšå®ããããã®ã¢ãŒãã§ãã
Global Configurationã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ãPrivileged Execã¢ãŒãã§"configure"ã³ãã³ããå ¥åããŸããç»é¢äžã®ããã³ããã "Console(config)#"ãšå€æŽã«ãªããGlobal Configurationã®ãã¹ãŠã®ã³ãã³ãã䜿çšããããšãã§ããããã«ãªããŸãã
ä»ã®ã¢ãŒããžã¯ã以äžã®è¡šã®ã³ãã³ããå ¥åããããšã«ããå ¥ãããšãã§ããŸããåãããããã®ã¢ãŒããã㯠"exit"å㯠"end"ã³ãã³ãã䜿çšã㊠Privileged Execã¢ãŒãã«æ»ãããšãã§ããŸãã
Console#configureConsole(config)#
ã¢ãŒã ã³ãã³ã ããã³ãã ããŒãžLine Line {console | vty} Console(config-line)# P412
AccessControl List
access-list ip standardaccess-list ip extendedaccess-list ip mac
Console(config-std-acl)Console(config-ext-acl)Console(config-mac-acl)
P601P603P607
Class Map class map Console(config-cmap) P775
InterfaceIinterface {ethernet port | port-channel id | vlan id}
Console(config-if)# P615
366 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
以äžã®äŸã§ã¯ãInterface Configurationã¢ãŒãã«ã¢ã¯ã»ã¹ãããã®åŸ Privileged Execã¢ãŒãã«æ»ãåäœãè¡ã£ãŠããŸãã
4.2.10 ã³ãã³ãã©ã€ã³ããã»ã¹
CLIã®ã³ãã³ãã§ã¯å€§æåãšå°æåã®åºå¥ã¯ãããŸãããä»ã®ã³ãã³ããšãã©ã¡ãŒã¿ã®åºå¥ãã§ããã°ã³ãã³ããšãã©ã¡ãŒã¿ã®çç¥ãããããšãã§ããŸãããŸããã³ãã³ãã®è£å®ãããããã«ã¿ãã»ããŒã䜿çšããããšããã³ãã³ãã®äžéšãš "?"ã³ãã³ããå©çšããŠé¢é£ããã³ãã³ãã衚瀺ãããããšãã§ããŸãã
ãã®ä»ã«ã以äžã®è¡šã®ããŒå ¥åã䜿çšããããšãã§ããŸãã
MSTP spanning-tree mst-configuration Console(config-mstp)# P690
Policy Map policy map Console(config-pmap) P779
Time Range
time-rangeConsole(config-time-range)
P448
VLAN vlan database Console(config-vlan) P715
Console(config)#interface ethernet 1/5Console(config-if)#exitConsole(config)#
ããŒæäœ æ©èœCtrl-A ã«ãŒãœã«ãã³ãã³ãã©ã€ã³ã®äžçªåã«ç§»åããŸãã
Ctrl-B ã«ãŒãœã«ã 1æåå·Šã«ç§»åããŸãã
Ctrl-C çŸåšã®ã¿ã¹ã¯ãçµäºããã³ãã³ãããã³ããã衚瀺ããŸãã
Ctrl-E ã«ãŒãœã«ãã³ãã³ãã©ã€ã³ã®æåŸã«ç§»åããŸãã
Ctrl-F ã«ãŒãœã«ã 1æåå³ã«ç§»åããŸãã
Ctrl-K ã«ãŒãœã«ããè¡ã®æåŸãŸã§ã®æåãåé€ããŸããCtrl-L çŸåšã®ã³ãã³ãè¡ãæ°ããè¡ã§ç¹°ãè¿ããŸããCtrl-N ã³ãã³ãå ¥åå±¥æŽã®æ¬¡ã®ã³ãã³ãã衚瀺ããŸããCtrl-P æåŸã«å ¥åããã³ãã³ãã衚瀺ããŸããCtrl-R çŸåšã®ã³ãã³ãè¡ãæ°ããè¡ã§ç¹°ãè¿ããŸããCtrl-U å ¥åããè¡ãåé€ããŸããCtrl-W å ¥åããæåŸã®ã¯ãŒããåé€ããŸãã
Esc-B ã«ãŒãœã«ã 1æåæ»ããŸãã
Esc-D ã«ãŒãœã«ããæåã®æåŸãŸã§ãåé€ããŸããEsc-F æåã«ãŒãœã«ãé²ããŸãã
Deleteåã¯backspace ã³ãã³ãå ¥åãééããéã«åé€ããŸãã
367FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã°ã«ãŒã
4.3 ã³ãã³ãã°ã«ãŒã
ã·ã¹ãã ã³ãã³ãã¯æ©èœå¥ã«ä»¥äžã®è¡šã®éãåé¡ãããŸã :
ã³ãã³ãã°ã«ãŒã
å 容 ããŒãž
General Privileged Execã¢ãŒããžã®ã¢ã¯ã»ã¹ãã·ã¹ãã ã®åèµ·åãCLIããã®ãã°ã¢ãŠããªã©åºæ¬çãªã³ãã³ã
P370
SystemManagement
ã·ã¹ãã ãã°ãã·ã¹ãã ãã¹ã¯ãŒãããŠãŒã¶åããžã£ã³ããã¬ãŒã ãµããŒããWeb管çãªãã·ã§ã³ãHTTPSãSSHãªã©ã·ã¹ãã æ å ±ã«é¢é£ããã³ãã³ã
P378
SNMP èªèšŒãšã©ãŒãã©ãã : ã³ãã¥ããã£ååã³ãã©ãããããŒãžã£ã®èšå®
P459
Remote Monitoring çµ±èšãå±¥æŽãã¢ã©ãŒã ãã€ãã³ãã°ã«ãŒãããµããŒã
User AuthenticationãŠãŒã¶åã»ãã¹ã¯ãŒããããŒã«ã«ãŸãã¯ãªã¢ãŒãèªèšŒïŒAAAã»ãã¥ãªãã£ãå«ãïŒWebãµãŒãã®ç®¡çã¢ã¯ã»ã¹ãTelnetãµãŒããSSHçã®èšå®
P486
General SecurityMeasures
èšå®ãããéçãŸãã¯åçã¢ãã¬ã¹ãWebèªèšŒãMACã¢ãã¬ã¹èªèšŒãDHCPãªã¯ãšã¹ããšãªãã©ã€ã®ãã£ã«ã¿ãªã³ã°ãç¡å¹ãªARPã¬ã¹ãã³ã¹ã®å»æ£ã«ããããŒã¿ããŒãã«æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã®ãã©ãã£ãã¯ãåé¢ããã³ç¡å¹ãªã¢ã¯ã»ã¹é²æ¢ã
P548
Access ControlList
IPã¢ãã¬ã¹ããããã³ã«ãTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒããMACã¢ãã¬ã¹åã³ã€ãŒãµãããã¿ã€ãã«ãããã£ã«ã¿ãªã³ã°ã®æäŸ
P600
Interface TrunkãLACPã VLANãªã©ãåããŒãã®èšå® P615
LinkAggregation
è€æ°ããŒããã°ã«ãŒãåããããŒããã©ã³ã¯åã³ Link Aggregation Control Protocol (LACP)ã®èšå®
P636
Mirror Port éä¿¡ç£èŠã®ãããããŒããéãããŒã¿ãä»ã®ããŒãã«ãã©ãŒãªã³ã°ãè¡ãèšå®
P647
Rate Limit éä¿¡ã®æ倧éå信垯åã®ã³ã³ãããŒã« P657
Automatic Traffic Control èªåãã©ãã£ãã¯å¶åŸ¡ã®èšå® P658
Address Table ã¢ãã¬ã¹ãã£ã«ã¿ã®èšå®ãã¢ãã¬ã¹ããŒãã«æ å ±ã®è¡šç€ºãšã¯ãªã¢ããšãŒãžã³ã°ã¿ã€ã ã®èšå®
P677
Spanning Tree STAèšå® P682
VLANåããŒãã® VLANã°ã«ãŒãã®èšå®åã³ãã©ã€ããŒã VLANããããã³ã« VLANã®èšå®
P715
Class of Serviceã¿ã°ãªããã¬ãŒã ã®åããŒãã®ãã©ã€ãªãªãã£ã®èšå®ãåãã©ã€ãªãªãã£ãã¥ãŒã®ãŠã§ã€ãã®ç¢ºèªãIP precedenceãDSCPãTCPãã©ãã£ãã¯ã¿ã€ãã®ãã©ã€ãªãªãã£ã®èšå®
P758
Quality of Service Diff Servã®èšå® P773
Multicast Filtering IGMPãã«ããã£ã¹ããã£ã«ã¿ãã¯ãšãªã¢ãã¯ãšãªåã³ãåããŒãã«é¢é£ãããã«ããã£ã¹ãã«ãŒã¿ã®èšå®
P792
LLDP LLDPèšå® P836
DNS DNSãµãŒãã®èšå® P853
DHCP DNSãµãŒãã®èšå® P853
IP Interface DHCPã¯ã©ã€ã¢ã³ãæ©èœãèšå® P868
368 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã°ã«ãŒã
æ¬ç« å ã®è¡šã§çšããããã³ãã³ãã¢ãŒãã¯ä»¥äžã®æ¬åŒ§å ã®ã¢ãŒããçç¥ãããã®ã§ãã
ACLïŒAccess Control List ConfigurationïŒ LCïŒLine ConfigurationïŒ
CMïŒClass Map ConfigurationïŒ MSTïŒMultiple Spanning TreeïŒ
DCïŒDHCP Server ConfigurationïŒ NEïŒNormal ExecïŒ
GCïŒGlobal ConfigurationïŒ PEïŒPrivileged ExecïŒ
ICïŒInterface ConfigurationïŒ PMïŒPolicy Map ConfigurationïŒ
IPCïŒIGMP Profile ConfigurationïŒ VCïŒVLAN Database ConfigurationïŒ
369FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
4.4 GeneralïŒäžè¬ã³ãã³ãïŒ
prompt
CLIããã³ããã®ã«ã¹ã¿ãã€ãºãè¡ãªãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
prompt string
no prompt
⢠string â CLIããã³ããã«è¡šç€ºãããå称ïŒæ倧 255æåïŒ
åæèšå®
Console
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
prompt CLIããã³ããã®ã«ã¹ã¿ãã€ãº GC P370
reload ã·ã¹ãã ãªã»ããã®æéãèšå® GC P371
enable Privilegedã¢ãŒãã®æå¹å NE P372
quit CLIã»ãã·ã§ã³ãçµäº NE,PE P373
show history ã³ãã³ãå±¥æŽãããã¡ã®è¡šç€º NE,PE P374
configure Global Configurationã¢ãŒãã®æå¹å PE P375
disable Privilegedã¢ãŒããã Normalã¢ãŒããžã®å€æŽ PE P375
reload æ¬æ©ã®åèµ·å PE P371
show reload çŸåšã®ãªããŒãèšå®ã衚瀺 PE P376
end Privileged Execã¢ãŒããžã®å€æŽGC,IC,LC,VC
P377
exit åã®èšå®ã¢ãŒãã«æ»ããå㯠CLIã»ãã·ã§ã³ãçµäº ãã¹ãŠ P377
Console(config)#prompt RD2RD2(config)#
370 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
reloadïŒGlobal ConfigurationïŒ
æå®ããçµéæéãŸãã¯åšæçãªæéçµéåŸã«ã·ã¹ãã ã®åèµ·åãè¡ããŸãã"cancelâãªãã·ã§ã³ã䜿çšããããšã§èšå®ãåé€ããŸãã
ææ³
reload { at hour minute { month day | day month } { year } | in hour hour minute minute regularity hour minute { period < daily | weekly day-of-week | monthly day} > } cancel { at | in | regularity } }
⢠reload at â æå®ããæ¥æã«ã¹ã€ããã®åèµ·åããããªããŸãã
ïŒ hour - åèµ·åããæéãæå®ïŒæïŒ (ç¯å²ïŒ 0-23)
ïŒ minute - åèµ·åããæéãæå®ïŒåïŒ(ç¯å²ïŒ0-59)
ïŒ month - åèµ·åããæéãæå®ïŒæïŒ (ç¯å²ïŒjanuary-december)
ïŒ day - åèµ·åããæéãæå®ïŒæ¥ïŒ(ç¯å²ïŒ1-31)
ïŒ year - åèµ·åããæéãæå®ïŒå¹ŽïŒ (ç¯å²ïŒ2001-2050)
⢠reload in â æå®ããæ¥æã«ã¹ã€ããã®åèµ·åããããªããŸãã
ïŒ hour - çµéæéãæå®ïŒæïŒïŒ0-576ïŒ
ïŒ minute - çµéæéãæå®ïŒåïŒïŒRangeïŒ0-59ïŒ
⢠reload regularity â åšæçãªééã§ã¹ã€ããã®åèµ·åããããªããŸãã
ïŒ hour - åèµ·åããæéïŒæïŒ (ç¯å²ïŒ0-23)
ïŒ minute - åèµ·åããæéïŒåïŒ (ç¯å²ïŒ0-59)
ïŒ month - åèµ·åããææ¥ (ç¯å²ïŒMonday-saturday)
ïŒ day - åèµ·åããæ¥ä»ïŒç¯å²ïŒ1-31ïŒ
⢠reload cancel â æå®ããåèµ·åãªãã·ã§ã³ããã£ã³ã»ã«ã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯å šã·ã¹ãã ã®åèµ·åãè¡ããŸãã
⢠åèµ·åãªãã·ã§ã³ã¯ã©ã®ãããªçµã¿åããã§ãæå®ã§ããŸããåæå®æãååã®èšå®ã¯äžæžããããŸãã
⢠ã·ã¹ãã åèµ·åæãPower-Onã»ã«ããã¹ããè¡ãããŸãã"copy running-config startup-config"ïŒP403ïŒã³ãã³ãã§ä¿åãããå šãŠã®èšå®æ å ±ã¯ä¿æãããŸãã
äŸ
30ååŸã«ã¹ã€ãããåèµ·åããèšå®ã§ãã
Console(config)#reload in minute 30****** --- Rebooting at January 1 03:38:34 2001 ---Are you sure to reboot the system at the specified time? <y/n>
371FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
enable
Privileged Execã¢ãŒããæå¹ã«ããéã«äœ¿çšããŸããPrivileged Execã¢ãŒãã§ã¯ä»ã®ã³ãã³ãã䜿çšããããšãã§ããã¹ã€ããã®æ å ±ã衚瀺ããããšãã§ããŸãã詳ãã㯠P365 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
ææ³
enable { level }
⢠level â Privilege Levelã®èšå®
æ¬æ©ã§ã¯ 2ã€ã®ç°ãªãã¢ãŒããååšããŸãã
0: Normal Execã15: Privileged Exec
Privileged Execã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ levelã15ããå ¥åããŠäžããã
åæèšå®
Level 15
ã³ãã³ãã¢ãŒã
Normal Exec
ã³ãã³ã解説
⢠"super"ã Normal Execãã Privileged Execã¢ãŒãã«å€æŽããããã®åæèšå®ãã¹ã¯ãŒãã«ãªããŸãïŒãã¹ã¯ãŒãã®èšå®ã»å€æŽãè¡ãå Žåã¯ãP487 ãenable passwordããåç §ããŠäžããïŒ
⢠ããã³ããã®æåŸã« "#"ã衚瀺ãããŠããå Žåã¯ãPrivileged Execã¢ãŒããè¡šããŸãã
äŸ
é¢é£ããã³ãã³ã
disable ïŒP375ïŒenable password ïŒP487ïŒ
Console>enablePassword: [privileged level password]Console#
372 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
quit
CLIãçµäºããéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec
Privileged Exec
äŸ
æ¬äŸã¯ãCLIã»ãã·ã§ã³ã®çµäºã瀺ããŠããŸãã
Console#quit
Press ENTER to start session
User Access Verification
Username:
373FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
show history
ä¿åãããŠããã³ãã³ãã®å±¥æŽã衚瀺ããéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
æ¬æ©ã«ä¿åã§ããã³ãã³ãå±¥æŽã¯ Executionã³ãã³ããš Configurationã³ãã³ããããããæ倧 10ã³ãã³ãã§ãã
äŸ
æ¬äŸã§ã¯ãã³ãã³ãå±¥æŽãšããŠä¿åãããŠããã³ãã³ãã衚瀺ããŠããŸãã
"!"ã³ãã³ããçšãããšãå±¥æŽã®ã³ãã³ããå®è¡ããããšãå¯èœã§ããNormalåã¯Privileged Execã¢ãŒãæã«ã¯ Executionã³ãã³ãããConfigurationã¢ãŒãæã«ã¯Configurationã³ãã³ãã®å®è¡ãè¡ããŸãã
æ¬äŸã§ã¯ã"!2"ã³ãã³ããå ¥åããããšã§ãExecutionã³ãã³ãå±¥æŽå ã® 2çªç®ã®ã³ãã³ãïŒ"config"ã³ãã³ãïŒãå®è¡ããŠããŸãã
Console#show historyExecution command history:2 config1 show historyConfiguration command history:
4 interface vlan 13 exit2 interface vlan 11 end
Console#
Console#!2Console#configConsole(config)#
374 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
configure
Global Configurationã¢ãŒããæå¹ã«ããå Žåã«äœ¿çšããŸããã¹ã€ããã®èšå®ãè¡ãããã«ã¯ Global Configurationã¢ãŒãã«ããå¿ èŠããããŸããããã« Interface Configuration, Line Configuration, VLAN Database Configurationãªã©ãè¡ãããã«ã¯ããã®å ã®ã¢ãŒãã«ã¢ã¯ã»ã¹ããŸãã詳现㯠P365 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
end ïŒP377ïŒ
disable
Privileged Execãã Normal Execã«å€æŽããéã«äœ¿çšããŸãã
Normal Execã¢ãŒãã§ã¯ãæ¬æ©ã®èšå®åã³çµ±èšæ å ±ã®åºæ¬çãªæ å ±ã®è¡šç€ºããè¡ããŸããããã¹ãŠã®ã³ãã³ãã䜿çšããããã«ã¯ Privileged Execã¢ãŒãã«ããå¿ èŠããããŸãã
詳现㯠P365 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ããã³ããã®æåŸã« ">"ã衚瀺ãããŠããå Žå㯠Normal Execã¢ãŒããè¡šããŸãã
äŸ
é¢é£ããã³ãã³ã
enable ïŒP372ïŒ
Console#configureConsole(config)#
Console#disableConsole>
375FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
reloadïŒPrivileged ExecïŒ
ã·ã¹ãã ã®åèµ·åãè¡ãéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯çŽã¡ã«å šãŠã®ã·ã¹ãã ãåèµ·åããŸãã
⢠Power-Onã»ã«ããã¹ããè¡ãããŸãã"copy running-config startup-config"ïŒP403ïŒã³ãã³ãã§ä¿åãããå šãŠã®èšå®æ å ±ã¯ä¿æãããŸãã
äŸ
æ¬æ©ã®åèµ·åæ¹æ³ã瀺ããŠããŸãã
show reload
çŸåšã®åèµ·åèšå®ãšã次åäºå®ãããŠããåèµ·åã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#reloadSystem will be restarted, continue <y/n>? y
Console#show reload
Reloading switch in time: ããããããã0 hours 29 minutes.
The switch will be rebooted at January 1 02:11:50 2001.Remaining Time: 0 days, 0 hours, 29 minutes, 52 seconds.Console#
376 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
end
Privilegedã¢ãŒãã«æ»ãéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
Interface Configuration
Line Configuration
VLAN Database Configuration
MSTP Configuration
äŸ
æ¬äŸã¯ãInterface Configurationãã Privileged Execã¢ãŒããžã®å€æŽã瀺ããŠããŸãã
exit
Privileged Execã¢ãŒãã«æ»ãå ŽåããCLIãçµäºããå Žåã«äœ¿çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
ãã¹ãŠ
äŸ
Global Configurationã¢ãŒããã Privileged Execã¢ãŒããžã®å€æŽãšãCLIã®çµäºã瀺ããŠããŸãã
Console(config-if)#endConsole#
Console(config)#exitConsole#exit
Press ENTER to start session
User Access Verification
Username:
377FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5 ã·ã¹ãã 管ç
ãã®ã³ãã³ãã¯ã·ã¹ãã ãã°ããŠãŒã¶åããã¹ã¯ãŒããWebã€ã³ã¿ãã§ãŒã¹ã®èšå®ã«äœ¿çšãããŸãããŸããä»ã®ã·ã¹ãã æ å ±ã®è¡šç€ºãèšå®ãè¡ããŸãã
ã³ãã³ã æ©èœ ããŒãžDeviceDesignation æ¬æ©ãç¹å®ããæ å ±èšå® P379
Banner Information
管çäžã®ã³ã³ã¿ã¯ããããã€ã¹èå¥ãäœçœ®æ å ±ãèšå®
P380
System Status 管çè ãã·ã¹ãã ããŒãžã§ã³ãã·ã¹ãã æ å ±ã®è¡šç€º P393
Frame Size ãžã£ã³ããã¬ãŒã ãµããŒãã®æå¹å P400
File Manargement ã³ãŒãã€ã¡ãŒãžãŸãã¯ã¹ã€ããèšå®ãã¡ã€ã«ã®ç®¡ç P401
Line ã·ãªã¢ã«ããŒãã®æ¥ç¶ãã©ã¡ãŒã¿ãèšå® P412
Event Logging ãšã©ãŒã¡ãã»ãŒãžãã°èšå® P426
SMTP Alerts SMTP Eã¡ãŒã«ã¢ã©ãŒããèšå® P435
TimeïŒSystem ClockïŒ
NTP/SNTPãµãŒãã«ããèªåæå»èšå®åã³æåæå»èšå®
P440
Time Range ACLçã§äœ¿çšããã¿ã€ã ã¬ã³ãžã®èšå® P448
Switch Clustering è€æ°ããã€ã¹ã 1ã€ã® IPã¢ãã¬ã¹ã§ç®¡çããèšå® P452
378 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.1 Device Designationã³ãã³ã
hostname
æ¬æ©ã®ãã¹ãåã®èšå®åã³å€æŽãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
hostname name
no hostname
⢠name â ãã¹ãåïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžhostname ãã¹ãåã®èšå® GC P379
snmp-servercontact ã·ã¹ãã ã³ã³ã¿ã¯ãè ã®èšå® GC P462
snmp-serverlocation ã·ã¹ãã ãã±ãŒã·ã§ã³ã®èšå® GC P462
Console(config)#hostname RD#1Console(config)#
379FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.2 Banner Information
ã¹ã€ããã®ã¢ãããã¹ãã¬ãŒã·ã§ã³æ å ±ã®èšå®ãè¡ããŸãã
以äžã®ã³ãã³ãã«ãããããŒã¿ã»ã³ã¿ãŒã®æåšå°ãé»æ°ã»ãããã¯ãŒã¯åç·ã®è©³çŽ°ã管çè ããã³ã³ã³ã¿ã¯ãæ å ±ãèšå®ããããšãã§ããŸãã
ããããã®æ å ±ã¯ãCLIçµç±ã§ã®æ¥ç¶æã«ã®ã¿å©çšå¯èœã§ãã³ã³ãœãŒã«ãŸã㯠Telnetã®æ¥ç¶ã確ç«ããåŸããã«ãèªåçã«è¡šç€ºãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžbanner configure ãã°ã€ã³åã«è¡šç€ºããããããŒæ å ±ã®èšå® GC P381
banner configure company äŒç€Ÿæ å ±ã®èšå® GC P382
banner configure dc-power-info DCé»åæ å ±ã®èšå® GC P383
banner configure department éšéæ å ±ã®èšå® GC P384
banner configureequipment-info è£ çœ®æ å ±ã®èšå® GC P385
banner configureequipment-location è£ çœ®èšçœ®å Žææ å ±ã®èšå® GC P386
banner configure ip-lan IP/LANæ å ±ã®èšå® GC P387
banner configure lp-number LPçªå·æ å ±ã®èšå® GC P388
banner configure manager-info ãããŒãžã£ã³ã³ã¿ã¯ãæ å ±ã®èšå® GC P389
banner configure mux MUXæ å ±ã®èšå® GC P390
banner configure note ãã®ä»æ å ±ã®èšå® GC P391
show banner å šãŠã®ãããŒæ å ±ã®è¡šç€º NE, PE P392
380 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure
æ¬ã³ãã³ãã«ãããã€ã³ã¿ã©ã¯ãã£ãã«ç®¡çæ å ±ãæå®ããããšãã§ããŸãã
ææ³
banner configure
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure
Company: Acme CorporationResponsible department: R&D DeptName and telephone to Contact the management peopleManager1 name: Sr. Network Adminphone number: 123-555-1212Manager2 name: Wile E. Coyotephone number: 123-555-1213Manager3 name: Night-shift Net Admin / Janitorphone number: 123-555-1214The physical location of the equipment.City and street address: 12 Straight St. Motown, ZimbabweInformation about this equipment:Manufacturer: Acme CorporationID: 123_unique_id_numberFloor: 2Row: 7Rack: 29Shelf in this rack: 8Information about DC power supply.Floor: 2Row: 7Rack: 25Electrical circuit: : ec-177743209-xbNumber of LP:12Position of the equipment in the MUX:1/23IP LAN:192.168.1.1Note: This is a random note about this managed switch and can containmiscellaneous information.Console(config)#
381FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure company
ãããŒã«è¡šç€ºããããäŒç€Ÿæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure company name
no banner configure company
⢠name â äŒç€ŸåïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure company Acme_CorporationConsole(config)#
382 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure dc-power-info
ãããŒã«è¡šç€ºããããDCé»åæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure dc-power-info floor floor-id row row-id rack rack-id electrical-circuit ec-id
no banner configure dc-power-info { floor | row | rack | electrical-circuit }
⢠floor-id â ããã¢çªå·ïŒæ倧 32æåïŒ
⢠row-id â ããŒçªå·ïŒæ倧 32æåïŒ
⢠rack-id â ã©ãã¯çªå·ïŒæ倧 32æåïŒ
⢠ec-id â é»æ°åç· IDïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure dc-power-info floor 3 row 15
rack 24ãelectrical-circuit 48v-id_3.15.24.2Console(config)#
383FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure department
ãããŒã«è¡šç€ºããããéšéæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure department dept-name
no banner configure department
⢠dept-name â éšçœ²åïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure department R&DConsole(config)#
384 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure equipment-info
ãããŒã«è¡šç€ºããããæ©åšæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure equipment-info manufacturer-id mfr-id floor floor-id row row-idrack rack-id shelf-rack sr-id manufacturer mfr-name
no banner configure equipment-info { floor | manufacturer |
manufacturer-id | rack | row | shelf-rack}
⢠mfr-id â ããã€ã¹ã¢ãã«çªå·ïŒæ倧 32æåïŒ
⢠floor-id â ããã¢çªå·ïŒæ倧 32æåïŒ
⢠row-id â ããŒçªå·ïŒæ倧 32æåïŒ
⢠rack-id â ã©ãã¯çªå·ïŒæ倧 32æåïŒ
⢠sr-id â ã©ãã¯æ£çªå·ïŒæ倧 32æåïŒ
⢠mfr-name â è£ çœ®è£œé å åïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure equipment-info manufacturer-id switch35 floor 3 row 10 rack 15 shelf-rack 12 manufacturer Acme_CorporationConsole(config)#
385FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure equipment-location
ãããŒã«è¡šç€ºããããããã€ã¹æåšå°æ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure equipment-location location
no banner configure equipment-location
⢠location â ããã€ã¹ã®æåšå°ïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure equipment-location 710_Network_Path,_IndianapolisConsole(config)#
386 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure ip-lan
ãããŒã«è¡šç€ºããããããã€ã¹ IPã¢ãã¬ã¹ããã³ãµãããããã¹ã¯ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure ip-lan ip-mask
no banner configure ip-lan
⢠ip-mask â ããã€ã¹ã® IPã¢ãã¬ã¹ããã³ãµãããããã¹ã¯ïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure ip-lan 192.168.1.1/255.255.255.0Console(config)#
387FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure lp-number
ãããŒã«è¡šç€ºããããLPçªå·æ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure lp-number lp-num
no banner configure lp-number
⢠lp-num â LPçªå·ïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure lp-number 12Console(config)#
388 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure manager-info
ãããŒã«è¡šç€ºãããããããŒãžã£ã³ã³ã¿ã¯ãæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure manager-info name mgr1-name phone-number mgr1-number{ name2 mgr2-name phone-number mgr2-number | name3 mgr3-name phone-number mgr3-number }
no banner configure manager-info { name1 | name2 | name3 }
⢠mgr1-name â ãããŒãžã£ 1ã®ååïŒæ倧 32æåïŒ
⢠mgr1-number â ãããŒãžã£ 1ã®é»è©±çªå·ïŒæ倧 32æåïŒ
⢠mgr2-name â ãããŒãžã£ 2ã®ååïŒæ倧 32æåïŒ
⢠mgr2-number â ãããŒãžã£ 2ã®é»è©±çªå·ïŒæ倧 32æåïŒ
⢠mgr3-name â ãããŒãžã£ 3ã®ååïŒæ倧 32æåïŒ
⢠mgr3-number â ãããŒãžã£ 3ã®é»è©±çªå·ïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure manager-info name Albert_Einstein phone-number 123-555-1212 name2 Lamar phone-number 123-555-1219Console(config)#
389FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure mux
ãããŒã«è¡šç€ºããããMUXæ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure mux muxinfono banner configure mux
⢠muxinfo â ã¹ã€ãããæ¥ç¶ãããŠãããåç·ããã³ PVCæ å ±ïŒæ倧 32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure mux telco-8734212kx_PVC-1/23Console(config)#
390 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
banner configure note
ãããŒã«è¡šç€ºããããã¡ã¢æ å ±ã®èšå®ãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããæ å ±ãåé€ããŸãã
ææ³
banner configure note note-info
no banner configure note
⢠note-info â ä»ã®ãããŒã«ããŽãªã«é©ããŠããªããã®ä»ã®æ å ±ãïŒæ倧 150æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å ¥åããããŒã¿ã«ãã¹ããŒã¹ã¯äœ¿çšã§ããŸããã
äŸ
Console(config)#banner configure note !!!ROUTINE_MAINTENANCE_firmware
ãupgrade_0100-0500_GMT-0500_20071022!!!!!_20min_network_impact_expectedConsole(config)#
391FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show banner
å šãŠã®ãããŒæ å ±ã衚瀺ããŸãã
ææ³
show banner
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show bannerAcme_CorporationWARNING - MONITORED ACTIONS AND ACCESSESR&D_Dept
Albert_Einstein - 123-555-1212Wile_E._Coyote - 123-555-9876Lamar - 123-555-3322
Station's information:710_Network_Path,Indianapolis
Acme_Corporation - switch35Floor / Row / Rack / Sub-Rack7 / 10 / 15 / 6DC power supply:Power Source A: Floor / Row / Rack / Electrical circuit3 / 15 / 24 / 48V-id_3.15.24.2
Number of LP: 4Position MUX: telco-9734212kx_PVC-1/23IP LAN: 216.241.132.3/255.255.255.0Note:!!!!!ROUTINE_MAINTENANCE_firmware-upgrade_0100--0500_GMT-0500_20071022!!!!!_20min_network_impact_expectedConsole#
392 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.3 ã·ã¹ãã æ å ±ã®è¡šç€º
ã·ã¹ãã æ å ±ã衚瀺ããçºã«äœ¿çšããã³ãã³ãã解説ããŸãã
show process cpu
CPU䜿çšçã®ãã©ã¡ãŒã¿ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
çŸåšäœ¿çšãããŠããªã¡ã¢ãªã®å®¹éãšãã¢ã¯ãã£ããªåŠçã«å²ãåœãŠãããã¡ã¢ãªã®å®¹éã衚瀺ããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
show process cpu CPU䜿çšçãã©ã¡ãŒã¿ã衚瀺 NE,PE P393
showrunning-config å®è¡äžã®èšå®ãã¡ã€ã«ã®è¡šç€º PE P394
showstartup-config
ãã©ãã·ã¥ã¡ã¢ãªå ã®ã¹ã¿ãŒãã¢ããèšå®ãã¡ã€ã«ã®å 容ã®è¡šç€º
PE P396
show system ã·ã¹ãã æ å ±ã®è¡šç€º NE,PE P397
show usersçŸåšã³ã³ãœãŒã«åã³ Telnetã§æ¥ç¶ãããŠãããŠãŒã¶ã®ãŠãŒã¶åãæ¥ç¶æéãåã³ Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ã®è¡šç€º
NE,PE P398
show version ã·ã¹ãã ããŒãžã§ã³æ å ±ã®è¡šç€º NE,PE P399
Console#show process cpu CPU Utilization in the past 5 seconds : 3.98%Console#
393FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show running-config
çŸåšå®è¡äžã®èšå®ãã¡ã€ã«ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠起åçšãã¡ã€ã«ãšãå®è¡äžã®èšå®ãã¡ã€ã«ã®å 容ãæ¯èŒããå Žåã«ã¯ "show startup-config"ã³ãã³ããäžç·ã«äœ¿çšããŠäžããã
⢠ããŒã³ãã³ãã¢ãŒãã®èšå®ã衚瀺ãããŸããåã¢ãŒãã®ã°ã«ãŒã㯠"!"ã«ãã£ãŠåããã㊠configurationã¢ãŒããšå¯Ÿå¿ããã¢ãŒãã衚瀺ãããŸãããã®ã³ãã³ãã§ã¯ä»¥äžã®æ å ±ã衚瀺ãããŸãã
ïŒæ¬æ©ã® MACã¢ãã¬ã¹
ïŒ SNTPãµãŒãã®èšå®
ïŒ SNMPã³ãã¥ããã£å
ïŒãŠãŒã¶ïŒãŠãŒã¶ååã³ã¢ã¯ã»ã¹ã¬ãã«ïŒ
ïŒ VLANããŒã¿ããŒã¹ïŒVLAN ID, VLANååã³ç¶æ ïŒ
ïŒåã€ã³ã¿ãã§ãŒã¹ã® VLANèšå®ç¶æ
ïŒ MSTã€ã³ã¹ã¿ã³ã¹ïŒååãšã€ã³ã¿ãã§ãŒã¹ïŒ
ïŒæ¬æ©ã® IPã¢ãã¬ã¹èšå®
ïŒã¬ã€ã€ 4 Precedenceèšå®
ïŒã¹ããã³ã°ããªãŒèšå®ïŒã€ã³ã¿ãã§ãŒã¹èšå®
ïŒã³ã³ãœãŒã«åã³ Telnetã«é¢ããèšå®
394 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
äŸ
é¢é£ããã³ãã³ã
show startup-config ïŒP396ïŒ
Console#show running-configBuilding running configuration. Please wait...!<stackingDB>00</stackingDB>!<stackingMac>01_00-12-cf-f3-de-46_00</stackingMac>!snmp-server community public rosnmp-server community private rw!snmp-server enable traps authentication!!username admin access-level 15username admin password 7 21232f297a57a5a743894a0e4a801fc3username guest access-level 0username guest password 7 084e0343a0486ff05530df6c705c8bb4enable password level 15 7 1b3231655cebb7a1f783eddf27d254ca!
!vlan database VLAN 1 name DefaultVlan media ethernet state active VLAN 4093 media ethernet state active!spanning-tree mst configuration!interface ethernet 1/1 switchport allowed vlan add 1 untagged switchport native vlan 1 switchport allowed vlan add 4093 taggedà E(Ú»óâ¢).!interface ethernet 1/10 switchport allowed vlan add 1 untagged switchport native vlan 1 switchport allowed vlan add 4093 tagged!interface vlan 1 ip address 192.168.1.1 255.255.255.0 ip dhcp client class-id text "FXC Networks"!ip name-server auto!interface vlan 1!line console!line vty!end!Console#
395FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show startup-config
ã·ã¹ãã èµ·åçšã«ä¿åãããŠããèšå®ãã¡ã€ã«ã衚瀺ããããã®ã³ãã³ãã§ãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠å®è¡äžã®èšå®ãã¡ã€ã«ãšãèµ·åçšãã¡ã€ã«ã®å 容ãæ¯èŒããå Žåã«ã¯ "show running-config"ã³ãã³ããäžç·ã«äœ¿çšããŠäžããã
⢠ããŒã³ãã³ãã¢ãŒãã®èšå®ã衚瀺ãããŸããåã¢ãŒãã®ã°ã«ãŒã㯠"!"ã«ãã£ãŠåããã㊠configurationã¢ãŒããšå¯Ÿå¿ããã¢ãŒãã衚瀺ãããŸãããã®ã³ãã³ãã§ã¯ä»¥äžã®æ å ±ã衚瀺ãããŸãïŒ
ïŒæ¬æ©ã® MACã¢ãã¬ã¹
ïŒ SNMPã³ãã¥ããã£å
ïŒ SNMPãã©ããèªèšŒ
ïŒ RMONã¢ã©ãŒã èšå®
ïŒãŠãŒã¶ïŒãŠãŒã¶ååã³ã¢ã¯ã»ã¹ã¬ãã«ïŒïŒ VLANããŒã¿ããŒã¹ïŒVLAN ID, VLANååã³ç¶æ ïŒ
ïŒ MSTã€ã³ã¹ã¿ã³ã¹ïŒååãšã€ã³ã¿ãã§ãŒã¹ïŒ
ïŒåã€ã³ã¿ãã§ãŒã¹ã® VLANèšå®ç¶æ
ïŒæ¬æ©ã® IPã¢ãã¬ã¹èšå®
ïŒã³ã³ãœãŒã«åã³ Telnetã«é¢ããèšå®
äŸ
ãshow running-configãã®å 容ãåç §ããŠãã ããã
é¢é£ããã³ãã³ã
show running-config ïŒP394ïŒ
396 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show system
ã·ã¹ãã æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠ã³ãã³ãã䜿çšããŠè¡šç€ºãããå 容ã«é¢ããŠã®è©³çŽ°ã¯ P23 ãã·ã¹ãã æ å ±ã®è¡šç€ºããåç §ããŠäžããã
⢠"POST result"ã¯æ£åžžæã«ã¯ãã¹ãŠ "PASS"ãšè¡šç€ºãããŸãã"POST result"ã« "FAIL"ããã£ãå Žåã«ã¯è²©å£²åºããŸãã¯ãµããŒããŸã§é£çµ¡ããŠäžããã
äŸ
Console#show systemSystem Description : FXC3110System OID String : 1.3.6.1.4.1.25574.10.1.11System Information System Up Time : 0 days, 4 hours, 52 minutes, and 7.33 seconds System Name : System Location : System Contact : MAC Address (Unit 1) : 00-12-CF-F3-DE-46 Web Server : Enabled Web Server Port : 80 Web Secure Server : Enabled Web Secure Server Port : 443 Telnet Server : Enabled Telnet Server Port : 23 Jumbo Frame : Disabled
POST Result:Console#
397FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show users
ã³ã³ãœãŒã«åã³ Telnetã§æ¥ç¶ãããŠãããŠãŒã¶ã®æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãããŠãŒã¶åãæ¥ç¶æéåã³ Telnetæ¥ç¶æã® IPã¢ãã¬ã¹ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
ã³ãã³ããå®è¡ãããŠãŒã¶ã¯è¡ã®å é ã« "*"ã衚瀺ãããŠããŸãã
äŸ
Console#show users User Name Accounts: User Name Privilege Public-Key -------------------------------- --------- ---------- admin 15 None guest 0 None
Online Users: Line User Name Idle time (h:m:s) Remote IP addr ------- ------------------------ ----------------- ---------------
* Console admin ã0:00:00
Web Online Users: Line User Name Idle time (h:m:s) Remote IP Addr ----- -------------------------- ----------------- --------------- HTTP admin 0:00:04 192.168.1.20
Console#
398 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show version
ããŒããŠã§ã¢ãšãœãããŠã§ã¢ã®ããŒãžã§ã³æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
衚瀺ãããæ å ±ã«é¢ãã詳现㯠P24 ãããŒããŠã§ã¢åã³ãœãããŠã§ã¢ããŒãžã§ã³ã®è¡šç€ºããåç §ããŠäžããã
äŸ
Console#show versionUnit 1 Serial Number : A951019539 Hardware Version : R0A EPLD Version : 0.00 Number of Ports : 10 Main Power Status : Up Redundant Power Status : Not present Role : Master Loader Version : 0.0.1.5 Linux Kernel Version : 2.6.22.18 Boot ROM Version : 0.0.0.1 Operation Code Version : 1.1.0.6
Console#
399FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.4 ãã¬ãŒã ãµã€ãºã³ãã³ã
jumbo frame
ãžã£ã³ããã¬ãŒã ã®äœ¿çšãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ãšãªããŸãã
ææ³
jumbo frame
no jumbo frame
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©ã§æ倧 9216byteãŸã§ã®ãžã£ã³ããã¬ãŒã ã«å¯Ÿå¿ããããšã§å¹ççãªããŒã¿è»¢éãå®çŸããŸããéåžž 1.5KBãŸã§ã®ã€ãŒãµããããã¬ãŒã ã«æ¯ã¹ãžã£ã³ããã¬ãŒã ã䜿çšããããšã§åãã±ããã®ãªãŒãããããçž®å°ãããŸãã
⢠ãžã£ã³ããã¬ãŒã ã䜿çšããå Žåã¯ãéä¿¡åŽåã³åä¿¡åŽïŒãµãŒãã PCçïŒãã©ã¡ããæ¬æ©èœããµããŒãããŠããå¿ èŠããããŸãããŸã Full-Duplexæã«ã¯ 2ã€ã®ãšã³ãããŒãéã®ã¹ã€ããã®ãã¹ãŠãæ¬æ©èœã«å¯Ÿå¿ããŠããå¿ èŠããããŸããHalf-Duplexæã«ã¯ã³ãªãžã§ã³ãã¡ã€ã³å ã®å šãŠã®ããã€ã¹ãæ¬æ©èœã«å¯Ÿå¿ããŠããå¿ èŠããããŸãã
⢠ãžã£ã³ããã¬ãŒã ã䜿çšãããšããããŒããã£ã¹ãå¶åŸ¡ã®æ倧ãããå€ãå¶éãããŸããïŒè©³çŽ°ã¯ãP625 ãswitchport packet-rateãã³ãã³ããåç §ããŠäžããïŒ
⢠ãžã£ã³ããã¬ãŒã ã®çŸåšã®èšå®å 容㯠âshow systemâã³ãã³ãïŒP397ïŒã§ç¢ºèªãã§ããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžjumbo frame ãžã£ã³ããã¬ãŒã ã®å©çš GC P400
Console(config)#jumbo frameConsole(config)#
400 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.5 ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
ãã¡ãŒã ãŠã§ã¢ã®ç®¡ç
FTP/TFTPãµãŒãããããã¡ãŒã ãŠã§ã¢ã®ã¢ããããŒãããã³ããŠã³ããŒããå¯èœã§ããFTP/TFTPãµãŒãã§ããã¡ã€ã«ãžã©ã³ã¿ã€ã ã³ãŒããã»ãŒãããããšã«ãã£ãŠããã®ãã¡ã€ã«ãåŸã«ã¹ã€ãããžããŠã³ããŒãããããšã§ãªãã¬ãŒã·ã§ã³ã埩掻ããããšãå¯èœã§ããæ¬æ©ã¯ãŸãã以åã®ããŒãžã§ã³ãäžæžãããã«æ°ãããã¡ãŒã ãŠã§ã¢ã䜿çšããããã«èšå®ããããšãå¯èœã§ããã©ã³ã¿ã€ã ã³ãŒããããŠã³ããŒãããéãçŸåšã®ã€ã¡ãŒãžã眮ãæãããæåã®ãã¡ã€ã«ãšã¯å¥ã®ãã¡ã€ã«åã䜿çšããŠããŠã³ããŒããããããšãåºæ¥ãŸãã®ã§ãããŠã³ããŒãåŸã«æ°ãããã¡ã€ã«ãèµ·åãã¡ã€ã«ãšããŠèšå®ããŠãã ããã
èšå®ã®ã»ãŒããŸãã¯ãªã¹ãã¢
FTP/TFTPãµãŒããããèšå®ãã¡ã€ã«ã®ã¢ããããŒãããã³ããŠã³ããŒããå¯èœã§ããèšå®ãã¡ã€ã«ã¯åŸã«ã¹ã€ããã®èšå®ããªã¹ãã¢ããããã«äœ¿çšã§ããŸããèšå®ãã¡ã€ã«ã¯æ°ãããã¡ã€ã«åã§ããŠã³ããŒããããèµ·åãã¡ã€ã«ãšããŠèšå®ããããçŸåšã®èµ·åãã¡ã€ã«ããã£ã¹ãã£ããŒã·ã§ã³ãã¡ã€ã«ãšããŠæå®ããããã¡ã€ã«åã§ãã€ã¬ã¯ãã«çœ®ãæããããšãã§ããŸãã
"Factory_Default_Config.cfg"㯠FTP/TFTPãµãŒãã«ã³ããŒããããšã¯å¯èœã§ããããã£ã¹ãã£ããŒã·ã§ã³ãšããŠäœ¿çšããããšã¯åºæ¥ãŸããã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžboot system ã·ã¹ãã èµ·åãã¡ã€ã«ãã€ã¡ãŒãžã®èšå® GC P402
copy ã³ãŒãã€ã¡ãŒãžãèšå®ãã¡ã€ã«ã®ãã©ãã·ã¥ã¡ã¢ãªãžã®ã³ããŒã TFTPãµãŒãéã®ã³ããŒ
PE P403
delete ãã¡ã€ã«ãã³ãŒãã€ã¡ãŒãžã®åé€ PE P406
dir ãã©ãã·ã¥ã¡ã¢ãªå ã®ãã¡ã€ã«ã®äžèŠ§ã®è¡šç€º PE P407
whichboot ããŒããã¡ã€ã«ã®è¡šç€º PE P408
èªåã³ãŒãã¢ããã°ã¬ãŒãã³ãã³ãupgrade opcode auto
æå®ãããµãŒãã«æ°ããããŒãžã§ã³ãèŠã€ãã£ãæãçŸåšã®ã€ã¡ãŒãžãèªåã¢ããã°ã¬ãŒãã
GC P409
upgrade opcode path
FTP/TFTPãµãŒãã®æå®ãšæ°ãããªãã¬ãŒã·ã§ã³ã³ãŒããä¿åããããã£ã¬ã¯ããªãæå®
GC P411
401FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
boot system
ã·ã¹ãã èµ·åã«äœ¿çšãããã¡ã€ã«åã¯ã€ã¡ãŒãžãæå®ããéã«å©çšããŸãã
ææ³
boot system < boot-rom | config | opcode > : filename
èšå®ãããã¡ã€ã«ã¿ã€ãã¯ä»¥äžã®éãã§ãã
⢠boot-rom â ããŒã ROM
⢠config â èšå®ãã¡ã€ã«
⢠opcode â ã©ã³ã¿ã€ã ãªãã¬ãŒã·ã§ã³ã³ãŒã
⢠filename â ãã¡ã€ã«ãŸãã¯ã€ã¡ãŒãžå
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¡ã€ã«ã¿ã€ãã®æå®ã®åŸã«ã¯ã³ãã³ïŒ:ïŒãå¿ èŠã§ãã
⢠ãã¡ã€ã«ã«ãšã©ãŒãããå Žåã«ã¯ãèµ·åãã¡ã€ã«ã«èšå®ã§ããŸããã
äŸ
é¢é£ããã³ãã³ã
dirïŒP407ïŒwhichbootïŒP408ïŒ
Console(config)#boot system config: startupConsole(config)#
402 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
copy
ã³ãŒãã€ã¡ãŒãžã®ã¢ããããŒããããŠã³ããŒããèšå®ãã¡ã€ã«ã®æ¬æ©ãFTP/TFTPãµãŒãéã®ã¢ããããŒããããŠã³ããŒããè¡ããŸãã
ã³ãŒãã€ã¡ãŒãžãèšå®ãã¡ã€ã«ã FTP/TFTPãµãŒãã«çœ®ããŠããå Žåã«ã¯ããããã®ãã¡ã€ã«ãæ¬æ©ã«ããŠã³ããŒããã·ã¹ãã èšå®çã眮ãæããããšãã§ããŸãããã¡ã€ã«è»¢éã¯TFTPãµãŒãã®èšå®ããããã¯ãŒã¯ç°å¢ã«ãã£ãŠã¯å€±æããå ŽåããããŸãã
ææ³
copy file < file | ftp | running-config | startup-config | tftp >
copy running-config < file | ftp | startup-config | tftp >
copy startup-config < file | ftp | running-config | tftp >
copy tftp < file | running-config | startup-config | public-key >
⢠file â ãã¡ã€ã«ã®ã³ããŒãå¯èœã«ããããŒã¯ãŒã
⢠ftp â FTPãµãŒããã (ãŸã㯠FTPãµãŒããŒãžïŒã®ã³ããŒãè¡ãããŒã¯ãŒã
⢠public-key â TFTPãµãŒããã SSHããŒãã³ããŒïŒè©³çŽ°ã¯ã516 ããŒãžã®ãSecure Shellã³ãã³ãããåç §ïŒ
⢠running-config â å®è¡äžã®èšå®ãã³ããŒããããŒã¯ãŒãã
⢠startup-config â ã·ã¹ãã ã®åæåã«äœ¿çšããèšå®
⢠tftp â TFTPãµãŒããã (ãŸã㯠TFTPãµãŒããŒãžïŒã®ã³ããŒãè¡ãããŒã¯ãŒã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ããŒã¿ãã³ããŒããããã«å®å šãªã³ãã³ãã®å ¥åãå¿ èŠã§ãã
⢠ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããŸãããã¡ã€ã«åã«ã¯ã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã¯äœ¿çšã§ããŸããããã¡ã€ã«åã®æåã®æåã«ããªãªã (ïŒ)ã¯äœ¿çšã§ããŸããããã¡ã€ã«åã®é·ã㯠FTP/TFTPãµãŒãäžã§ã¯ 124æå以äžãæ¬æ©äžã¯ 31æå以äžãšãªããŸãïŒãã¡ã€ã«åã«äœ¿çšã§ããæå㯠A-Z, a-z, 0-9, "." , "-", "_"ã§ãïŒ
⢠ãã©ãã·ã¥ã¡ã¢ãªå®¹éã®å¶éã«ããããªãã¬ãŒã·ã§ã³ã³ãŒã㯠2ã€ã®ã¿ä¿åå¯èœã§ãã
⢠ãŠãŒã¶èšå®ãã¡ã€ã«æ°ã¯ãã©ãã·ã¥ã¡ã¢ãªã®å®¹éã«äŸåããŸãã
⢠"Factory_Default_Config.cfg"ã䜿çšããå·¥å Žåºè·æèšå®ãã³ããŒå ã«ããããšã¯ã§ããŸããã" Factory_Default_Config.cfg"ãã³ããŒå ã«æå®ããããšã¯ã§ããŸããã
403FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
⢠起åæã®èšå®ãå€æŽããããã«ã¯ "startup-config"ãã³ããŒå ã«ããå¿ èŠããããŸãã
⢠ããŒã ROMãšããŒã㯠FTP/TFTPãµãŒãããããŠã³ããŒããã§ããŸãããã¹ã€ãããããã¡ã€ã«ãµãŒããžã®ã¢ããããŒãã¯ã§ããŸããã
⢠"http-certificate"ã®èšå®ã«ã€ããŠã¯ã197 ããŒãžã®ããµã€ã蚌ææžã®çœ®ãæãããåç §ããŠäžãããHTTPsãçšããé«ã»ãã¥ãªãã£ã確ä¿ããæ¥ç¶ãè¡ãããã®æ¬æ©ã®èšå®ã«ã€ããŠã¯ã511 ããŒãžã®ãip http secure-serverããåç §ããŠäžããã
äŸ
æ¬äŸã§ã¯ãTFTPãµãŒãããã®æ°ãããã¡ãŒã ãŠã§ã¢ã®ããŠã³ããŒãã瀺ããŠããŸãã
æ¬äŸã§ã¯ãTFTPãµãŒããå©çšããèšå®ãã¡ã€ã«ã®ã¢ããããŒãã瀺ããŠããŸãã
æ¬äŸã§ã¯å®è¡ãã¡ã€ã«ã®èµ·åãã¡ã€ã«ãžã®ã³ããŒã瀺ããŠããŸãã
Console#copy tftp fileTFTP server ip address: 10.1.0.19Choose file type: 1. config: 2. opcode: <1-2>: 2Source file name: m360.bixDestination file name: m360.bix\Write to FLASH Programming.-Write to FLASH finish.Success.Console#
Console#copy file tftpChoose file type:1. config: 2. opcode: <1-2>: 1Source file name: startupTFTP server ip address: 10.1.0.99Destination file name: startup.01TFTP completed.Success.
Console#
Console#copy running-config filedestination file name: startupWrite to FLASH Programming.\Write to FLASH finish.Success.
Console#
404 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
æ¬äŸã§ã¯ãèšå®ãã¡ã€ã«ã®ããŠã³ããŒãæ¹æ³ã瀺ããŠããŸãã
æ¬äŸã§ã¯ãTFTPãµãŒããã SSHã§äœ¿çšããããã®å ¬éããŒãã³ããŒããŠããŸããSSHã«ããå ¬éããŒèªèšŒã¯ãæ¬æ©ã«å¯ŸããŠèšå®æžã¿ã®ãŠãŒã¶ã«å¯ŸããŠã®ã¿å¯èœã§ããããšã«æ³šæããŠäžããã
以äžã¯ãã¡ã€ã«ã FTPãµãŒãã«ã³ããŒããæ¹æ³ã瀺ããŠããŸãã
Console#copy tftp startup-configTFTP server ip address: 10.1.0.99Source configuration file name: startup.01Startup configuration file name [startup]:Write to FLASH Programming.
\Write to FLASH finish.Success.
Console#
Console#copy tftp public-keyTFTP server IP address: 192.168.1.19Choose public key type: 1. RSA: 2. DSA: <1-2>: 1Source file name: steve.pubUsername: steveTFTP DownloadSuccess.Write to FLASH Programming.Success.Console#
Console#copy ftp fileFTP server IP address: 169.254.1.11User[anonymous]: adminPassword[]: *****Choose file type:
ã1. config: 2. opcode: 4. diag: 5. loader: <1,2,4,5>: 2Source file name: BLANC.BIXDestination file name: BLANC.BIXConsole#
405FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
delete
ãã¡ã€ã«ãã€ã¡ãŒãžãåé€ããéã«å©çšããŸãã
ææ³
delete filename
⢠filename â èšå®ãã¡ã€ã«ãŸãã¯ã€ã¡ãŒãžãã¡ã€ã«å
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ã¹ã¿ãŒãã¢ãããã¡ã€ã«ã¯åé€ããããšãã§ããŸããã
⢠"Factory_Default_Config.cfg"ã¯åé€ããããšãã§ããŸããã
äŸ
æ¬äŸã§ã¯ãã©ãã·ã¥ã¡ã¢ãªããã®èšå®ãã¡ã€ã« "test2.cfg"ã®åé€ã瀺ããŠããŸãã
é¢é£ããã³ãã³ã
dir ïŒP407ïŒdelete public-keyïŒP522ïŒ
Console#delete test2.cfgConsole#
406 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
dir
ãã©ãã·ã¥ã¡ã¢ãªå ã®ãã¡ã€ã«ã®äžèŠ§ã衚瀺ãããéã«å©çšããŸãã
ææ³
dir { boot-rom | config | opcode : filename }
衚瀺ãããã¡ã€ã«ãã€ã¡ãŒãžã¿ã€ãã¯ä»¥äžã®ãšããã§ã :
⢠boot-rom â ããŒã ROMåã¯ã蚺æã€ã¡ãŒãžãã¡ã€ã«
⢠config â èšå®ãã¡ã€ã«
⢠opcode â Run-time operation codeã€ã¡ãŒãžãã¡ã€ã«
⢠filename â ãã¡ã€ã«åã¯ã€ã¡ãŒãžåããã¡ã€ã«ãååšããŠããã¡ã€ã«å ã«ãšã©ãŒãããå Žåã«ã¯è¡šç€ºã§ããŸããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ãå ¥åããã« "dir"ã³ãã³ãã®ã¿ãå ¥åããå Žåã«ã¯ãã¹ãŠã®ãã¡ã€ã«ã衚瀺ãããŸãã
⢠衚瀺ããããã¡ã€ã«ã®æ å ±ã¯ä»¥äžã®è¡šã®éãã§ã
äŸ
æ¬äŸã¯ããã¹ãŠã®ãã¡ã€ã«æ å ±ã®è¡šç€ºã瀺ããŠããŸãã
é ç® è§£èª¬
file name ãã¡ã€ã«å
file type ãã¡ã€ã«ã¿ã€ãïŒBoot-RomãOperation CodeãConfig file
startup èµ·åæã«äœ¿çšãããŠãããã©ãã
Create Time ãã¡ã€ã«ãäœæãããæ¥æ
size ãã¡ã€ã«ãµã€ãº (byte)
Console#dir
File Name Type ããStartup Modify Time ãSize(bytes)----------------------- ------------ ------- ----------------- ---------Unit 1:es3510ma-flf-xc_v1.1.0.6.bix OpCode Y 1970-01-01 00:00:00 11351388Factory_Default_Config.cfg Config N 2009-11-17 11:56:32 455startup1.cfg Config N 2010-03-29 16:07:08 2302startup2 Config Y 2010-03-29 16:09:10 2323------------------------------------------------------------------------ Free space for compressed user config files: 1085440Console#
407FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
whichboot
çŸåšãæ¬æ©ãã©ã®ãã¡ã€ã«ããèµ·åãããŠãããã衚瀺ããŸãã
ææ³
whichboot
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#whichboot
File Name Type Startup ãModify Time Size(bytes)-------------------------- ------- ------- ----------------- ----------- Unit 1:es3510ma-flf-xc_v1.1.0.6.bix OpCode Y 1970-01-01 00:00:00 11351388startup2 Config Y 2010-03-29 16:09:10 2323Console#
408 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
upgrade opcode auto
"upgrade opcode path"ã³ãã³ãã§æå®ããããµãŒãã«ãæ°ããããŒãžã§ã³ãæ€åºãããæãçŸåšã®ãªãã¬ãŒã·ã§ã³ã³ãŒããèªåã§ã¢ããã°ã¬ãŒãããŸãã"no"ã䜿çšããããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
upgrade opcode auto
no upgrade opcode auto
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ããªãã¬ãŒã·ã§ã³ã³ãŒãã®èªåã¢ããã°ã¬ãŒããæå¹ãŸãã¯ç¡å¹ã«ããŸããæ¬ã³ãã³ãã«ããèªåã€ã¡ãŒãžã¢ããã°ã¬ãŒããæå¹ã«ããå Žåãã¹ã€ããã¯èµ·åæã«ä»¥äžã®ããã»ã¹ãè¡ããŸãã
ïŒ1ïŒ"upgrade opcode path"ã³ãã³ãïŒP411ïŒã§æå®ãããå Žæã§ã€ã¡ãŒãžã®æ°ããããŒãžã§ã³ãæ€çŽ¢ããŸããFTP/TFTPãµãŒãã«ä¿åãããæ°ããã€ã¡ãŒãžã®åå㯠"FXC3110.bix"ã«ããŠãã ãããã¹ã€ãããçŸåšäœ¿çšããŠãããããæ°ããã³ãŒãããŒãžã§ã³æ€åºããå Žåãæ°ããã€ã¡ãŒãžãããŠã³ããŒãããŸããããæ¢ã« 2ã€ã®ã€ã¡ãŒãžãã¹ã€ããã«ä¿åãããŠããå Žåãèµ·åãã¡ã€ã«ã«èšå®ãããŠããªãã€ã¡ãŒãžãæ°ããããŒãžã§ã³ã§äžæžããããŸãã
ïŒ2ïŒã€ã¡ãŒãžã®ããŠã³ããŒãåŸãã¹ã€ããã¯ãã°ãžã¢ããã°ã¬ãŒããªãã¬ãŒã·ã§ã³ãæåãããåŠãã®ãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
ïŒ3ïŒæ°ããããŒãžã§ã³ãã¹ã¿ãŒãã¢ããã€ã¡ãŒãžãšããŠèšå®ããŸãã
ïŒ4ïŒæ°ããã€ã¡ãŒãžã䜿çšããããã«ã·ã¹ãã ã®åèµ·åãè¡ããŸãã
⢠åæèšå®ã«å¯ŸããŠè¡ãããå€æŽã¯ "show running-config"ïŒP394ïŒãŸã㯠"show startup-config"ïŒP396ïŒã³ãã³ãã§è¡šç€ºãããŸãã
äŸ
Console(config)#upgrade opcode autoConsole(config)#upgrade opcode path tftp://192.168.0.1/sm24/Console(config)#
409FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
æå®ãããå Žæã«æ°ããã€ã¡ãŒãžãèŠã€ãã£ãå Žåãã·ã¹ãã èµ·åæã«ä»¥äžã®ã¿ã€ãã®ã¡ãã»ãŒãžã衚瀺ãããŸãã
.
.
.Automatic Upgrade is looking for a new imageNew image detected: current version 1.1.1.0; new version 1.1.1.2Image upgrade in progressThe switch will restart after upgrade succeedsDownloading new imageFlash programming startedFlash programming completedThe switch will now restart ...
410 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
upgrade opcode path
æ°ãããªãã¬ãŒã·ã§ã³ã³ãŒããä¿åããã FTP/TFTPãµãŒãããã³ãã£ã¬ã¯ããªãæå®ããŸãã"no"ãåã«çœ®ãããšã§çŸåšã®èšå®ãåé€ããŸãã
ææ³
upgrade opcode path opcode-dir-url
no upgrade opcode path
⢠opcode-dir-url â æ°ããã³ãŒãã®å Žæ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã§æå®ããå Žæã«ä¿åãããæ°ãããªãã¬ãŒã·ã§ã³ã³ãŒãã®èªåã¢ããã°ã¬ãŒããè¡ããŸãã
⢠FTP/TFTPãµãŒãã«ä¿åãããæ°ããã€ã¡ãŒãžã®åå㯠"FXC3110.bix"ã«ããŠãã ããããã¡ã€ã«åã¯ãã®ã³ãã³ãã«å«ãŸããŸããã
⢠TFTPãµãŒããæå®ããæãfiledirãæ°ããã€ã¡ãŒãžãå«ãŸãããã£ã¬ã¯ããªãžã®ãã¹ã瀺ãã«ã¯ä»¥äžã®ææ³ã䜿ãããŸãããtftp://192.168.0.1[/filedir]
⢠FTPãµãŒããæå®ããæãfiledirãæ°ããã€ã¡ãŒãžãå«ãŸãããã£ã¬ã¯ããªãžã®ãã¹ã瀺ãã«ã¯ä»¥äžã®ææ³ã䜿ãããŸãããftp://[username[:password@]]192.168.0.1[/filedir]/ãŠãŒã¶åãçç¥ãããå Žåã"Anonymous"ãæ¥ç¶ã«äœ¿çšãããŸãããã¹ã¯ãŒããçç¥ãããå Žåãç©ºçœ ""ãæ¥ç¶ã«äœ¿çšãããŸãã
äŸ
TFTPãµãŒãã§æ°ããã³ãŒããä¿åãããŠããå Žæãæå®ããŠããŸãã
äŸ
FTPãµãŒãã§æ°ããã³ãŒããä¿åãããŠããå Žæãæå®ããŠããŸãã
Console(config)#upgrade opcode path tftp://192.168.0.1/sm24/Console(config)##
Console(config)#upgrade opcode path ftp://admin:[email protected]/sm24/Console(config)#
411FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.6 Line ïŒã©ã€ã³ã³ãã³ãïŒ
VT100äºæã®ããã€ã¹ã䜿çšããã·ãªã¢ã«ããŒãçµç±ã§æ¬æ©ã®ç®¡çããã°ã©ã ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããæ¬ã³ãã³ãã¯ã·ãªã¢ã«ããŒãæ¥ç¶åã³ Telnet端æ«ãšã®æ¥ç¶ã®èšå®ãè¡ãããã«äœ¿çšãããŸãã
*ãããã®èšå®ã¯ã·ãªã¢ã«ããŒãã«ã®ã¿é©çšãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
line ã³ã³ãœãŒã«æ¥ç¶ã®èšå®åã³ line configurationã¢ãŒãã®éå§
GC P413
accounting execèªå¯ã¡ãœãããããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ã«é©çš
LC P506
authorization execèªèšŒã¡ãœãããããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ã«é©çš
LC P507
databits* åæåãããã®ããŒã¿ãããã®èšå® LC P417
exec-timeout æ¥ç¶æã®ã¿ã€ã ã¢ãŠããŸã§ã®ã€ã³ã¿ãŒãã«æéã®èšå®
LC P415
login ã³ã³ãœãŒã«æ¥ç¶æã®ãã¹ã¯ãŒãã®æå¹å LC P416
parity* ããªãã£ãããçæã®èšå® LC P414
password ã³ã³ãœãŒã«æ¥ç¶æã®ãã¹ã¯ãŒãã®èšå® LC P418
password-thresh ãã¹ã¯ãŒãå ¥åæã®ãªãã©ã€æ°ã®èšå® LC P419
silent-time* ãã°ã€ã³ã«å€±æããåŸã®ã³ã³ãœãŒã«ç¡å¹æéã®èšå®
LC P420
speed* ããŒã¬ãŒãã®èšå® LC P421
stopbits* 1byteãããã®ã¹ããããããå€ã®èšå® LC P422
timeout loginresponse CLIã®ãã°ã€ã³å ¥ååŸ ã¡æéã®èšå® LC P423
disconnect Lineæ¥ç¶ãçµäº PE P422
show line ã¿ãŒããã«æ¥ç¶ã®èšå®æ å ±ã衚瀺 NE,PE P425
412 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
Line
Lineã®èšå®ãè¡ãããã«äœ¿çšããŸãããŸããæ¬ã³ãã³ãã䜿çšããåŸã詳现ãªèšå®ãè¡ããŸãã
ææ³
line <console | vty >
⢠console â ã³ã³ãœãŒã«æ¥ç¶
⢠vty â ä»®æ³ã¿ãŒããã«ã®ããã®ãªã¢ãŒãã³ã³ãœãŒã«æ¥ç¶
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
Telnetã¯ä»®æ³ã¿ãŒããã«ã®äžéšãšãªã "show users"ã³ãã³ãã䜿çšããå Žåãªã©ã¯ "vty"ãšè¡šç€ºãããŸããäœãã"databits"ãªã©ã®ã·ãªã¢ã«æ¥ç¶ã®ãã©ã¡ãŒã¿ã¯ Telnetæ¥ç¶ã«åœ±é¿ããŸããã
äŸ
æ¬äŸã§ã¯ã³ã³ãœãŒã«ã©ã€ã³ã¢ãŒãã«å ¥ãããã®äŸã瀺ããŠããŸãã
é¢é£ããã³ãã³ã
show lineïŒP425ïŒshow usersïŒP398ïŒ
Console(config)#line consoleConsole(config-line)#
413FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
databits
ã³ã³ãœãŒã«ããŒãã§çæãããåæåãããã®ããŒã¿ãããã®å€ãèšå®ããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
databits < 7 | 8 >
no databits
⢠7ïŒ 7ããŒã¿ããã
⢠8ïŒ 8ããŒã¿ããã
åæèšå®
8ããŒã¿ããã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
ããªãã£ãçæãããŠããå Žå㯠7ããŒã¿ãããããããªãã£ãçæãããŠããªãå Žå (no parity)㯠8ããŒã¿ããããæå®ããŠäžããã
äŸ
æ¬äŸã§ã¯ 7ããŒã¿ãããã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
parityïŒP414ïŒ
Console(config-line)#databits 7Console(config-line)#
414 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
exec-timeout
ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠãæéã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã¿ã€ã ã¢ãŠãæéã®èšå®ãåé€ããŸãã
ææ³
exec-timeout seconds
no exec-timeout
⢠seconds â ã¿ã€ã ã¢ãŠãæéïŒç§ïŒïŒ0 - 65535ïŒç§ïŒã0ïŒã¿ã€ã ã¢ãŠãèšå®ãªãïŒ
åæèšå®
10å
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠èšå®æéå ã«å ¥åãè¡ãªãããå Žåãæ¥ç¶ã¯ç¶æãããŸããèšå®æéå ã«å ¥åããªãã£ãå Žåã«ã¯æ¥ç¶ã¯åæãããã¿ãŒããã«ã¯åŸ æ©ç¶æ ãšãªããŸãã
⢠æ¬ã³ãã³ãã¯ã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã®äž¡æ¹ã«æå¹ãšãªããŸãã
⢠Telnetã®ã¿ã€ã ã¢ãŠããç¡å¹ã«ããããšã¯ã§ããŸããã
äŸ
æ¬äŸã§ã¯ã¿ã€ã ã¢ãŠãæéã 120ç§ïŒ2åïŒã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
silent-timeïŒP420ïŒtimeout login responseïŒP423ïŒ
Console(config-line)#exec-timeout 120Console(config-line)#
415FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
login
ãã°ã€ã³æã®ãã¹ã¯ãŒããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ãŒãã®ç¢ºèªãç¡å¹ã«ãããã¹ã¯ãŒããªãã§ã¢ã¯ã»ã¹ããããšãå¯èœã«ãªããŸãã
ææ³
login { local }
no login
⢠local â ããŒã«ã«æ¥ç¶æã®ãã¹ã¯ãŒããæå¹ãšãªã£ãŠããŸããèªèšŒã¯ "username"ã³ãã³ãã§èšå®ãããŠãŒã¶åãå ã«è¡ããŸãã
åæèšå®
login local
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠æ¬æ©ãžã®ãã°ã€ã³ã«ã¯ 3çš®é¡ã®èªèšŒã¢ãŒãããããŸãã
ïŒ loginãéžæããå Žåãã³ã³ãœãŒã«æ¥ç¶çšã®ã³ãã³ã㯠1ã€ã ãã«ãªããŸãããã®å Žå管çã€ã³ã¿ãã§ãŒã¹ã¯ Normal Exec (NE)ã¢ãŒããšãªããŸãã
ïŒ login localãéžæããå Žåã"usaname"ã³ãã³ãã䜿çšããŠæå®ãããŠãŒã¶åãšãã¹ã¯ãŒãã䜿çšããŠãŠãŒã¶èªèšŒãè¡ãªãããŸãããã®å Žåã管çã€ã³ã¿ãã§ãŒã¹ã¯å ¥åãããŠãŒã¶ã®ãŠãŒã¶ã¬ãã«ã«å¿ã㊠Normal Exec (NE)ã¢ãŒãå㯠Privileged Exec (PE)ã¢ãŒãã®ã©ã¡ããã«ãªããŸãã
ïŒ no loginãéžæãããšèªèšŒã¯ãªããªããŸãããã®å Žåã管çã€ã³ã¿ãã§ãŒã¹ã¯Normal Exec(NE)ã¢ãŒããšãªããŸãã
⢠æ¬ã³ãã³ãã¯ãŠãŒã¶èªèšŒãæ¬äœã§è¡ãå Žåã®ãã®ã§ããèªèšŒãµãŒãã䜿çšããŠãŠãŒã¶åãšãã¹ã¯ãŒãã®èšå®ãè¡ãå Žåã«ã¯ RADIUSå㯠TACACS+ãœãããŠã§ã¢ããµãŒãã«ã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
usernameïŒP488ïŒpasswordïŒP418ïŒ
Console(config-line)#login localConsole(config-line)#
416 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
parity
ããªãã£ãããã®èšå®ã®ããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
parity < none | even | odd >
no parity
⢠none ïŒ ããªãã£ç¡ã
⢠evenïŒ å¶æ°ããªãã£
⢠oddïŒ å¥æ°ããªãã£
åæèšå®
ããªãã£ç¡ã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
æ¥ç¶ããã¿ãŒããã«ãã¢ãã ãªã©ã®æ©åšã«ãã£ãŠã¯åã ã®ããªãã£ãããã®èšå®ãèŠæ±ããå ŽåããããŸãã
äŸ
æ¬äŸã§ã¯ no parityãèšå®ããŠããŸãã
Console(config-line)#parity noneConsole(config-line)#
417FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
password
ã³ã³ãœãŒã«æ¥ç¶ã®ããã®ãã¹ã¯ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ãŒããåé€ããŸãã
ææ³
password < 0 | 7> password
no password
⢠{0 | 7} â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password â ã³ã³ãœãŒã«æ¥ç¶çšã®ãã¹ã¯ãŒãïŒæ倧 8æåïŒå¹³ææïŒã 32æåïŒæå·åæïŒã倧æåãšå°æåã¯åºå¥ãããŸãïŒã
åæèšå®
ãã¹ã¯ãŒãã¯èšå®ãããŠããŸãã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠ãã¹ã¯ãŒãã®èšå®ãè¡ããšãæ¥ç¶æã«ãã¹ã¯ãŒããèŠæ±ããããã³ããã衚瀺ãããŸããæ£ãããã¹ã¯ãŒããå ¥åãããšãã°ã€ã³ã§ããŸãã"password-thresh"ã³ãã³ãã䜿çšãããã¹ã¯ãŒãå ¥åæã®ãªãã©ã€æ°ãèšå®ããããšãã§ããŸãã
⢠æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
é¢é£ããã³ãã³ã
loginïŒP416ïŒpassword-threshïŒP419ïŒ
Console(config-line)#password 0 secretConsole(config-line)#
418 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
password-thresh
ãã°ã€ã³æã®ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€åæ°ã®èšå®ã«äœ¿çšããã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§æå®ãããªãã©ã€åæ°ã¯åé€ãããŸãã
ææ³
password-thresh threshold
no password-thresh
⢠threshold ïŒ ãªãã©ã€å¯èœãªãã¹ã¯ãŒãå ¥ååæ°ïŒèšå®ç¯å²ïŒ1-120ã0ïŒåæ°ã®å¶éããªãããŸãïŒ
åæèšå®
3å
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠ãªãã©ã€æ°ãèšå®å€ãè¶ ããå Žåãæ¬æ©ã¯äžå®æéããã°ã€ã³ã®ãªã¯ãšã¹ãã«å¿çããªããªããŸãïŒå¿çãããªããªãæéã«é¢ããŠã¯ "silent-time"ã³ãã³ãã§ãã®é·ããæå®ã§ããŸãïŒãTelnetæã«ãªãã©ã€æ°ãå¶éå€ãè¶ ããå Žåã«ã¯ Telnetã€ã³ã¿ãã§ãŒã¹ãçµäºãšãªããŸãã
äŸ
æ¬äŸã§ã¯ãã¹ã¯ãŒãã®ãªãã©ã€åæ°ã 5åã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
silent-timeïŒP420ïŒ
Console(config-line)#password-thresh 5Console(config-line)#
419FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
silent-time
ãã°ã€ã³ã«å€±æãã"password-thresh"ã³ãã³ãã§æå®ãããã¹ã¯ãŒãå ¥åã®ãªãã©ã€æ°ãè¶ ããå Žåã«ãã°ã€ã³èŠæ±ã«åå¿ãããªãæéãèšå®ããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§èšå®ãããŠããå€ãåé€ããŸãã
ææ³
silent-time seconds
no silent-time
⢠secondsïŒ ã³ã³ãœãŒã«ã®ç¡å¹æéïŒç§ïŒïŒèšå®ç¯å²ïŒ0-65535ã0ïŒã³ã³ãœãŒã«ãç¡å¹ã«ããªãïŒ
åæèšå®
ã³ã³ãœãŒã«ã®å¿çç¡å¹æéã¯èšå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
æ¬äŸã§ã¯ã³ã³ãœãŒã«ç¡å¹æéã 60ç§ã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
password-threshïŒP419ïŒ
Console(config-line)#silent-time 60Console(config-line)#
420 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
speed
ã¿ãŒããã«æ¥ç¶ã®ããŒã¬ãŒããæå®ããããã®ã³ãã³ãã§ããæ¬èšå®ã§ã¯éåä¿¡äž¡æ¹ã®å€ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
speed bps
no speed
⢠bpsïŒ ããŒã¬ãŒãã bpsã§æå®ïŒãªãã·ã§ã³ïŒ9600ã19200ã38400ã57600ã115200 bpsãautoïŒ
åæèšå®
115200bps
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
ã·ãªã¢ã«ããŒãã«æ¥ç¶ãããæ©åšã§ãµããŒããããŠããããŒã¬ãŒããæå®ããŠãã ãããäžéšã®ããŒã¬ãŒãã¯æ¬æ©ã§ã¯ãµããŒãããŠããªãå ŽåããããŸãããµããŒããããŠããªãå€ãæå®ããå Žåã«ã¯ã¡ãã»ãŒãžã衚瀺ãããŸãã
äŸ
Console(config-line)#speed 57600Console(config-line)#
421FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
stopbits
éä¿¡ããã¹ããããããã®å€ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
stopbits < 1 | 2 >
no stopbits
⢠1ïŒã¹ãããããã "1"
⢠2ïŒã¹ãããããã "2"
åæèšå®
ã¹ãããããã 1
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
æ¬äŸã§ã¯ã¹ãããããã "2"ã«èšå®ããŠããŸãã
Console(config-line)#stopbits 2Console(config-line)#
422 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
timeout login response
CLIããã®ãã°ã€ã³å ¥åã®ã¿ã€ã ã¢ãŠãæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
timeout login response { seconds }
no timeout login response
⢠seconds â ã¿ã€ã ã¢ãŠãæéïŒç§ïŒïŒç¯å²ïŒ0-300ç§ã0ïŒã¿ã€ã ã¢ãŠãèšå®ãªãïŒ
åæèšå®
⢠CLIïŒç¡å¹ïŒ0ç§ïŒ
⢠TelnetïŒ300ç§
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠èšå®æéå ã«ãã°ã€ã³ãæ€ç¥ãããªãã£ãå Žåãæ¥ç¶ã¯åæãããŸãã
⢠æ¬ã³ãã³ãã¯ã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã®äž¡æ¹ã«æå¹ãšãªããŸãã
⢠Telnetã®ã¿ã€ã ã¢ãŠããç¡å¹ã«ããããšã¯ã§ããŸããã
⢠ã¿ã€ã ã¢ãŠããæå®ããã³ãã³ããå®è¡ããå Žåãåæèšå®ã«æ»ããŸãã
äŸ
æ¬äŸã§ã¯ã¿ã€ã ã¢ãŠãæéã 120ç§ïŒ2åïŒã«èšå®ããŠããŸãã
Console(config-line)#timeout login response 120Console(config-line)#
423FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
disconnect
æ¬ã³ãã³ãã䜿çšã SSHãTelnetãã³ã³ãœãŒã«æ¥ç¶ãçµäºããããšãã§ããŸãã
ææ³
disconnect session-id
⢠session-id â SSHãTelnetãã³ã³ãœãŒã«æ¥ç¶ã®ã»ãã·ã§ã³ IDïŒç¯å² :0-4ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã»ãã·ã§ã³ ID"0"ãæå®ãããšã³ã³ãœãŒã«æ¥ç¶ãçµäºãããŸãããã®ä»ã®ã»ãã·ã§ã³ IDãæå®ããå Žåã«ã¯ SSHå㯠Telnetæ¥ç¶ãçµäºãããŸãã
äŸ
é¢é£ããã³ãã³ã
show sshïŒP527ïŒ
show usersïŒP398ïŒ
Console#disconnect 1Console#
424 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show line
ã¿ãŒããã«æ¥ç¶ã®èšå®ã衚瀺ããŸãã
ææ³
show line { console | vty }
⢠consoleïŒ ã³ã³ãœãŒã«æ¥ç¶èšå®
⢠vtyïŒ ãªã¢ãŒãæ¥ç¶çšã®ä»®æ³ã¿ãŒããã«èšå®
åæèšå®
ãã¹ãŠã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã§ã¯ãã¹ãŠã®æ¥ç¶ã®èšå®ã衚瀺ããŠããŸãã
Console#show line Console Configuration: Password Threshold : 3 times Inactive Timeout : Disabled Login Timeout : Disabled Silent Time : Disabled Baud Rate : 115200 Data Bits : 8 Parity : None Stop Bits : 1
VTY Configuration: Password Threshold : 3 times Inactive Timeout : 600 seconds Login Timeout : 300 sec. Silent Time : DisabledConsole#
425FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.7 Event Loggingã³ãã³ã
logging facility
syslogã¡ãã»ãŒãžãéãéã® facilityã¿ã€ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging facility type
no logging facility
typeïŒ syslogãµãŒãã§äœ¿çšãã facilityã¿ã€ãã®å€ãæå®ããŸãã(16-23)
åæèšå®
23
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
syslogã¡ãã»ãŒãžãšããŠéä¿¡ãããã¡ã·ãªãã£ã¿ã€ãã¿ã°ã®èšå®ãè¡ãªããŸã (詳现ïŒRFC3164)ãã¿ã€ãã®èšå®ã¯ãæ¬æ©ã«ããå ±åããã¡ãã»ãŒãžã®çš®é¡ã«åœ±é¿ããŸãããsyslogãµãŒãã«ãããŠãœãŒããããŒã¿ããŒã¹ãžã®ä¿åã®éã«äœ¿çšãããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
logging facility ãªã¢ãŒã㧠syslogãä¿åããéã®ãã¡ã·ãªãã£ã¿ã€ãã®ç«¶ã£ãŠå°Ÿ
GC P426
logging historyéèŠåºŠã«åºã¥ãã SNMP管ç端æ«ã«éä¿¡ããsyslogã®èšå®
GC P427
logging host syslogãéä¿¡ãããã¹ãã® IPã¢ãã¬ã¹ã®èšå® GC P428
logging on ãšã©ãŒã¡ãã»ãŒãžãã°ã®èšå® GC P429
logging trap ãªã¢ãŒããµãŒããžã®éèŠåºŠã«ããšã¥ããŠãsyslogã¡ãã»ãŒãžã®ä¿å
GC P430
clear log ãã°ãããã¡ã®ã¯ãªã¢ PE P430
show log ãã°ã¡ãã»ãŒãžã®è¡šç€º PE P432
show logging ãã°é¢é£æ å ±ã®è¡šç€º PE P433
Console(config)#logging facility 19Console(config)#
426 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging history
æ¬äœã®ã¡ã¢ãªã«ä¿åããã¡ãã»ãŒãžã®çš®é¡ãæå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging history < flash | ram > level
no logging history < flash | ram >
⢠flashïŒ ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ramïŒ RAMã«ä¿åãããã€ãã³ãå±¥æŽ
⢠levelïŒ ã¬ãã«ã¯ä»¥äžã®è¡šã®éãã§ããéžæãã Levelãã Level0ãŸã§ã®ã¡ãã»ãŒãžãä¿åãããŸãïŒç¯å²ïŒ0-7ïŒ
åæèšå®
Flash: errors (level 3 - 0)
RAM: debugging (level 7 - 0)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã©ãã·ã¥ã¡ã¢ãªã«ã¯ãRAMã«èšå®ãã Levelããé«ã Levelãèšå®ããŠäžããã
äŸ
ã¬ãã«åŒæ° ã¬ã㫠解説 syslogå®çŸ©
debugging 7 ãããã°ã¡ãã»ãŒãž LOG_DEBUG
Informational 6 æ å ±ã¡ãã»ãŒãž LOG_INFO
notifications 5 éèŠãªã¡ãã»ãŒãž LOG_NOTICE
warnings 4 èŠåã¡ãã»ãŒãž LOG_WARNING
Errors 3 ãšã©ãŒç¶æ ã瀺ãã¡ãã»ãŒãž LOG_ERR
Critical 2 é倧ãªç¶æ ã瀺ããšã©ãŒã¡ãã»ãŒãž
LOG_CRIT
alerts 1 è¿ éãªå¯Ÿå¿ãå¿ èŠãªã¡ãã»ãŒãž LOG_ALERT
emergencies 0 ã·ã¹ãã äžå®å®ç¶æ ã瀺ãã¡ãã»ãŒãž
LOG_EMERG
Console(config)#logging history ram 0Console(config)#
427FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging host
ãã°ã¡ãã»ãŒãžãåãåã syslogãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ syslogãµãŒããåé€ããŸãã
ææ³
logging host host_ip_address
no logging host host_ip_address
⢠host_ip_addressïŒ syslogãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ç°ãªã IPã¢ãã¬ã¹ã®ãã¹ããæå®ããã³ãã³ããå ¥åããæ倧 5ã€ã® syslogãµãŒããèšå®ã§ããŸãã
äŸ
Console(config)#logging host 10.1.0.3Console(config)#
428 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging on
ãšã©ãŒã¡ãã»ãŒãžã®ãã°ãåãããã®ã³ãã³ãã§ãããããã°åã¯ãšã©ãŒã¡ãã»ãŒãžããã°ãšããŠä¿åããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
logging on
no logging on
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã°ãšããŠä¿åããããšã©ãŒã¡ãã»ãŒãžã¯æ¬äœã®ã¡ã¢ãªåã¯ãªã¢ãŒãã® syslogãµãŒãã«ä¿åãããŸãã"logging history"ã³ãã³ãã䜿çšããŠã¡ã¢ãªã«ä¿åãããã°ã®çš®é¡ãéžæããããšãã§ããŸãã
äŸ
é¢é£ããã³ãã³ã
logging historyïŒP427ïŒlogging trapïŒP430ïŒclear loggingïŒP430ïŒ
Console(config)#logging onConsole(config)#
429FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging trap
syslogãµãŒãã«éä¿¡ããã¡ãã»ãŒãžã®çš®é¡ãæå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging trap level
no logging trap
levelïŒ ã¬ãã«ã¯ä»¥äžã®è¡šã®éãã§ããéžæãã Levelãã Level0ãŸã§ã®ã¡ãã»ãŒãžãéä¿¡ãããŸãïŒP427ã®è¡šãåç §ïŒ
åæèšå®
ç¡å¹ïŒlevel 7 ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¬ãã«ãæå®ããªãå ŽåãsyslogãµãŒããžã®éä¿¡ãæå¹ã«èšå®ããä¿åãããã¡ãã»ãŒãžã¬ãã«ãåæèšå®ã«æ»ããŸãã
äŸ
Console(config)#logging trapConsole(config)#
430 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
clear log
ãã°ããããã¡ããåé€ããã³ãã³ãã§ãã
ææ³
clear log < flash | ram >
⢠flashïŒ ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ramïŒ RAMã«ä¿åãããã€ãã³ãå±¥æŽ
åæèšå®
Flash and RAM
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
show loggingïŒP433ïŒ
Console#clear logConsole#
431FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show log
ã¹ã€ããã®ã¡ã¢ãªã«éä¿¡ããããã·ã¹ãã /ã€ãã³ãã¡ãã»ãŒãžã衚瀺ããŸãã
ææ³
show log < flash | ram >
⢠flash â ãã©ãã·ã¥ã¡ã¢ãª (æä¹ ç )ã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ram â RAM(é»æºæå ¥æã«æ¶å»ããã )ã«ä¿åãããã€ãã³ãå±¥æŽ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã¡ã¢ãªã«ä¿åãããã·ã¹ãã /ã€ãã³ãã¡ãã»ãŒãžã衚瀺ããŸããã¿ã€ã ã¹ã¿ã³ããã¡ãã»ãŒãžã¬ãã«ãããã°ã©ã ã¢ãžã¥ãŒã«ãæ©èœãåã³ã€ãã³ãçªå·ã衚瀺ããŸãã
äŸ
æ¬äŸã§ã¯ãRAMã«ä¿åããŠãããµã³ãã«ã¡ãã»ãŒãžã衚瀺ããŠããŸãã
Console#show log ram[5] 00:01:06 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[4] 00:01:00 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[3] 00:00:54 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[2] 00:00:50 2001-01-01 "STA topology change notification." level: 6, module: 6, function: 1, and event no.: 1[1] 00:00:48 2001-01-01 "VLAN 1 link-up notification." level: 6, module: 6, function: 1, and event no.: 1Console#
432 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show logging
ã·ã¹ãã ãã€ãã³ãã¡ãã»ãŒãžã«é¢ãããã°ã衚瀺ããŸãã
ææ³
show logging < flash | ram | sendmail | trap >
⢠flashïŒ ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ramïŒ RAMã«ä¿åãããã€ãã³ãå±¥æŽ
⢠sendmailïŒ SMTPã€ãã³ããã³ãã©ã®èšå®ã衚瀺 (P435)
⢠trapïŒ ãã©ããæ©èœèšå®ã®è¡šç€º
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show logging flash
Syslog logging:ããããã EnableHistory logging in FLASH: level errorsConsole#show logging ramSyslog logging: EnableHistory logging in RAM: level debuggingConsole#
é ç® è§£èª¬
Syslog logging logging onã³ãã³ãã«ããã·ã¹ãã ãã°ãæå¹åãããŠãããã衚瀺
History logging in FLASH logging historyã³ãã³ãã«ãããªããŒããããã¡ãã»ãŒãžã¬ãã«
History logging in RAM logging historyã³ãã³ãã«ãããªããŒããããã¡ãã»ãŒãžã¬ãã«
Console#show logging trapSyslog logging: EnableREMOTELOG Status: disableREMOTELOG Facility Type: Local use 7REMOTELOG Level Type: Debugging messagesREMOTELOG server IP Address: 1.2.3.4REMOTELOG server IP Address: 0.0.0.0REMOTELOG server IP Address: 0.0.0.0REMOTELOG server IP Address: 0.0.0.0REMOTELOG server IP Address: 0.0.0.0Console#
433FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
é¢é£ããã³ãã³ã
show logging sendmailïŒP439ïŒ
é ç® è§£èª¬
Syslog logging logging onã³ãã³ãã«ããã·ã¹ãã ãã°ãæå¹åãããŠãããã衚瀺
REMOTELOG status logging trapã³ãã³ãã«ãã£ãŠãªã¢ãŒããã®ã³ã°ãæå¹åãããŠãããã衚瀺
REMOTELOG facility type
logging facilityã³ãã³ãã«ãã£ãŠãæå®ãããã·ã¹ãã°ã¡ãã»ãŒãžã®ãªã¢ãŒããã®ã³ã°ã®ãã¡ã·ãªãã£ã¿ã€ã
REMOTELOG level type
logging trapã³ãã³ãã«ãã£ãŠæå®ããããªã¢ãŒããµãŒãã«éãããã·ã¹ãã°ã¡ãã»ãŒãžã®é倧ãªãããå€
REMOTELOGserver IP address logging hostã³ãã³ãã«ãã£ãŠæå®ãããã·ã¹ãã°ãµãŒãã®ã¢ãã¬ã¹
434 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.8 SMTPã¢ã©ãŒãã³ãã³ã
SMTPã€ãã³ããã³ãã«åã³ã¢ã©ãŒãã¡ãã»ãŒãžã® SMTPãµãŒãåã³ã¡ãŒã«åä¿¡è ãžã®éä¿¡ã®èšå®ãè¡ããŸãã
logging sendmail
SMTPã€ãã³ããã³ãã©ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
logging sendmail
no logging sendmail
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
logging sendmail SMTPã€ãã³ããã³ããªã³ã°ã®æå¹å GC P435
logging sendmailhost ã¢ã©ãŒãã¡ãã»ãŒãžãåä¿¡ãã SMTPãµãŒã GC P436
logging sendmaillevel ã¢ã©ãŒãã¡ãã»ãŒãžã®ãããå€èšå® GC P437
logging sendmaildestination-email ã¡ãŒã«åä¿¡è ã®èšå® GC P438
logging sendmailsource-email ã¡ãŒã«ã®âFromâè¡ã«å ¥åãããã¢ãã¬ã¹ã®èšå® GC P439
show loggingsendmail SMTPã€ãã³ããã³ãã©èšå®ã®è¡šç€º NE,PE P439
Console(config)#logging sendmailConsole(config)#
435FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail host
ã¢ã©ãŒãã¡ãã»ãŒãžãéä¿¡ãã SMTPãµãŒããæå®ããŸãã
"no"ãåã«çœ®ãããšã§ SMTPãµãŒãã®èšå®ãåé€ããŸãã
ææ³
logging sendmail host ip_address
no logging sendmail host ip_address
⢠ip_addressïŒã¢ã©ãŒããéããã SMTPãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ倧 3ã€ã® SMTPãµãŒããæå®ã§ããŸããè€æ°ã®ãµãŒããæå®ããå Žåã¯ããµãŒãæ¯ã«ã³ãã³ããå ¥åããŠäžããã
⢠e-mailã¢ã©ãŒããéä¿¡ããå Žåãæ¬æ©ã¯ãŸãæ¥ç¶ãè¡ãªãããã¹ãŠã® e-mailã¢ã©ãŒããé çªã« 1éãã€éä¿¡ããåŸãæ¥ç¶ãéããŸãã
⢠æ¥ç¶ãè¡ãªãå Žåãæ¬æ©ã¯ååã®æ¥ç¶æã«ã¡ãŒã«ã®éä¿¡ãæåãããµãŒããžã®æ¥ç¶ãè©Šã¿ãŸãããã®ãµãŒãã§ã®æ¥ç¶ã«å€±æããå Žåãæ¬æ©ã¯ãªã¹ãã®æ¬¡ã®ãµãŒãã§ã®ã¡ãŒã«ã®éä¿¡ãè©Šã¿ãŸãããã®æ¥ç¶ã倱æããå Žåã«ã¯ãæ¬æ©ã¯åšæçã«æ¥ç¶ãè©Šã¿ãŸãïŒæ¥ç¶ãè¡ãªããªãã£ãå Žåã«ã¯ããã©ãããçºè¡ãããŸãïŒ
äŸ
Console(config)#logging sendmail host 192.168.1.19Console(config)#
436 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail level
ã¢ã©ãŒãã¡ãã»ãŒãžã®ãããå€ã®èšå®ãè¡ãªããŸãã
ææ³
logging sendmail level level
⢠level â ã·ã¹ãã ã¡ãã»ãŒãžã¬ãã« (P430)ãèšå®ããå€ããã¬ãã« 0ãŸã§ã®ã¡ãã»ãŒãžãéä¿¡ãããŸãïŒèšå®ç¯å²ïŒ0-7ãåæèšå®ïŒ7ïŒ
åæèšå®
Level 7
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã€ãã³ããããå€ã®ã¬ãã«ãæå®ããŸããèšå®ããã¬ãã«ãšãã以äžã®ã¬ãã«ã®ã€ãã³ããæå®ããã¡ãŒã«åä¿¡è ã«éä¿¡ãããŸãïŒäŸïŒã¬ãã« 7ã«ããå Žåã¯ã¬ãã« 7ãã 0ã®ã€ãã³ããéä¿¡ãããŸãïŒ
äŸ
æ¬äŸã§ã¯ã¬ãã« 3ããã¬ãã« 0ã®ã·ã¹ãã ãšã©ãŒãã¡ãŒã«ã§éä¿¡ãããŸãã
Console(config)#logging sendmail level 3Console(config)#
437FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail destination-email
ã¢ã©ãŒãã¡ãã»ãŒãžã®ã¡ãŒã«åä¿¡è ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åä¿¡è ãåé€ããŸãã
ææ³
logging sendmail destination-email email-address
no logging sendmail destination-email email-address
⢠email-address â ã¢ã©ãŒãã¡ãã»ãŒãžã®éä¿¡å ã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ1-41æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ倧 5ã€ã®ã¢ãã¬ã¹ãæå®ããããšãã§ããŸããè€æ°ã®ã¢ãã¬ã¹ãèšå®ããéã¯ã¢ãã¬ã¹æ¯ã«ã³ãã³ããå ¥åããŠäžããã
äŸ
Console(config)#logging sendmail [email protected](config)#
438 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail source-email
ã¡ãŒã«ã® "From"è¡ã«å ¥åãããã¡ãŒã«éä¿¡è åãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging sendmail source-email email-address
no logging sendmail source-email
⢠email-address â ã¢ã©ãŒãã¡ãã»ãŒãžã®éä¿¡å ã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ1-41æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ¬æ©ãèå¥ããããã®ã¢ãã¬ã¹ïŒæååïŒãæ¬æ©ã®ç®¡çè ã®ã¢ãã¬ã¹ãªã©ã䜿çšããŸãã
äŸ
show logging sendmail
SMTPã€ãã³ããã³ãã©ã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console(config)#logging sendmail source-email [email protected](config)#
Console#show logging sendmailSMTP servers-----------------------------------------------192.168.1.19SMTP minimum severity level: 4
SMTP destination email addresses-----------------------------------------------ted@this-company.com
SMTP source email address: [email protected]
SMTP status: Enable
Console#
439FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.9 Timeã³ãã³ã
NTPå㯠SNTPã¿ã€ã ãµãŒããæå®ããããšã«ããã·ã¹ãã æå»ã®åçãªèšå®ãè¡ãªãããšãã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
SNTPã³ãã³ã
sntp client ç¹å®ã®ã¿ã€ã ãµãŒãããã®æå»ã®ååŸ GC P441
sntp poll ãªã¯ãšã¹ãéä¿¡ééã®èšå® GC P442
sntp server ã¿ã€ã ãµãŒãã®æå® GC P443
show sntp SNTPèšå®ã®è¡šç€º NE,PE P444
æåèšå®ã³ãã³ãclock timezone æ¬æ©å éšæå»ã®ã¿ã€ã ãŸãŒã³ã®èšå® GC P445
calendar set ã·ã¹ãã æ¥æã®èšå® PE P446
show calendar çŸåšã®æå»åã³èšå®ã®è¡šç€º NE,PE P447
440 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
sntp client
"sntp client"ã³ãã³ãã«ããæå®ãã NTPå㯠SNTPã¿ã€ã ãµãŒããžã® SNTPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ SNTPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããç¡å¹ã«ããŸãã
ææ³
sntp client
no sntp client
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©ã®å éšæå»ã®èšå®ãæ£ç¢ºã«ä¿ã€ããšã«ãããã·ã¹ãã ãã°ã®ä¿åã®éã«æ¥æãæ£ç¢ºã«èšé²ããããšãã§ããŸããæå»ã®èšå®ããããŠããªãå Žåãèµ·åæã®æå»ïŒ00:00:00, Jan. 1, 2001ïŒãåæèšå®ã®æå»ãšãªããããããã®æéçµéãšãªããŸãã
⢠æ¬ã³ãã³ãã«ããã¯ã©ã€ã¢ã³ãæå»ãªã¯ãšã¹ããæå¹ãšãªã "sntp poll"ã³ãã³ãã«ããèšå®ããééã§ã"sntp servers"ã³ãã³ãã«ããæå®ããããµãŒãã«ãªã¯ãšã¹ããè¡ãªããŸãã
äŸ
é¢é£ããã³ãã³ã
sntp serverïŒP443ïŒ
sntp pollïŒP442ïŒ
show sntpïŒP444ïŒ
Console(config)#sntp server 10.1.0.19Console(config)#sntp poll 60Console(config)#sntp clientConsole(config)#endConsole#show sntpCurrent time: Dec 23 02:52:44 2002Poll interval: 60Current mode: unicastSNTP status:EnabledSNTP server:10.1.0.19.0.0.0.0.0.0.0.0Current server:10.1.0.19Console#
441FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
sntp poll
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã«æå»åæèŠæ±ã®éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
sntp poll seconds
no sntp poll
⢠secondsïŒãªã¯ãšã¹ãééïŒèšå®ç¯å²ïŒ6-16384ç§ïŒ
åæèšå®
16ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
sntp clientïŒP441ïŒ
Console(config)#sntp poll 60Console#
442 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
sntp server
SNTPã¿ã€ã ãªã¯ãšã¹ããåãä»ãã IPã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ããã¹ãŠã®ã¿ã€ã ãµãŒããåé€ããŸãã
ææ³
sntp server { ip } { ip2 } { ip3 }
⢠ipïŒ NTP/SNTPã¿ã€ã ãµãŒãã® IPã¢ãã¬ã¹ïŒèšå®å¯èœæ°ïŒ1-3ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã®æå»åæãªã¯ãšã¹ããéä¿¡ããã¿ã€ã ãµãŒãã®æå®ãè¡ãªããŸããæ¬æ©ã¯ã¿ã€ã ãµãŒãã«å¯ŸããŠå¿çãåä¿¡ãããŸã§èŠæ±ãéä¿¡ããŸãã"sntp poll"ã³ãã³ãã«åºã¥ããééã§ãªã¯ãšã¹ããéä¿¡ããŸãã
äŸ
é¢é£ããã³ãã³ã
sntp clientïŒP441ïŒsntp pollïŒP442ïŒshow sntpïŒP444ïŒ
Console(config)#sntp server 10.1.0.19Console#
443FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show sntp
SNTPã¯ã©ã€ã¢ã³ãã®èšå®åã³çŸåšã®æéã衚瀺ããçŸå°æéãé©åã«æŽæ°ãããŠããã確èªããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
çŸåšæå»ãSNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã®æå»æŽæ°ãªã¯ãšã¹ãéä¿¡ééãçŸåšã® SNTPã¢ãŒãã衚瀺ããŸãã
äŸ
Console#show sntpCurrent time: Dec 23 05:13:28 2002Poll interval: 16Current mode: unicastSNTP status:EnabledSNTP server:137.92.140.80.0.0.0.0.0.0.0.0Current server:137.92.140.80Console#
444 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
clock timezone
æ¬æ©å éšæå»ã®ã¿ã€ã ãŸãŒã³ã®èšå®ãè¡ãªããŸãã
ææ³
clock timezone name hour hours minute minutes < before-utc | after-utc >
⢠nameïŒã¿ã€ã ãŸãŒã³åïŒç¯å²ïŒ1-30æåïŒ
⢠hoursïŒ UTCãšã®æéå·®ïŒæéïŒïŒç¯å²ïŒ0-12æéïŒ
⢠minutesïŒ UTCãšã®æéå·®ïŒåïŒïŒç¯å²ïŒ0-59åïŒ
⢠before-utcïŒ UTCããã®ã¿ã€ã ãŸãŒã³ã®æå·®ããã€ãã¹ïŒæ±ïŒã®å Žå
⢠after-utcïŒ UTCããã®ã¿ã€ã ãŸãŒã³ã®æå·®ããã©ã¹ïŒè¥¿ïŒã®å Žå
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
SNTPã§ã¯ UTC(Coordinated Universal Time:åå®äžçæéãå¥åïŒGMT/Greenwich Mean Time)ã䜿çšããŸãã
æ¬æ©ãèšçœ®ããŠããçŸå°æéã«å¯Ÿå¿ãããŠè¡šç€ºããããã« UTCããã®æå·®ïŒã¿ã€ã ãŸãŒã³ïŒã®èšå®ãè¡ãå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
show sntp ïŒP444ïŒ
Console(config)#clock timezone Japan hours 8 minute 0 after-UTCConsole(config)#
445FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
calendar set
ã·ã¹ãã æå»ã®èšå®ãè¡ãªããŸãã
ææ³
calendar set hour min sec < day month year | month day year >
⢠hourïŒæéïŒç¯å²ïŒ0 - 23ïŒ
⢠minïŒåïŒç¯å² 0 - 59ïŒ
⢠secïŒç§ïŒç¯å² 0 - 59ïŒ
⢠dayïŒæ¥ä»ïŒç¯å²ïŒ1-31ïŒ
⢠monthïŒæïŒ<january | february | march | april | may | june | july | august | september | october | november | december>
⢠yearïŒå¹ŽïŒè¥¿æŠ 4æ¡ãèšå®ç¯å²ïŒ2001-2100ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ã·ã¹ãã æå»ã 2010幎 2æ 1æ¥ 15æ 12å 34ç§ã«èšå®ããŠããŸãã
Console#calendar set 15 12 34 february 1 2010Console#
446 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show calendar
ã·ã¹ãã æå»ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show calendar15:12:34 February 1 2010Console#
447FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.10 ã¿ã€ã ã¬ã³ãž
ãã®é ã§ã¯ãACLçã§äœ¿çšãããã¿ã€ã ã¬ã³ãžã®èšå®ãè¡ãããã«äœ¿çšããã³ãã³ãã«ã€ããŠèšè¿°ããŸãã
time-range
ã¿ã€ã ã¬ã³ãžã®ååãèšå®ããã¿ã€ã ã¬ã³ãžèšå®ã¢ãŒããžå ¥ããŸãã"no"ãåã«çœ®ãããšã§çŸåšæå®ãããŠããã¿ã€ã ã¬ã³ãžãåé€ããŸãã
ææ³
time-range nameno time-range name
⢠nameïŒã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ããã®ã³ãã³ãã¯ãACLçã®æ©èœã§äœ¿çšãããã¿ã€ã ã¬ã³ãžãèšå®ããŸãã
äŸ
é¢é£ããã³ãã³ã
Access Control Lists ïŒP600ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
time-rangeSpecifies the name of a time range, and enters timerange configuration mode
GC P448
absoluteSets the time range for the execution of a command
TR P449
periodicSets the time range for the periodic execution of acommand
TR P450
show time-range Shows configured time ranges. PE P451
Console(config)#time-range r&dConsole(config-time-range)#
448 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
absolute
ã³ãã³ãã®å®è¡ã«äœ¿çšããã¿ã€ã ã¬ã³ãžãèšå®ããŸãã"no"ãåã«çœ®ãããšã§çŸåšæå®ãããŠããæéãåé€ããŸãã
ææ³
absolute start hour minute day month year [end hour minutes day month year]absolute end hour minutes day month yearno absolute
⢠hourïŒ 24æé圢åŒã§æå»ãæå®ïŒç¯å²ïŒ0-23ïŒ
⢠minutesïŒåïŒç¯å² 0-59ïŒ
⢠dayïŒæã®å ã®æ¥ïŒç¯å²ïŒ1-31æåïŒ
⢠monthïŒ january | february | march | april | may | june | july |august | september |ããã october | november | december
⢠yearïŒå¹ŽïŒç¯å²ïŒ2009-2109ã4æ¡ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Time Range Configuration
ã³ãã³ã解説
⢠ã¿ã€ã ã¬ã³ãžãæ¢ã«èšå®ãããŠããå Žåããã®ã³ãã³ãã® "no"ãã©ãŒã ã䜿çšãæ°ããã¿ã€ã ã¬ã³ãžãèšå®ããåã«çŸåšã®ãšã³ããªãåé€ããŸãã
äŸ
Console(config)#time-range r&dConsole(config-time-range)#absolute start 1 1 1 april 2010 end 2 1 1 april 2010Console(config-time-range)#
449FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
periodic
ã³ãã³ãã®åšæçå®è¡ã«äœ¿çšããã¿ã€ã ã¬ã³ãžãèšå®ããŸãã"no"ãåã«çœ®ãããšã§çŸåšæå®ãããŠããæéãåé€ããŸãã
ææ³
[no] periodic { daily | friday | monday | saturday | sunday |thursday | tuesday | wednesday | ãããããããweekdays | weekend}ãããããããhour minute to {daily | friday | monday | saturday | sunday | thursday | tuesday ããããããã| wednesday | weekdays | weekend |hour minute}
⢠daily â æ¯æ¥
⢠friday â éææ¥
⢠mondayâ æææ¥
⢠saturday â åææ¥
⢠sundayâ æ¥ææ¥
⢠thursday â æšææ¥
⢠tuesday â ç«ææ¥
⢠wednesday â æ°Žææ¥
⢠weekdaysâ é±æ¥
⢠weekendâ é±æ«
⢠hourïŒ 24æé圢åŒã§æå»ãæå®ïŒç¯å²ïŒ0-23ïŒ
⢠minutesïŒåïŒç¯å² 0-59ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Time Range Configuration
äŸ
Console(config)#time-range r&dConsole(config-time-range)#periodic sunday 1 1 to sunday 1 10Console(config-time-range)#
450 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show time-range
èšå®ãããã¿ã€ã ã¬ã³ãžã衚瀺ããŸãã
ææ³
show time-range { name }
⢠nameâ ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show time-range r&d
ãTime-range r&d: absolute start 01:01 01 April 2010 end 02:01 01 April 2010 periodic Daily 01:01 to Daily 02:01 periodic Monday 01:01 to Monday 02:10 periodic Sunday 01:01 to Sunday 01:10Console#
451FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
4.5.11 ã¹ã€ããã¯ã©ã¹ã¿
ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°ã¯ 1ã€ã®ã¹ã€ãããéããäžå€®ç®¡çãæå¹ã«ãããããã¹ã€ãããã°ã«ãŒãåããæ©èœã§ããã¹ã€ããã¯ã©ã¹ã¿ã¯ãã¯ã©ã¹ã¿ã®ä»ã®ãã¹ãŠã®ã¡ã³ããŒã管çããããã«äœ¿çšããã³ãã³ããŠããããæã¡ãŸãã管ç端æ«ã¯ IPã¢ãã¬ã¹ãéããŠã³ãã³ããšçŽæ¥éä¿¡ããããã« TelnetãšWebã€ã³ã¿ãŒãã§ãŒã¹ã®äž¡æ¹ã䜿çšããããšãã§ããŸãããŸãã³ãã³ãã¯ã¯ã©ã¹ã¿ã®å éš IPã¢ãã¬ã¹ã䜿çšããŠã¡ã³ããŒã¹ã€ããã管çããŸãã1ã€ã®ã¯ã©ã¹ã¿ã« 36åã®ã¡ã³ããŒãè¿œå ããããšãã§ããŸããã¯ã©ã¹ã¿ã®ã¹ã€ãã㯠1ã€ã®IPãµããããå ã«å¶éãããŸãã
ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°ã®äœ¿çš
⢠ã¹ã€ããã¯ã©ã¹ã¿ã¯ "ã³ãã³ããšåŒã°ãããã©ã€ããªãŠããããæã¡ãŸããããã¯ãã¯ã©ã¹ã¿å ã®ãã®ä»å šãŠã® "Member"ã¹ã€ããã管çããããã«äœ¿çšãããŸãã管çã¹ããŒã·ã§ã³ã¯ TenetãšWebã€ã³ã¿ãã§ãŒã¹ã®äž¡æ¹ã䜿çšãããã® IPã¢ãã¬ã¹ãéãã³ãã³ããšçŽæ¥éä¿¡ããŸãã
⢠äžæŠã¹ã€ãããã¯ã©ã¹ã¿ã³ãã³ãã«èšå®ããããšãèªåçã«ãããã¯ãŒã¯å ã®ä»ã®ã¯ã©ã¹ã¿æå¹ã¹ã€ãããæ€çŽ¢ããŸãã管çã¹ããŒã·ã§ã³ããã¢ãããã¹ãã¬ãŒã¿ã«æåã§éžæãããéã "Candidate"ã¹ã€ããã¯ã¯ã©ã¹ã¿ã¡ã³ãã«ã®ã¿ãªããŸãã
[泚æ ]ãã¯ã©ã¹ã¿ã¡ã³ãã¹ã€ããã¯ã³ãã³ããžã® Telnetæ¥ç¶ãŸãã¯ã³ãã³ããžã® Web管çæ¥ç¶ã«ãã£ãŠç®¡çãããããšãå¯èœã§ããã³ã³ãœãŒã«æ¥ç¶äœ¿çšæãã¡ã³ãã¹ã€ãããžã®æ¥ç¶ã«ã¯ã³ãã³ã CLIããã³ãããã "rcommand" ã³ãã³ãïŒP457ïŒã䜿ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžcluster ã¹ã€ããã¯ã©ã¹ã¿ã®èšå® GC P453
cluster commander ã¹ã€ãããã¯ã©ã¹ã¿ã³ãã³ãã«èšå® GC P454
cluster ip-pool ã¯ã©ã¹ã¿ IPã¢ãã¬ã¹ããŒã«ãèšå® GC P455
cluster member åè£ã¹ã€ãããã¯ã©ã¹ã¿ã¡ã³ããŒã«èšå® GC P456
rcommand ã¡ã³ããŒã¹ã€ãããžã®ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ã¢ã¯ã»ã¹ãæäŸ
GC P457
show cluster ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°èšå®ã衚瀺 PE P457
show cluster members çŸåšã®ã¯ã©ã¹ã¿ã¡ã³ããŒã衚瀺 PE P458
show cluster candidates
ãããã¯ãŒã¯äžã®ãã¯ã©ã¹ã¿åè£ã¹ã€ããã衚瀺
PE P458
452 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
cluster
ãã®ã³ãã³ãã¯ã¹ã€ããã®ã¯ã©ã¹ã¿ãªã³ã°ãæå¹ã«ããŸããnoãä»ãããšã¯ã©ã¹ã¿ãªã³ã°ãç¡å¹ã«ããŸãã
ææ³
cluster
no cluster
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¹ã€ããã®ã¯ã©ã¹ã¿ãäœæããããã«ã¯ãæåã«ã¹ã€ããäžã§ã¯ã©ã¹ã¿ãªã³ã°ãæå¹ã§ããããšã確èªãïŒåºè·æèšå®ã§æå¹ïŒã次ã«ã¯ã©ã¹ã¿ã®ã³ãã³ããšããŠã¹ã€ãããèšå®ããŸãããããã¯ãŒã¯ã®ä»ã® IPãµãããããšå¹²æžããªãããã«ã¯ã©ã¹ã¿ã® IP ããŒã«ãèšå®ããŸããã¯ã©ã¹ã¿çšã® IPã¢ãã¬ã¹ã¯ãã¹ã€ãããã¡ã³ããŒã«ãªãã¡ã³ããŒã¹ã€ãããšã³ãã³ãã®éã®éä¿¡ã§äœ¿çšããããšãã«ã¹ã€ããã«å²ãåœãŠãããŸãã
⢠ã¹ã€ããã¯ã©ã¹ã¿ã¯ 1ã€ã®ãµããããã«å¶éãããŸãã
⢠ã¹ã€ãã㯠1ã€ã®ã¯ã©ã¹ã¿ã®ã¡ã³ããŒã«ã ãæå±ããããšãã§ããŸãã
⢠æ§æãããã¹ã€ããã¯ã©ã¹ã¿ã¯ãªã»ããããããã¯ãŒã¯ã®å€æŽãè¡ã£ãŠãç¶æãããŸãã
äŸ
Console(config)#clusterConsole(config)#
453FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
cluster commander
ãã®ã³ãã³ãã¯ã¯ã©ã¹ã¿ã®ã³ãã³ããšããŠã¹ã€ãããèšå®ããŸããnoãä»ãããšã¹ã€ããã®ã³ãã³ãèšå®ãç¡å¹ã«ãªããŸãã
ææ³
cluster commander
no cluster commander
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¹ã€ãããã³ãã³ããšããŠèšå®ããçŽåŸã«ãã¹ã€ããã¯èªåçã«ãããã¯ãŒã¯äžã®ã¯ã©ã¹ã¿æ©èœãæå¹ã«ãªã£ãŠããã¹ã€ãããçºèŠããããšããŸãããããã®åè£ç¶æ ã®ã¹ã€ããã¯ã管ç端æ«ãéããŠç®¡çè ãæåã§éžæãããšãã¯ã©ã¹ã¿ã®ã¡ã³ããŒã«ãªãããšãã§ããŸãã
⢠ã¯ã©ã¹ã¿ã®ã¡ã³ããŒã¯ Telnetã§ã³ãã³ãã«æ¥ç¶ããããšã§ç®¡çããããšãã§ããŸããã³ãã³ããã CLIã§ã¡ã³ããŒã¹ã€ããã«æ¥ç¶ããã«ã¯ rcommand idã³ãã³ãã䜿ããŸãã
äŸ
Console(config)#cluster commanderConsole(config)#
454 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
cluster ip-pool
ãã®ã³ãã³ãã¯ã¯ã©ã¹ã¿ã® IPã¢ãã¬ã¹ããŒã«ãèšå®ããŸããnoãä»ãããšã¢ãã¬ã¹ãåæç¶æ ã«æ»ãããšãã§ããŸãã
ææ³
cluster ip-pool [ ip-address ]
no cluster ip-pool
⢠ip-address â ã¯ã©ã¹ã¿ã¡ã³ããŒã«ã¢ãµã€ã³ããã IPã¢ãã¬ã¹ïŒ10.x.x.x.ïŒ
åæèšå®
10.254.254.1
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IPã¢ãã¬ã¹ããŒã«ã®èšå®ãMemberã¹ã€ããã«å²ãåœãŠããã IPã¢ãã¬ã¹ãšããŠå éšçã«äœ¿çšãããŸããã¯ã©ã¹ã¿ã® IPã¢ãã¬ã¹ã®åœ¢åŒã¯ã10.x.x.Memberã¹ã€ããã®idããšããæ§æã«ãªããŸããMemberã«èšå®ããå¿ èŠã®ãã IPã¢ãã¬ã¹ã®æ°ã¯ 1åãã 36åã§ãã
⢠ãããã¯ãŒã¯ã® IPãµãããããšççŸããªãããã¯ã©ã¹ã¿ã® IPããŒã«ãèšå®ããŠãã ãããã¯ã©ã¹ã¿ã® IPã¢ãã¬ã¹ã¯ã¹ã€ããã Memberã«ãªããMemberã¹ã€ãããšCommanderã¹ã€ãããçžäºã«éä¿¡ãããšãã«ã¹ã€ããã«å²ãåœãŠãããŸãã
⢠ã¹ã€ãããçŸåš Commanderã¢ãŒãã®å Žåãã¯ã©ã¹ã¿ã® IPããŒã«ã®å€æŽãã§ããŸãããæåã« Commanderã¢ãŒããç¡å¹ã«ããŠãã ããã
äŸ
Console(config)#cluster ip-pool 10.2.3.4Console(config)#
455FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
cluster member
ãã®ã³ãã³ãã¯åè£ã¹ã€ãããã¯ã©ã¹ã¿ã¡ã³ããŒãšããŠèšå®ããŸãã.
ææ³
cluster member mac-address mac-address id member-id
no cluster member id member-id
⢠mac-address âåè£ã¹ã€ããã®MACã¢ãã¬ã¹
⢠member-id âã¡ã³ããŒã¹ã€ããã«å²ãæ¯ããã IDçªå·ïŒç¯å²ïŒ1-36ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¯ã©ã¹ã¿ã¡ã³ããŒã®æ倧æ°ã¯ 36ã§ãã
⢠åè£ã¹ã€ããã®æ倧æ°ã¯ 100ã§ãã
äŸ
Console(config)#cluster member mac-address 00-12-34-56-78-9a id 5Console(config)#
456 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
rcommand
ãã®ã³ãã³ãã䜿çšãããšã¯ã©ã¹ã¿ã®ã¡ã³ããŒã« CLIã§ã¢ã¯ã»ã¹ã§ããŸãã
ææ³
rcommand id member-id
⢠member-id âã¡ã³ããŒã¹ã€ããã® IDïŒç¯å²ïŒ1-36ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ã³ãã³ãã¹ã€ãããžã® Telnetæ¥ç¶ãéããŠã®ã¿å®è¡ã§ããŸããã³ãã³ãäžã«ããŒã«ã«ã³ã³ãœãŒã«æ¥ç¶ãããäžã§ã®ã¯ã©ã¹ã¿ã®ã¡ã³ããŒã®ç®¡çã¯ãµããŒãããŠããŸããã
⢠ã¡ã³ããŒã¹ã€ããã® CLIã«ã¢ã¯ã»ã¹ããããã«ãŠãŒã¶ãŒããŒã ãšãã¹ã¯ãŒããå ¥åããå¿ èŠã¯ãããŸããã
äŸ
show cluster
ã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Vty-0#rcommand id 1
ãããCLI session with the TigerSwitch 10/100/1000 is opened.
ãããTo end the CLI session, enter [Exit].Vty-0#
Console#show clusterRole : commanderInterval heartbeat : 30Heartbeat loss count: 3Number of Members : 1Number of Candidates: 2Console#
457FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show cluster members
çŸåšã®ã¹ã€ããã¯ã©ã¹ã¿ã¡ã³ããŒã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show cluster candidates
ãããã¯ãŒã¯äžã®åè£ã¹ã€ãããæ€çŽ¢ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show cluster membersCluster Members:ID : 1Role : Active memberIP Address : 10.254.254.2MAC Address : 00-12-cf-23-49-c0Description : 24/48 L2/L4 IPV4/IPV6 GE SwitchConsole#
Console#show cluster candidatesCluster Candidates:Role Mac Description--------------- ----------------- --------------------------------------ACTIVE MEMBER 00-12-cf-23-49-c0 24/48 L2/L4 IPV4/IPV6 GE SwitchCANDIDATE 00-12-cf-0b-47-a0 24/48 L2/L4 IPV4/IPV6 GE SwitchConsole#
458 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
4.6 SNMP
ãã©ãããããŒãžã£ã§éä¿¡ãããšã©ãŒã¿ã€ããªã©ã® SNMP管ç端æ«ã䜿çšããæ¬æ©ãžã®ã¢ã¯ã»ã¹ã«é¢ããèšå®ãè¡ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒãããŒãž
éåžž SNMPã³ãã³ã
snmp-server SNMPãµãŒããŒãæå¹å GC P460
snmp-server community SNMPã³ãã³ãã§ã¢ã¯ã»ã¹ããããã®ã³ãã¥ããã£åã®èšå®
GC P461
snmp-server contact ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®èšå® GC P462
snmp-server location ã·ã¹ãã èšçœ®æ å ±ã®èšå® GC P462
show snmp SNMPã®èšå®æ å ±ã衚瀺 NE,PE P463
SNMPã¿ãŒã²ãããã¹ãã³ãã³ã
snmp-server enable traps SNMPã¡ãã»ãŒãžãåä¿¡ãããã¹ãã®æå¹å GC P464
snmp-server host SNMPã¡ãã»ãŒãžãåä¿¡ãããã¹ãã®èšå® GC P465
SNMPv3ãšã³ãžã³ã³ãã³ã
snmp-server engine-id ãšã³ãžã³ IDã®èšå® GC P467
snmp-server group ã°ã«ãŒãã®è¿œå ãšããŠãŒã¶ãŒããã¥ãŒãžãããã³ã°
GC P468
snmp-server user SNMP v3ã°ã«ãŒããžãŠãŒã¶ãŒã®è¿œå GC P474
snmp-server view ãã¥ãŒã®èšå® GC P470
show snmp engine-id ãšã³ãžã³ IDã®è¡šç€º PE P471
show snmp group ã°ã«ãŒãã®è¡šç€º PE P472
show snmp user SNMP v3ãŠãŒã¶ãŒã®è¡šç€º PE P474
show snmp view ãã¥ãŒã®è¡šç€º PE P474
ãã°éç¥ã³ãã³ãnlm æå®ãããéç¥ãã°ãæå¹å GC P476
snmp-server notify-filter éç¥ãã°ã®äœæãšã¿ãŒã²ãããã¹ãã®æå® GC P477
show nlm oper-status èšå®ãããéç¥ãã°ã®åäœã¹ããŒã¿ã¹ã衚瀺 PE P477
show snmp notify-filter èšå®ãããéç¥ãã°ã衚瀺 PE P478
ATCãã©ããã³ãã³ã
snmp-server enable port-traps atc broadcast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãçºçããåŸããããŒããã£ã¹ããã©ãã£ãã¯ãäžéå€ãäžåã£ãç¹ã«ãã©ãããéä¿¡
IC (Port) P668
snmp-server enable port-traps atc broadcast-alarm-fired
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ ããæã«ãã©ãããéä¿¡
IC (Port)
P669
snmp-server enable port-traps atc broadcast-control-apply
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port) P670
459FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server
SNMPv3ãšã³ãžã³ããã³ããã®ä»å šãŠã®ç®¡çã¯ã©ã€ã¢ã³ããµãŒãã¹ãæå¹ã«ããŸãã
"no"ãåã«çœ®ãããšã§ãµãŒãã¹ãç¡å¹ã«ããŸãã
ææ³
snmp-server
no snmp-server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
snmp-server enable port-traps atc broadcast-control-release
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port) P671
snmp-server enable port-traps atc multicast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãçºçããåŸããã«ããã£ã¹ããã©ãã£ãã¯ãäžéå€ãäžåã£ãç¹ã«ãã©ãããéä¿¡
IC (Port) P672
snmp-server enable port-traps atc multicast-alarm-fire
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ ããæã«ãã©ãããéä¿¡
IC (Port)
P673
snmp-server enable port-traps atc multicast-control-apply
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port) P674
snmp-server enable port-traps atc multicast-control-release
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port) P675
Console(config)#snmp-serverConsole(config)#
460 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server community
SNMP䜿çšæã®ã³ãã¥ããã£åãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åã ã®ã³ãã¥ããã£åã®åé€ãè¡ããŸãã
ææ³
snmp-server community string { ro | rw }
no snmp-server community string
⢠string â SNMPãããã³ã«ã«ã¢ã¯ã»ã¹ããããã®ãã¹ã¯ãŒããšãªãã³ãã¥ããã£åïŒæ倧 32æåã倧æåå°æåã¯åºå¥ãããŸããæ倧 5ã€ã®ã³ãã¥ããã£åãèšå®ã§ããŸãïŒ
⢠ro â èªã¿åãã®ã¿å¯èœãªã¢ã¯ã»ã¹ãroã«æå®ããã管ç端æ«ã¯ MIBãªããžã§ã¯ãã®ååŸã®ã¿ãè¡ããŸã
⢠rw â èªã¿æžããå¯èœãªã¢ã¯ã»ã¹ãrwã«æå®ããã管ç端æ«ã¯ MIBãªããžã§ã¯ãã®ååŸåã³å€æŽãè¡ããŸã
åæèšå®
⢠public â èªã¿åãå°çšã¢ã¯ã»ã¹ (ro)ãMIBãªããžã§ã¯ãã®ååŸã®ã¿ãè¡ããŸã
⢠private â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ (rw)ã管ç端æ«ã¯ MIBãªããžã§ã¯ãã®ååŸåã³å€æŽãè¡ããŸã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#snmp-server community alpha rwConsole(config)#
461FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server contact
ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ãåé€ããŸãã
ææ³
snmp-server contact text
no snmp-server contact
⢠text â ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®è§£èª¬ïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ãsnmp-server locationïŒP462ïŒ
snmp-server location
ã·ã¹ãã èšçœ®å Žææ å ±ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã·ã¹ãã èšçœ®å Žææ å ±ãåé€ããŸãã
ææ³
snmp-server location text
no snmp-server location
⢠text â ã·ã¹ãã èšçœ®å Žæã®è§£èª¬ïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ãsnmp-server contactïŒP462ïŒ
Console(config)#snmp-server contact JoeConsole(config)#
Console(config)#snmp-server location Room 23Console(config)#
462 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp
SNMPã®ã¹ããŒã¿ã¹ã衚瀺ããŸãã
ææ³
show snmp
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
æ¬ã³ãã³ãã䜿çšããããšã§ãã³ãã¥ããã£åã«é¢ããæ å ±ãåã³ SNMPã®å ¥åºåããŒã¿ã®æ°ã "snmp-server enable traps"ã³ãã³ããæå¹ã«ãªã£ãŠããªããŠã衚瀺ãããŸãã
äŸ
Console#show snmp
SNMP Agent : Enabled
SNMP Traps : Authentication : Enabled Link-up-down : Enabled
SNMP Communities : 1. public, and the access level is read-only 2. private, and the access level is read/write
0 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get-request PDUs 0 Get-next PDUs 0 Set-request PDUs0 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 Trap PDUs
SNMP Logging: DisabledConsole#
463FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server enable traps
SNMPã®ãã©ããã¡ãã»ãŒãžã®éä¿¡ãæå¹åããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] snmp-server enable traps { authentication | link-up-down }
⢠authentication â èªèšŒæã«äžæ£ãªãã¹ã¯ãŒããéä¿¡ãããå Žåã«ãã©ãããçºè¡ãããŸãã
⢠link-up-down â Link-upå㯠Link-downæã«ãã©ãããçºè¡ãããŸã
åæèšå®
authenticationåã³ link-up-downãã©ãããéç¥
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠snmp-server enable traps"ã³ãã³ãã䜿çšããªãå Žåãäžåã®ã¡ãã»ãŒãžã¯éä¿¡ãããŸãããSNMPã¡ãã»ãŒãžãéä¿¡ããããã«ã¯æäœ 1ã€ã® "snmp-server enable traps"ã³ãã³ããå ¥åããå¿ èŠããããŸããããŒã¯ãŒããå ¥åããã«ã³ãã³ããå ¥åããå Žåã«ã¯ãã¹ãŠã®ã¡ãã»ãŒãžãæå¹ãšãªããŸããããŒã¯ãŒããå ¥åããå Žåã«ã¯ãããŒã¯ãŒãã«é¢é£ããã¡ãã»ãŒãžã®ã¿ãæå¹ãšãªããŸãã
⢠"snmp-server host"ã³ãã³ã㯠"snmp-server enable traps"ã³ãã³ããšãšãã«äœ¿çšãããŸãã"snmp-server host"ã³ãã³ãã§ã¯ SNMPã¡ãã»ãŒãžãåãåããã¹ããæå®ããŸãããã¹ãã SNMPã¡ãã»ãŒãžãåä¿¡ããããã«ã¯æäœ 1ã€ä»¥äžã® "snmp-server host"ã³ãã³ããæå®ãããã¹ããæå¹ã«ãªã£ãŠããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
snmp-server hostïŒP465ïŒ
Console(config)#snmp-server enable traps link-up-downConsole(config)#
464 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server host
SNMPã¡ãã»ãŒãžãåãåããã¹ãã®æå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ããåé€ããŸãã
ææ³
snmp-server host host-addr inform [ retry retries | timeout seconds community-string ] version < 1c | 2c | 3 < auth | noauth | priv > > { udp-port port }
no snmp-server host host-addr
⢠host-addr â SNMPã¡ãã»ãŒãžãåãåããã¹ãã®ã¢ãã¬ã¹ïŒæ倧 5ã€ã®ãã¹ããèšå®ã§ããŸãïŒ
⢠inform â ã€ã³ãã©ãŒã ã䜿çšïŒversion2cãš 3ã§ã®ã¿äœ¿çšå¯ïŒ
ïŒ retry retriesïŒ åéãè¡ãæ倧åæ°ïŒ0-255åãåæèšå®ïŒ3åïŒ
ïŒ timeout secondsïŒ åéãŸã§ã®åŸ ã¡æéïŒ0-2147483647ã»ã³ãã»ã«ã³ãåæèšå®ïŒ1500ã»ã³ãã»ã«ã³ãïŒ
⢠community-string â ã¡ãã»ãŒãžãšãšãã«éãããã³ãã¥ããã£åãæ¬ã³ãã³ãã§ãã³ãã¥ããã£åã®èšå®ãè¡ããŸããã"snmp-server community"ã³ãã³ããå©çšããŠèšå®ããããšãæšå¥šããŸãïŒæ倧 32æåïŒ
⢠version â ãã©ããããŒãžã§ã³ãæå®ããŸãïŒç¯å²ïŒv1,v2c,v3ïŒ
ïŒ auth | noauth | privïŒ v3䜿çšæã«èšå®ããŸãããããã®èªèšŒ \æå·åãªãã·ã§ã³ã®è©³çŽ°ã«ã€ããŠã¯ P273 ãSNMPããåç §ããŠãã ããã
⢠port â ãã©ãããããŒãžã£ã䜿çšãã UDPããŒããæå®ïŒ1-65535ãåæèšå®ïŒ162ïŒ
åæèšå®
Host AddressïŒãªã
éç¥ïŒãã©ãã
SNMP VersionïŒ1
UDPããŒãïŒ162
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠"snmp-server host"ã³ãã³ãã䜿çšããªãå Žåã¯ãSNMPã¡ãã»ãŒãžã¯éä¿¡ãããŸãããSNMPã¡ãã»ãŒãžã®éä¿¡ãè¡ãããã«ã¯å¿ ã "snmp-server host"ã³ãã³ãã䜿çšãæäœ 1ã€ã®ãã¹ããæå®ããŠäžãããè€æ°ã®ãã¹ããèšå®ããå Žåã«ã¯ããããã«"snmp-server host"ã³ãã³ãã䜿çšããŠãã¹ãã®èšå®ãè¡ã£ãŠäžããã
⢠"snmp-server host"ã³ãã³ã㯠"snmp-server enable traps"ã³ãã³ããšãšãã«äœ¿çšãããŸãã"snmp-server enable traps"ã³ãã³ãã§ã¯ã©ã®ãã㪠SNMPã¡ãã»ãŒãžãéä¿¡ãããæå®ããŸãããã¹ãã SNMPã¡ãã»ãŒãžãåä¿¡ããããã«ã¯æäœ 1ã€ä»¥äžã®
465FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
"snmp-server enable traps"ã³ãã³ããš "snmp-server host"ã³ãã³ããæå®ãããã¹ããæå¹ã«ãªã£ãŠããå¿ èŠããããŸãã
⢠äžéšã®ã¡ãã»ãŒãžã¿ã€ã㯠"snmp-server enable traps"ã³ãã³ãã§æå®ããããšãã§ãããã¡ãã»ãŒãžã¯åžžã«æå¹ã«ãªããŸãã
⢠ã¹ã€ããã¯åæèšå®ã§ãã©ããã¡ãã»ãŒãžã®éç¥ãè¡ããŸããããã©ããã¡ãã»ãŒãžã®åãåãåŽã¯ã¹ã€ãããžå¿çãéããŸããããã®çºãååãªä¿¡é Œæ§ã¯ç¢ºä¿ã§ããŸãããã€ã³ãã©ãŒã ã䜿çšããããšã«ãããéèŠæ å ±ããã¹ãã«åãåãããã®ãä¿èšŒããããšãå¯èœã§ãã
ã€ã³ãã©ãŒã ã SNMPv2cãã¹ããžéä¿¡ããã«ã¯ã以äžã®ã¹ããããè¡ã£ãŠãã ããã
ïŒ1ïŒSNMPãšãŒãžã§ã³ããæå¹ã«ããã(P460)
ïŒ2ïŒå¿ èŠãªéç¥ã¡ãã»ãŒãžã§ãã¥ãŒãäœæã(P470)
ïŒ3ïŒå¿ èŠãªéç¥ãã¥ãŒãå«ãã°ã«ãŒããäœæã(P468)
ïŒ4ïŒã¹ã€ããã« SNMPãã©ããïŒéç¥ïŒéä¿¡ãèš±å¯ããã(P464)
ïŒ5ïŒæ¬é ã§è§£èª¬ãã "snmp-server host"ã³ãã³ãã䜿çšããã€ã³ãã©ãŒã ã¡ãã»ãŒãžãåä¿¡ããã¿ãŒã²ãããã¹ããæå®ã
⢠ã€ã³ãã©ãŒã ã SNMPv3ãã¹ããžéä¿¡ããã«ã¯ã以äžã®ã¹ããããè¡ã£ãŠãã ããã
ïŒ1ïŒSNMPãšãŒãžã§ã³ããæå¹ã«ããã(P460)
ïŒ2ïŒã¡ãã»ãŒãžäº€æããã»ã¹ã§äœ¿çšããããŒã«ã« SNMPv3ãŠãŒã¶ãäœæã
ïŒ3ïŒå¿ èŠãªéç¥ã¡ãã»ãŒãžã§ãã¥ãŒãäœæã(P470)
ïŒ4ïŒå¿ èŠãªéç¥ãã¥ãŒãå«ãã°ã«ãŒããäœæ (P468)
ïŒ5ïŒã¹ã€ããã« SNMPãã©ããïŒéç¥ïŒéä¿¡ãèš±å¯ããã(P464)
ïŒ6ïŒæ¬é ã§è§£èª¬ãã "snmp-server host"ã³ãã³ãã䜿çšããã€ã³ãã©ãŒã ã¡ãã»ãŒãžãåä¿¡ããã¿ãŒã²ãããã¹ããæå®ã
⢠ã¹ã€ãã㯠SNMPv1,2c,3éç¥ã管çã¹ããŒã·ã§ã³ããµããŒããã SNMPããŒãžã§ã³ã«åºã¥ããŠããã¹ã IPã¢ãã¬ã¹ã«éä¿¡åºæ¥ãŸãã"snmp-server host"ã³ãã³ãã SNMPããŒãžã§ã³ãæå®ããªãå Žåãåæèšå®ã§ã¯SNMPããŒãžã§ã³ 1ã®éç¥ãéä¿¡ããŸãã
⢠SNMPv3ãã¹ããæå®ããŠããå Žåããã©ãããããŒãžã£ã®ã³ãã¥ããã£åã¯ãSNMPãŠãŒã¶ãŒåãšããŠè§£éãããŸããSNMPv3èªèšŒãŸãã¯æå·åãªãã·ã§ã³ã䜿çšããŠããéã«ã¯ïŒauthNoPrivãŸã㯠authPrivïŒãæåã« P474 ãshow snmp userãã§ãŠãŒã¶ãŒåãå®çŸ©ããŠãã ããããŠãŒã¶ãŒåãå®çŸ©ãããŠããªãå ŽåãèªèšŒãã¹ã¯ãŒãããã³ãã©ã€ãã·ãŒãã¹ã¯ãŒããååšãããã¹ã€ããã¯ãã¹ãããã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãããå°ãSNMPv3ãã¹ãã no authenticationïŒnoAuthïŒãšããŠèšå®ããŠããå Žåã«ã¯ãSNMPãŠãŒã¶ãŒã¢ã«ãŠã³ãã¯èªåçã«çæãããŸãã®ã§ãã¹ã€ããã¯ãã¹ãããã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
äŸ
é¢é£ããã³ãã³ã
snmp-server enable trapsïŒP464ïŒ
Console(config)#snmp-server host 10.1.19.23 batmanConsole(config)#
466 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server engine-id
ãšã³ãžã³ IDã®èšå®ãè¡ããŸãããšã³ãžã³ IDã¯ããã€ã¹å ã®ãšãŒãžã§ã³ããåºæã«èå¥ããããã®ãã®ã§ãã"no"ãåã«çœ®ãããšã§ãšã³ãžã³ IDãåæèšå®å€ã«æ»ããŸãã
ææ³
snmp-server engine-id < local | remote ip address > engine-id
no snmp-server engine-id < local | remote ip address >
⢠local â ã¹ã€ããäžã® SNMPãšã³ãžã³ãæå®
⢠remote â ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ãæå®
⢠ip address â ãªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹
⢠engine-id â ãšã³ãžã³ ID
åæèšå®
ã¹ã€ããã® MACã¢ãã¬ã¹ãåºã«èªåçã«çæãããŸã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠SNMPãšã³ãžã³ã¯ã¡ãã»ãŒãžåéãé 延ããã³ãã€ã¬ã¯ã·ã§ã³ãé²æ¢ããŸãããšã³ãžã³ IDã¯ãŠãŒã¶ãã¹ã¯ãŒããšçµã¿åãããŠãSNMPv3ãã±ããã®èªèšŒãšæå·åãè¡ãããã®ã»ãã¥ãªãã£ããŒãçæããŸãã
⢠ãªã¢ãŒããšã³ãžã³ ID㯠SNMPv3 ã€ã³ãã©ãŒã ã䜿çšããéã«å¿ èŠã§ããïŒè©³ããã¯P465 ãsnmp-server hostããåç §ããŠãã ããïŒãªã¢ãŒããšã³ãžã³ IDã¯ããªã¢ãŒããã¹ãã§ãŠãŒã¶ã«éãããèªèšŒãšæå·åãã±ããã®ã»ãã¥ãªãã£ãã€ãžã§ã¹ããèšç®ããããã«äœ¿çšãããŸããSNMPãã¹ã¯ãŒãã¯ä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸããã€ã³ãã©ãŒã ã®ä¿¡é Œã§ãããšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããããã£ãŠãããã·ãªã¯ãšã¹ããŸãã¯ã€ã³ãã©ãŒã ãéä¿¡ããåã«ããªã¢ãŒããšãŒãžã§ã³ãã® SNMPãšã³ãžã³ IDãå€æŽãè¡ãå¿ èŠããããŸãã
⢠ããŒã«ã«ãšã³ãžã³ IDã¯ã¹ã€ããã«ããããŠåºæã«ãªãããã«èªåçã«çæãããŸãããããããã©ã«ããšã³ãžã³ IDãšãã³ãŸããããŒã«ã«ãšã³ãžã³ IDãåé€ãŸãã¯å€æŽãããå Žåãå šãŠã® SNMPãŠãŒã¶ãŒã¯ã¯ãªã¢ãããŸãããã®ããæ¢åã®ãŠãŒã¶ãŒã®åæ§æãè¡ãå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
snmp-server host ïŒP465ïŒ
Console(config)#snmp-server engine-id local 123456789Console(config)#snmp-server engine-id remote 192.168.1.19 9876543210Console(config)#
467FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server group
SNMPã°ã«ãŒãè¿œå ãšãSNMPãŠãŒã¶ãŒã®ãã¥ãŒãžã®ãããã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã°ã«ãŒããåé€ããŸãã
ææ³
[no] snmp-server group groupname < v1 | v2c | v3 < auth | noauth |priv> > {read readview | write writeview | notify notify view }
⢠groupname â SNMPã°ã«ãŒãåïŒ1-32æåïŒ
⢠v1 | v2c | v3 â 䜿çšãã SNMPããŒãžã§ã³ãéžæããŸã
ïŒ auth | noauth |privïŒ v3䜿çšæã«èšå®ããŸãããããã®èªèšŒ \æå·åãªãã·ã§ã³ã®è©³çŽ°ã«ã€ããŠã¯ P273 ãSNMPããåç §ããŠãã ããã
⢠readview â Readã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
⢠writeview â writeã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
⢠notify view â éç¥ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
åæèšå®
Default groupsïŒpublic (read only)ãprivate (read/write)
readview - å šãŠã®ãªããžã§ã¯ã㯠Internet OID space ïŒ1ïŒã«å±ããŸã
writeview - ãªã
notifyview - ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠SNMPã°ã«ãŒãã¯ãæå±ãããŠãŒã¶ãŒã®ã¢ã¯ã»ã¹ããªã·ãŒãå®çŸ©ããŸãã
⢠authenticationãæå¹æã¯ããshow snmp userãã§ãMD5ãŸã㯠SHAã©ã¡ããã®èªèšŒæ¹åŒãéžæããŠãã ããã
⢠privacyãæå¹æã¯ãDES56bitæå·åæ¹åŒã䜿çšãããŸãã
⢠æ¬æ©ããµããŒãããéç¥ã¡ãã»ãŒãžã®è©³ããæ å ±ã«ã€ããŠã¯ P289 ãå¿ èŠãªé ç®ãå ¥åããïŒ ApplyïŒãã¯ãªãã¯ããŸããããåç §ããŠãã ããããŸããauthentication, link-up ããã³ link-downã®ã¬ã¬ã·ãŒãã©ããã«ã€ããŠã¯ P464 ãsnmp-server enable trapsããåç §ããŠãã ããã
äŸ
Console(config)#snmp-server group r&d v3 auth write dailyConsole(config)#
468 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server user
SNMPãŠãŒã¶ãŒãã°ã«ãŒããžè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ãŠãŒã¶ãŒãã°ã«ãŒãããé€ããŸãã
ææ³
snmp-server user username groupname { remote ip-address } < v1 | v2c | v3 {encrypted} {auth <md5 | sha > auth-password }
{priv des56 priv-password } >
no snmp-server user username { v1 | v2c | v3 | remote IP Address }
⢠username â ãŠãŒã¶ãŒåïŒ1-32æåïŒ
⢠groupname â ã°ã«ãŒãåïŒ1-32æåïŒ
⢠remote â ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ãéžæããŸã
⢠ip-address â ãªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹
⢠v1 | v2c | v3 â SNMPããŒãžã§ã³ã®éžæããŸã
⢠encrypted â æå·åãã¹ã¯ãŒã
⢠auth â èªèšŒã䜿çšããŸã
⢠md5 | sha â MD5ãŸã㯠SHAèªèšŒãéžæããŸã
⢠auth-password â èªèšŒãã¹ã¯ãŒãïŒ8æå以äžïŒ
⢠priv des56 â ãã©ã€ãã·ãŒãš DES56æå·å SNMP V3ã䜿çš
⢠priv-password â ãã©ã€ãã·ãŒãã¹ã¯ãŒã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãªã¢ãŒããŠãŒã¶ãŒã®èšå®ãè¡ãåã«ããsnmp-server engine-idãã³ãã³ãã§ããªã¢ãŒããšã³ãžã³IDã®èšå®ãè¡ã£ãŠãã ããããã®åŸã«ãshow snmp userãã䜿çšããŠãŒã¶ãŒãšããŠãŒã¶ãŒãæå±ãããªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹ãèšå®ããŠãã ããããªã¢ãŒããšãŒãžã§ã³ãã®ãšã³ãžã³IDã¯ãŠãŒã¶ãŒã®ãã¹ã¯ãŒãããèªèšŒ /ãã©ã€ãã·ãŒã®ãã€ãžã§ã¹ããèšç®ããã®ã«äœ¿çšãããŸãã
⢠SNMPãã¹ã¯ãŒãã¯ãä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸãããã©ããéç¥ã®ä¿¡é Œã§ãã SNMPãšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããã®ããããããã·ãªã¯ãšã¹ããŸãã¯ãã©ããéç¥ãéä¿¡ããåã«ãªã¢ãŒããšãŒãžã§ã³ãã® SNMPãšã³ãžã³ IDãèšå®ããå¿ èŠããããŸããïŒè©³ãã㯠P290 ããã©ãããããŒãžã£ã®æå®ãããã³ P288 ãSNMPv3ãªã¢ãŒããŠãŒã¶ãŒã®èšå®ããåç §ããŠãã ããïŒ
äŸ
Console(config)#snmp-server user steve r&d v3 auth md5 greenpeace priv des56 einstienConsole(config)#snmp-server user mark r&d remote 192.168.1.19 v3 auth md5 greenpeace priv des56 einstienConsole(config)#
469FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server view
ãã®ã³ãã³ãã§ã¯ããã¥ãŒã®è¿œå ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¥ãŒãåé€ããŸãã
ææ³
snmp-server view view-name {oid-tree} <include | exclude>
no snmp-server view view-name
⢠view-name â ãã¥ãŒã®ååïŒ1-32æåïŒ
⢠oid-tree â åç §å¯èœã«ãã MIBããªãŒã® OIDãã¹ããªã³ã°ã®ç¹å®ã®éšåã«ãã¯ã€ã«ãã«ãŒãã䜿çšããŠãã¹ã¯ããããããšãã§ããŸã
⢠include â includeãã¥ãŒãæå®
⢠exclude âexcludeãã¥ãŒãæå®
åæèšå®
ããã©ã«ããã¥ãŒïŒå šãŠã®MIBããªãŒãžã®ã¢ã¯ã»ã¹ãå«ãïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠äœæããããã¥ãŒã¯ãMIBããªãŒã®æå®ãããç¯å²ãžã®ãŠãŒã¶ã¢ã¯ã»ã¹ãå¶éããããã«äœ¿çšãããŸãã
⢠ããã©ã«ããã¥ãŒã¯å šäœã® MIBããªãŒãžã®ã¢ã¯ã»ã¹ãå«ã¿ãŸãã
äŸ
MIB-2ãå«ã Viewãèšå®
MIB-2ã€ã³ã¿ãã§ãŒã¹ããŒãã«ãifDescrãå«ã Viewãèšå®ãã¯ã€ã«ãã«ãŒãã¯ããã®ããŒãã«å ã®ãã¹ãŠã®ã€ã³ããã¯ã¹å€ãéžæããã®ã«äœ¿çšãããŸãã
MIB-2ã€ã³ã¿ãã§ãŒã¹ããŒãã«ãå«ã Viewãèšå®ããã¹ã¯ã¯ãã¹ãŠã®ã€ã³ããã¯ã¹ãšã³ããªãŒãéžæããŸãã
Console(config)#snmp-server view mib-2 1.3.6.1.2.1 included Console(config)#
Console(config)#snmp-server view ifEntry.2 1.3.6.1.2.1.2.2.1.*.2
ãincludedConsole(config)#
Console(config)#snmp-server view ifEntry.a 1.3.6.1.2.1.2.2.1.1.*
ãincludedConsole(config)#
470 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp engine-id
èšå®äžã® SNMPãšã³ãžã³ IDã衚瀺ããŸã
ææ³
show snmp engine-id
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
é ç® è§£èª¬
Local SNMP engineID ããŒã«ã«ãšã³ãžã³ IDã衚瀺
Local SNMP engineBoots ååãšã³ãžã³ IDã®èšå®ãè¡ãããŠããããšã³ãžã³ã®ïŒåïŒåæåãè¡ãããåæ°ã衚瀺
Remote SNMP engineID ãªã¢ãŒãããã€ã¹ã®ãšã³ãžã³ IDã衚瀺
IP address ãªã¢ãŒããšã³ãžã³ã® IPã¢ãã¬ã¹ã衚瀺
Console#show snmp engine-idLocal SNMP engineID: 8000002a8000000000e8666672Local SNMP engineBoots: 1
Remote SNMP engineID ããããããããããããããããã IP address
80000000030004e2b316c54321 ãããããããããããã 192.168.1.19Console#
471FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp group
4ã€ã®ããã©ã«ãã°ã«ãŒããæäŸãããŸããSNMPv1ã® read-onlyããã³ read/ writeã¢ã¯ã»ã¹ãSNMPv2ã® read-onlyããã³ read/writeã¢ã¯ã»ã¹ã
ææ³
show snmp group
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
é ç® è§£èª¬
groupname ã°ã«ãŒãå
security model ã»ãã¥ãªãã£ã¢ãã«
read view read ãã¥ãŒ
write view writeãã¥ãŒ
notify view éç¥ãã¥ãŒ
storage type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ã
Row Status ãã¥ãŒã®ç¶æ
472 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
äŸ
Console#show snmp groupGroup Name: fxcSecurity Model: v3Read View: defaultviewWrite View: noneNotify View: noneStorage Type: nonvolatileRow Status: active
Group Name: publicSecurity Model: v1Read View: defaultviewWrite View: noneNotify View: noneStorage Type: volatileRow Status: active
Group Name: publicSecurity Model: v2cRead View: defaultviewWrite View: noneNotify View: noneStorage Type: volatileRow Status: active
Group Name: privateSecurity Model: v1Read View: defaultviewWrite View: defaultviewNotify View: noneStorage Type: volatileRow Status: active
Group Name: privateSecurity Model: v2cRead View: defaultviewWrite View: defaultviewNotify View: noneStorage Type: volatileRow Status: active
Console#
473FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp user
SNMPãŠãŒã¶ãŒæ å ±ã衚瀺ããŸãã
ææ³
show snmp user
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
é ç® è§£èª¬
EngineId ãšã³ãžã³ ID
User Name ãŠãŒã¶ãŒå
Authentication Protocol èªèšŒãããã³ã«
Privacy Protocol æå·åæ¹åŒ
storage-type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ã
Row Status ãã¥ãŒã®ç¶æ
SNMP remote user ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ã«æå±ãããŠãŒã¶ãŒ
Console#show snmp userEngineId: 01000000000000000000000000User Name: steveAuthentication Protocol: md5Privacy Protocol: des56Storage Type: nonvolatileRow Status: active
SNMP remote userEngineId: 80000000030004e2b316c54321User Name: markAuthentication Protocol: mdtPrivacy Protocol: des56Storage Type: nonvolatileRow Status: active
Console#
474 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp view
ãã¥ãŒã衚瀺ããŸãã
ææ³
show snmp view
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
é ç® è§£èª¬
View Name ãã¥ãŒå
Subtree OID åç §å¯èœãªMIBããªãŒã® OID
View Type OIDã§è¡šç€ºãããMIBããŒãããã¥ãŒã«å«ãŸããŠããïŒincludedïŒãå«ãŸããŠããªããïŒexcludedïŒ
Storage Type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ã
Row Status ãã¥ãŒã®ç¶æ
Console#show snmp viewView Name: mib-2Subtree OID: 1.2.2.3.6.2.1View Type: includedStorage Type: nonvolatileRow Status: active
View Name: defaultviewSubtree OID: 1View Type: includedStorage Type: nonvolatileRow Status: active
Console#
475FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
nlm
æå®ããéç¥ãã°ã®ãæå¹ãŸãã¯ç¡å¹ã«ããŸãã
ææ³
nlm filter-nameno nlm
⢠filter-name â éç¥ãã°åïŒç¯å²ïŒ1-32æåïŒ
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠éç¥ãã®ã³ã°ã¯åæèšå®ã§æå¹ã§ããã"snmp-server notify-filter"ã³ãã³ãã§æå®ããããã®ã³ã°ãããã¡ã€ã«ã "nlm"ã³ãã³ãã§æå¹ã«ãªããŸã§ãæ å ±ã®èšé²ãéå§ããŸããã
⢠ãã®ã³ãã³ãã«ãããã®ã³ã°ã®ç¡å¹ã¯ãéç¥ãã°ã«ä¿åãããŠãããšã³ããªãåé€ããŸããã
äŸ
Console(config)#nlm A1Console(config)#nlm A2Console(config)#
476 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server notify-filter
SNMPéç¥ãã°ãäœæããŸããåã« "no"ã眮ãããšã§ããã®ãã°ãåé€ããŸãã
ææ³
[no] snmp-server notify-filter profile-name remote ip-address
⢠profile-name â éç¥ãã°ãããã¡ã€ã«åïŒç¯å²ïŒ1-32æåïŒ
⢠ip-address â ãªã¢ãŒãããã€ã¹ã®ã€ã³ã¿ãŒãããã¢ãã¬ã¹ã
[ 泚æ ]ãéç¥ãã°ã¯ããŒã«ã«ã«ä¿åããããªã¢ãŒãããã€ã¹ãžã¯éä¿¡ãããŸããããã®ãªã¢ãŒããã¹ããã©ã¡ãŒã¿ã¯ SNMPéç¥ MIBã®ç®¡çãã£ãŒã«ããå®äºããããšã ããå¿ èŠãšãããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠SNMPããµããŒãããã·ã¹ãã ã¯ãã°ãã°éç¥ã®æ¶å€±ã«å¯Ÿããäºé²ãšããŠéç¥æ å ±ãèšé²ããã¡ã«ããºã ãå¿ èŠãšããŸããéç¥ãã° MIB (Notification Log MIB NLM, RFC 3014)㯠MIBæ å ±ã®åºç€æ§é ãæäŸããŸãã
⢠éç¥ãã®ã³ã°ãæå¹ã«èšå®ãããŠããªãæã«ã¹ã€ãããåèµ·åãè¡ã£ãå Žåãããã€ãã® SNMPãã©ããïŒwarm startãªã©ïŒã¯èšé²ãããŸããããã®åé¡ãåé¿ãããããéç¥ãã®ã³ã°ã®èšå®ãè¡ãã" snmp-server notify-filter"ã³ãã³ãã§æå¹ã«ããŠãã ããããŸãããããã®ã³ãã³ãã¯èµ·åèšå®ãã¡ã€ã«ã«ä¿åãããŠããŸããã¹ã€ããåèµ·åæãSNMPãã©ããïŒwarm startãªã©ïŒã¯ä¿åãããŸãã
⢠ãã®ã³ãã³ãã®å®è¡æãéç¥ãã°ãäœæãããŸããïŒRFC3014ã§å®çŸ©ãããããã©ã«ããã©ã¡ãŒã¿ïŒéç¥ãã®ã³ã°ã¯åæèšå®ã§æå¹ïŒP476 ãnlmããåç §ïŒã«ãªã£ãŠããŸããããã®ã³ãã³ãã§æå®ããããã®ã³ã°ãããã¡ã€ã«ã "nlm"ã³ãã³ãã§æå¹ã«ãªããŸã§ãæ å ±ã®èšé²ãéå§ããŸãã
⢠RFC3014ã§äœ¿çšãããåæèšå®ã«åºã¥ããŠãéç¥ãã°ã¯æ倧 256ãšã³ããªãå«ãããšãå¯èœã§ããããšã³ããªã®ãšãŒãžã³ã°ã¿ã€ã 㯠1440åã§ããéç¥ãã°ã«èšé²ãããæ å ±ããšã³ããªãšãŒãžã³ã°ã¿ã€ã ã¯ãããã¯ãŒã¯ç®¡çã¹ããŒã·ã§ã³ãã SNMPã䜿çšããŠã®ã¿èšå®ãå¯èœã§ãã
äŸ
show nlm oper-status
Console(config)#snmp-server host 10.1.19.23 batmanConsole(config)#snmp-server notify-filter A1 remote 10.1.19.23Console#
477FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
èšå®ãããéç¥ãã°ã®çšŒåç¶æ³ã衚瀺ããŸãã
ææ³
show nlm oper-status
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show snmp notify-filter
èšå®ãããéç¥ãã°ã衚瀺ããŸãã
ææ³
show snmp notify-filter
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#sh nlm oper-statusFilter Name: A1Oper-Status: OperationalFilter Name: A2Oper-Status: OperationalConsole#
Console#show snmp notify-filterFilter profile name IP address---------------------------- ----------------A1 10.1.19.23A2 10.1.19.22traphost.1.1.1.1.private 1.1.1.1Console#
478 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
4.7 ãªã¢ãŒãã¢ãã¿ãªã³ã°
ãªã¢ãŒãã¢ãã¿ãªã³ã°ã¯ããªã¢ãŒãè£ çœ®ãéäŸåãåºç€ã«æå®ãããã€ãã³ãã®æ å ±ããåéãŸãã¯å¯ŸåŠããããšãå¯èœã«ããŸãã
æ¬æ©ã¯ãç¬ç«ããŠåºç¯å²ã®ã¿ã¹ã¯ãå®è¡ããããšãå¯èœãª RMONã«å¯Ÿå¿ããŠããããããã¯ãŒã¯ç®¡çãã©ãã£ãã¯ãå€§å¹ ã«äœæžããããšãåºæ¥ãŸãããã®æ©èœã«ããé£ç¶çãªèšºæãšãã°æ å ±åéãè¡ããŸããæ¬æ©ã¯çµ±èšãå±¥æŽãã€ãã³ããã¢ã©ãŒã ã°ã«ãŒãããæããmini-RMONããµããŒãããŠããŸããRMONæå¹æãã·ã¹ãã ã¯æ¬¡ç¬¬ã«ãã®ç©ççã€ã³ã¿ãã§ãŒã¹ã«é¢ããæ å ±ãå¢åŒ·ãããã®æ å ±ã«é©å㪠RMONããŒã¿ããŒã¹ã°ã«ãŒããžä¿åããŸãã管çãšãŒãžã§ã³ã㯠SNMPãããã³ã«ã䜿çšããåšæçã«ã¹ã€ãããšã³ãã¥ãã±ãŒã·ã§ã³ãè¡ããŸããããã¹ã€ãããèŽåœçãªã€ãã³ãã«ééããå Žåãããã¯ç®¡çãšãŒãžã§ã³ããžèªåã§ãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒãããŒãž
rmon alarm ç£èŠãããå€æ°ã®ããã®éŸå€ã®éçãèšå® GC P480
rmon event ã¢ã©ãŒã ã®è¿çã€ãã³ããäœæ GC P481
rmon collection history åšæçã«çµ±èšã®ãµã³ãã«ãæ¡å IC P482
rmon collection rmon1 çµ±èšã®åéãæå¹å IC P483
show rmon alarms å šãŠã®ã¢ã©ãŒã ã®èšå®ã衚瀺 PE P484
show rmon events å šãŠã®ã€ãã³ãã®èšå®ã衚瀺 PE P484
show rmon history ããããã®ãšã³ããªã®ãµã³ããªã³ã°ãã©ã¡ãŒã¿ã衚瀺
PE P485
show rmon statistics åéãããçµ±èšã衚瀺 PE P485
479FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
rmon alarm
ç£èŠãããå€æ°ã®ãããå€ã®éçãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ã¢ã©ãŒã ãåé€ããŸãã
ææ³
rmon alarm index variable interval seconds < absolute | delta > rising-threshold threshold event-index falling-threshold threshold { event-index } { owner name }
no rmon event index
⢠index â ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
⢠variable â ãµã³ãã«ããã MIBå€æ°ã®ãªããžã§ã¯ãèå¥åãã¿ã€ã etherStatsEntry.n.nã®å€æ°ã®ã¿ããµã³ãã«ãããŸããetherStatsEntry.nã¯äžæçã« MIBå€æ°ãå®çŸ©ããetherStatsEntry.n.n㯠MIBå€æ°ã«å ã㊠etherStatsIndexãå®çŸ©ããããšã«ã泚æäžãããäŸãã°ã1.3.6.1.2.1.16.1.1.1.6.1ã¯etherStatsBroadcastPktsã«å ã㊠1ã® etherStatsIndexã瀺ããŸãã
⢠seconds â ããŒãªã³ã°ééïŒç¯å²ïŒ1-31622400ç§ïŒ
⢠absolute â å€æ°ã¯ãµã³ããªã³ã°ããªãªãã®çµããã«çŽæ¥ãããå€ãšæ¯èŒãããŸãã
⢠deltaâ æåŸã®ãµã³ãã«ã¯çŸåšã®å€ããåŒãããçžéããããå€ãšæ¯èŒãããŸãã
⢠threshold â ãµã³ãã«ãããå€æ°ã®ã¢ã©ãŒã ãããå€ïŒç¯å²ïŒ1-65535ïŒ
⢠event-index â ã¢ã©ãŒã ãåŒãèµ·ããããæã«äœ¿çšãããã€ãã³ãã®ã€ã³ããã¯ã¹ããã察å¿ãããšã³ããªãã€ãã³ãã³ã³ãããŒã«ããŒãã«ã«ãªãå Žåãã€ãã³ãã¯çæãããŸããïŒç¯å²ïŒ1-65535ïŒ
⢠name â ãã®ãšã³ããªã®äœæè ã®ååïŒç¯å²ïŒ1-127æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¢ã«ã€ãã³ããã€ã³ããã¯ã¹ã«å®çŸ©ãããŠããå Žåããã®ã³ãã³ãã§å€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
äŸ
Console(config)#rmon alarm 1 1.3.6.1.2.1.16.1.1.1.6.1 15 delta rising- threshold 100 falling-threshold 30 owner mikeConsole(config)#
480 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
rmon event
ã¢ã©ãŒã ã®è¿çã€ãã³ãäœæããŸãã"no"ãåã«çœ®ãããšã§ã€ãã³ããåé€ããŸãã
ææ³
rmon event index { log } | { trap community} | { description string } | { owner name }
no rmon event index
⢠index â ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
⢠log â ã€ãã³ãçºçæãRMONãã°ãšã³ããªãçæã
⢠ãã°ã¡ãã»ãŒãžã¯ã€ãã³ããã®ã³ã°ã®çŸåšã®èšå®ãåºã«åŠçãããŸãã ("Event Logging"ïŒP426ïŒ åç § )
⢠trap â èšå®ããããã©ãããããŒãžã£ã«ãã©ããã¡ãã»ãŒãžãéä¿¡ãïŒ"snmp-server host"ïŒP465ïŒåç §ïŒ
⢠community â ãã©ãããªãã¬ãŒã·ã§ã³ãšå ±ã« SNMPv1ããã³ v2cãã¹ããžéä¿¡ãããããã¹ã¯ãŒãã®ãããªã³ãã¥ããã£ã¹ããªã³ã°ããã®ã¹ããªã³ã°ãããèªèº«ã«ãã£ãŠ " rmon event"ã³ãã³ãïŒP481ïŒã䜿çšããŠèšå®ãããããšãå¯èœã§ãããã¹ããªã³ã°ã¯ " rmon event"ã³ãã³ãã䜿çšãããããã"snmp-server community" ã³ãã³ãïŒP461ïŒã䜿çšããŠå®çŸ©ããããšãæšå¥šããŸããïŒç¯å²ïŒ1-32ïŒ
⢠stringâ ãã®ã€ãã³ãã説æããã³ã¡ã³ãïŒç¯å²ïŒ1-127æåïŒ
⢠name â ãã®ãšã³ããªã®äœæè ã®ååïŒç¯å²ïŒ1-127æåïŒ
åæèšå®
1ã€ã®åæã€ãã³ãã以äžã®ããã«èšå®ãããŠããŸãã
event Index = 1
Description: RMON_TRAP_LOG
Event type: log & trap
Event community name is public
Owner is RMON_SNMP
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¢ã«ã€ãã³ããã€ã³ããã¯ã¹ã«å®çŸ©ãããŠããå Žåããã®ã³ãã³ãã§å€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠æå®ãããã€ãã³ãã¯ããã®ã€ãã³ãã§ã¢ã©ãŒã ãèµ·ãã£ãæã«åãã¢ã¯ã·ã§ã³ã決å®ããŸããã¢ã©ãŒã ãžã®è¿çã¯ã¢ã©ãŒã ã®ãã®ã³ã°ãŸãã¯ãã©ãããããŒãžã£ãžã®ã¡ãã»ãŒãžéä¿¡ãå«ã¿ãŸãã
äŸ
Console(config)#rmon event 2 log description urgent owner mikeConsole(config)#
481FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
rmon collection history
ç©çã€ã³ã¿ãã§ãŒã¹äžã®çµ±èšå€ãåšæçã«ãµã³ãã«ããŸãã"no"ãåã«çœ®ãããšã§åšæçãµã³ããªã³ã°ãç¡å¹ã«ããŸãã
ææ³
rmon collection history controlEntry index { buckets number } | { interval seconds } | {owner name }
no rmon collection history index
⢠index â ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
⢠number â ãã®ãšã³ããªã§èŠæ±ããããã±ããã®æ°ïŒç¯å²ïŒ1-65536ïŒ
⢠seconds â ããŒãªã³ã°ã€ã³ã¿ãŒãã«ïŒç¯å²ïŒ1-3600ç§ïŒ
⢠name â ãã®ãšã³ããªã®äœæè ã®ååïŒç¯å²ïŒ1-127æåïŒ
åæèšå®
æå¹
ãã±ããïŒ50
ã€ã³ã¿ãŒãã«ïŒ1800ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠åæèšå®ã§ã¯ãããããã®ã€ã³ããã¯ã¹çªå·ã¯ã¹ã€ããã®ããŒããšåçã§ãããçŸåšäœ¿çšããŠããªãã©ããªæ°ã«ãå€æŽããããšãå¯èœã§ãã
⢠ã€ã³ã¿ãã§ãŒã¹ã§åšæçãµã³ãã«ãæ¢ã«æå¹ã«ãªã£ãŠããå Žåããã®ã³ãã³ãã§å€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠ããããã®ãµã³ãã«ã§åéãããæ å ±ïŒã€ã³ããããªã¯ãããããã±ãããããŒããã£ã¹ããã±ããããã«ããã£ã¹ããã±ãããã¢ã³ããŒãµã€ãºãã±ããããªãŒããŒãµã€ãºãã±ããããã©ã°ã¡ã³ãããžã£ããŒãCRCã¢ã©ã€ã¡ã³ããšã©ãŒãããããã€ãã³ãããããã¯ãŒã¯äœ¿çšçã
äŸ
Console(config)#interface ethenet 1/1Console(config-if)#rmon collection history controlEntry 21 buckets 24 interval 60Console(config-if)#
482 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
rmon collection rmon1
ç©çã€ã³ã¿ãã§ãŒã¹ã®çµ±èšå€ã®åéãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§çµ±èšå€åéãç¡å¹ã«ããŸãã
ææ³
rmon collection rmon1 controlEntry index {owner name }
no rmon collection rmon1 controlEntry index
⢠index â ãã®ãšã³ããªã®ã€ã³ããã¯ã¹ïŒç¯å²ïŒ1-65535ïŒ
⢠name â ãã®ãšã³ããªã®äœæè ã®ååïŒç¯å²ïŒ1-127æåïŒ
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠åæèšå®ã§ã¯ãããããã®ã€ã³ããã¯ã¹çªå·ã¯ã¹ã€ããã®ããŒããšåçã§ãããçŸåšäœ¿çšããŠããªãã©ããªæ°ã«ãå€æŽããããšãå¯èœã§ãã
⢠ã€ã³ã¿ãã§ãŒã¹ã§çµ±èšå€åéãæ¢ã«æå¹ã«ãªã£ãŠããå Žåããã®ã³ãã³ãã§å€æŽãè¡ãåã«ãšã³ããªãåé€ããŠãã ããã
⢠ããããã®ãšã³ããªã§åéãããæ å ±ïŒã€ã³ããããã±ããããã€ããããããããã±ããããã«ããã£ã¹ããã±ããã¢ãŠãããããã±ããããã€ãããã«ããã£ã¹ããã±ããããããŒããã£ã¹ããã±ãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#rmon collection rmon1 controlEntry 1 owner mikeConsole(config-if)#
483FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
show rmon alarms
å šãŠã®èšå®ãããã¢ã©ãŒã ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show rmon events
å šãŠã®èšå®ãããã€ãã³ãã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show rmon alarmsalarm Index = 1 alarm Interval = 30 alarm Type is Delta alarm Value = 0 alarm Rising Threshold = 892800 alarm Rising Event = 0 alarm Falling Threshold = 446400 alarm Falling Event = 0 alarm Owner is RMON_SNMP ...
Console#show rmon events
ãevent Index = 1
ãããããDescription: RMON_TRAP_LOG
ãããããEvent type: log & trap
ãããããEvent community name is public
ãããããLast Time Sent = 0
ãããããOwner is RMON_SNMPConsole#
484 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã¢ãŒãã¢ãã¿ãªã³ã°
show rmon history
ãã¹ããªã°ã«ãŒãã®ããããã®ãšã³ããªã«èšå®ããããµã³ããªã³ã°ãã©ã¡ãŒã¿ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show rmon statistics
çµ±èšã°ã«ãŒãã§ãèšå®ãããå šãŠã®ãšã³ããªã§åéãããæ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show rmon historyEntry 1 is valid, and owned by Monitors 1.3.6.1.2.1.2.2.1.1.1 every 1800 seconds Requested # of time intervals, ie buckets, is 8 Granted # of time intervals, ie buckets, is 8 Sample # 1 began measuring at 00:00:01 Received 0 octets, 0 packets, 0 broadcast and 0 multicast packets, 0 undersized and 0 oversized packets, 0 fragments and 0 jabbers packets, 0 CRC alignment errors and 0 collisions. # of dropped packet events is 0 Network utilization is estimated at 0...Console#
Console#show rmon statisticsInterface 1 is valid, and owned by Monitors 1.3.6.1.2.1.2.2.1.1.1 which has Received 0 octets, 0 packets, 0 broadcast and 0 multicast packets, 0 undersized and 0 oversized packets, 0 fragments and 0 jabbers, 0 CRC alignment errors and 0 collisions. # of dropped packet events (due to lack of resources): 0 # of packets received of length (in octets): 64: 0, 65-127: 0, 128-255: 0, 256-511: 0, 512-1023: 0, 1024-1518: 0...Console#
485FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8 èªèšŒã³ãã³ã
æ¬æ©ãžãããŒã«ã«ãŸãã¯ãªã¢ãŒãèªèšŒã¡ãœããã䜿çšãã管çã¢ã¯ã»ã¹ãžã®ãŠãŒã¶ã®ãã°ã€ã³èªèšŒãèšå®ããããšãå¯èœã§ããåãããã¢ãããªã³ã¯ããŒããžã®ç®¡çã¢ã¯ã»ã¹ããŸãã¯ããŒã¿ããŒããžã®ã¯ã©ã€ã¢ã³ãã¢ã¯ã»ã¹ãž IEEE802.1Xã䜿çšããããŒãããŒã¹èªèšŒãèšå®ããããšãå¯èœã§ãã
4.8.1 ãŠãŒã¶ãŒã¢ã«ãŠã³ã
管çã¢ã¯ã»ã¹ã®ããã®åºæ¬çãªã³ãã³ãã§ãã管çã¢ã¯ã»ã¹ã«é¢ãããã®ä»ã®èšå®ã«é¢ããŠã¯ãP418 ãpasswordãã P489 ãèªèšŒã·ãŒã±ã³ã¹ããP528 ã802.1x ããŒãèªèšŒã³ãã³ããããããŸãã
ã³ãã³ãã°ã«ãŒã
æ©èœããŒãž
User Accounts 管çã¢ã¯ã»ã¹ã®åºæ¬ãŠãŒã¶åããã¹ã¯ãŒããèšå® P486
AuthenticationSequence ãã°ã€ã³èªèšŒæ¹åŒãšåªå é äœã®èšå® P489
RADIUS Client RADIUSãµãŒãèªèšŒã®èšå® P491
TACACS+ Client TACACS+ãµãŒãèªèšŒã®èšå® P497
AAA èªèšŒ ,èªå¯ ,ã¢ã«ãŠã³ãã£ã³ã° (AAA)ã®èšå® P500
Web Server Webãã©ãŠã¶ããã®ç®¡çã¢ã¯ã»ã¹ãæå¹å P509
Telnet Server TelnetãµãŒãããã®ç®¡çã¢ã¯ã»ã¹ãæå¹å P513
Secure Shell Telnetã«å®å šãªãªãã¬ã€ã¹ãæäŸ P516
802.1X Port Authentication EEE802.1Xã«ããããŒãèªèšŒã®èšå® P528
Management IP Filter 管çã¢ã¯ã»ã¹ãèš±å¯ããã IPã¢ãã¬ã¹ãèšå® P546
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãženable password åã¢ã¯ã»ã¹ã¬ãã«ã®ãã¹ã¯ãŒãã®èšå® GC P487
username ãã°ã€ã³ããããã®ãŠãŒã¶åã®èšå® GC P488
486 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
enable password
Normal Execã¬ãã«ãã Privileged Execã¬ãã«ã«ç§»è¡ããéã«äœ¿çšããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
å®å šã®ãããã¹ã¯ãŒãã¯åæèšå®ããå€æŽããŠãã ãããå€æŽãããã¹ã¯ãŒãã¯å¿ããªãããã«ããŠäžããã
ææ³
enable password [ level level | 0 | 7 ] password
no enable password [ leve l level ]
⢠level level â Privileged Execãžã¯ Level 15ãå ¥åããŸããïŒLevel0-14ã¯äœ¿çšããŸããïŒ
⢠0 | 7 â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password â privileged Execã¬ãã«ãžã®ãã¹ã¯ãŒãïŒæ倧 32æåã倧æåå°æåã¯åºå¥ãããŸãïŒ
åæèšå®
åæèšå®ã¬ãã« 15
åæèšå®ãã¹ã¯ãŒã "super"
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¹ã¯ãŒãã空æ¬ã«ããããšã¯ã§ããŸãããP372 ãenableãã³ãã³ãã䜿çšãNormal Execãã Privileged Execãžã®ã³ãã³ãã¢ãŒãã®å€æŽãã¹ã¯ãŒããå ¥åããŠäžããã
⢠æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠã³ããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
é¢é£ããã³ãã³ã
enableïŒP372ïŒauthentication enabledïŒP489ïŒ
Console(config)#enable password level 15 0 adminConsole(config)#
487FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
username
ãã°ã€ã³ããéã®ãŠãŒã¶ååã³ãã¹ã¯ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãŠãŒã¶åãåé€ããŸãã
ææ³
username name [ access-level level | nopassword | password <0 | 7> password ]
no username name
⢠name â ãŠãŒã¶åïŒæ倧 8æåã倧æåãšå°æåã¯åºå¥ãããŸãïŒãæ倧ãŠãŒã¶æ° : 16ãŠãŒã¶
⢠access-level level â ãŠãŒã¶ã¬ãã«ã®èšå®æ¬æ©ã«ã¯ 2çš®é¡ã®ã¢ã¯ã»ã¹ã¬ãã«ããããŸãïŒ0: Normal Execã15: Privileged Exec
⢠nopassword â ãã°ã€ã³ãã¹ã¯ãŒããå¿ èŠãªãå Žå
⢠<0 | 7> â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password password â ãŠãŒã¶çšã®ãã¹ã¯ãŒãïŒæ倧 32æåã倧æåãšå°æåã¯åºå¥ãããŸãïŒ
åæèšå®
⢠åæèšå®ã®ã¢ã¯ã»ã¹ã¬ãã«ã¯ Normal Execã¬ãã«ã§ãã
⢠åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒãã¯ä»¥äžã®éãã§ãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
æ¬äŸã¯ããŠãŒã¶ãžã®ã¢ã¯ã»ã¹ã¬ãã«ãšãã¹ã¯ãŒãã®èšå®ã瀺ããŠããŸãã
ãŠãŒã¶å ã¢ã¯ã»ã¹ã¬ãã« ãã¹ã¯ãŒãguestadmin
015
guestadmin
Console(config)#username bob access-level 15Console(config)#username bob password 0 smithConsole(config)#
488 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.2 èªèšŒã·ãŒã±ã³ã¹
管çã¢ã¯ã»ã¹çšã·ã¹ãã ãžã®ãŠãŒã¶ãã°ã€ã³èªèšŒãè¡ãããã3ã€ã®èªèšŒã¡ãœãããæå®ããããšãå¯èœã§ããããã§è§£èª¬ããã³ãã³ãã¯èªèšŒã¡ãœãããšã·ãŒã±ã³ã¹ãå®çŸ©ããããã«äœ¿çšããŸãã
authentication enable
"enable"ã³ãã³ãïŒP372ïŒã§ Execã¢ãŒããã Privileged Execã¢ãŒããžå€æŽããå Žåã®ããã°ã€ã³èªèšŒæ¹æ³åã³åªå é äœãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
authentication enable <local | radius | tacacs >
no authentication enable
⢠local â ããŒã«ã«èªèšŒã䜿çšããŸã
⢠radius â RADIUSãµãŒãèªèšŒã䜿çšããŸã
⢠tacacs â TACACS+ãµãŒãèªèšŒã䜿çšããŸã
åæèšå®
Local
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠RADIUSã§ã¯ UDPãTACACS+ã§ã¯ TCPã䜿çšããŸããUDPã¯ãã¹ããšãã©ãŒãåã®æ¥ç¶ã§ãããTCPã¯æ¥ç¶ç¢ºç«åã®æ¥ç¶ãšãªããŸãããŸããRADIUSæå·åã¯ã¯ã©ã€ã¢ã³ããããµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãã
⢠RADIUSåã³ TACACS+ãã°ã€ã³èªèšŒã¯åãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿãã¢ã¯ã»ã¹ã¬ãã«ãèšå®ããããšãã§ããŸãããŠãŒã¶åãšãã¹ã¯ãŒããã¢ã¯ã»ã¹ã¬ãã«ã¯èªèšŒãµãŒãåŽã§èšå®ããããšãã§ããŸãã
⢠3ã€ã®èªèšŒæ¹åŒã 1ã€ã®ã³ãã³ãã§èšå®ããããšãã§ããŸããäŸãã°ã"authentication enable radius tacacs local"ãšããå ŽåããŠãŒã¶åãšãã¹ã¯ãŒãã RADIUSãµãŒãã«å¯Ÿãæåã«ç¢ºèªããŸããRADIUSãµãŒããå©çšã§ããªãå ŽåãTACACS+ãµãŒãã«ã¢ã¯ã»ã¹ããŸããTACACS+ãµãŒããå©çšã§ããªãå Žåã¯ããŒã«ã«ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããŸãã
äŸ
é¢é£ããã³ãã³ã
enable passwordïŒP372ïŒ â ã³ãã³ãã¢ãŒãå€æŽã®ããã®ãã¹ã¯ãŒãã®èšå®
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžauthenticationenable ã³ãã³ãã¢ãŒãå€æŽæã®èªèšŒæ¹åŒãšåªå é äœã®èšå® GC P490
Authenticationlogin èªèšŒæ¹æ³ãšåªå é äœã®èšå® GC P490
Console(config)#authentication enable radiusConsole(config)#
489FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
Authentication login
ãã°ã€ã³èªèšŒæ¹æ³åã³åªå é äœãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
authentication login <local | radius | tacacs>
no authentication login
⢠local â ããŒã«ã«èªèšŒã䜿çšããŸã
⢠radius â RADIUSãµãŒãèªèšŒã䜿çšããŸã
⢠tacacs â TACACS+ãµãŒãèªèšŒã䜿çšããŸã
åæèšå®
Localã®ã¿
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠RADIUSã§ã¯ UDPãTACACS+ã§ã¯ TCPã䜿çšããŸããUDPã¯ãã¹ããšãã©ãŒãåã®æ¥ç¶ã§ãããTCPã¯æ¥ç¶ç¢ºç«åã®æ¥ç¶ãšãªããŸãããŸããRADIUSæå·åã¯ã¯ã©ã€ã¢ã³ããããµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãã
⢠RADIUSåã³ TACACS+ãã°ã€ã³èªèšŒã¯åãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿãã¢ã¯ã»ã¹ã¬ãã«ãèšå®ããããšãã§ããŸãããŠãŒã¶åãšãã¹ã¯ãŒããã¢ã¯ã»ã¹ã¬ãã«ã¯èªèšŒãµãŒãåŽã§èšå®ããããšãã§ããŸãã
⢠3ã€ã®èªèšŒæ¹åŒã 1ã€ã®ã³ãã³ãã§èšå®ããããšãã§ããŸããäŸãã°ã"authentication login radius tacacs local"ãšããå ŽåããŠãŒã¶åãšãã¹ã¯ãŒãã RADIUSãµãŒãã«å¯Ÿãæåã«ç¢ºèªããŸããRADIUSãµãŒããå©çšã§ããªãå ŽåãTACACS+ãµãŒãã«ã¢ã¯ã»ã¹ããŸããTACACS+ãµãŒããå©çšã§ããªãå Žåã¯ããŒã«ã«ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããŸãã
äŸ
é¢é£ããã³ãã³ã
usernameïŒP488ïŒ â ããŒã«ã«ãŠãŒã¶åãšãã¹ã¯ãŒãã®èšå®
Console(config)#authentication login radiusConsole(config)#
490 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.3 Radiusã¯ã©ã€ã¢ã³ãã³ãã³ã
RADIUS(Remote Authentication Dial-in User Service)ã¯ããããã¯ãŒã¯äžã® RADIUS察å¿ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«ç®¡çããããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
radius-server acct-port
ã¢ã«ãŠã³ãã£ã³ã°ã¡ãã»ãŒãžã«äœ¿çšãããRADIUSãµãŒããããã¯ãŒã¯ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server port acct-port port_number
no radius-server acct-port
⢠port_number â ã¢ã«ãŠã³ãã£ã³ã°ã¡ãã»ãŒãžã«äœ¿çšããããRADIUSãµãŒãèªèšŒçšUDPããŒãçªå· (ç¯å²ïŒ1-65535)
åæèšå®
1813
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžradius-server acct-port RADIUSãµãŒããããã¯ãŒã¯ããŒãã®èšå® GC P491
radius-server auth-port RADIUSãµãŒããããã¯ãŒã¯ããŒãã®èšå® GC P492
radius-serverhost RADIUSãµãŒãã®èšå® GC P491
radius-serverkey RADIUSæå·ããŒã®èšå® GC P494
radius-serverretransmit ãªãã©ã€åæ°ã®èšå® GC P494
radius-servertimeout èªèšŒãªã¯ãšã¹ãã®ééã®èšå® GC P495
showradius-server RADIUSé¢é£èšå®æ å ±ã®è¡šç€º PE P495
Console(config)#radius-server acct-port 181Console(config)#
491FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
radius-server auth-port
ã¢ã«ãŠã³ãã£ã³ã°ã¡ãã»ãŒãžã«äœ¿çšãããRADIUSãµãŒããããã¯ãŒã¯ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server port auth-port port_number
no radius-server auth-port
⢠port_number âèªèšŒã¡ãã»ãŒãžã«äœ¿çšããããRADIUSãµãŒãèªèšŒçš UDPããŒãçªå·(ç¯å²ïŒ1-65535)
åæèšå®
1812
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server auth-port 181Console(config)#
492 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
radius-server host
ãã©ã€ã㪠/ããã¯ã¢ãã RADIUSãµãŒããåã³åãµãŒãã®èªèšŒãã©ã¡ãŒã¿ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server index host { host_ip_address} { auth-port auth-port } {acct-port acct-port } {Timeout Timeout} {retransmit retransmit} {key key}
no radius-server index
⢠index â ãµãŒãã 5ã€ãŸã§èšå®ã§ããŸããæå®ãããµãŒãã®é ã«ããµãŒããå¿çãããã¿ã€ã ã¢ãŠãããããŸã§ãªã¯ãšã¹ããéä¿¡ããŸãã
⢠host_ip_address â RADIUSãµãŒãã® IPã¢ãã¬ã¹
⢠auth-port â èªèšŒã¡ãã»ãŒãžã«äœ¿çšããã UDPããŒãïŒç¯å²ïŒ1-65535ïŒ
⢠acct-port â ã¢ã«ãŠã³ãã£ã³ã°ã¡ãã»ãŒãžã«äœ¿çšããã UDPããŒãïŒç¯å²ïŒ1-65535ïŒ
⢠key â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 48æåïŒ
åæèšå®
⢠auth-portïŒ1812
⢠acct-portïŒ1813
⢠timeoutïŒ5ç§
⢠retransmitïŒ2
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server 1 host 192.168.1.20 auth-port 181 timeout
ã10 retransmit 5 key greenConsole(config)#
493FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
radius-server key
RADIUSæå·ããŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server key key_string
no radius-server key
ã»key_string â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 48æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
radius-server retransmit
ãªãã©ã€æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server retransmit number-of-retries
no radius-server retransmit
⢠number-of-retries â ã¹ã€ããã RADIUSãµãŒãçµç±ã§ãèªèšŒãã°ãªã³ãè©Šã¿ãåæ°ïŒç¯å²ïŒ1-30ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server key greenConsole(config)#
Console(config)#radius-server retransmit 5Console(config)#
494 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
radius-server timeout
RADIUSãµãŒããžã®èªèšŒèŠæ±ãéä¿¡ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server timeout number_of_secondsno radius-server timeout
⢠number_of_seconds â ãµãŒãããã®å¿çãåŸ ã¡ãåéä¿¡ãè¡ããŸã§ã®æéïŒç§ïŒ (ç¯å²ïŒ1-65535)
åæèšå®
5
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
show radius-server
çŸåšã® RADIUSãµãŒãé¢é£ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
Console(config)#radius-server timeout 10Console(config)#
495FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
äŸ
Console#show radius-server
Remote RADIUS Server Configuration:
Global Settings: Authentication Port Number : 1812 Accounting Port Number : 1813 Retransmit Times : 2 Request Timeout : 10Server 1: Server IP Address : 192.168.1.25 Authentication Port Number : 10 Accounting Port Number : 11 Retransmit Times : 2 Request Timeout : 10Radius Server Group:Group Name Member Index------------------------- -------------radius 1Console#
496 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.4 TACACS+ã¯ã©ã€ã¢ã³ãã³ãã³ã
TACACS+(Terminal Access Controller Access Control System)ã¯ããããã¯ãŒã¯äžã®TACACS+察å¿ã®ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«è¡ãããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
tacacs-server
TACACS+ãµãŒããšãã®ä»ã®ãªãã·ã§ãã«ãã©ã¡ãŒã¿ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãµãŒããåé€ããããèšå®ãåæå€ã«æ»ããŸãã
ææ³
tacacs-server index host host_ip_address { port port_number } { key key }
no tacacs-server index
⢠index âãµãŒãã®ã€ã³ããã¯ã¹çªå·ãæå®ïŒç¯å²ïŒ1ïŒ
⢠host_ip_address â TACACS+ãµãŒãã® IPã¢ãã¬ã¹
⢠port_number â èªèšŒã¡ãã»ãŒãžã«äœ¿çšããã TCPããŒãïŒç¯å²ïŒ1-65535ïŒ
⢠key â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãã¹ããŒã¹ã¯å ¥ããããŸãããããããããããããããããããããããããããããïŒç¯å²ïŒ48æåïŒ
åæèšå®
10.11.12.13
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
tacacs-server TACACS+ãµãŒããšãªãã·ã§ã³ãã©ã¡ãŒã¿ã®æå®
GC P497
tacacs-server host TACACS+ãµãŒãã®èšå® GC P498
tacacs-server key TACACS+æå·ããŒã®èšå® GC P498
tacacs-server port TACACS+ãµãŒãã®ããŒãã®èšå® GC P499
show tacacs-server TACACS+é¢é£èšå®æ å ±ã®è¡šç€º GC P499
Console(config)#tacacs-server 1 host 192.168.1.25Console(config)#
497FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
tacacs-server host
TACACS+ãµãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server index host host_ip_address
no tacacs-server index
⢠host_ip_address â TACACS+ãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
10.11.12.13
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
tacacs-server key
TACACS+æå·ããŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server key key_string
no tacacs-server key
⢠key_string â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 48æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#tacacs-server 1 host 192.168.1.25Console(config)#
Console(config)#tacacs-server key greenConsole(config)#
498 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
tacacs-server port
TACACS+ãµãŒãã®ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server port port_numberno tacacs-server port
⢠port_number â TACACS+ãµãŒãã®èªèšŒçš TCPããŒãçªå· (ç¯å²ïŒ1-65535)
åæèšå®
49
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
show tacacs-server
çŸåšã® TACACS+ãµãŒãé¢é£ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#tacacs-server port 181Console(config)#
Console#show tacacs-server
Remote TACACS+ Server Configuration:
Global Settings: Server Port Number : 49
Server 1: Server IP Address : 192.168.1.3 Server Port Number : 49
Tacacs Server Group:Group Name Member Index------------------------- -------------tacacs+ 1Console#
499FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.5 AAAïŒèªèšŒã»èš±å¯ã»ã¢ã«ãŠã³ãã£ã³ã°ïŒã³ãã³ã
ãªãŒã»ã³ãã£ã±ãŒã·ã§ã³ããªãŒãœã©ã€ãŒãŒã·ã§ã³ãã¢ã«ãŠã³ãã£ã³ã°ïŒAAAïŒæ©èœã¯ã¹ã€ããäžã§ã¢ã¯ã»ã¹å¶åŸ¡ãè¡ãããã®äž»èŠãªãã¬ãŒã ã¯ãŒã¯ãèŠå®ããŸããAAAæ©èœã䜿çšããã«ã¯ãããã¯ãŒã¯äžã§ RADIUSãµãŒããŒãããã㯠TACACS+ãµãŒããŒãæ§æããããš
ãå¿ èŠã§ãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
aaa accounting dot1x 802.1XãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ GC P502
aaa accounting exec ExecãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ GC P502
aaa accounting update
å®æçãªã¢ããããŒããã¢ã«ãŠã³ãã£ã³ã°ãµãŒããžéä¿¡
GC P503
aaa authorization exec Execã»ãã·ã§ã³ã®èš±å¯ãæå¹ GC P503
aaa group server ã°ã«ãŒããµãŒãåã®èšå® GC P504
server ã°ã«ãŒããªã¹ãå ãµãŒãã® IPã¢ãã¬ã¹ãèšå® SG P504
accounting dot1x ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããã€ã³ã¿ãã§ãŒã¹ãžé©çš
IC P505
accounting exec ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ãžé©çš
Line P506
authorization execèš±å¯ã¡ãœãããããŒã«ã«ã³ã³ãœãŒã«ãTelnetãSSHæ¥ç¶ãžé©çš
Line P507
show accounting ã¢ã«ãŠã³ãã£ã³ã°æ å ±ã®è¡šç€º PE P508
500 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
aaa accounting dot1x
ãããã¯ãŒã¯ã¢ã¯ã»ã¹ã®ããã«èŠæ±ããã 802.1Xã¢ã«ãŠã³ãã£ã³ã°ãµãŒãã¹ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
aaa accounting dot1x < default | method-name > start-stop group <radius | tacacs+ |server-group>
no aaa accounting dot1x <default | method-name>
⢠default âãµãŒãã¹ãªã¯ãšã¹ãã®ãããã©ã«ãã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããæå®ããŸã
⢠method-name â ãµãŒãã¹ãªã¯ãšã¹ãã®ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããæå®ããŸãããããããããïŒç¯å²ïŒ1-255æåïŒ
⢠start-stop â éå§ããåæ¢æãŸã§ã®ã¢ã«ãŠã³ãã£ã³ã°ãèšé²ããŸãã
⢠group â䜿çšãããµãŒãã°ã«ãŒããæå®ããŸã
ïŒ radius âèšå®ãããå šãŠã® RADIUS+ãã¹ããæå®ïŒP497åç §ïŒ
ïŒ tacacs+ â èšå®ãããå šãŠã® TACACS+ãã¹ããæå®ïŒP497åç §ïŒ
ïŒ server-group â aaaã°ã«ãŒããµãŒãã«èšå®ããããµãŒãã°ã«ãŒãã®ååãæå®ãããããããïŒP504åç §ïŒïŒç¯å²ïŒ1-255æåïŒ
åæèšå®
ã¢ã«ãŠã³ãã£ã³ã°ïŒç¡å¹
ãµãŒãïŒæªæå®
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠defaultããã³ method-nameãã£ãŒã«ãã¯ãæå®ããã RADIUSãŸã㯠TACACS+ãµãŒããŒã«èšå®ãããã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããèšè¿°ããããã ãã«äœ¿çšãããå®éã«ã¯ã䜿çšããã¡ãœããã«ã€ããŠã®æ å ±ããµãŒããžéããŸããã
äŸ
Console(config)#aaa accounting dot1x default start-stop group radiusConsole(config)#
501FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
aaa accounting exec
ãããã¯ãŒã¯ã¢ã¯ã»ã¹ã®ããã«èŠæ±ããã ExecãµãŒãã¹ã®ã¢ã«ãŠã³ãã£ã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
aaa accounting exec < default | method-name > start-stop group <radius | tacacs+ |server-group>
no aaa accounting exec <default | method-name>
⢠default âãµãŒãã¹ãªã¯ãšã¹ãã®ãããã©ã«ãã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããæå®ããŸã
⢠method-name â ãµãŒãã¹ãªã¯ãšã¹ãã®ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããæå®ããŸãããããããããïŒç¯å²ïŒ1-255æåïŒ
⢠start-stop â éå§ããåæ¢æãŸã§ã®ã¢ã«ãŠã³ãã£ã³ã°ãèšé²ããŸãã
⢠group â䜿çšãããµãŒãã°ã«ãŒããæå®ããŸã
ïŒ radius â RADIUSãµãŒãã«èšå®ãããå šãŠã® RADIUSãã¹ãïŒP491åç §ïŒ
ïŒ tacacs+ â TACACS+ãµãŒãã«èšå®ãããå šãŠã® TACACS+ãã¹ãïŒP497åç §ïŒ
ïŒ server-group â aaaã°ã«ãŒããµãŒãã«èšå®ããããµãŒãã°ã«ãŒãã®ååãæå®ãããããããïŒP504åç §ïŒ
åæèšå®
ã¢ã«ãŠã³ãã£ã³ã°ïŒç¡å¹
ãµãŒãïŒæªæå®
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#aaa accounting exec default start-stop group tacacs+Console(config)#
502 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
aaa accounting update
ã¢ã«ãŠã³ãã£ã³ã°ãµãŒããžã®å®æçãªæŽæ°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
aaa accounting update { periodic interval }no aaa accounting update
⢠intervalïŒ ãµãŒããŒãžã¢ã«ãŠã³ãã£ã³ã°ã¬ã³ãŒããéä¿¡ãããééãæå®ããŸã (ç¯å²ïŒ1-2147483647åïŒ
åæèšå®
1å
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
aaa authorization exec
Execã¢ã¯ã»ã¹ã®èªå¯ãæå¹ã«ããŸããno"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
aaa authorization exec <default | method-name> group <tacacs+ | server-group>no aaa authorization exec < default | method-name >
⢠defaultïŒ Execã¢ã¯ã»ã¹ã®ãããã©ã«ãèªå¯ã¡ãœãããæå®ããŸã
⢠method-nameïŒã¡ãœããåãæå®ããŸãïŒç¯å²ïŒ1-255æåïŒ
⢠group ïŒäœ¿çšãããµãŒãã°ã«ãŒããæå®ããŸã
ïŒ tacacs+ ïŒ TACACS+ãµãŒãã«èšå®ãããå šãŠã® TACACS+ãã¹ãïŒP497åç §ïŒïŒ server-group ïŒ aaaã°ã«ãŒããµãŒãã«èšå®ããããµãŒãã°ã«ãŒãã®ååãæå®ãããããããïŒP504åç §ïŒïŒç¯å²ïŒ1-255æåïŒ
åæèšå®
èªèšŒïŒç¡å¹
ãµãŒãïŒæªæå®
ã³ãã³ãã¢ãŒãGlobal Configuration
äŸ
Console(config)#aaa accounting update periodic 30Console(config)#
Console(config)#aaa authorization exec default group tacacs+Console(config)#
503FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
aaa group server
ã»ãã¥ãªãã£ãµãŒããã¹ãã®ã°ã«ãŒãåãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
aaa group server < radius | tacacs+ > group-name
no aaa group server < radius | tacacs+ > group-name
⢠radius â RADIUSãµãŒãã°ã«ãŒã
⢠tacacs+ â TACACS+ãµãŒãã°ã«ãŒã
⢠group-name â ã»ãã¥ãªãã£ãµãŒãã°ã«ãŒãåïŒç¯å²ïŒ1-7æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
server
ã»ãã¥ãªãã£ãµãŒãã AAAãµãŒãã°ã«ãŒãã«è¿œå ããŸãã"no"ãåã«çœ®ãããšã§ãã°ã«ãŒããããµãŒããåé€ããŸãã
ææ³
server < index | ip-address >
no server < index | ip-address >
⢠index â ãµãŒãã€ã³ããã¯ã¹ãæå®ããŸãïŒç¯å²ïŒRADIUS 1-5ãTACACS+ 1ïŒ
⢠ip-address âãµãŒã IPã¢ãã¬ã¹ãæå®ããŸã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Server Group Configuration
äŸ
Console(config)#aaa group server radius tpsConsole(config-sg-radius)#
Console(config)#aaa group server radius tpsConsole(config-sg-radius)#server 10.2.68.120Console(config-sg-radius)#
504 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
accounting dot1x
ã€ã³ã¿ãã§ãŒã¹ã«ã802.1xãµãŒãã¹ãªã¯ãšã¹ãã®ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããé©çšããŸããno"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
accounting dot1x < default | list-name >
no accounting dot1x
⢠defaultïŒ "aaa accounting dot1x"ã³ãã³ãã§äœæããããããã©ã«ãã¡ãœãããªã¹ãããããããæå®ããŸãïŒP502åç §ïŒ
⢠list-nameïŒ "aaa accounting dot1x"ã³ãã³ãã§äœæããããã¡ãœãããªã¹ããæå®ãããããããŸããïŒP501åç §ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/2Console(config-if)#accounting dot1x tpsConsole(config-if)#
505FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
accounting exec
ããŒã«ã«ã³ã³ãœãŒã«ãŸã㯠Telnetæ¥ç¶ã«ã¢ã«ãŠã³ãã£ã³ã°ã¡ãœãããé©çšããŸããno"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
accounting exec < default | list-name >
no accounting exec
⢠defaultâ "aaa accounting dot1x"ã³ãã³ãã§äœæããããããã©ã«ãã¡ãœãããªã¹ãããããããæå®ããŸãïŒP502åç §ïŒ
⢠list-nameâ "aaa accounting dot1x"ã³ãã³ãã§äœæããããã¡ãœãããªã¹ããæå®ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
Console(config)#line consoleConsole(config-line)#accounting exec tpsConsole(config-line)#exitConsole(config)#line vtyConsole(config-line)#accounting exec defaultConsole(config-line)#
506 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
authorization exec
ããŒã«ã«ã³ã³ãœãŒã«ãŸã㯠Telnetæ¥ç¶ã«èªå¯ã¡ãœãããé©çšããŸããno"ãåã«çœ®ãããšã§ãæ©èœãç¡å¹ã«ããŸãã
ææ³
authorization exec < default | list-name >
no authorization exec
⢠defaultïŒ "aaa authorization exec"ã§äœæãããããã©ã«ãã¡ãœãããªã¹ãïŒP503åç §ïŒ
⢠list-nameïŒ "aaa accounting dot1x"ã³ãã³ãã§äœæããããã¡ãœãããªã¹ããæå®ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
Console(config)#line consoleConsole(config-line)#authorization exec tpsConsole(config-line)#exitConsole(config)#line vtyConsole(config-line)#authorization exec defaultConsole(config-line)#
507FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show accounting
æ©èœããšããŸãã¯ããŒãããšã«ãçŸåšã®ã¢ã«ãŠã³ãã£ã³ã°èšå®æ å ±ã衚瀺ããŸãã
ææ³
show accounting {commands { level } | dot1x {statistics { username user-name | interface interface } } | exec { statistics } } | statistics }
⢠commandsïŒç¹æš©ã¬ãã«ã³ãã³ãã¢ã«ãŠã³ãã£ã³ã°æ å ±ã®è¡šç€º
⢠levelïŒæå®ãããã³ãã³ãã¬ãã«ã®ã³ãã³ãã¢ã«ãŠã³ãã£ã³ã°æ å ±ã衚瀺
⢠dot1xïŒ dod1xã¢ã«ãŠã³ãã£ã³ã°æ å ±ã®è¡šç€º
⢠execïŒ execã¢ã«ãŠã³ãã£ã³ã°æ å ±ã®è¡šç€º
⢠statisticsïŒã¢ã«ãŠã³ãã£ã³ã°èšé²ã®è¡šç€º
⢠user-nameïŒæå®ãããŠãŒã¶ãŒã®ã¢ã«ãŠã³ãã£ã³ã°èšé²ã®è¡šç€º
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show accountingAccounting Type : dot1x Method List : default Group List : radius Interface :
Accounting Type : EXEC Method List : default Group List : tacacs+ Interface :
Console#
508 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.6 Web ãµãŒããŒã³ãã³ã
ip http port
Webã€ã³ã¿ãã§ãŒã¹ã§ã¢ã¯ã»ã¹ããå Žåã® TCPããŒãçªå·ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip http port port-number
no ip http port
⢠port-number ïŒWebã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšãã TCPããŒã (1-65535)
åæèšå®
80
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip http serverïŒP510ïŒshow systemïŒP397ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip http port Webã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšããããŒãã®èšå® GC P509
ip http server 管ççš Webã€ã³ã¿ãã§ãŒã¹ã®äœ¿çš GC P510
ip httpsecure-server ã»ãã¥ã¢ HTTPïŒHTTPSïŒãµãŒãã®äœ¿çš GC P511
ip httpsecure-port HTTPSæ¥ç¶ã«äœ¿çšããããŒãã®èšå® GC P512
Console(config)#ip http port 769Console(config)#
509FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip http server
Webãã©ãŠã¶ããæ¬æ©ã®èšå®ãåã³èšå®æ å ±ã®é²èŠ§ãå¯èœã«ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœã¯ç¡å¹ãšãªããŸãã
ææ³
ip http server
no ip http server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip http portïŒP509ïŒshow systemïŒP397ïŒ
Console(config)#ip http serverConsole(config)#
510 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip http secure-server
Webã€ã³ã¿ãã§ãŒã¹ã䜿çšãæ¬æ©ãžã®æå·åãããå®å šãªæ¥ç¶ãè¡ãããã«ãSecure Socket Layer (SSL)ã䜿çšãã Secure hypertext transfer protocol (HTTPS)ã䜿çšããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
ip http secure-server
no ip http secure-server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠HTTPåã³ HTTPSãµãŒãã¹ã¯ããããã®ãµãŒãã¹ãåå¥ã«æå¹ã«ããããšãå¯èœã§ãã
⢠HTTPSãæå¹ã«ããå Žå㯠Webãã©ãŠã¶ã®ã¢ãã¬ã¹ããŒã« https://device[:ããŒãçªå· ]ãšå ¥åããŸãã
⢠HTTPSãæå¹ã«ããå Žåã以äžã®æé ã§æ¥ç¶ã確ç«ãããŸãïŒ
âã¯ã©ã€ã¢ã³ãã¯ãµãŒãã®ããžã¿ã«èšŒææžã䜿çšãããµãŒãã確蚌ããŸãã
âã¯ã©ã€ã¢ã³ãããã³ãµãŒãã¯ãæ¥ç¶ã®ããã«äœ¿çšãã 1ã»ããã®ã»ãã¥ãªãã£ã»ã ããã³ã«ãåå®ããŸãã
âã¯ã©ã€ã¢ã³ãããã³ãµãŒãã¯ãããŒã¿ãæå·åã解èªããããã®ã»ãã·ã§ã³ã»ããŒãçæããŸãã
⢠ã¯ã©ã€ã¢ã³ããšãµãŒãéã®æå·åãããã¢ã¯ã»ã¹ã確ç«ããå ŽåãInternet Explorer 5.x以äžåã³ Netscape Navigator 6.2以äžãMozilla Firefox 2.0.0.0以äžã®ã¹ããŒã¿ã¹ããŒã«éµããŒã¯ã衚瀺ãããŸãã
â»ã»ãã¥ã¢ãµã€ã蚌æã®è©³çŽ°ã¯ P197 ããµã€ã蚌ææžã®çœ®ãæãããåç §ããŠäžããã
äŸ
é¢é£ããã³ãã³ã
ip http secure-portïŒP512ïŒshow systemïŒP397ïŒ
Console(config)#ip http secure-serverConsole(config)#
511FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip http secure-port
Webã€ã³ã¿ãã§ãŒã¹ããã® HTTPS/SSLæ¥ç¶ã§äœ¿çšãã UDPããŒããèšå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip http secure-port port_number
no ip http secure-port
⢠port_number â HTTPS/SSLã«äœ¿çšãã UDPããŒãçªå· (1-65535)
åæèšå®
443
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠HTTPãš HTTPSã§åãããŒãã¯èšå®ã§ããŸããã
⢠HTTPSããŒãçªå·ãèšå®ããå ŽåãHTTPSãµãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ URLã«ããŒãçªå·ãæå®ããå¿ èŠããããŸããïŒhttps://device:[ããŒãçªå· ]ïŒ
äŸ
é¢é£ããã³ãã³ã
ip http secure-serverïŒP511ïŒshow systemïŒP397ïŒ
Console(config)#ip http secure-port 1000Console(config)#
512 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.7 Telnet ãµãŒããŒã³ãã³ã
ip telnet max-sessions
åæã«ã·ã¹ãã ãžæ¥ç¶å¯èœãª Telnetã»ãã·ã§ã³ã®æ倧æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ãžæ»ããŸãã
ææ³
ip telnet max-sessions session-count
no ip telnet max-sessions
⢠session-countïŒ èš±å¯ããã Telnetã®æ倧ã»ãã·ã§ã³æ°ïŒç¯å²ïŒ0-4ïŒ
åæèšå®
4ã»ãã·ã§ã³
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip telnet max-sessions
åæã«ã·ã¹ãã ãžæ¥ç¶å¯èœãª Telnetã»ãã·ã§ã³ã®æ倧æ°ãèšå®
GC P513
ip telnet port Telnetã€ã³ã¿ãã§ãŒã¹ã䜿çšããããŒãçªå·ãæå®
GC P514
ip telnet server 管ççš Telnetã€ã³ã¿ãã§ãŒã¹ã®äœ¿çšãèš±å¯ GC P514
show ip telnet TelnetãµãŒãèšå®ã衚瀺 GC P515
Console(config)#ip telnet max-sessions 1Console(config)#
513FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip telnet port
Telnetã€ã³ã¿ãã§ãŒã¹ã䜿çšãã TCPããŒãçªå·ãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ãžæ»ããŸãã
ææ³
ip telnet port port port-number
no ip telnet port
⢠port ïŒ Telnetã€ã³ã¿ãã§ãŒã¹ã䜿çšãã TCPããŒãïŒç¯å²ïŒ1-65535ïŒ
åæèšå®
23
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ip telnet server
Telnetããæ¬æ©ã®èšå®ãåã³èšå®æ å ±ã®é²èŠ§ãå¯èœã«ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœã¯ç¡å¹ãšãªããŸãã
ææ³
ip telnet server
no ip telnet server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#ip telnet port 123Console(config)#
Console(config)#ip telnet serverConsole(config)#
514 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show ip telnet
TelnetãµãŒãã®èšå®æ å ±ã衚瀺ããŸãã
ææ³
show ip telnet
ã³ãã³ãã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
Console#show ip telnetIP Telnet Configuration:
Telnet Status: EnabledTelnet Service Port: 123Telnet Max Session: 1Console#
515FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.8 Secure Shellã³ãã³ã
ããã§ã¯ãSSHãµãŒããèšå®ããããã®ã³ãã³ãã解説ããŸãã
ãªããSSHçµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãªãããã«ã¯ãã¯ã©ã€ã¢ã³ãã« SSHã¯ã©ã€ã¢ã³ããã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
[泚æ ]ãæ¬æ©ã§ã¯ SSH Version1.5ãš 2.0ããµããŒãããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip sshauthentication-retries
ã¯ã©ã€ã¢ã³ãã«èš±å¯ãããªãã©ã€æ°ã®èšå® GC P518
ip ssh server SSHãµãŒãã®äœ¿çš GC P519
ip sshserver-key size SSHãµãŒãããŒãµã€ãºã®èšå® GC P520
ip ssh timeout SSHãµãŒãã®èªèšŒã¿ã€ã ã¢ãŠãèšå® GC P521
copy tftppublic-key ãŠãŒã¶å ¬éããŒã® TFTPãµãŒãããæ¬æ©ãžã³ã㌠PE P401
deletepublic-key ç¹å®ãŠãŒã¶ã®å ¬éããŒã®åé€ PE P522
disconnect ã©ã€ã³æ¥ç¶ã®çµäº PE P422
ip ssh cryptohost-keygenerate
ãã¹ãããŒã®çæ PE P523
ip ssh cryptozeroize RAMããã®ãã¹ãããŒã®åé€ PE P524
ip ssh savehost-key RAMãããã©ãã·ã¥ã¡ã¢ãªãžã®ãã¹ãããŒã®ä¿å PE P524
show ip ssh SSHãµãŒãã®ç¶æ ã®è¡šç€ºåã³ SSHèªèšŒã¿ã€ã ã¢ãŠãæéãšãªãã©ã€åæ°ã®èšå®
PE P525
show public-key ç¹å®ã®ãŠãŒã¶åã¯ãã¹ãã®å ¬éããŒã®è¡šç€º PE P526
show ssh SSHã»ãã·ã§ã³ç¶æ ã®è¡šç€º PE P527
show users SSHãŠãŒã¶ãã¢ã¯ã»ã¹ã¬ãã«ãå ¬éããŒã¿ã€ãã®è¡šç€º
PE P398
516 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
èšå®ã¬ã€ãã©ã€ã³
æ¬æ©ã® SSHãµãŒãã¯ãã¹ã¯ãŒãåã³ãããªãã¯ããŒèªèšŒããµããŒãããŠããŸããSSHã¯ã©ã€ã¢ã³ãã«ãããã¹ã¯ãŒãèªèšŒãéžæããå ŽåãèªèšŒèšå®ããŒãžã§èšå®ãããã¹ã¯ãŒãã«ããæ¬æ©å ãRADIUSãTACACS+ã®ããããã®èªèšŒæ¹åŒãçšããŸããã¯ã©ã€ã¢ã³ãããããªãã¯ããŒèªèšŒãéžæããå Žåã«ã¯ãã¯ã©ã€ã¢ã³ãåã³æ¬æ©ã«å¯ŸããŠèªèšŒããŒã®èšå®ãè¡ãªãå¿ èŠããããŸããå ¬éæå·ããŒåã¯ãã¹ã¯ãŒãèªèšŒã®ã©ã¡ããã䜿çšããã«é¢ããããæ¬æ©äžã®èªèšŒããŒïŒSSHãã¹ãããŒïŒãçæããSSHãµãŒããæå¹ã«ããå¿ èŠããããŸãã
SSHãµãŒãã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªããŸãã
ïŒ1ïŒãã¹ãããŒãã¢ã®çæ â "ip ssh crypto host-key generate"ã³ãã³ãã«ãããã¹ã ãããªã㯠/ãã©ã€ããŒãããŒã®ãã¢ãçæããŸãã
ïŒ2ïŒãã¹ãå ¬éããŒã®ã¯ã©ã€ã¢ã³ããžã®æäŸ â å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯ãæ¬æ©ãšã®èªåçã«åææ¥ç¶èšå®äžã«èªåçã«ãã¹ãããŒãåãåããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãããã¹ããã¡ã€ã«äžã®å ¬éæå·ããŒã¯ä»¥äžã®äŸã®ããã«è¡šç€ºãããŸãã
10.1.0.54 1024 35 1568499540186766925933394677505461732531367489083654725415020245593199868544358361651999923329781766065830956 1082591321289023376546801726272571413428762941301196195566782 595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117
ïŒ3ïŒã¯ã©ã€ã¢ã³ãå ¬éããŒã®æ¬æ©ãžã®åã蟌㿠â P403 ãcopyãã³ãã³ãã䜿çšããSSHã¯ã©ã€ã¢ã³ãã®æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æäŸãããå ¬éããŒãå«ããã¡ã€ã«ãã³ããŒããŸããã¯ã©ã€ã¢ã³ããžã¯ãããã®ããŒã䜿çšããèªèšŒãè¡ãªãããŸããçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ä»¥äžã®ãã㪠UNIXæšæºãã©ãŒãããã®ãã¡ã€ã«ã®ã¿åãå ¥ããããšãå¯èœã§ãã
1024 35 134108168560989392104094492015542534763164192187295892114317388005553616163105177594083868631109291232226828519254374603100937187721199696317813662774141689851320491172048303392543241016379975923714490119380060902539484084827178194372288402533115952134861022902978982721353267131629432532818915045306393916643 [email protected]
ïŒ4ïŒãªãã·ã§ã³ãã©ã¡ãŒã¿ã®èšå® â SSHèšå®ããŒãžã§ãèªèšŒã¿ã€ã ã¢ãŠãããªãã©ã€åæ°ããµãŒãããŒãµã€ãºãªã©ã®èšå®ãè¡ãªã£ãŠãã ããã
ïŒ5ïŒSSH ã®æå¹å â "ip ssh server"ã³ãã³ãã䜿çšããæ¬æ©ã® SSH ãµãŒããæå¹ã«ããŠäžããã
ïŒ6ïŒChallenge/ResponseèªèšŒ â SSHã¯ã©ã€ã¢ã³ããæ¬æ©ãšæ¥ç¶ããããšããå ŽåãSSHãµãŒãã¯ã»ãã·ã§ã³ããŒãšæå·åæ¹åŒã調æŽããããã«ãã¹ãããŒãã¢ã䜿çšããŸããæ¬æ©äžã«ä¿åãããå ¬éããŒã«å¯Ÿå¿ãããã©ã€ããŒãããŒãæã€ã¯ã©ã€ã¢ã³ãã®ã¿ã¢ã¯ã»ã¹ããããšãã§ããŸãã
以äžã®ãããªæé ã§èªèšŒããã»ã¹ãè¡ãªãããŸãã
a. ã¯ã©ã€ã¢ã³ããå ¬éããŒãæ¬æ©ã«éããŸãã
b. æ¬æ©ã¯ã¯ã©ã€ã¢ã³ãã®å ¬éããŒãšã¡ã¢ãªã«ä¿åãããŠããæ å ±ãæ¯èŒããŸãã
c. äžèŽããå Žåãå ¬éããŒãå©çšãæ¬æ©ã¯ãã€ãã®ä»»æã®ã·ãŒã±ã³ã¹ãæå·åãããã®å€ãã¯ã©ã€ã¢ã³ãã«éä¿¡ããŸãã
d. ã¯ã©ã€ã¢ã³ãã¯ãã©ã€ããŒãããŒã䜿çšããŠãã€ãã解èªãã解èªãããã€ããæ¬æ©ã«éä¿¡ããŸãã
517FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
e. æ¬æ©ã¯ãå ã®ãã€ããšè§£èªããããã€ããæ¯èŒããŸãã2ã€ã®ãã€ããäžèŽããå Žåãã¯ã©ã€ã¢ã³ãã®ãã©ã€ããŒãããŒãèš±å¯ãããå ¬éããŒã«å¯Ÿå¿ããŠããããšãæå³ããã¯ã©ã€ã¢ã³ããèªèšŒãããŸãã
[泚æ ]ã ãã¹ã¯ãŒãèªèšŒãšå ±ã« SSHã䜿çšããå Žåã«ãããã¹ãå ¬éããŒã¯åææ¥ç¶æåã¯æåã«ããã¯ã©ã€ã¢ã³ãã®ãã¹ããã¡ã€ã«ã«äžããããŸããäœããã¯ã©ã€ã¢ã³ãããŒã®èšå®ãè¡ãªãå¿ èŠã¯ãããŸããã
ip ssh authentication-retries
SSHãµãŒãããŠãŒã¶ã®åèªèšŒãè¡ãªãåæ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh authentication-retries count
no ip ssh authentication-retries
⢠count â ã€ã³ã¿ãã§ãŒã¹ããªã»ããåŸãèªèšŒãè¡ãªãããšãã§ããåæ°ïŒèšå®ç¯å²ïŒ1-5ïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
show ip sshïŒP525ïŒ
Console(config)#ip ssh authentication-retries 2Console(config)#
518 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip ssh server
SSHãµãŒãã®äœ¿çšãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
ip ssh server
no ip ssh server
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ倧 4ã»ãã·ã§ã³ã®åææ¥ç¶ããµããŒãããŸããæ倧ã»ãã·ã§ã³æ°ã¯ Telnetåã³ SSHã®åèšæ°ã§ãã
⢠SSHãµãŒãã¯ã¯ã©ã€ã¢ã³ããšã®æ¥ç¶ã確ç«ããéã« DASå㯠RASã䜿ã£ãããŒäº€æãè¡ããŸãããã®åŸãDES (56-bit)ãŸã㯠3DES (168-bit) ãçšããŠããŒã¿ã®æå·åãè¡ããŸãã
⢠SSHãµãŒããæå¹ã«ããåã«ããã¹ãããŒãçæããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto host-key generateïŒP523ïŒshow sshïŒP527ïŒ
Console#ip ssh crypto host-key generate dsaConsole#ip ssh crypto host-key generate rsaConsole#configureConsole(config)#ip ssh serverConsole(config)#
519FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip ssh server-key size
SSHãµãŒãããŒãµã€ãºãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh server-key size key-size
no ip ssh server-key size
⢠key-size â ãµãŒãããŒã®ãµã€ãºïŒèšå®ç¯å²ïŒ512-896bitsïŒ
åæèšå®
768 bits
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãµãŒãããŒã¯ãã©ã€ããŒãããŒãšãªãæ¬æ©ä»¥å€ãšã®å ±æã¯ããŸããã
⢠SSHã¯ã©ã€ã¢ã³ããšå ±æãããã¹ãããŒãµã€ãºã¯ 1024bitã«åºå®ãããŠããŸãã
äŸ
Console(config)#ip ssh server-key size 512Console(config)#
520 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip ssh timeout
SSHãµãŒãã®ã¿ã€ã ã¢ãŠãæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh timeout seconds
no ip ssh timeout
⢠seconds â SSHæ¥ç¶èª¿æŽæã®ã¯ã©ã€ã¢ã³ãå¿çã®ã¿ã€ã ã¢ãŠãæéïŒèšå®ç¯å²ïŒ1-120ïŒ
åæèšå®
10ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã¿ã€ã ã¢ãŠã㯠SSHæ å ±äº€ææã®ã¯ã©ã€ã¢ã³ãããã®å¿çãæ¬æ©ãåŸ ã€æéã®æå®ãè¡ãªããŸããSSHã»ãã·ã§ã³ã確ç«ããåŸã®ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠã㯠vtyã»ãã·ã§ã³ãžã®"exec-timeout"ã³ãã³ãã䜿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
exec-timeoutïŒP415ïŒ
show ip sshïŒP525ïŒ
Console(config)#ip ssh timeout 60Console(config)#
521FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
delete public-key
ç¹å®ã®ãŠãŒã¶ãããªãã¯ããŒãåé€ããŸãã
ææ³
delete public-key username { dsa | rsa }
⢠username ïŒ SSHãµãŒãåïŒèšå®ç¯å²ïŒ1-8æåïŒ
⢠dsaïŒ DSAå ¬éããŒã¿ã€ã
⢠rsaïŒ RSAå ¬éããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒã®äž¡æ¹ã®åé€
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#delete public-key admin dsaConsole#
522 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip ssh crypto host-key generate
ãããªãã¯åã³ãã©ã€ããŒãã®ãã¹ãããŒãã¢ã®çæãè¡ãªããŸãã
ææ³
ip ssh crypto host-key generate < dsa | rsa >
⢠dsa ïŒ DSAïŒVersion2ïŒããŒã¿ã€ã
⢠rsa ïŒ RSAïŒVersion1ïŒããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒãã¢äž¡æ¹ã®çæ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãã¹ãããŒãã¢ãã¡ã¢ãª (RAM)ã«ä¿åããŸãã" ip ssh save host-key"ã³ãã³ãã䜿çšããŠãã¹ãããŒãã¢ããã©ãã·ã¥ã¡ã¢ãªã«ä¿åã§ããŸãã
⢠å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯æ¥ç¶èšå®æã«èªåçã«ãããªãã¯ããŒããã¹ããã¡ã€ã«ãšããŠä¿åããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãã
⢠SSHãµãŒãã¯ãæ¥ç¶ããããšããã¯ã©ã€ã¢ã³ããšã»ãã·ã§ã³ããŒåã³æå·åæ¹æ³ãåã決ããããã«ãã¹ãããŒã䜿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto zeroize ïŒP524ïŒip ssh save host-key ïŒP524ïŒ
Console#ip ssh crypto host-key generate dsaConsole#ip ssh crypto host-key generate rsaConsole#configureConsole(config)#ip ssh serverConsole(config)#
523FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ip ssh crypto zeroize
ãã¹ãããŒãã¡ã¢ãª (RAM)ããåé€ããŸãã
ææ³
ip ssh crypto zeroize < dsa | rsa >
⢠dsa â DSAããŒã¿ã€ã
⢠rsa â RSAããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒã®äž¡æ¹ãåé€
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠RAMãããã¹ãããŒãåé€ããŸãã" no ip ssh save host-key"ã³ãã³ãã䜿çšããããšã§ãã©ãã·ã¥ã¡ã¢ãªãããã¹ãããŒãåé€ã§ããŸãã
⢠æ¬ã³ãã³ãã䜿çšããéã¯äºåã« SSHãµãŒããç¡å¹ã«ããŠäžããã
äŸ
ip ssh save host-key
ãã¹ãããŒã RAMãããã©ãã·ã¥ã¡ã¢ãªã«ä¿åããŸãã
ææ³
ip ssh save host-key
åæèšå®
DSAãš RSAããŒã®äž¡æ¹ãä¿å
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto host-key generate ïŒP523ïŒ
Console#ip ssh crypto zeroize dsaConsole#
Console#ip ssh save host-keyConsole#
524 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show ip ssh
ãã®ã³ãã³ãã䜿çšããããšã§ SSHãµãŒãã®èšå®ç¶æ³ãé²èŠ§ããããšãã§ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip sshSSH Enabled - version 1.99Negotiation timeout: 120 secs; Authentication retries: 3Server key size: 768 bitsConsole#
525FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show public-key
ç¹å®ã®ãŠãŒã¶åã¯ãã¹ãã®å ¬éããŒã衚瀺ããŸãã
ææ³
show public-key { user { username } | host }
⢠username â SSHãŠãŒã¶åïŒç¯å²ïŒ1-8æåïŒ
åæèšå®
ãã¹ãŠã®å ¬éããŒã®è¡šç€º
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ãèšå®ããªãå Žåã«ã¯ããã¹ãŠã®ããŒã衚瀺ãããŸããããŒã¯ãŒããå ¥åãããŠãŒã¶åãæå®ããªãå Žåããã¹ãŠã®ãŠãŒã¶ã®å ¬éããŒã衚瀺ãããŸãã
⢠RSAããŒã衚瀺ãããå Žåãæåã®ãã£ãŒã«ãã¯ãã¹ãããŒãµã€ãº (1024)ãšãªãã次ã®ãã£ãŒã«ãã¯ãšã³ã³ãŒããããå ¬éææ° (35)ããã®åŸã®å€ããšã³ã³ãŒããããã¢ãžã¥ãŒã«ãšãªããŸããDSAããŒã衚瀺ãããå Žåãæåã®ãã£ãŒã«ã㯠SSHã§äœ¿çšãããæå·åæ¹åŒã® DSSãšãªãããã®åŸã®å€ããšã³ã³ãŒããããã¢ãžã¥ãŒã«ãšãªããŸãã
äŸ
Console#show public-key hostHost:RSA:1024 35156849954018676692593339467750546173253136748908365472541502024559319986854435836165199992332978176606583095861082591321289023376546801726272571413428762941301196195566782595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117DSA:ssh-dss AAAB3NzaC1kc3MAAACBAPWKZTPbsRIB8ydEXcxM3dyV/yrDbKStIlnzD/Dg0h2HxcYV44sXZ2JXhamLK6P8bvuiyacWbUW/a4PAtp1KMSdqsKeh3hKoA3vRRSy1N2XFfAKxl5fwFfvJlPdOkFgzLGMinvSNYQwiQXbKTBH0Z4mUZpE85PWxDZMaCNBPjBrRAAAAFQChb4vsdfQGNIjwbvwrNLaQ77isiwAAAIEAsy5YWDC99ebYHNRj5kh47wY4i8cZvH+/p9cnrfwFTMU01VFDly3IR2G395NLy5Qd7ZDxfA9mCOfT/yyEfbobMJZi8oGCstSNOxrZZVnMqWrTYfdrKX7YKBw/Kjw6BmiFq7O+jAhf1Dg45loAc27s6TLdtny1wRq/ow2eTCD5nekAAACBAJ8rMccXTxHLFAczWS7EjOyDbsloBfPuSAb4oAsyjKXKVYNLQkTLZfcFRu41bS2KV5LAwecsigF/+DjKGWtPNIQqabKgYCw2 o/dVzX4Gg+yqdTlYmGA7fHGm8ARGeiG4ssFKy4Z6DmYPXFum1Yg0fhLwuHpOSKdxT3kk475S7 w0WConsole#
526 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show ssh
çŸåšã® SSHãµãŒããžã®æ¥ç¶ç¶æ³ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show sshConnection Version State Username Encryption
0 ãããã 2.0 Session-Started admin ctos aes128-cbc-hmac-md5 stoc aes128-cbc-hmac-md5Console#
é ç® è§£èª¬
Session ã»ãã·ã§ã³çªå· ( 0-3)
Version SSH ããŒãžã§ã³çªå·
StateèªèšŒæ¥ç¶ç¶æ ïŒå€ïŒ Negotiation-Started, Authentication-Started,Session-StartedïŒ
Username ã¯ã©ã€ã¢ã³ãã®ãŠãŒã¶å
527FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.9 802.1x ããŒãèªèšŒã³ãã³ã
æ¬æ©ã§ã¯ IEEE802.1X (dot1x)ã®ããŒãããŒã¹ã¢ã¯ã»ã¹ã³ã³ãããŒã«ããµããŒãããIDãšãã¹ã¯ãŒãã«ããèªèšŒã«ããèš±å¯ãããªããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãé²ãããšãã§ããŸããã¯ã©ã€ã¢ã³ãã®èªèšŒã¯ RADIUSãµãŒãã«ãã EAP(Extensible Authentication Protocol)ãçšããŠè¡ãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
éåžžã³ãã³ãdot1x default dot1xã®èšå®å€ããã¹ãŠåæèšå®ã«æ»ããŸãã GC P531
dot1x eapol-pass-through
dot1xãã°ããŒãã«ã§æå¹æãEAPOLãã¬ãŒã ã STP転éç¶æ ã®å šãŠã®ããŒããžãã¹
GC P529
dot1xsystem-auth-control dot1xãã¹ã€ããå šäœã«æå¹ã«èšå® GC P529
èªèšŒã³ãã³ãdot1x intrusion-action èªèšŒå€±ææã®ãäŸµå ¥ã«ããããããŒãè¿ç IC P530
dot1x max-req èªèšŒããã»ã¹ãåãããããçŽãåã«èªèšŒããã»ã¹ãç¹°ãè¿ãæ倧åæ°
GC P529
dot1x operation-mode dot1xããŒããžã®æ¥ç¶å¯èœãã¹ãæ°ã®èšå® IC P532
dot1x port-control ããŒããžã® dot1xã¢ãŒãã®èšå® IC P533
dot1x re-authentication å šããŒããžã®åèªèšŒã®åŒ·å¶ GC P534
dot1x timeoutquiet-period
max-reqãè¶ ããåŸãã¯ã©ã€ã¢ã³ãã®å¿çãåŸ ã€æé
GC P535
dot1x timeoutre-autheperiod æ¥ç¶æžã¿ã¯ã©ã€ã¢ã³ãã®åèªèšŒééã®èšå® GC P535
dot1x timeout supp-timeout
ã¹ã€ããã EAPãã±ããã®åèªèšŒåŸ æ©äžã®èªèšŒã»ãã·ã§ã³ã®éã®æéãèšå®
IC P536
dot1x timeouttx-period èªèšŒäžã® EAPãã±ããã®åéä¿¡ééã®èšå® GC P537
dot1x re-authenticate ç¹å®ããŒããžã®åèªèšŒã®åŒ·å¶ PE P537
ãµããªã«ã³ãã³ãã³ãdot1x identity profile dot1xãµããªã«ã³ããŠãŒã¶ãšãã¹ã¯ãŒãã®èšå® GC P538
dot1x max-start ããŒããµããªã«ã³ãã EAPã¹ã¿ãŒããã¬ãŒã ãã¯ã©ã€ã¢ã³ããžéä¿¡ããæ倧æéæ°ãèšå®
IC P539
dot1x pae supplicant ã€ã³ã¿ãã§ãŒã¹ã§ dot1xãµããªã«ã³ãã¢ãŒããæå¹å
IC P540
dot1x timeout auth-period
ãµããªã«ã³ãããŒãããªãŒã»ã³ãã£ã±ãŒã¿ããã®è¿çãåŸ ã€æéãèšå®
IC P541
dot1x timeout held-period
æ倧ã¹ã¿ãŒãã«ãŠã³ããè¶ ããããåŸãããŒãããã 1ã€ã®ãªãŒã»ã³ãã£ã±ãŒã¿ãæ¢ãããšè©Šã¿ãåã«åŸ ã€æéãèšå®
IC P542
æ å ±è¡šç€ºã³ãã³ãshow dot1x dot1xé¢é£æ å ±ã®è¡šç€º PE P543
528 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x default
ãã¹ãŠã® dot1xã®èšå®ãåæèšå®ã«æ»ããŸãã
ææ³
dot1x default
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
dot1x eapol-pass-through
dot1xãã°ããŒãã«ã§ç¡å¹æãSTPãã©ã¯ãŒãã£ã³ã°ç¶æ ã®å šãŠã®ããŒããž EAPOLãã¬ãŒã ãæž¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x eapol-pass-through
no dot1x eapol-pass-through
åæèšå®
dot1xãã°ããŒãã«ã§ç¡å¹æãå šãŠã® EAPOLãã¬ãŒã ãç Žæ£ã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®è£ 眮ããããã¯ãŒã¯ã®äžéæ¥ç¹ãšããŠæ©èœããdot1xèªèšŒãè¡ãå¿ èŠãç¡ãæã"dot1x eapol pass-through"ã³ãã³ãã¯ãèªèšŒãµãŒãäžã®ä»ã®ã¹ã€ããããã® EAPOLãã¬ãŒã 転éãè¡ãããã«äœ¿çšããããšãåºæ¥ãŸããããã«ãã£ãŠãèªèšŒããã»ã¹ããããã¯ãŒã¯ã®ãšããžã«ããã¹ã€ããã«ãã£ãŠäŸç¶å®è¡ãããããšãå¯èœã«ããŸãã
⢠ãã®è£ 眮ããšããžã¹ã€ãããšããŠæ©èœããŠããŠãæ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ããèªèšŒãå¿ èŠãšããªãå Žåã"no dot1x eapol-pass-through"ã³ãã³ããäžå¿ èŠãª EAPOLãã©ãã£ãã¯ãç Žæ£ããããã«äœ¿çšããããšãåºæ¥ãŸãã
äŸ
Console(config)#dot1x defaultConsole(config)#
Console(config)#dot1x eapol-pass-throughConsole(config)#
529FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x system-auth-control
ã¹ã€ãããã802.1XããŒãèªèšŒã䜿çšã§ããããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x system-auth-control
no dot1x system-auth-control
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
dot1x intrusion-action
èªèšŒå€±ææãå šãŠã®ãã©ãã£ãã¯ããããã¯ããããããŒãã®ãã©ãã£ãã¯ãã²ã¹ã VLANã«å²ãåœãŠãããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x intrusion-action < block-traffic | guest-vlan >
no dot1x intrusion-action
åæèšå®
block-traffic
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ã²ã¹ã VLANå²ãåœãŠãè¡ãã«ã¯ãããããã VLANã®èšå®ãè¡ãã"Active"ã«ããŠãã ãããïŒP715 ãVLANããåç §ïŒãŸãã²ã¹ã VLANãšããŠå²ãåœãŠãè¡ã£ãŠãã ãããïŒP554 ãnetwork-access dynamic-qosããåç §ïŒ
äŸ
Console(config)#dot1x system-auth-controlConsole(config)#
Console(config)#interface eth 1/2Console(config-if)#dot1x intrusion-action guest-vlanConsole(config-if)#
530 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x max-req
ãŠãŒã¶èªèšŒã®ã¿ã€ã ã¢ãŠããŸã§ã®ã¯ã©ã€ã¢ã³ããžã® EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ°ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x max-req count
no dot1x max-req
⢠count â æ倧éä¿¡åæ°ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x max-req 2Console(config-if)#
531FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x operation-mode
IEEE802.1xèªèšŒããŒãã«å¯Ÿã㊠1å°ãããã¯è€æ°ã®ãã¹ãïŒã¯ã©ã€ã¢ã³ãïŒã®æ¥ç¶ãèš±å¯ããèšå®ãè¡ããŸããããŒã¯ãŒããªã㧠"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã" multi-host max-count"ããŒã¯ãŒããšå ±ã« "no"ãåã«çœ®ãããšã§è€æ°ãã¹ãæã®åæå€ 5ãšãªããŸãã
ææ³
dot1x operation-mode [ single-host | multi-host {max-count count } | mac-based-auth ]
no dot1x operation-mode { multi-host max-count }
⢠single-host â ããŒããžã® 1å°ã®ãã¹ãã®æ¥ç¶ã®ã¿ãèš±å¯
⢠multi-host â ããŒããžã®è€æ°ã®ãã¹ãã®æ¥ç¶ãèš±å¯
⢠max-count â æ倧ãã¹ãæ°
ïŒ count â ããŒãã«æ¥ç¶å¯èœãªæ倧ãã¹ãæ°ïŒèšå®ç¯å²ïŒ1-1024ãåæèšå®ïŒ5ïŒ
⢠mac-based-auth âãã®ããŒããžã®è€æ°ã®ãã¹ãã®ã¢ã¯ã»ã¹ãèš±å¯ïŒããããã®ãã¹ããèªèšŒãããå¿ èŠãããïŒ
åæèšå®
Single-host
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠"max-count"ãã©ã¡ãŒã¿ã¯ P533 ãdot1x port-controlã㧠"auto"ã«èšå®ãããŠããå Žåã«ã®ã¿æå¹ã§ãã
⢠"multi-host"ãèšå®ãããšãããŒãã«æ¥ç¶ãããã¹ãã®ãã¡ã® 1å°ã®ã¿ãèªèšŒã®èš±å¯ãåŸãããã°ãä»ã®è€æ°ã®ãã¹ãããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãå¯èœã«ãªããŸããéã«ãæ¥ç¶ãããã¹ãåèªèšŒã«å€±æããããEAPOLãã°ãªãã¡ãã»ãŒãžãéä¿¡ããå Žåãä»ã®ãã¹ããèªèšŒã«å€±æããããšã«ãªããŸãã
⢠"mac-based-auth"ã¢ãŒãã§ã¯ãããŒãã«æ¥ç¶ãããŠããããããã®ãã¹ããèªèšŒã®ãéãå¿ èŠããããŸãããã®ã¢ãŒãã§çšŒåããŠãããŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ããããã¹ãã®æ°ã¯ãã»ãã¥ã¢ã¢ãã¬ã¹ããŒãã«ã®äœ¿çšå¯èœãªã¹ããŒã¹ã«ãã£ãŠã®ã¿å¶éãããŸãã
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x operation-mode multi-host max-count 10Console(config-if)#
532 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x port-control
ããŒãã«å¯Ÿã㊠dot1xã¢ãŒãã®èšå®ãè¡ããŸãã
ææ³
dot1x port-control < auto | force-authorized | force-unauthorized >
no dot1x port-control
⢠auto â dot1x察å¿ã¯ã©ã€ã¢ã³ãã«å¯Ÿã㊠RADIUSãµãŒãã«ããèªèšŒãèŠæ±ããŸããdot1xé察å¿ã¯ã©ã€ã¢ã³ãããã®ã¢ã¯ã»ã¹ã¯èš±å¯ããŸããã
⢠force-authorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
⢠force-unauthorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãçŠæ¢ããŸãã
åæèšå®
force-authorized
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x port-control autoConsole(config-if)#
533FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x re-authentication
å šããŒãã§ã®åšæçãªåèªèšŒãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åèªèšŒãç¡å¹ã«ããŸãã
ææ³
dot1x re-authentication
no dot1x re-authentication
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠åèªèšŒããã»ã¹ã¯ãæ¥ç¶ãããã¯ã©ã€ã¢ã³ãã®ãŠãŒã¶ IDãšãã¹ã¯ãŒãã RADIUSãµãŒãã§ç §åããŸããåèªèšŒã®éãã¯ã©ã€ã¢ã³ãã¯ãããã¯ãŒã¯ãžã®æ¥ç¶ãç¶æããããã»ã¹ã¯ dot1xã¯ã©ã€ã¢ã³ããœãããŠã§ã¢ã«ãã£ãŠãééçã«åŠçãããŸããããåèªèšŒã倱æããå Žåã®ã¿ãããŒãã¯ãããã¯ããããããŠãŒã¶ã¯ã²ã¹ã VLANã«å²ãåœãŠãããŸãã(530 ããŒãžã®ãdot1x intrusion-actionããåç § )
⢠æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã¯ã" dot1x timeout re-authperiod"ã³ãã³ãïŒP535ïŒã§èšå®ããã€ã³ã¿ãŒãã«ã®åŸãåèªèšŒãããŸããåæèšå®ã¯ 3600ç§ã§ãã
äŸ
dot1x timeout quiet-period
EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ°ãéããåŸãæ°ããã¯ã©ã€ã¢ã³ãã®æ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x timeout quiet-period secondsno dot1x timeout quiet-period
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
60ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x re-authenticationConsole(config-if)#
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout quiet-period 350Console(config-if)#
534 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x timeout re-authperiod
æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã«åèªèšŒãèŠæ±ããééãèšå®ããŸãã
ææ³
dot1x timeout re-authperiod seconds
no dot1x timeout re-authperiod
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
3600ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout re-authperiod 300Console(config-if)#
535FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x timeout supp-timeout
ã¹ã€ããã®ã€ã³ã¿ãã§ãŒã¹ã EAPãã±ãããåéä¿¡ããåã«ãã¯ã©ã€ã¢ã³ããã EAPãªã¯ãšã¹ããžã®è¿çåŸ ã€æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
dot1x timeout supp-timeout seconds
no dot1x timeout supp-timeout
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãEAPãªã¯ãšã¹ã /EAP identityãã¬ãŒã 以å€ã®ãªã¯ãšã¹ããã¬ãŒã ã®ã¿ã€ã ã¢ãŠããèšå®ããŸããdot1xèªèšŒãããŒãã§æå¹ã®å Žåãã¹ã€ããã¯ãããŒããªã³ã¯ã¹ããŒããæ¥ãæã«èªèšŒãéå§ããŸããããã¯ã¯ã©ã€ã¢ã³ããžã¢ã€ãã³ãã£ãã£ãèŠæ±ãããããšããã®åŸã«èªèšŒæ å ±ã® 1ã€ä»¥äžã®èŠè«ãæ±ãããããEAPãªã¯ãšã¹ã /EAP identityãã¬ãŒã ãã¯ã©ã€ã¢ã³ããžéä¿¡ããŸãããŸããèŠæ±ãããåèªèšŒã®ã¢ã¯ãã£ããªæ¥ç¶ã®éããã®ä»ã® EAPãªã¯ãšã¹ããã¬ãŒã ãã¯ã©ã€ã¢ã³ããžéããŸã
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout supp-timeout 300Console(config-if)#
536 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x timeout tx-period
èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x timeout tx-period seconds
no dot1x timeout tx-period
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
dot1x re-authenticate
å šããŒãåã¯ç¹å®ã®ããŒãã§ã®åèªèšŒã匷å¶çã«è¡ããŸãã
ææ³
dot1x re-authenticate { interface }
⢠interface
ãïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠åèªèšŒããã»ã¹ã¯ãæ¥ç¶ãããã¯ã©ã€ã¢ã³ãã®ãŠãŒã¶ IDãšãã¹ã¯ãŒãã RADIUSãµãŒãã§ç §åããŸããåèªèšŒã®éãã¯ã©ã€ã¢ã³ãã¯ãããã¯ãŒã¯ãžã®æ¥ç¶ãç¶æããããã»ã¹ã¯dot1xã¯ã©ã€ã¢ã³ããœãããŠã§ã¢ã«ãã£ãŠãééçã«åŠçãããŸããããåèªèšŒã倱æããå Žåã®ã¿ãããŒãã¯ãããã¯ããããããŠãŒã¶ã¯ã²ã¹ã VLANã«å²ãåœãŠãããŸãã(530 ããŒãžã®ãdot1x intrusion-actionããåç § )
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout tx-period 300Console(config-if)#
Console#dot1x re-authenticateConsole#
537FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x identity profile
dot1xãµããªã«ã³ããŠãŒã¶ãšãã¹ã¯ãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§èå¥èšå®ãåé€ããŸãã
ææ³
dot1x identity profile [ username username | password password ]
no dot1x identity profile [ username | password ]
⢠usernameïŒ ãµããªã«ã³ããŠãŒã¶åãæå®ïŒç¯å²ïŒ1-8æåïŒ
⢠passwordïŒ ãµããªã«ã³ããã¹ã¯ãŒããæå®ïŒç¯å²ïŒ1-8æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã°ããŒãã«ãµããªã«ã³ãåãšãã¹ã¯ãŒãã¯ããªãŒã»ã³ãã£ã±ãŒã¿ãã MD5 challengeãžã®è¿çæãæ¬æ©ããµããªã«ã³ããšããŠèå¥ããããã«äœ¿çšããŸããæ¬æ©ããããã¯ãŒã¯ã®ä»ã®ãªãŒã»ã³ãã£ã±ãŒã¿ãžã¯ã©ã€ã¢ã³ãèªèšŒãªã¯ãšã¹ããæž¡ãæã«ããããã®ãã©ã¡ãŒã¿ãèšå®ããŸããïŒ"dot1x pae supplicant"ã³ãã³ãïŒP540ïŒãåç § ïŒ
äŸ
Console(config)#dot1x identity profile username steveConsole(config)#dot1x identity profile password excessConsole(config)#
538 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x max-start
ã¯ã©ã€ã¢ã³ãã 802.1Xãèªç¥ããªãã¯ã©ã€ã¢ã³ããæ³å®ããåã«ãããŒããµããªã«ã³ããEAPã¹ã¿ãŒããã¬ãŒã ãã¯ã©ã€ã¢ã³ããžéãæ倧æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x max-start count
no dot1x max-start
⢠countïŒ EAPã¹ã¿ãŒããã¬ãŒã ã®æ倧æ°ïŒç¯å² 1-65535ïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x max-start 10Console(config-if)#
539FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x pae supplicant
ããŒãã® dot1xãµããªã«ã³ãã¢ãŒããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãdot1xãµããªã«ã³ãã¢ãŒããããŒãã§ç¡å¹ã«ããŸãã
ææ³
dot1x pae supplicantno dot1x pae supplicant
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ã³ã³ãããŒã«ã¢ãŒãã "auto" ("dot1x port-control"ã³ãã³ãïŒP533ïŒãåç § )ã«èšå®ããããšã§ãæ¬æ©ã¯éžæãããããŒãã®ãªãŒã»ã³ãã£ã±ãŒã¿ãšããŠèšå®ã§ããã³ã³ãããŒã«ã¢ãŒãã " force-authorized"ã«èšå®ãããã®ã³ãã³ã㧠dot1x ãµããªã«ã³ãã¢ãŒããæå¹ã«ããããšã§ãä»ã®ããŒãã®ãµããªã«ã³ãšããŠèšå®ã§ããŸãã
⢠ãã©ã³ã¯ã®ã¡ã³ããŒã§ããããããŒã㧠LACPãæå¹ã®å ŽåãããŒãã dot1xãµããªã«ã³ããšããŠèšå®ããããšã¯ã§ããŸããã
äŸ
Console(config)#interface ethernet 1/2Console(config-if)#dot1x pae supplicantConsole(config-if)#
540 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x timeout auth-period
ãµããªã«ã³ãããŒãããªãŒã»ã³ãã£ã±ãŒã¿ããã®è¿çãåŸ ã€æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x timeout auth-period secondsno dot1x timeout auth-period
⢠secondsïŒ ç§æ° ïŒç¯å²ïŒ1-65535ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãµããªã«ã³ãã EAPOL-Start.以å€ã®ãã±ããã®ãªãŒã»ã³ãã£ã±ãŒã¿ããè¿çãåŸ ã€æéãèšå®ããŸãã
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout auth-period 60Console(config-if)#
541FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
dot1x timeout held-period
ãµããªã«ã³ãããŒãããã®èšŒææžãåéã®åã«ãæ°ãããªãŒã»ã³ãã£ã±ãŒã¿ãèŠã€ããã®ãåŸ ã€æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
dot1x timeout held-period seconds
no dot1x timeout held-period
⢠secondsïŒ ç§æ° ïŒç¯å²ïŒ1-65535ïŒ
åæèšå®
60ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
dot1x timeout start-period
ãµããªã«ã³ãããŒãããªãŒã»ã³ãã£ã±ãŒã¿ãžã® EAPOL startãã¬ãŒã ã®åéãåŸ ã€æéã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
dot1x timeout start-period seconds
no dot1x timeout start-period
⢠secondsïŒ ç§æ° ïŒç¯å²ïŒ1-65535ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout held-period 120Console(config-if)#
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout start-period 60Console(config-if)#
542 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show dot1x
æ¬æ©ãŸãã¯ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®ããŒãèªèšŒã«é¢é£ããèšå®ç¶æ ã®è¡šç€ºãè¡ããŸãã
ææ³
show dot1x { statistics | interface interface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æ¬ã³ãã³ãã§è¡šç€ºãããã®ã¯ä»¥äžã®æ å ±ã§ãã
⢠Global 802.1X Parameters â æ¬æ©å šäœã«å¯Ÿããã802.1XããŒãèªèšŒã®æå¹ /ç¡å¹
⢠Authenticator Parameters â EAPOL pass-throughã®æå¹ /ç¡å¹ã衚瀺ïŒP529ïŒ
⢠Supplicant Parameters â ã¹ã€ããããªãŒã»ã³ãã£ã±ãŒã¿ãã MD5 challengeãžè¿çããæã«äœ¿çšããããµããªã«ã³ããŠãŒã¶åã衚瀺ïŒP538ïŒ
⢠802.1X Port Summary â åã€ã³ã¿ãã§ãŒã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ã®èšå®å€
ïŒ Type â ããŒãã¢ã¯ã»ã¹ã³ã³ãããŒã«ã®ç®¡çç¶æ
ïŒ Operation Mode â P532 ãdot1x operation-modeãã®èšå®å€
ïŒ Mode â dot1x port-controlã§èšå®ãã dot1xã¢ãŒã (P533)
ïŒ Authorized â èªèšŒç¶æ (yeså㯠n/a - not authorized)
⢠802.1X Port Details â åã€ã³ã¿ãã§ãŒã¹ã§ã®ããŒãã¢ã¯ã»ã¹ã³ã³ãããŒã«èšå®ã®è©³çŽ°ã衚瀺ããŸãã以äžã®å€ã衚瀺ãããŸãã
ïŒ reauthentication - åšæçãªåèªèšŒ (P534)
ïŒ reauth-period - æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã«åèªèšŒãèŠæ±ããéé (P535ïŒ
ïŒ quiet-period - æ倧éä¿¡åæ°è¶ éåŸãæ°ããã¯ã©ã€ã¢ã³ãã®æ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æé (P535)
ïŒ tx-period - èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãéé (P537ïŒ
ïŒ supplicant-timeout - ã¯ã©ã€ã¢ã³ãã®ã¿ã€ã ã¢ãŠã
ïŒ server-timeout - ãµãŒãã®ã¿ã€ã ã¢ãŠã
ïŒ reauth max retries - åèªèšŒã®æ倧åæ°
ïŒ max request - ãŠãŒã¶èªèšŒã®ã¿ã€ã ã¢ãŠããŸã§ã®ãããŒãããã¯ã©ã€ã¢ã³ããžã®EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ° (P531)
ïŒ Operation Mode - 802.1XèªèšŒããŒãã« 1å°ãããã¯è€æ°ã®ãã¹ã (ã¯ã©ã€ã¢ã³ã )ã®æ¥ç¶ãèš±å¯ãããŠããã
543FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
ïŒ Port-control - ããŒãã® dot1xã¢ãŒãã "auto"ã"force-authorized"å㯠"force-unauthorizedã®ãããã«ãªã£ãŠããã (P533)
ïŒ Intrusion action- èªèšŒå€±ææãã¹ã€ãããå šãŠã®é EAPãã©ãã¯ããããã¯ããããã²ã¹ã VLANãžã®ããŒãã«ãã©ãã£ãã¯ãã¢ãµã€ã³ããããèšå® (P530)
ïŒ Supplicant - èªèšŒãããã¯ã©ã€ã¢ã³ãã® MACã¢ãã¬ã¹
⢠Authenticator State Machine â
ïŒ State â çŸåšã®ç¶æ (initializeãdisconnectedãconnectingãauthenticatingã authenticatedãaborting, heldãforce_authorizedãforce_unauthorized)
ïŒ Reauth Count â åèªèšŒåæ°
ïŒ Current Identifierâ èªèšŒæ©èœã«ãããçŸè¡ã®èªèšŒæ¥ç¶ãèå¥ããããã«äœ¿çšãããæŽæ°å€ïŒ0-255ïŒ
⢠Backend State Machine â
ïŒ State â çŸåšã®ç¶æ (requestãresponseãsuccessãfailãtimeoutãidleã initialize)
ïŒ Request Count â ã¯ã©ã€ã¢ã³ãããã®å¿çããªãå Žåã«éä¿¡ããã EAPãªã¯ãšã¹ããã±ããã®éä¿¡åæ°
ïŒ Identifier(Server) â çŽè¿ã® EAPã®æå /倱æåã¯èªèšŒãµãŒãããåä¿¡ãããã±ãã
⢠Reauthentication State Machine â
ïŒ State â çŸåšã®ç¶æ (initializeãreauthenticate)
544 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
äŸ
Console#show dot1xGlobal 802.1X Parameterssystem-auth-control: enable
802.1X Port Summary
Port Name Status Operation Mode Mode Authorized1/1 disabled Single-Host ForceAuthorized n/a1/2 enabled Single-Host auto yes...802.1X Port Details
802.1X is disabled on port 1/1
802.1X is enabled on port 1/2 reauth-enabled: Enable reauth-period: 1800 quiet-period: 30 tx-period: 40 supplicant-timeout: 30 server-timeout: 10 reauth-max: 2 max-req: 5Status AuthorizedOperation mode Single-HostMax count 5Port-control AutoSupplicant 00-12-cf-49-5e-dcCurrent Identifier 3Intrusion action Guest VLAN
Authenticator State MachineState AuthenticatedReauth Count 0
Backend State MachineState IdleRequest Count 0Identifier(Server) 2
Reauthentication State MachineState Initialize...
545FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
4.8.10 管ç IPãã£ã«ã¿ãŒã³ãã³ã
management
æ¬æ©ã§ã¯ç®¡çã¢ã¯ã»ã¹ã«æ¥ç¶ãèš±å¯ããã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ã®èšå®ãè¡ãªãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
management [all-client | http-client | snmp-client | telnet-client ] start-address { end-address }
no management [all-client | http-client | snmp-client | telnet-client ] start-address { end-address }
⢠all-client â SNMP/Webãã©ãŠã¶ /Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠http-client â Webãã©ãŠã¶ã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠snmp-client â SNMPã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ .
⢠telnet-client â Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠start-address â IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ã°ã«ãŒãã®æåã® IPã¢ãã¬ã¹
⢠end-address â IPã¢ãã¬ã¹ã°ã«ãŒãã®æåŸã® IPã¢ãã¬ã¹
åæèšå®
å šãŠã®ã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠èšå®ä»¥å€ã®ç¡å¹ãª IPã¢ãã¬ã¹ãã管çã¢ã¯ã»ã¹ã«æ¥ç¶ãããå Žåãæ¬æ©ã¯æ¥ç¶ãæåŠããã€ãã³ãã¡ãã»ãŒãžãã·ã¹ãã ãã°ã«ä¿åãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ãªããŸãã
⢠SNMPãWebãã©ãŠã¶ãTelnetã¢ã¯ã»ã¹ãžã® IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ç¯å²ã®èšå®ã¯åèšã§æ倧 5ã€ãŸã§èšå®å¯èœã§ãã
⢠SNMPãWebãã©ãŠã¶ãTelnetã®åäžã°ã«ãŒãã«å¯Ÿã㊠IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯ã§ããŸãããç°ãªãã°ã«ãŒãã®å Žåã«ã¯ IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯å¯èœã§ãã
⢠èšå®ãã IPã¢ãã¬ã¹ç¯å²ããç¹å®ã® IPã¢ãã¬ã¹ã®ã¿ãåé€ããããšã¯ã§ããŸãããIPã¢ãã¬ã¹ç¯å²ããã¹ãŠåé€ãããã®åŸèšå®ããçŽããŠäžããã
⢠IPã¢ãã¬ã¹ç¯å²ã®åé€ã¯ IPã¢ãã¬ã¹ç¯å²ã®æåã®ã¢ãã¬ã¹ã ããå ¥åããŠãåé€ããããšãã§ããŸãããŸããæåã®ã¢ãã¬ã¹ãšæåŸã®ã¢ãã¬ã¹ã®äž¡æ¹ãå ¥åããŠåé€ããããšãå¯èœã§ãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
management 管çã¢ã¯ã»ã¹ãèš±å¯ãã IPã¢ãã¬ã¹ãèšå® GC P546
showmanagement
æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ãã®è¡šç€º
PE P547
Console(config)#management all-client 192.168.1.19Console(config)#management all-client 192.168.1.25 192.168.1.30Console#
546 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªèšŒã³ãã³ã
show management
管çã¢ã¯ã»ã¹ãžã®æ¥ç¶ãèš±å¯ãããŠãã IPã¢ãã¬ã¹ã衚瀺ããŸãã
ææ³
show management < all-client | http-client | snmp-client | telnet-client >
⢠all-client â SNMP/Webãã©ãŠã¶ /Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠http-client â Webãã©ãŠã¶ã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠snmp-client â SNMPã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ .
⢠telnet-client â Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show management all-clientManagement Ip FilterHttp-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Snmp-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Telnet-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Console#
547FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9 ã»ãã¥ãªãã£
æ¬æ©ã¯ããããã®ããŒã¿ããŒãã«æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã®ããã«ãã©ãã£ãã¯ãåé¢ããŸãã¯èªèšŒãããã¯ã©ã€ã¢ã³ãã®ã¿ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãå¯èœã«ããããæ§ã ãªã¡ãœããããµããŒãããŠããŸãããã©ã€ããŒã VLANãš IEEE 802.1Xã䜿çšããããŒãããŒã¹èªèšŒã¯éåžžãããã®ç®çã®ããã«äœ¿çšãããŸãããã®ç¯ã§ã¯ããããã®ã¡ãœããã«å ããã¯ã©ã€ã¢ã³ãã»ãã¥ãªãã£ãæäŸããããã®ãã®ä»å€æ°ã®ãªãã·ã§ã³ã«ã€ããŠèª¬æããŸãã
*ããããã£ã«ã¿ãªã³ã°ã³ãã³ãå®è¡ã®ãã©ã€ãªãªãã£ã¯ãPort SecurityãPort AuthenticationãNetwork AccessãWeb AuthenticationãAccess Control ListsãDHCP SnoopingãIP Source Guardã«ãªããŸãã
4.9.1 ããŒãã»ãã¥ãªãã£ã³ãã³ã
ããŒããžã®ããŒãã»ãã¥ãªãã£æ©èœã䜿çšã§ããããã«ããŸããããŒãã»ãã¥ãªãã£æ©èœã䜿çšãããšãããŒãã«ãããæ倧åŠç¿æ°ã«éããéã«MACã¢ãã¬ã¹ã®åŠç¿ãæ¢ããŸãããããŠããã®ããŒãã®åç /éçãªã¢ãã¬ã¹ããŒãã«ã«æ¢ã«ç»é²ãããŠãããœãŒã¹ MACã¢ãã¬ã¹ã®åä¿¡ãã¬ãŒã ã®ã¿ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãããã®ããŒãã§ãä»ã®ããŒããããåŠç¿ãããŠããªãäžæãªãœãŒã¹MACã¢ãã¬ã¹ã®åä¿¡ãã¬ãŒã ã¯ç Žæ£ããŸããåŠç¿ãããŠããªãMACã¢ãã¬ã¹ãéä¿¡ããããã€ã¹ããã£ãå Žåããã®åäœã¯ã¹ã€ããã§æ€ç¥ãããèªåçã«ãã®ããŒããç¡å¹ã«ããSNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
ã³ãã³ã æ©èœ ããŒãžPort Security* ããŒãã®ã»ãã¥ã¢ã¢ãã¬ã¹ãèšå® P548
802.1X Port Authentication*
802.1Xãå©çšãããæå®ããããŒãã§ã®ãã¹ãèªèšŒãèšå®
P528
Network Access* MACèªèšŒåã³åç VLANå²ãåœãŠã®èšå® P550
Web Authentication* WebèªèšŒã®èšå® P567
Access Control Lists*
IPãã¬ãŒã ïŒã¢ãã¬ã¹ããããã³ã«ãã¬ã€ã€ 4ãããã³ã«ããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒããåºã«ããïŒãIPãã¬ãŒã 以å€ïŒMACã¢ãã¬ã¹ãŸãã¯ã€ãŒãµãããã¿ã€ããåºã«ããïŒã®ãã£ã«ã¿ãªã³ã°ãæäŸ
P600
DHCP Snooping*DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒãã«ã«ãããã¢ã³ãã©ã¹ã DHCPã¡ãã»ãŒãžã®ãã£ã«ã¿
P575
IP Source Guard*DHCPã¹ããŒãã³ã°ããŒãã«äžã®åçãšã³ããªãåºã«ãããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹äžã® IPãã©ãã£ãã¯ããã£ã«ã¿
P585
ARP Inspection ARPãã±ãã㧠MAC-to-IPã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®åŠ¥åœæ§ãæ€æ»
P590
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžmac-address-table static VLANå ã®ããŒããžã®éçã¢ãã¬ã¹ã®ãããã³ã° GC P678
port security ããŒãã»ãã¥ãªãã£ã®èšå® IC P549
showmac-address-table ãã©ã¯ãŒãã£ã³ã°ããŒã¿ããŒã¹ã®ãšã³ããªè¡šç€º PE P680
548 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
port security
ããŒããžã®ããŒãã»ãã¥ãªãã£ãæå¹ã«èšå®ããŸããããŒã¯ãŒãã䜿çšãã "no"ãåã«çœ®ãããšã§ããŒãã»ãã¥ãªãã£ãç¡å¹ã«ããŸããããŒã¯ãŒããšå ±ã« "no"ãåã«çœ®ãããšã§äŸµå ¥åäœåã³æ倧 MACã¢ãã¬ã¹ç»é²æ°ãåæèšå®ã«æ»ããŸãã
ææ³
port security { action < shutdown | trap | trap-and-shutdown >
| max-mac-count address-count }
no port security {action | max-mac-count }
⢠action â ããŒãã»ãã¥ãªãã£ãç Žãããå Žåã®ã¢ã¯ã·ã§ã³
ïŒ shutdown â ããŒããç¡å¹
ïŒ trap â SNMPãã©ããã¡ãã»ãŒãžã®çºè¡
ïŒ trap-and-shutdown â SNMPãã©ããã¡ãã»ãŒãžãçºè¡ãããŒããç¡å¹
⢠max-mac-count
ïŒ address-count â ããŒãã«ãããŠåŠç¿ãã MACã¢ãã¬ã¹ã®æ倧å€ïŒç¯å²ïŒ0-1024ã0ã¯ç¡å¹ïŒ
åæèšå®
⢠StatusïŒç¡å¹
⢠ActionïŒãªã
⢠Maximum AddressesïŒ0
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠ããŒãã»ãã¥ãªãã£ãæå¹ã«ããå Žåãæ¬æ©ã¯èšå®ããæ倧åŠç¿æ°ã«éãããšãæå¹ã«ããããŒã㧠MACã¢ãã¬ã¹ã®åŠç¿ãè¡ããªããªããŸãããã§ã«ã¢ãã¬ã¹ããŒãã«ã«ç»é²æžã¿ã® MACã¢ãã¬ã¹ã®ããŒã¿ã®ã¿ãã¢ã¯ã»ã¹ããããšãã§ããŸãã
⢠ãŸã "port security max-mac-count"ã³ãã³ãã䜿çšããŠåŠç¿ããã¢ãã¬ã¹æ°ãèšå®ãã"port security"ã³ãã³ãã§ããŒãã®ã»ãã¥ãªãã£ãæå¹ã«èšå®ããŸãã
⢠æ°ãã VLANã¡ã³ããŒãè¿œå ããå Žåã«ã¯ãMACã¢ãã¬ã¹ã "mac-address-table static"ã³ãã³ãã䜿çšããŸãã
⢠ã»ãã¥ã¢ããŒãã«ã¯ä»¥äžã®å¶éããããŸãïŒâããããã¯ãŒã¯ãçžäºæ¥ç¶ããããã€ã¹ã«ã¯æ¥ç¶ã§ããŸããã
âããã©ã³ã¯ã°ã«ãŒãã«å ããããšã¯ã§ããŸããã
⢠ããŒãã»ãã¥ãªãã£ãæ©èœãããŒããç¡å¹ã«ããå Žåã"no shutdown"ã³ãã³ãã䜿çšããæåã§å床æå¹ã«ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ã5çªããŒãã«ããŒãã»ãã¥ãªãã£ãšããŒãã»ãã¥ãªãã£åäœãèšå®ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#port security action trap
549FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9.2 ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMACã¢ãã¬ã¹èªèšŒïŒ
ã¹ã€ããããŒãã«æ¥ç¶ããããã€ãã®ããã€ã¹ã¯ãããŒããŠã§ã¢ããœãããŠã§ã¢ã®å¶éã«ãã 802.1xèªèšŒããµããŒãã§ããªãããšããããŸããããã¯ãããã¯ãŒã¯ããªã³ã¿ãIPé»è©±ãã¯ã€ã€ã¬ã¹ã¢ã¯ã»ã¹ãã€ã³ãã®ãããªããã€ã¹ã§ãã°ãã°ééããŸããã¹ã€ããã¯ãRADIUSãµãŒããŒã§ããã€ã¹ã® MACã¢ãã¬ã¹ãèªèšŒã管çããããšã§ããããã®ããã€ã¹ããã®ãããã¯ãŒã¯ã¢ã¯ã»ã¹ãå¯èœã«ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
network-access aging MACã¢ãã¬ã¹ãšãŒãžã³ã°ã®æå¹å GC P551
network-access mac-filter MACã¢ãã¬ã¹ããã£ã«ã¿ããŒãã«ãžè¿œå GC P552
mac-authenticationreauth-time
èªèšŒãããMACã¢ãã¬ã¹ãåèªèšŒãè¡ããŸã§ã®æéãèšå®
GC P562
network-accessdynamic-qos åç QoSæ©èœãæå¹ IC P554
network-accessdynamic-vlan èªèšŒããŒãã®ãåç VLANå²ãåœãŠãæå¹ IC P554
network-access guest-vlan
ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMac èªèšŒïŒããã㯠802.1x èªèšŒãæåŠæãå šãŠã®ãã©ãã£ãã¯ãã²ã¹ã VLANããŒããžå²ãåœãŠ
IC P554
network-accesslink-detection ãªã³ã¯æ€åºæ©èœãæå¹å IC P554
network-accesslink-detection link-down
ãªã³ã¯ããŠã³ã€ãã³ããæ€åºãäœçšããããããªã³ã¯æ€åºæ©èœãæå¹å
IC P557
network-accesslink-detection link-up
ãªã³ã¯ã¢ããã€ãã³ããæ€åºãäœçšããããããªã³ã¯æ€åºæ©èœãæå¹å
IC P558
network-accesslink-detection link-up-down
ãªã³ã¯ã¢ãã /ããŠã³ã€ãã³ããæ€åºãäœçšããããããªã³ã¯æ€åºæ©èœãæå¹å
IC P559
network-accessmax-mac-count
ã€ã³ã¿ãã§ãŒã¹ã®èªèšŒ MACã¢ãã¬ã¹æ倧æ°ãèšå®
IC P560
network-access mode mac-authentication ã€ã³ã¿ãã§ãŒã¹ã§MACèªèšŒãæå¹ IC P561
network-accessport-mac-filter æå®ãã MACã¢ãã¬ã¹ãã£ã«ã¿ãæå¹å IC P562
mac-authenticationintrusion-action
ããŒãã§èªèšŒå¯èœãª MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®
IC P562
mac-authenticationmax-mac-count
802.1X èªèšŒããã㯠Mac èªèšŒã«ãã£ãŠãããŒãã«èªèšŒå¯èœãª MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®
IC P554
show network-access ããŒãã€ã³ã¿ãã§ãŒã¹ã®MACèªèšŒèšå®ã衚瀺 PE P564
show network-access macaddress-table
ã»ãã¥ã¢MACã¢ãã¬ã¹ããŒãã«ã®ãšã³ããªæ å ±ã衚瀺 PE P565
show network-accessmac-filter MACãã£ã«ã¿ããŒãã«ã®ãšã³ããªæ å ±ã衚瀺 PE P566
550 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access aging
å®å šãªMACã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŠããèªèšŒ MACã¢ãã¬ã¹ã®ãšãŒãžã³ã°ãæå¹ã«ããŸããã"no"ãåã«çœ®ãããšã§ç¡å¹ã«èšå®ããŸãã
ææ³
network-access aging
no network-access aging
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠èªèšŒããã MACã¢ãã¬ã¹ã¯ãã¹ã€ããã®ã»ãã¥ã¢MACã¢ãã¬ã¹ããŒãã«ã«åçãšã³ããªãšããŠä¿åãããŠããããšãŒãžã³ã°ã¿ã€ã ãçµéãããšåé€ãããŸããã¢ãã¬ã¹ãšãŒãžã³ã°ã¿ã€ã ã«ã€ããŠã¯ " mac-address-table aging-time "ïŒP677ïŒãåç §ããŠãã ããã
⢠æ¬æ©ã§ãµããŒããããŠãããã»ãã¥ã¢ MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024ã§ãã
äŸ
Console(config)#network-access agingConsole(config)#
551FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access mac-filter
ãã£ã«ã¿ããŒãã«ã«MACã¢ãã¬ã¹ãè¿œå ããŸãã"no"ãåã«çœ®ãããšã§æå®ããMACã¢ãã¬ã¹ãåãé€ããŸãã
ææ³
network-access mac-filter < filter-id > mac-address mac-address mask mask
no network-access mac-filter < filter-id > mac-address mac-address mask mask
⢠filter-id â MACã¢ãã¬ã¹ãã£ã«ã¿ããŒãã«ãæå®ã(ç¯å²ïŒ1-64)
⢠mac-address â MACã¢ãã¬ã¹ãšã³ããªãæå® (ãã©ãŒãããïŒ xx-xx-xx-xx-xx-xx)
⢠mask â MACã¢ãã¬ã¹ããããã¹ã¯ã§ç¯å²ãæå®
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æå®ãããã¢ãã¬ã¹ã¯ãããã¯ãŒã¯èªèšŒãå é€ãããŸãã
⢠ãã®ã³ãã³ãã¯ããã¹ã¯ã䜿çšãã¢ãã¬ã¹ã®ç¯å²ãèšå®ããç¹ãšã"network-access port-mac-filter"ã䜿çšãããããã®ã¢ãã¬ã¹ã 1ã€ä»¥äžã®ããŒãã«ã¢ãµã€ã³ããç¹ã§ " mac-address-table static"ã³ãã³ãïŒP678ïŒã䜿çšããéçã¢ãã¬ã¹ã®èšå®ãšã¯ç°ãªããŸãã
⢠æ倧 64ã®ãã£ã«ã¿ããŒãã«ãå®çŸ©ããããšãã§ããŸãã
⢠ãã£ã«ã¿ããŒãã«ã«å ¥ãããšã³ããªæ°ã«å¶éã¯ãããŸããã
äŸ
Console(config)#network-access mac-filter 1 mac-address 11-22-33-44-55-66Console(config)#
552 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
mac-authentication reauth-time
æ¥ç¶ããã MACã¢ãã¬ã¹ãåèªèšŒãããåŸã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
mac-authentication reauth-time seconds
no mac-authentication reauth-time
⢠seconds â åèªèšŒééã(ç¯å²ïŒ120-1000000ç§ )
åæèšå®
1800
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠åèªèšŒæéã¯ã°ããŒãã«èšå®ãšãå šãŠã®ããŒãã«é©çšãããŸãã
⢠ã»ãã¥ã¢ MACã¢ãã¬ã¹ã®åèªèšŒæéã®æéãåãããšãRADIUSãµãŒããŒã§åã³èªèšŒããããªãããŸããåèªèšŒããã»ã¹ã®éãããŒããéããã©ãã£ãã¯ã¯åœ±é¿ãåããŸããã
äŸ
Console(config)#mac-authentication reauth-time 300Console(config)#
553FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access dynamic-qos
èªèšŒããŒãã®ãåç QoSæ©èœãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«èšå®ããŸãã
ææ³
network-access dynamic-qos
no network-access dynamic-qos
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠RADIUSãµãŒãã¯ãªãã·ã§ã³ãšããŠãèªèšŒããããŠãŒã¶ã®ã¹ã€ããããŒããžé©çšãããããã€ããã㯠QoSå²ãåœãŠãè¿ããŸãã"Filter-ID"å±æ§ïŒå±æ§ 11ïŒã¯ä»¥äžã® QoSæ å ±ãæž¡ã RADIUSãµãŒãã§èšå®ãããŸãã
⢠æåŸã®ãŠãŒã¶ã QoSå²ãåœãŠãæã€ããŒãããã°ãªãããæãã¹ã€ããã¯ããŒãããªãªãžãã« QoSèšå®ãžãªã¹ãã¢ããŸãã
⢠ãŠãŒã¶ããæ¢ã«åãããŒããžãã°ãªã³ãããŠãŒã¶ãšéãåç QoSãããã¡ã€ã«ãšå ±ã«ãããã¯ãŒã¯ãžã®ãã°ã€ã³ãè©Šã¿ãå Žåãã¢ã¯ã»ã¹ã¯æåŠãããŸãã
⢠ããŒããåçãããã¡ã€ã«ãããŠããéãå šãŠã®æå QoSèšå®å€æŽã¯ãå šãŠã®ãŠãŒã¶ãããŒããããã°ãªãããåŸã«ã®ã¿å¹æãé©çšãããŸãã
[泚æ ]ãåç QoSã®èšå®å€æŽã¯ã¹ã€ããèšå®ãã¡ã€ã«ã«ä¿åãããŸããã
äŸ
ãã€ããã㯠QoSãããã¡ã€ã«
ãããã¡ã€ã« å±æ§æ§æ äŸ
DiffServ service-policy-in=policy-map-name service-policy-in=p1
Rate Limit rate-limit-input=rate rate-limit-input=100 (in units of Kbps)
802.1p switchport-priority-default=value switchport-priority-default=2
Console(config)#interface ethernet 1/1Console(config-if)#network-access dynamic-qosConsole(config-if)#
554 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access dynamic-vlan
èªèšŒããŒããžã®åç VLANã®å²ãåœãŠãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
network-access dynamic-vlan
no network-access dynamic-vlan
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠æå¹æãã¹ã€ããã«æ¢ã« VLANãäœæãããŠãããªãã°ãRADIUSãµãŒãããè¿ããã VLANèå¥åãããŒããžé©çšãããŸããVLANãäœæããçºã« GVRPã¯äœ¿çšãããŸããã
⢠æåã«èªèšŒããã MACã¢ãã¬ã¹ã«ãã£ãŠæå®ããã VLANèšå®ãããŒãã«å°å ¥ãããŸãããã®ä»ã®ããŒãã§èªèšŒããã MACã¢ãã¬ã¹ã¯åã VLANèšå®ãæã€ããèªèšŒå€±æãšããŠåãæ±ãããŸãã
⢠ããåç VLANå²ãåœãŠãããŒãã§äœ¿çšå¯èœã§ãããRADIUSãµãŒãã VLANèšå®ãè¿ããªããªããèªèšŒã¯äŸç¶æåãšããŠåãæ±ãããŸãã
⢠ããŒãã§ãåç VLANå²ãåœãŠã¹ããŒã¿ã¹ãå€æŽãããå Žåãå šãŠã®èªèšŒãããã¢ãã¬ã¹ã¯ã»ãã¥ã¢ MACã¢ãã¬ã¹ããŒãã«ããã¯ãªã¢ãããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access dynamic-vlanConsole(config-if)#
555FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access guest-vlan
ãããã¯ãŒã¯ã¢ã¯ã»ã¹ïŒMac èªèšŒïŒããã㯠802.1x èªèšŒãæåŠæãå šãŠã®ãã©ãã£ãã¯ãã²ã¹ã VLANããŒããžå²ãåœãŠãŸãã"no"ãåã«çœ®ãããšã§ã²ã¹ã VLANã¢ãµã€ã¡ã³ããç¡å¹ã«ããŸãã
ææ³
network-access guest-vlan vlan-id
no network-access guest-vlan
⢠vlan-id â VLAN IDãæå®ïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ã²ã¹ã VLANãšããŠäœ¿çšããã VLANã¯å ã«å®çŸ©ãã¢ã¯ãã£ãã«èšå®ããŠãã ããïŒ722 ããŒãžã®ãvlan databaseããåç §ïŒ
⢠802.1XèªèšŒã§äœ¿çšãããéã«ã¯ã"intrusion-action"㯠" guest-vlan"ã«å¯Ÿãå¹æãããããèšå®ããå¿ èŠããããŸããïŒP530ïŒ
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access guest-vlan 25Console(config-if)#
556 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access link-detection
éžæããããŒãã§ã®ãªã³ã¯æ€åºãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
network-access link-detection
no network-access link-detection
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
network-access link-detection link-down
ãªã³ã¯ããŠã³ã€ãã³ãã®æ€åºãè¡ããŸããæ€åºæãã¹ã€ããã¯ããŒããã·ã£ããããŠã³ããããSNMPãã©ãããéä¿¡ããŸãããŸãã¯ãã®äž¡æ¹ãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ããŸãã
ææ³
network-access link-detection link-down action [shutdown | trap | trap-and-shutdown]
no network-access link-detection
⢠shutdownïŒããŒããç¡å¹
⢠trapïŒ SNMPãã©ããã¡ãã»ãŒãžãçºè¡
⢠trap-and-shutdownïŒ SNMPãã©ããã¡ãã»ãŒãžã®çºè¡ãšããŒãã®ç¡å¹
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access link-detectionConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#network-access link-detection link-down action trapConsole(config-if)#
557FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access link-detection link-up
ãªã³ã¯ã¢ããã€ãã³ãã®æ€åºãè¡ããŸããæ€åºæãã¹ã€ããã¯ããŒããã·ã£ããããŠã³ããããSNMPãã©ãããéä¿¡ããŸãããŸãã¯ãã®äž¡æ¹ãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ããŸãã
ææ³
network-access link-detection link-up action [shutdown | trap | trap-and-shutdown]
no network-access link-detection
⢠shutdownïŒããŒããç¡å¹
⢠trapïŒ SNMPãã©ããã¡ãã»ãŒãžãçºè¡
⢠trap-and-shutdownïŒ SNMPãã©ããã¡ãã»ãŒãžã®çºè¡ãšããŒãã®ç¡å¹
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access link-detection link-up action trapConsole(config-if)#
558 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access link-detection link-up-down
ãªã³ã¯ã¢ãããšãªã³ã¯ããŠã³ã€ãã³ãã®æ€åºãè¡ããŸããããããã®ã€ãã³ããæ€åºæãã¹ã€ããã¯ããŒããã·ã£ããããŠã³ããããSNMPãã©ãããéä¿¡ããŸãããŸãã¯ãã®äž¡æ¹ãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ããŸãã
ææ³
network-access link-detection link-up-down action [shutdown | trap | trap-and-shutdown]
no network-access link-detection
⢠shutdownïŒããŒããç¡å¹
⢠trapïŒ SNMPãã©ããã¡ãã»ãŒãžãçºè¡
⢠trap-and-shutdownïŒ SNMPãã©ããã¡ãã»ãŒãžã®çºè¡ãšããŒãã®ç¡å¹
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access link-detection link-up-down action trapConsole(config-if)#
559FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access max-mac-count
å šãŠã®èªèšŒãã©ãŒã ã«ãã£ãŠãããŒãã€ã³ã¿ãã§ãŒã¹ã§èªèšŒã§ããMACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
network-access max-mac-count count
no network-access max-mac-count
⢠count â èš±å¯ãããèªèšŒ MACã¢ãã¬ã¹ã®æ倧æ°ã(ç¯å²ïŒ1-2048 0ã¯å¶éç¡ã )
åæèšå®
1024
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ããŒãããšã® MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024ã§ãããæ¬æ©ã§ãµããŒããããŠããã»ãã¥ã¢ MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024ã§ããå¶éã«éãããšãå šãŠã®æ°ãã MACã¢ãã¬ã¹ã¯èªèšŒå€±æãšããŠåãæ±ãããŸãã
äŸ
Console(config-if)#network-access max-mac-count 5Console(config-if)#
560 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access mode mac-authentication
ãããã¯ãŒã¯ã¢ã¯ã»ã¹èªèšŒãããŒãã§æå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«èšå®ããŸãã
ææ³
network-access mode mac-authenticationno network-access mode mac-authentication
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ããŒãã§æå¹ã®å ŽåãèªèšŒããã»ã¹ã¯ãèšå®ããã RADIUSãµãŒããžãã¹ã¯ãŒãèªèšŒãããã³ã«ïŒPAPïŒãªã¯ãšã¹ããéä¿¡ããŸãã
⢠RADIUSãµãŒããŒäžã§ã¯ãPAPãŠãŒã¶åãšãã¹ã¯ãŒã㯠MACã¢ãã¬ã¹ãã©ãŒãããã§èšå®ãããŸãã
⢠èªèšŒããã MACã¢ãã¬ã¹ã¯ãã¹ã€ããã®ã»ãã¥ã¢ã¢ãã¬ã¹ããŒãã«ã«åçãšã³ããªãšããŠä¿åããããšãŒãžã³ã°ã¿ã€ã ã®æéãåãããšåé€ãããŸããæ¬æ©ã§ãµããŒããããŠããã»ãã¥ã¢ MACã¢ãã¬ã¹ã®æ倧æ°ã¯ 1024ã§ãã
⢠ã¹ã€ããããŒãã§èŠãããéç MACã¢ãã¬ã¹ã¯ã»ãã¥ã¢ã¢ãã¬ã¹ããŒãã«ã«è¿œå ãããŸããéçã¢ãã¬ã¹ã¯ RADIUSãµãŒããŒãžãªã¯ãšã¹ããéããã«ãèªèšŒãããã¢ãã¬ã¹ãšããŠåãæ±ãããŸãã
⢠MACèªèšŒã802.1XãããŒãã»ãã¥ãªãã£ã¯åæã«åãããŒãã«èšå®ããããšã¯ã§ããŸããã1ã€ã®ã»ãã¥ãªãã£ã¡ã«ããºã ã®ã¿ãé©çšã§ããŸãã
⢠MACèªèšŒã¯ãã©ã³ã¯ããŒãã«èšå®ã§ããŸããã
⢠ããŒãã¹ããŒã¿ã¹ãããŠã³ãžå€ãããšãå šãŠã® MACã¢ãã¬ã¹ã¯ã»ãã¥ã¢ã¢ãã¬ã¹ããŒãã«ããåé€ãããŸããéç VLANå²ãåœãŠã¯ãªã¹ãã¢ãããŸããã
⢠RADIUSãµãŒãã¯ãªãã·ã§ã³ãšããŠãVLANèå¥ã®ãªã¹ããè¿ããŸããVLANèå¥ãªã¹ã㯠"Tunnel-Private-Group-ID"å±æ§ã«èŒããããŸããVLANãªã¹ãã¯ã"1u,2t,"ãã©ãŒãããã䜿çšããŠãè€æ°ã® VLANèå¥ãå«ãããšãåºæ¥ãŸãã"u"ã¯ã¿ã°ç¡ã VLANã瀺ãã"t"ã¯ã¿ã°ä»ã VLANã瀺ããŸãã"Tunnel-Type"å±æ§ã¯ "VLAN,"ãš "Tunnel-Medium-Type"å±æ§ã "802"ã«ã»ããããŸãã
äŸ
Console(config-if)#network-access mode mac-authenticationConsole(config-if)#
561FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
network-access port-mac-filter
æå®ãã MACã¢ãã¬ã¹ãã£ã«ã¿ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«ããŸãã
ææ³
network-access port-mac-filter filter-id
no network-access port-mac-filter
⢠filter-id â MACã¢ãã¬ã¹ãã£ã«ã¿ããŒãã«ãæå®ã(ç¯å²ïŒ1-64)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ããŒãã«å²ãåœãŠããããã£ã«ã¿ããŒãã«ã¯ 1ã€ã ãã§ãã
äŸ
mac-authentication intrusion-action
MACèªèšŒå€±ææã«ãããŒãããã¹ããžè¡ãè¡åãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
mac-authentication intrusion-action < block traffic | pass traffic >
no mac-authentication intrusion-action
åæèšå®
Block Traffic
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#network-access port-mac-filter 1Console(config-if)#
Console(config-if)#mac-authentication intrusion-action block-trafficConsole(config-if)#
562 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
mac-authentication max-mac-count
802.1X èªèšŒããã㯠Mac èªèšŒã«ãã£ãŠãããŒãã«èªèšŒå¯èœãª MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
mac-authentication max-mac-count count
no mac-authentication max-mac-count
⢠count â èªèšŒã§ãã MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããŸããïŒç¯å²ïŒ1-1024ïŒ
åæèšå®
1024
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config-if)#mac-authentication max-mac-count 32Console(config-if)#
563FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show network-access
ããŒãã€ã³ã¿ãã§ãŒã¹ã®ãMACèªèšŒèšå®ã衚瀺ããŸãã
ææ³
show network-access { interface interface }
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show network-access interface ethernet 1/1Global secure port informationReauthentication Time : 1800----------------------------------------------------------------------------------------------------Port : 1/1MAC Authentication : DisabledMAC Authentication Intrusion action : Block trafficMAC Authentication Maximum MAC Counts : 1024Maximum MAC Counts : 2048Dynamic VLAN Assignment : EnabledGuest VLAN : DisabledConsole#
564 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show network-access mac-address-table
ã»ãã¥ã¢ MACã¢ãã¬ã¹ããŒãã«ãšã³ããªã衚瀺ããŸãã
ææ³
show network-access mac-address-table { static | dynamic | address mac-address mask | interface interface | sort < address | interface> }
⢠static â éçã¢ãã¬ã¹ãšã³ããªãæå®
⢠dynamic â åçã¢ãã¬ã¹ãšã³ããªãæå®
⢠mac-address â MACã¢ãã¬ã¹ãšã³ããªãæå®ïŒãã©ãŒãããïŒ xx-xx-xx-xx-xx-xxïŒ
⢠mask â MACã¢ãã¬ã¹ããããã¹ã¯ãæå®
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠sort â 衚瀺ããããšã³ããªã MACã¢ãã¬ã¹ãŸãã¯ã€ã³ã¿ãã§ãŒã¹ã§ãœãŒãããŸãã
åæèšå®
å šãŠã®ãã£ã«ã¿ã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show network-access mac-address-table---- ----------------- --------------- --------- -----------------------Port MAC-Address RADIUS-Server Attribute Time---- ----------------- --------------- --------- -----------------------1/1 00-00-01-02-03-04 172.155.120.17 Static 00d06h32m50s1/1 00-00-01-02-03-05 172.155.120.17 Dynamic 00d06h33m20s1/1 00-00-01-02-03-06 172.155.120.17 Static 00d06h35m10s1/3 00-00-01-02-03-07 172.155.120.17 Dynamic 00d06h34m20sConsole#
565FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show network-access mac-filter
MACãã£ã«ã¿ããŒãã«ã®é ç®ã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show network-access mac-filter { filter-id }
⢠filter-id â MACã¢ãã¬ã¹ãã£ã«ã¿ããŒãã«ã衚瀺ïŒç¯å²ïŒ1-64ïŒ
åæèšå®
å šãŠã®ãã£ã«ã¿ã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show network-access mac-filterFilter ID MAC Address MAC Mask--------- ----------------- -----------------1 00-00-01-02-03-08 FF-FF-FF-FF-FF-FFConsole#
566 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9.3 WebèªèšŒ
WebèªèšŒã¯ã802.1xããããã¯ãŒã¯ã¢ã¯ã»ã¹èªèšŒãå®è¡äžå¯èœãŸãã¯å®çšçã§ãªãç¶æ³ã§ããããã¯ãŒã¯ãžã®èªèšŒãšã¢ã¯ã»ã¹ãè¡ãããšã端æ«ã«èš±å¯ããŸããWebèªèšŒæ©èœã¯ IPã¢ãã¬ã¹ãå²ãåœãŠã DHCPã®ãªã¯ãšã¹ããšåä¿¡ãDNSã¯ãšãªã®å®è¡ããèªèšŒãããŠããªããã¹ãã«èš±å¯ããŸããHTTPãé€ããã»ãã®ãã¹ãŠã®ãã©ãã£ãã¯ã¯ãããã¯ãããŸããã¹ã€ãã㯠HTTPãã©ãã£ãã¯ãååããRADIUSãéããŠãŠãŒã¶ãŒããŒã ãšãã¹ã¯ãŒããå ¥åãããã¹ã€ãããçæããWebããŒãžã«ãªãã€ã¬ã¯ãããŸããäžåºŠèªèšŒã«æåãããšãWebãã©ãŠã¶ã¯å ã®ãªã¯ãšã¹ããããWebããŒãžã«è»¢éãããŸããèªèšŒãæåããããŒãã«æ¥ç¶ããããã¹ãŠã®ãã¹ãã«ã€ããŠãèªèšŒãæå¹ã«ãªããŸãã
[ 泚æ ]ãé©åã«æ©èœãããããã« RADIUS èªèšŒãã¢ã¯ãã£ããŒãããWeb èªèšŒçšã«é©åã«æ§æããŠãã ããã
[泚æ ]ãWebèªèšŒã¯ãã©ã³ã¯ããŒãã«èšå®ããããšã¯ã§ããŸããã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžweb-authlogin-attempts WebèªèšŒãã°ã€ã³å€±ææã®åèªèšŒåæ°ãèšå® GC P568
web-authquiet-period
WebèªèšŒãã°ã€ã³ã®æ倧åæ°ãéããåŸãæ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æéãèšå®
GC P569
web-authsession-timeout ã»ãã·ã§ã³ã¿ã€ã ã¢ãŠãæéãèšå® GC P569
web-authsystem-auth-control WebèªèšŒãã°ããŒãã«ã§æå¹ GC P570
web-auth WebèªèšŒãã€ã³ã¿ãã§ãŒã¹ã§æå¹ IC P570
web-auth re-authenticate(Port)
ããŒãã«ç¢ºç«ãããŠããå šãŠã®WebèªèšŒã»ãã·ã§ã³ãçµäº
PE P571
web-auth re-authenticate (IP)
ãŒãã«ç¢ºç«ãããŠããå šãŠã®WebèªèšŒã»ãã·ã§ã³ãçµäº
PE P571
show web-auth ã°ããŒãã«WebèªèšŒãã©ã¡ãŒã¿ã衚瀺 PE P572
show web-authinterface
æå®ããã€ã³ã¿ãã§ãŒã¹ã®WebèªèšŒãã©ã¡ãŒã¿ããã³çµ±èšå€ã衚瀺
PE P573
show web-authsummary
æå®ãã IPã¢ãã¬ã¹ã§ç¢ºç«ãããŠãã WebèªèšŒã»ãã·ã§ã³ãçµäº
PE P574
567FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
web-auth login-attempts
èªèšŒãã°ã€ã³å€±ææã«ãåèªèšŒãè¡ãå¶éãèšå®ããŸããèšå®ããæ倧åæ°ãéããåŸã¯ã"web-authquiet-period"ãèšå®ããæéãåãããŸã§ãã¹ã€ããã¯ãã以äžã®ãã°ã€ã³ãæåŠããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
web-auth login-attempts count
no web-auth login-attempts
⢠count â ãã°ã€ã³ã®è©Šè¡åæ°ã®äžéãèšå®ããŸãïŒç¯å²ïŒ1-3åïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#web-auth login-attempts 2Console(config)#
568 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
web-auth quiet-period
WebèªèšŒãã°ã€ã³ã®ãæ倧詊è¡åæ°ãéããåŸããã°ã€ã³åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
web-auth quiet-period time
no web-auth quiet period
⢠timeâ ãã¹ãããã°ã€ã³ã®è©Šè¡åæ°ã®äžéãè¶ ããåŸãåã³èªèšŒãã§ãããŸã§ã«åŸ æ©ããæéãèšå®ããŸãïŒç¯å²ïŒ1ïŒ 180ç§ïŒ
åæèšå®
60ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
web-auth session-timeout
ã»ãã·ã§ã³ã¿ã€ã ã¢ãŠãæéãèšå®ããŸããèšå®ããã¿ã€ã ã¢ãŠãæéã«éããæããã¹ãã¯åŒ·å¶çã«ãã°ãªããããå床èªèšŒãè¡ãå¿ èŠããããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
web-auth session-timeout timeout
no web-auth session timeout
⢠timeoutâ ãã¹ãã®åèªèšŒãããåã«èªèšŒã»ãã·ã§ã³ãã©ã®ãããã®æéç¶æããããèšå®ããŸãïŒç¯å²ïŒ300-3600ç§ïŒ
åæèšå®
3600ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#web-auth quiet-period 120Console(config)#
Console(config)#web-auth session-timeout 1800Console(config)#
569FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
web-auth system-auth-control
WebèªèšŒãã°ããŒãã«ã§æå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
web-auth system-auth-control
no web-auth system-auth-control
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
web-auth
WebèªèšŒãã€ã³ã¿ãã§ãŒã¹ã§æå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
web-auth
no web-auth
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#web-auth system-auth-controlConsole(config)#
Console(config-if)#web-authConsole(config-if)#
570 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
web-auth re-authenticate ïŒPortïŒ
ããŒãã«ç¢ºç«ãããŠããå šãŠã®WebèªèšŒã»ãã·ã§ã³ãçµäºããŸãããŠãŒã¶ã¯åèªèšŒãè¡ãå¿ èŠããããŸãã
ææ³
web-auth re-authenticate interface interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
web-auth re-authenticate ïŒIPïŒ
æå®ãã IPã¢ãã¬ã¹ã§ç¢ºç«ãããŠããWebèªèšŒã»ãã·ã§ã³ãçµäºããŸãããŠãŒã¶ã¯åèªèšŒãè¡ãå¿ èŠããããŸãã
ææ³
sweb-auth re-authenticate interface interface IP Address
⢠interface
ïŒ ethernet unit/port
ãïŒ unitïŒãŠãããçªå·ã"1"
ãïŒ portïŒããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠IP Addressâ IPv4 ãã©ãŒããã IP ã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#web-auth re-authenticate interface ethernet 1/2Console#
Console#web-auth re-authenticate interface ethernet 1/2 192.168.1.5Console#
571FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show web-auth
ã°ããŒãã«WebèªèšŒãã©ã¡ãŒã¿ã衚瀺ããŸãã
ææ³
show web-auth
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show web-authGlobal Web-Auth Parameters: System Auth Control : Disabled Session Timeout : 3600 seconds Quiet Period : 60 seconds Max Login Attempts : 3Console#
572 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show web-auth interface
æå®ããã€ã³ã¿ãã§ãŒã¹ã®WebèªèšŒãã©ã¡ãŒã¿ããã³çµ±èšå€ã衚瀺ããŸãã
ææ³
show web-auth interface interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show web-auth interface ethernet 1/1 Web Auth Status : DisabledConsole#
573FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show web-auth summary
WebèªèšŒããŒããã©ã¡ãŒã¿ããã³çµ±èšå€ã®æŠèŠã衚瀺ããŸãã
ææ³
show web-auth summary
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show web-auth summaryGlobal Web-Auth ParametersSystem Auth Control : EnabledPort Status Authenticated Host Count---- ------ ------------------------1/ 1 Disabled 01/ 2 Enabled 01/ 3 Disabled 01/ 4 Disabled 01/ 5 Disabled 01/ 6 Disabled 01/ 7 Disabled 01/ 8 Disabled 01/ 9 Disabled 0 1/10 Disabled 0Console#
574 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9.4 DHCPã¹ããŒãã³ã°
DHCP ã¹ããŒãã³ã°ã¯ãæªæã®ãã DHCPãµãŒããŒã DHCPãµãŒããŒã«é¢é£ã®ããæ å ±ãéä¿¡ããä»ã®ããã€ã¹ãããããã¯ãŒã¯ãå®ããŸãããã®æ å ±ã¯ç©çããŒããž IPã¢ãã¬ã¹ãæ»ãéãžã®è¿œè·¡ã«åœ¹ç«ã€å ŽåããããŸãããã®é ã§ã¯ DHCP ã¹ããŒãã³ã°æ©èœãæ§æããããã«äœ¿çšããã³ãã³ãã«ã€ããŠèšèŒããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip dhcp snooping DHCPã¹ããŒãã³ã°ãã¹ã€ããã§æå¹å GC P576
ip dhcp snoopingdatabase flash
å šãŠã®åçåŠç¿ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªã«æžã蟌ã¿
GC P577
ip dhcp snoopinginformation option DHCP Option 82æ å ±ãªã¬ãŒãæå¹ /ç¡å¹å GC P578
ip dhcp snoopinginformation policy
DHCP Option 82æ å ±ãå«ããDHCPã¯ã©ã€ã¢ã³ããã±ãã Information option policyãèšå®
GC P579
ip dhcp snooping verifymac-address
ã€ãŒãµããããããäžã® MACã¢ãã¬ã¹ã«å¯ŸããŠDHCPãã±ããã«ã¹ãã¢ãããã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ã確èª
GC P580
ip dhcp snooping vlan DHCPã¹ããŒãã³ã°ãæå®ã® VLANã§æå¹å GC P581
ip dhcp snooping trust æå®ããã€ã³ã¿ãã§ãŒã¹ã trustedããŒãã«èšå® IC P582
clear ip dhcp snoopingdatabase flash
åçã«åŠç¿ãããŠããå šãŠã®ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªããåé€
PE P583
show ip dhcp snooping DHCPã¹ããŒãã³ã°èšå®ã衚瀺 PE P583
show ip dhcp snoopingbinding
DHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒãã«ãšã³ããªã衚瀺
PE P584
575FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping
ãã®ã³ãã³ã㯠DHCP ã¹ããŒãã³ã°æ©èœãæå¹ã«ããŸããnoãä»ãããšèšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
ip dhcp snooping
no ip dhcp snooping
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãããã¯ãŒã¯ã®å€åŽããæªæã®ãã DHCPã¡ãã»ãŒãžãåä¿¡ããããšãããããã¯ãŒã¯ãã©ãã£ãã¯ãæ··ä¹±ããå¯èœæ§ããããŸããDHCP ã¹ããŒãã³ã°ã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã®å®å šã§ãªãã€ã³ã¿ãŒãã§ãŒã¹ã§åä¿¡ãã DHCPã¡ãã»ãŒãžããã£ã«ã¿ããããã«äœ¿çšãããŸããDHCP ã¹ããŒãã³ã°ããã®ã³ãã³ãã§æå¹ã«ã㊠ip dhcp snooping vlanã³ãã³ã㧠VLANã€ã³ã¿ãŒãã§ãŒã¹äžã® DHCP ã¹ããŒãã³ã°ãæå¹ã«ãããšããDHCP ã¹ããŒãã³ã°ããŒãã«ã®ãªã¹ãã«èŒã£ãŠããªãããã€ã¹ãããã¹ã€ããã® untrustã€ã³ã¿ãŒãã§ãŒã¹ã§ DHCPã¡ãã»ãŒãžãåä¿¡ãããšããããç Žæ£ããŸãã
⢠æå¹ã«ãããšããuntrustã®ã€ã³ã¿ãŒãã§ãŒã¹ã«å ¥ã£ã DHCPã¡ãã»ãŒãžã«ã¯ãDHCP ã¹ããŒãã³ã°ã§åŠç¿ãããã€ãããã¯ãšã³ããªãããŒã¹ã«ãããã£ã«ã¿ãè¡ãããŸãã
⢠DHCP ã¹ããŒãã³ã°ããŒãã«ã®ãšã³ããªã¯ãuntrustã€ã³ã¿ãŒãã§ãŒã¹ããã®ãã±ããã®ã¿åŠç¿ãããŸããããããã®ãšã³ããªã«ã¯ MACã¢ãã¬ã¹ãIPã¢ãã¬ã¹ããªãŒã¹ã¿ã€ã ããšã³ããªã¿ã€ãïŒDynamic DHCP BindingãStatic DHCP BindingïŒãVLAN IDãPort IDãå«ãŸããŠããŸãã
⢠DHCP ã¹ããŒãã³ã°ãæå¹ã«ãããšããã¹ã€ãããåŠçããããšã®ã§ãã DHCPã¡ãã»ãŒãžã®æ°ã®å¶éãèšå®ããã1ç§åœãã 100ãã±ãããšãªããŸãããã®å¶éãè¶ãã DHCPãã±ããã¯ç Žæ£ãããŸãã
⢠ãã£ã«ã¿ã®ã«ãŒã«ã¯äžèšã®éãã§ãã
ïŒ DHCP ã¹ããŒãã³ã°ãç¡å¹ã®å ŽåãDHCPãã±ããã¯è»¢éãããã
ïŒ DHCP ã¹ããŒãã³ã°ãæå¹ã§ DHCPãã±ãããåä¿¡ãã VLANäžã§ãæå¹ã®å Žåããã¹ãŠã® DHCPãã±ãã㯠trustç¶æ ã®ããŒãã«åããŠè»¢éãããŸããåä¿¡ãããã±ããã DHCP ACKã¡ãã»ãŒãžã®å Žåããã®ãšã³ããªã¯ãã€ã³ãããŒãã«ã«è¿œå ãããŸãã
ïŒ DHCP ã¹ããŒãã³ã°ãæå¹ã§ DHCPãã±ãããåä¿¡ãã VLANäžã§ãæå¹ã ããããŒãã trustã§ãªãå Žåã¯äžèšã®åäœãè¡ããŸãã
ïŒ1ïŒDHCPãã±ããã DHCPãµãŒããŒããã®è¿çãã±ããïŒOFFER,ACK,NAKã¡ãã»ãŒãžãå«ãïŒã®å Žåããã®ãã±ããã¯ç Žæ£ãããŸãã
576 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ïŒ2ïŒDHCPãã±ãããã¯ã©ã€ã¢ã³ãããã®ãã®ã§ããå ŽåãDECLINEã RELEASE
ã¡ãã»ãŒãžã®ãããªãã±ããã¯ãäžèŽãããšã³ããªããã€ã³ãããŒãã«ã§èŠã€ãã£ãå Žåã®ã¿ãã¹ã€ããã¯ãã±ããã転éããŸãã
ïŒ3ïŒDHCPãã±ãããã¯ã©ã€ã¢ã³ãããã®ãã®ã§ããå ŽåãDISCOVERãREQUESTãINFORMãDECLINEãRELEASEã¡ãã»ãŒãžã®ãããªãã±ããã¯ãMACã¢ãã¬ã¹ã«ããç §åãç¡å¹ã§ããå Žåã«ã¯ãã±ããã¯è»¢éãããŸããããããMACã¢ãã¬ã¹ã®ç §åãæå¹ã®å ŽåãDHCPãã±ããã«èšé²ãããŠããã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ã Ehternetãããã® Source MACã¢ãã¬ã¹ãšåãå Žåã«ãã±ããã¯è»¢éãããŸãã
ïŒ4ïŒDHCPãã±ãããèªèã§ããªãã¿ã€ãã®å Žåã¯ç Žæ£ãããŸãã
ïŒã¯ã©ã€ã¢ã³ãããã® DHCPãã±ãããäžèšã®ãã£ã«ã¿åºæºãééããå Žåãåã VLANã® trustããŒãã«è»¢éãããŸãã
ïŒãµãŒããŒããã® DHCPãã±ããã trustããŒãã§åä¿¡ãããå Žåãåã VLANã® trustããŒããš untrustããŒãã«è»¢éãããŸãã
⢠DHCP ã¹ããŒãã³ã°ãç¡å¹ã®å Žåããã¹ãŠã®ãã€ãããã¯ãšã³ããªã¯ãã€ã³ãããŒãã«ããåãé€ãããŸãã
⢠ã¹ã€ããèªèº«ã DHCPã¯ã©ã€ã¢ã³ãã®å Žåã®åäœïŒã¹ã€ããã DHCPãµãŒããŒã«ã¯ã©ã€ã¢ã³ãã® Requestãã±ãããéä¿¡ããããŒã㯠trustãšããŠèšå®ããªããŠã¯ãããŸãããã¹ã€ãã㯠DHCPãµãŒããŒãã ACKã¡ãã»ãŒãžãåä¿¡ãããšããèªèº«ã®æ å ±ããã€ã³ãããŒãã«ã®ãã€ãããã¯ãšã³ããªãšããŠè¿œå ããŸããããŸããã¹ã€ãããDHCPã¯ã©ã€ã¢ã³ãã®ãã±ãããèªèº«ã«éä¿¡ãããšãããã£ã«ã¿ã®åäœã¯çºçããŸãããããããã¹ã€ããã DHCPãµãŒããŒããã¡ãã»ãŒãžãåä¿¡ãããšããuntrustããŒãã§åä¿¡ãããã±ããã¯ãã¹ãŠç Žæ£ãããŸãã
äŸ
é¢é£ããã³ãã³ã
ip dhcp snooping vlanïŒP581ïŒip dhcp snooping trustïŒP582ïŒ
ip dhcp snooping database flash
å šãŠã®åçåŠç¿ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªã«æžã蟌ã¿ãŸãã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#ip dhcp snoopingConsole(config)#
Console(config)#ip dhcp snooping database flashConsole(config)#
577FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping information option
ãã®ã³ãã³ãã¯ã¹ã€ããã® DHCP Option 82 Information Relayæ©èœãæå¹ã«ããŸããnoãä»ãããšãã®æ©èœã¯ç¡å¹ã«ãªããŸãã
ææ³
ip dhcp snooping information option
no ip dhcp snooping information option
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠DHCPæ©èœã¯ã¹ã€ãããš DHCPã¯ã©ã€ã¢ã³ãã«ã€ããŠã®æ å ±ã DHCPãµãŒããŒã«éä¿¡ããããããªã¬ãŒæ©èœãè£ åããŠããŸããDHCP Option 82ãšããŠç¥ãããæ©èœã§ãIPã¢ãã¬ã¹ãå²ãåœãŠããšãã®æ å ±ã䜿çšããããããããã¯ã¯ã©ã€ã¢ã³ãã«ä»ã®ãµãŒãã¹ãããªã·ãŒãèšå®ããããã« DHCPãµãŒããŒãå ±çšã§ããç¶æ ã«ããŸãã
⢠DHCP Snooping Information Optionãæå¹ã®ãšããã¯ã©ã€ã¢ã³ã㯠MACã¢ãã¬ã¹ãããããã¯ã©ã€ã¢ã³ããæ¥ç¶ãããŠããã¹ã€ããã®ããŒãã«ãã£ãŠåäžã®ãã®ã§ãããšèå¥ãããŸããããã«ãããDHCPã¯ã©ã€ã¢ã³ããšãµãŒããŒéã®ã¡ãã»ãŒãžäº€æã¯ãVLANå šäœã«ã¡ãã»ãŒãžããã©ããã£ã³ã°ããããšãªãã§ã¯ã©ã€ã¢ã³ããšãµãŒããŒéãçŽæ¥è»¢éããŸãã
⢠ã¹ã€ããäžã§ DHCP Option 82ã®æ å ±ããã±ããã®äžã«å ¥ããããã«ã¯ DHCP Snoopingæ©èœãæå¹ã«ããŠãã ããã
äŸ
Console(config)#ip dhcp snooping information optionConsole(config)#
578 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping information policy
ãã®ã³ãã³ã㯠Option 82ãå«ã DHCPã¯ã©ã€ã¢ã³ãããã®ãã±ããã®ãããDHCP ã¹ããŒãã³ã° Information Optionãèšå®ããŸãã
ææ³
ip dhcp snooping information policy <drop | keep | replace>
⢠dropïŒãã±ããäžã® Option82æ å ±ãç Žæ£ããå šãŠã® VLANã«ãã©ããã£ã³ã°ããŸãã
⢠keepïŒ DHCPã¯ã©ã€ã¢ã³ãæ å ±ãæ®ããŸãã
⢠replaceïŒ DHCPã¯ã©ã€ã¢ã³ããã±ããæ å ±ãã¹ã€ããèªèº«ã®ãªã¬ãŒæ å ±ã§çœ®ãæãããããããŸãã
åæèšå®
replace
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã¹ã€ããã DHCP Option 82ãæ¢ã«å«ãã§ããã¯ã©ã€ã¢ã³ããã DHCPãã±ãããåä¿¡ãããšããã¹ã€ããã¯ãããã®ãã±ããã®ããã¢ã¯ã·ã§ã³ããªã·ãŒã®èšå®ãæ§æããŸããDHCPãã±ãããç Žæ£ãããã©ãããOption 82ã®æ å ±ããã®ãŸãŸã«ããããOption 82ãã¹ã€ããèªèº«ã®ãªã¬ãŒæ å ±ã«çœ®ãæããããéžæããããšãã§ããŸãã
äŸ
Console(config)#ip dhcp snooping information policy dropConsole(config)#
579FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping verify mac-address
DHCPãã±ããã«ã¹ãã¢ãããã¯ã©ã€ã¢ã³ãããŒããŠã§ã¢ã¢ãã¬ã¹ã«å¯Ÿããã€ãŒãµããããããã®éä¿¡å MACã¢ãã¬ã¹ãæ€æ»ããŸãã
ææ³
ip dhcp snooping verify mac-address
no ip dhcp snooping verify mac-address
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠MACã¢ãã¬ã¹æ€æ»ãæå¹ã§ããããã±ããã®ã€ãŒãµããããããå ã®éä¿¡å MACã¢ãã¬ã¹ããã¯ã©ã€ã¢ã³ãã® DHCPãã±ããã®ããŒããŠã§ã¢ã¢ãã¬ã¹ãšäžèŽããªãå Žåããã±ããã¯ç Žæ£ãããŸãã.
äŸ
é¢é£ããã³ãã³ã
ip dhcp snoopingïŒP576ïŒip dhcp snooping vlanïŒP581ïŒip dhcp snooping trustïŒP582ïŒ
Console(config)#ip dhcp snooping verify mac-addressConsole(config)#
580 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping vlan
ãã®ã³ãã³ãã¯æå®ãã VLANäžã§ DHCP ã¹ããŒãã³ã°æ©èœãæå¹ã«ããŸããnoãä»ãããšèšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
ip dhcp snooping vlan vlan-id
no ip dhcp snooping vlan vlan-id
⢠vlan-idïŒèšå®ãè¡ã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ip dhcp snoopingã³ãã³ãã䜿çšã㊠DHCP ã¹ããŒãã³ã°ãæå¹ã«ããåŸã«ãã®ã³ãã³ã㧠DHCP Snoopingã VLANäžã§æå¹ã«ãããšããip dhcp snooping trustã³ãã³ãã§æå®ãã VLANå ã® untrustããŒã㧠DHCPãã±ããã®ãã£ã«ã¿ãå®è¡ãããŸãã
⢠DHCPã¹ããŒãã³ã°ã®å šäœã®èšå®ãç¡å¹ã«ããïŒno ip dhcp snoopingãå®è¡ïŒãšããVLANäžã§ã® DHCP ã¹ããŒãã³ã°èšå®ã¯ãŸã å¯èœã§ããããã®å€æŽã¯ DHCP Snoopingå šäœã®èšå®ãå床æå¹ã«ãªããŸã§åæ ãããŸããã
⢠DHCP ã¹ããŒãã³ã°ãæå¹ã®ãšããVLANã® DHCP ã¹ããŒãã³ã°èšå®ãå€æŽãããšäžã®ãããªçµæã«ãªããŸãã
ïŒ VLANäžã§ DHCPã¹ããŒãã³ã°èšå®ãç¡å¹ã«ããå Žåããã® VLANã§åŠç¿ãããã¹ãŠã®ãã€ãããã¯ãšã³ããªã¯ãã€ã³ãããŒãã«ããåé€ãããŸãã
äŸ
é¢é£ããã³ãã³ã
ip dhcp snooping ïŒP576ïŒip dhcp snooping trust ïŒP582ïŒ
Console(config)#ip dhcp snooping vlan 1Console(config)#
581FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip dhcp snooping trust
ãã®ã³ãã³ãã¯ç¹å®ã®ã€ã³ã¿ãŒãã§ãŒã¹ã trustãšããŠèšå®ããŸããnoãä»ãããšèšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
ip dhcp snooping trust
no ip dhcp snooping trust
åæèšå®
å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã¯ Untrustã«èšå®
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠untrustã€ã³ã¿ãŒãã§ãŒã¹ã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã¡ãã»ãŒãžãåä¿¡ããããèšå®ãããã€ã³ã¿ãŒãã§ãŒã¹ã§ããtrustã€ã³ã¿ãŒãã§ãŒã¹ã¯ãããã¯ãŒã¯ã®å åŽããã¡ãã»ãŒãžã®ã¿åä¿¡ããããèšå®ãããã€ã³ã¿ãŒãã§ãŒã¹ã§ãã
⢠ip dhcp snoopingã䜿çšã㊠DHCP ã¹ããŒãã³ã°æ©èœãæå¹ã«ãã次㫠VLANäžã§DHCP ã¹ããŒãã³ã°ãæå¹ã«ãããšããDHCPãã±ããã®ãã£ã«ã¿ãªã³ã°ã VLANå ã® untrustããŒãã§å®è¡ãããŸãã
⢠untrustããŒãã trustããŒãã«å€æŽããããšãããã®ããŒãã«é¢é£ä»ãããããã¹ãŠã® DHCP ã¹ããŒãã³ã°ã®ãã€ãããã¯ãšã³ããªã¯åé€ãããŸãã
⢠ã¹ã€ããèªèº«ã DHCPã¯ã©ã€ã¢ã³ãã®å Žåã®åäœïŒ DHCPã¯ã©ã€ã¢ã³ããšããŠã®ãªã¯ãšã¹ãã DHCPãµãŒããŒã«åºåããããŒãã trustã«èšå®ããŠãã ããã
äŸ
é¢é£ããã³ãã³ã
ip dhcp snoopingïŒP576ïŒip dhcp snooping vlanïŒP581ïŒ
Console(config)#interface ethernet 1/5Console(config-if)#no ip dhcp snooping trustConsole(config-if)#
582 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
clear ip dhcp snooping database flash
å šãŠã®åçåŠç¿ã¹ããŒãã³ã°ãšã³ããªããã©ãã·ã¥ã¡ã¢ãªã«æžã蟌ã¿ãŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show ip dhcp snooping
DHCPã¹ããŒãã³ã°èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#clear ip dhcp snooping database flashConsole#
Console#show ip dhcp snoopingGlobal DHCP Snooping status: disableDHCP Snooping is configured on the following VLANs:1Verify Source Mac-Address: enable
Interface ããããTrusted
---------- ããã----------
Eth 1/1ãããããã No
Eth 1/2 ããããããNo
Eth 1/3ãããããã No
Eth 1/4ãããããã No
Eth 1/5 ããããããYes...
583FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show ip dhcp snooping binding
DHCPã¹ããŒãã³ã°ã»ãã€ã³ãã£ã³ã°ããŒãã«ã®ãšã³ããªã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip dhcp snooping binding
MacAddress ãããIpAddress ãããLease(sec) Type ããããVLAN ãInterface--------------- --------------- ---------- ------------------- ---------
11-22-33-44-55-66 192.168.0.99 ã0 ãããããStatic ããã1ã ããEth 1/5Console#
584 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9.5 IPãœãŒã¹ã¬ãŒã
IP ãœãŒã¹ã¬ãŒãã¯ãIP ãœãŒã¹ã¬ãŒãããŒãã«äžã®æåã§èšå®ããããšã³ããªããããã¯DHCP ã¹ããŒãã³ã°æ©èœãæå¹ã«ãããšãã« DHCP ã¹ããŒãã³ã°ããŒãã«äžã®ãã€ãããã¯ãšã³ããªãåºã«ãããããã¯ãŒã¯ã€ã³ã¿ãŒãã§ãŒã¹äžã® IPãã©ãã£ãã¯ããã£ã«ã¿ããã»ãã¥ãªãã£æ©èœã§ããIP ãœãŒã¹ã¬ãŒãã¯ããããã¹ãããããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ããå¥ã®ãã¹ãã® IPã¢ãã¬ã¹ã䜿çšããè©Šã¿ããã£ããšãããã®ãã¹ããè¡ãæ»æãããããã¯ãŒã¯ãå®ãããã«äœ¿çšãããŸãããã®é 㯠IP ãœãŒã¹ã¬ãŒãã®èšå®ãè¡ãããã«äœ¿çšããã³ãã³ããèšèŒããŠããŸãã
ip source-guard binding
ãã®ã³ãã³ãã¯ãœãŒã¹ã¬ãŒãã®ãã€ã³ãããŒãã«ã«ã¹ã¿ãã£ãã¯ã¢ãã¬ã¹ãè¿œå ããŸããnoãä»ãããšã¹ã¿ãã£ãã¯ãšã³ããªãåé€ããŸãã
ææ³
ip source-guard binding mac-address vlan vlan-id ip-address
ããinterface ethernet unit/port
no ip source-guard binding mac-address vlan vlan-id
⢠mac-address â æå¹ãªãŠããã£ã¹ãMACã¢ãã¬ã¹
⢠vlan-id â èšå®ãè¡ã VLAN IDïŒç¯å² 1-4093ïŒ
⢠ip-address â æå¹ãªãŠããã£ã¹ã IPã¢ãã¬ã¹
⢠unit â ã¹ã¿ãã¯ãŠãããïŒåžžã« 1ïŒ
⢠port â ããŒãçªå·ïŒç¯å² 1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã æ©èœã¢ãŒã
ããŒãž
ip source-guard binding
IP Source Guardã®ãã€ã³ãããŒãã«ã«åºå® IPã¢ãã¬ã¹ãè¿œå ããŸãã
GC P585
ip source-guardéä¿¡å IPã¢ãã¬ã¹ããããã¯éä¿¡å IPã¢ãã¬ã¹ãšå¯Ÿå¿ãã MACã¢ãã¬ã¹ãåºã«å ¥åãã©ãã£ãã¯ããã£ã«ã¿ããããã¹ã€ãããèšå®ããŸãã
IC P587
show ip source-guard
ããããã®ã€ã³ã¿ãŒãã§ãŒã¹ã§ IP Source Guardæ©èœãæå¹ãç¡å¹ãã©ããã衚瀺ããŸãã
PE P588
show ip source-guard binding
IP Source Guardã®ãã€ã³ãããŒãã«ã衚瀺ããŸãã
PE P585
585FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ã³ãã³ã解説
⢠ããŒãã«ãšã³ããªã«ã¯ MACã¢ãã¬ã¹ãIPã¢ãã¬ã¹ããªãŒã¹ã¿ã€ã ããšã³ããªã®çš®é¡(Static IP SG BindingãDynamic DHCP BindingãStatic DHCP Binding)ãVLAN IDãããŒã IDãå«ãŸããŸãã
⢠ãã¹ãŠã®ã¹ã¿ãã£ãã¯ãšã³ããªã¯ãªãŒã¹ã¿ã€ã ãç¡éã§èšå®ãããŸããshow ip source-guardã³ãã³ããå®è¡ãããšããã®ã¹ã¿ãã£ãã¯ãšã³ããªã®ãªãŒã¹ã¿ã€ã ã«ã¯0ã衚瀺ãããŸãã
⢠ãœãŒã¹ã¬ãŒããæå¹ã«ãããšããDHCP ã¹ããŒãã³ã°ãéããŠåŠç¿ããããã€ãããã¯ãšã³ããªãDHCP ã¹ããŒãã³ã°ãéããŠèšå®ãããã¹ã¿ãã£ãã¯ãšã³ããªããã®ã³ãã³ãã§èšå®ãããã¹ã¿ãã£ãã¯ã¢ãã¬ã¹ã«åºã¥ããŠãã©ãã£ãã¯ã®ãã£ã«ã¿ãè¡ãããŸãã
⢠ã¹ã¿ãã£ãã¯ãã€ã³ãããŒãã«ã¯äžã®ãããªåŠçãè¡ããŸãã
ïŒåã VLAN IDãš MACã¢ãã¬ã¹ã®ãšã³ããªããªãå Žåãæ°ãããšã³ããªã Static IP Source Guard BindingãšããŠãã€ã³ãããŒãã«ã«è¿œå ãããŸãã
ïŒåã VLAN IDãš MACã¢ãã¬ã¹ã®ãšã³ããªããããšã³ããªã®çš®é¡ã Static IP Source Guard Bindingã§ããå Žåãæ°ãããšã³ããªã¯å€ããšã³ããªãäžæžãããŸãã
ïŒåã VLAN IDãš MACã¢ãã¬ã¹ã®ãšã³ããªããããšã³ããªã®çš®é¡ã Dynamic DHCP Snooping Bindingã§ããå Žåãæ°ãããšã³ããªã¯å€ããšã³ããªãäžæžããããšã³ããªã®çš®é¡ã¯ Static IP Source Guard Bindingã«å€æŽãããŸãã
äŸ
é¢é£ããã³ãã³ã
ip source-guardïŒP587ïŒip dhcp snoopingïŒP576ïŒip dhcp snooping vlanïŒP581ïŒ
Console(config)#ip source-guard binding 00-11-22-33-44-55-66 vlan 1192.168.0.99 interface ethernet 1/5Console(config-if)#
586 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip source-guard
ãã®ã³ãã³ãã¯éä¿¡å IPã¢ãã¬ã¹ããããã¯éä¿¡å IPã¢ãã¬ã¹ãšå¯Ÿå¿ããMACã¢ãã¬ã¹ãåºã«å ¥åãã©ãã£ãã¯ããã£ã«ã¿ããããã¹ã€ãããèšå®ããŸããnoãä»ãããšèšå®ãç¡å¹ã«ããããšãã§ããŸãã
ææ³
ip source-guard < sip | sip-mac >
no ip source-guard
⢠sip â ãã€ã³ãã£ã³ã°ããŒãã«ã«ã¹ãã¢ããã IPã¢ãã¬ã¹ã«ããããã©ãã£ãã¯ã®ãã£ã«ã¿ãªã³ã°
⢠sip-mac â ãã€ã³ãã£ã³ã°ããŒãã«ã«ã¹ãã¢ããã IPã¢ãã¬ã¹ããã³ãé¢é£ãã MACã¢ãã¬ã¹ã«ããããã©ãã£ãã¯ã®ãã£ã«ã¿ãªã³ã°
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒEthernetïŒ
ã³ãã³ã解説
⢠IP ãœãŒã¹ã¬ãŒãã¯ãããã¯ãŒã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®å€åŽããã¡ãã»ãŒãžãåä¿¡ãããä¿è·ãããŠããªãããŒãäžã®ãã©ãã£ãã¯ããã£ã«ã¿ããããã«äœ¿çšãããŸãã
⢠"sip"ã "sip-mac"ã«ãœãŒã¹ã¬ãŒãã®ã¢ãŒããèšå®ããããšã«ãããéžæããããŒãäžã§ãã®æ©èœãæå¹ã«ããŸãããã€ã³ãããŒãã«ã®ãã¹ãŠã®ãšã³ããªã«å¯Ÿã㊠VLAN IDãéä¿¡å IPã¢ãã¬ã¹ããŒãçªå·ããã§ãã¯ããã«ã¯ "sip"ãªãã·ã§ã³ã䜿çšããŠãã ããã"sip-mac"ãªãã·ã§ã³ã䜿çšãããšãäžã«å ããŠéä¿¡å MACã¢ãã¬ã¹ããã§ãã¯ããŸããéžæããããŒãã§ãã®æ©èœãç¡å¹ã«ããã«ã¯ no source guardã³ãã³ãã䜿çšããŸãã
⢠æå¹ã«ãããšãããã©ãã£ãã¯ã¯ DHCP ã¹ããŒãã³ã°ãéããŠåŠç¿ãããã€ãããã¯ãšã³ããªã IP ãœãŒã¹ã¬ãŒãã®ãã€ã³ãããŒãã«ã§æ§æãããåºå®ã¢ãã¬ã¹ãåºã«ãã£ã«ã¿ãè¡ãããŸãã
⢠ããŒãã«ãšã³ããªã«ã¯ MACã¢ãã¬ã¹ãIPã¢ãã¬ã¹ããªãŒã¹ã¿ã€ã ããšã³ããªã®çš®é¡(Static IP SG BindingãDynamic DHCP BindingãStatic DHCP Binding)ãVLAN IDãããŒã IDãå«ãŸããŸãã
⢠ip source-guard bindingã³ãã³ããå®è¡ããŠè¡šç€ºããããœãŒã¹ã¬ãŒããã€ã³ãããŒãã«äžã«å ¥åãããéçã¢ãã¬ã¹ã¯ããªãŒã¹ã¿ã€ã ãç¡éãšããŠèªåçã«èšå®ãããŸããDHCP ã¹ããŒãã³ã°ãéããŠåŠç¿ããããã€ãããã¯ãšã³ããªã¯ DHCPãµãŒããŒèªèº«ã«ãã£ãŠæ§æãããŸããã¹ã¿ãã£ãã¯ãšã³ããªã«ã¯æåã§èšå®ããããªãŒã¹ã¿ã€ã ãå«ãŸããŸãã
⢠IP ãœãŒã¹ã¬ãŒããæå¹ã«ããå Žåãå ¥åãã±ããã® IPã¢ãã¬ã¹ïŒsipãªãã·ã§ã³ãæå¹ã®å ŽåïŒããããã¯å ¥åãã±ããã® IPã¢ãã¬ã¹ãš MACã¢ãã¬ã¹ïŒsip-macãªãã·ã§ã³ãæå¹ã®å ŽåïŒã¯ãã€ã³ãããŒãã«ãšæ¯èŒãããŸãããšã³ããªãåèŽããŠããªãããšãåãã£ãå Žåããã±ããã¯ç Žæ£ãããŸãã
587FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
⢠ãã£ã«ã¿ã®ã«ãŒã«ã¯äžã®ããã«å®è¡ãããŸãã
ïŒ DHCP ã¹ããŒãã³ã°ãç¡å¹ã®å ŽåãIP ãœãŒã¹ã¬ãŒã㯠VLAN IDãéä¿¡å IPã¢ãã¬ã¹ãããŒãçªå·ãéä¿¡å MACã¢ãã¬ã¹ïŒsip-mac ãªãã·ã§ã³ãæå¹ã®å ŽåïŒããã§ãã¯ããŸãããã€ã³ãããŒãã«ã«åèŽãããšã³ããªããããšã³ããªã®çš®é¡ã StaticïŒIP ãœãŒã¹ã¬ãŒããã€ã³ãããŒãã«ã«èšèŒïŒã®å Žåããã±ããã¯è»¢éãããŸãã
ïŒ DHCP ã¹ããŒãã³ã°ãæå¹ã®å ŽåãIP ãœãŒã¹ã¬ãŒã㯠VLAN IDãéä¿¡å IPã¢ãã¬ã¹ãããŒãçªå·ãéä¿¡å MACã¢ãã¬ã¹ïŒsip-mac ãªãã·ã§ã³ãæå¹ã®å ŽåïŒããã§ãã¯ããŸãããã€ã³ãããŒãã«ã«åèŽãããšã³ããªããããšã³ããªã®çš®é¡ã StaticïŒIP ãœãŒã¹ã¬ãŒããã€ã³ãããŒãã«ã«èšèŒïŒãStaticïŒDHCP ã¹ããŒãã³ã°ãã€ã³ãããŒãã«ã«èšèŒïŒãDynamicïŒDHCP ã¹ããŒãã³ã°ãã€ã³ãããŒãã«ã«èšèŒïŒã®ããããã®å Žåã«ãã±ããã¯è»¢éãããŸãã
ïŒ IP ãœãŒã¹ã¬ãŒãã StaticãDynamicã®ãšã³ããªã®ã©ã¡ãããŸã ååšããªãç¶æ ã«ãããŠã€ã³ã¿ãŒãã§ãŒã¹äžã§æå¹ã«ãªã£ãå Žåãã¹ã€ããã¯ãã®ããŒãäžã®ãã¹ãŠã® IPãã©ãã£ãã¯ãç Žæ£ããŸãããã ã DHCPãã±ããã¯é€ããŸãã
äŸ
é¢é£ããã³ãã³ã
ip source-guard bindingïŒP589ïŒip dhcp snoopingïŒP576ïŒip dhcp snooping vlanïŒP581ïŒ
show ip source-guard
ãã®ã³ãã³ãã¯ãããããã®ã€ã³ã¿ãã§ãŒã¹ã§ãœãŒã¹ã¬ãŒããæå¹ãç¡å¹ãã衚瀺ããŸãã
ææ³
show ip source-guard
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#ip source-guard sipConsole(config-if)#
Console#show ip source-guardInterface Filter-type--------- -----------Eth 1/1 DISABLEDEth 1/2 DISABLEDEth 1/3 DISABLEDEth 1/4 DISABLEDEth 1/5 SIPEth 1/6 DISABLED
588 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show ip source-guard binding
ãœãŒã¹ã¬ãŒããã€ã³ãã£ã³ã°ããŒãã«ã衚瀺ããŸãã
ææ³
show ip source-guard binding { dhcp-snooping | static }
⢠dhcp-snoopingâ DHCPã¹ããŒãã³ã°ã³ãã³ãïŒP575ïŒã§èšå®ãããåçãšã³ããªã衚瀺
⢠static â ip source-guard bindingã³ãã³ãïŒP585ïŒã§èšå®ãããéçãšã³ããªã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip source-guard bindingMacAddress IpAddress Lease(sec) Type VLAN Interface----------------- ------------ -------- -------- ---- -------------11-22-33-44-55-66 192.168.0.99 0 Static 1 Eth 1/5Console#
589FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
4.9.6 ARPã€ã³ã¹ãã¯ã·ã§ã³
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãAddress Resolution packetïŒARPïŒãããã³ã«ã®ããã®ãMACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®åŠ¥åœæ§ã®æ€æ»ãè¡ãã»ãã¥ãªãã£æ©èœã§ãã
ãã®æ©èœã«ãããã皮㮠man-in-the-middle æ»æçãããããã¯ãŒã¯ãä¿è·ã§ããŸãã
ãã®æ©èœã¯ãããŒã«ã« ARPãã£ãã·ã¥ãã¢ããããŒãããããããŸãã¯ãã±ãããé©åãªç®çå°ã«è»¢éãããåã«å šãŠã® ARPãªã¯ãšã¹ããéäžã§æããããããã®ãã±ããã®ãããããç §åããããšã«ãã£ãŠéæãããŸããç¡å¹ãª ARPãã±ããã¯ç Žæ£ãããŸãã
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ãä¿¡é Œã§ããããŒã¿ããŒã¹ïŒDHCPã¹ããŒãã³ã°ãã€ã³ãã£ã³ã°ããŒã¿ããŒã¹ïŒã«ä¿åããããæ£åœãª IP-to-MACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã«åºã¥ããŠãARPãã±ããã®æ£åœæ§ã決å®ããŸãããã®ããŒã¿ããŒã¹ã¯æ©èœãã¹ã€ãããš VLANã§æå¹ã«ãªã£ãŠããæã«ãDHCPã¹ããŒãã³ã°ã«ãã£ãŠæ§ç¯ãããŸãããŸããARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ããŠãŒã¶ã§èšå®ããã ARPã¢ã¯ã»ã¹ã³ã³ãããŒã«ãªã¹ãïŒACLïŒã«å¯ŸããŠãARPãã±ããã®åŠ¥åœæ§ã確èªããããšãå¯èœã§ãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip arp inspection ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹å GC P591
ip arp inspection filter1ã€ãŸã㯠1ã€ä»¥äžã® VLANãžé©çšãã ARP ACLãæå®
GC P592
ip arp inspectionlog-buffer logs
ãã°ã¡ãã»ãŒãžã«ä¿åããããšã³ããªã®æ倧æ°ããã³ãããã®ã¡ãã»ãŒãžãéä¿¡ãããã¬ã€ããèšå®
GC P593
ip arp inspectionvalidate
ARPãã±ããã¢ãã¬ã¹ã³ã³ããŒãã³ãã®è¿œå 劥åœæ§æ€æ»ãæå®
GC P594
ip arp inspection vlan æå®ãã VLANãŸãã¯ç¯å²ã§ ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹å
GC P595
ip arp inspection limit ããŒãã§åä¿¡ããã ARPãã±ããã®ã¬ãŒããªããããèšå®
IC P596
ip arp inspection trust ããŒãã "trust"ã«èšå®ããARPã€ã³ã¹ãã¯ã·ã§ã³ããå é€
IC P597
show ip arp inspectionconfiguration ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ã°ããŒãã«èšå®ã衚瀺 PE P597
show ip arp inspectioninterface
ããŒãã® trustã¹ããŒã¿ã¹ãšã€ã³ã¹ãã¯ã·ã§ã³ã¬ãŒããªãããã衚瀺
PE P598
show ip arp inspectionlog
é¢é£ä»ãããã VLANãããŒããã¢ãã¬ã¹ã³ã³ããŒãã³ããå«ãããã°ã«ä¿åãããŠãããšã³ããªã®æ å ±ã衚瀺
PE P598
show ip arp inspectionstatistics
åŠçããã ARPãã±ããæ°ã«é¢ããçµ±èšããŸãã¯ç Žæ£ãããæ§ã ãªçç±ã®è¡šç€º
PE P599
show ip arp inspectionvlan
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¹ããŒã¿ã¹ãARP ACLåããã³ ACL劥åœæ§æ€æ»çµäºåŸã« DHCPã¹ããŒãã³ã°ããŒã¿ããŒã¹ã䜿çšãããŠããããå«ããVLANèšå®ã衚瀺
PE P599
590 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection
ARPã€ã³ã¹ãã¯ã·ã§ã³ããã¹ã€ããã§ã°ããŒãã«ã«æå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
ip arp inspection
no ip arp inspection
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ããå©çšãã°ããŒãã«ã§ ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ã«ãããšã"ip arp inspection vlan"ã³ãã³ãã§æå¹ã«ããã VLANã§ã®ã¿ã¢ã¯ãã£ãã«ãªããŸããïŒP595ãåç §ïŒ
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã§ãããéžæãã VLANã§ãæå¹ã§ããå Žåããããã® VLANã®å šãŠã® ARPãªã¯ãšã¹ã /ãªãã©ã€ãã±ãã㯠CPUãžãªãã€ã¬ã¯ããããã¹ã€ããã³ã°ã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ã«ãã£ãŠåŠçãããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®éãARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ã§ããç©ãå«ããŠãå šãŠã® VLANã§éã¢ã¯ãã£ãã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãç¡å¹ã®éãå šãŠã® ARPãªã¯ãšã¹ããšãªãã©ã€ãã±ããã¯ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ãåé¿ããã¹ã€ããã³ã°æ¹æ³ã¯ãã®ä»å šãŠã®ãã±ãããšåçã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã«ããããšãšããã®åŸã«å床æå¹ã«ããããšã¯ãVLANã® ARPã€ã³ã¹ãã¯ã·ã§ã³èšå®ã«åœ±é¿ãäžããŸããã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®éãããããã® VLANã§ãARPã€ã³ã¹ãã¯ã·ã§ã³ã®èšå®ã¯äŸç¶å¯èœã§ãããããã®èšå®å€æŽã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ãå床ã°ããŒãã«ã§æå¹ã«ãªã£ãæã®ã¿ã¢ã¯ãã£ãã«ãªããŸãã
äŸ
Console(config)#ip arp inspectionConsole(config)#
591FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection filter
ARP ACLã VLANã«é©çšããŸãã"no"ãåã«çœ®ãããšã§ ACLãã€ã³ãã£ã³ã°ãåé€ããŸãã
ææ³
ip arp inspection filter arp-acl-name vlan < vlan-id | vlan-range > { static }
no ip arp inspection filter arp-acl-name vlan vlan-id
⢠arp-acl-name â ACLå (æ倧 16æå )
⢠vlan-id â VLAN ID (ç¯å²ïŒ1-4093)
⢠vlan-range â ãã€ãã³ã䜿çšã VLANã®é£ç¶ããç¯å²ãæå®ããŸãã¯ã«ã³ãã§ããããã®ãšã³ããªãåºåããVLANã®ã©ã³ãã ã°ã«ãŒããæå®
⢠static â ARPãã±ããã¯æå®ããã ACLã®ã¿ã«ããããŠåŠ¥åœæ§æ€æ»ãå®è¡ããDHCPã¹ããŒãã³ã°ããŒã¿ããŒã¹ã®ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã¯ãã§ãã¯ãããŸããã
åæèšå®
ARP ACL㯠VLANã«ããŠã³ããããŠããŸããã
Static modeïŒç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ARP ACL㯠P612 ãARP ACLãã§èšå®ããããªããŸãã
⢠Staticã¢ãŒããæå¹ã®å Žåãã¹ã€ãã㯠ARPãã±ãããšæå®ããã ARP ACLãæ¯èŒããŸããèš±å¯ /æåŠã«ãŒã«ã§ IP-to-MAC addressãžã®ãã€ã³ãã£ã³ã°ãšäžèŽããŠãããã±ãããããã«å¿ããŠåŠçãããŸããACLã«ãŒã«ã®ããããšãäžèŽããªããã±ããã¯ç Žæ£ãããŸããDHCPã¹ããŒãã³ã°ã®ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã¯ãã§ãã¯ãããŸããã
⢠Staticã¢ãŒããç¡å¹ã®å Žåããã±ããã¯æåã«æå®ãã ARP ACLãã±ããã«ããããŠåŠ¥åœæ§æ€æ»ãè¡ãããŸããæåŠã«ãŒã«ã«äžèŽãããã±ããã¯ç Žæ£ãããŸããå šãŠã®æ®ã£ããã±ãã㯠DHCPã¹ããŒãã³ã°ããŒã¿ããŒã¹ã®ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã«ããããŠåŠ¥åœæ§æ€æ»ãè¡ãããŸãã
äŸ
Console(config)#ip arp inspection filter sales vlan 1Console(config)#
592 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection log-buffer logs
ãã°ã¡ãã»ãŒãžã«ä¿åããããšã³ããªã®æ倧æ°ããã³ããããã¡ãã»ãŒãžéä¿¡ã®ã¬ãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
ip arp inspection log-buffer logs message-number interval seconds
no ip arp inspection log-buffer logs
⢠message-number â ãã°ã¡ãã»ãŒãžã«ä¿åããããšã³ããªã®æå€§æ° (ç¯å²ïŒ0-256ã0ã¯ã»ãŒãç¡å¹ )
⢠seconds â ãã°ã¡ãã»ãŒãžãéä¿¡ãããééïŒç¯å²ïŒ0-86400ïŒ
åæèšå®
ã¡ãã»ãŒãžæ°ïŒ5
ééïŒ1ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ããã¹ã€ããã«é©çšããåã«ãARPã€ã³ã¹ãã¯ã·ã§ã³ã " ip arp inspection"ã§æå¹ã«ããŠãã ãããïŒP591åç §ïŒ
⢠åæèšå®ã§ã¯ãã®ã³ã°ã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ã§æå¹ã§ãããç¡å¹ã«ã¯åºæ¥ãŸããã
⢠ã¹ã€ããã¯ãã±ãããããããããéããšã³ããªããã°ãããã¡ã«èµ·ããŸããããããã®ãšã³ããªã¯ãåä¿¡ãã VLANãããŒãçªå·ããœãŒã¹ããã³ãã£ã¹ãã£ããŒã·ã§ã³IPã¢ãã¬ã¹ããœãŒã¹ããã³ãã£ã¹ãã£ããŒã·ã§ã³MACã¢ãã¬ã¹ã®æ å ±ãå«ã¿ãŸãã
⢠ããè€æ°ã®åäžãªç¡å¹ ARPãã±ãããåã VLANã§é£ç¶ããŠåä¿¡ãããå Žåããã®ã³ã°ãã¡ã·ãªãã£ã¯ãã°ãããã¡ã« 1ã€ã®ãšã³ããªãšã察å¿ãã 1ã€ã®ã·ã¹ãã ã¡ãã»ãŒãžã®ã¿çæããŸãã
⢠ãã°ãããã¡ã«ä¿åå¯èœãªãšã³ããªã®æ倧æ°ã¯ã¡ãã»ãŒãžçªå·ãã©ã¡ãŒã¿ã§æ±ºå®ãããŸãããããã°ãããã¡ãã¡ãã»ãŒãžéä¿¡åã«äžæ¯ã«ãªã£ãå Žåãäžçªå€ããšã³ããªã¯ææ°ã®ãã®ã«çœ®ãæããããŸãã
⢠ã¹ã€ãã㯠"seconds"å€ã«ãã£ãŠæ±ºå®ãããã¬ãŒãã³ã³ãããŒã«ãåºã«ã·ã¹ãã ã¡ãã»ãŒãžãçæããŸããã·ã¹ãã ã¡ãã»ãŒãžãçæãããåŸãå šãŠã®ãšã³ããªã¯ãã°ãããã¡ããã¯ãªã¢ãããŸãã
äŸ
Console(config)#ip arp inspection log-buffer logs 1 interval 10Console(config)#
593FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection validate
ARPãã±ããã®ã¢ãã¬ã¹ã³ã³ããŒãã³ãã«å¯Ÿããè¿œå æ€èšŒãæå®ããŸãã"no"ãåã«çœ®ãããšã§ ACLãã€ã³ãã£ã³ã°ãåæç¶æ ã«æ»ããŸãã
ææ³
ip arp inspection validate < dst-mac { ip } {src-mac } | ip { src-mac } | src-mac >
no ip arp inspection validate
⢠dst-mac â ARPããã£å ã®ã¿ãŒã²ãã MACã¢ãã¬ã¹ã«å¯Ÿããã€ãŒãµããããããã®ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã®åŠ¥åœæ§æ€æ»ããããªããŸãããã®æ€æ»ã¯ ARPã¬ã¹ãã³ã¹ã«ããããŠå®è¡ãããŸããæå¹æãç°ãªã MACã¢ãã¬ã¹ã®ãã±ããã¯ç¡å¹ãªãã±ãããšããŠåé¡ãç Žæ£ãããŸãã
⢠ip â äžæ£ããã³äºæã㬠IPã¢ãã¬ã¹ã® ARPããã£ããã§ãã¯ããŸããã¢ãã¬ã¹ã¯0.0.0.0, 255.255.255.255ãšãå šãŠã® IPãã«ããã£ã¹ãã¢ãã¬ã¹ãå«ã¿ãŸããã»ã³ã㌠IPã¢ãã¬ã¹ã¯å šãŠã® ARPãªã¯ãšã¹ããšã¬ã¹ãã³ã¹ããã§ãã¯ãããŸããã¿ãŒã²ãã IPã¢ãã¬ã¹ã¯ ARPã¬ã¹ãã³ã¹ã®ã¿ãã§ãã¯ãããŸãã
⢠src-mac â ãã€ãã³ã䜿çšã VLANã®é£ç¶ããç¯å²ãæå®ããŸãã¯ã«ã³ãã§ããããã®ãšã³ããªãåºåããVLANã®ã©ã³ãã ã°ã«ãŒããæå®
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠åæèšå®ã§ã¯ãARPã€ã³ã¹ãã¯ã·ã§ã³ã¯ ARP ACLãŸã㯠DHCPã¹ããŒãã³ã°ããŒã¿ããŒã¹ã§æå®ããã IP-to-MACã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®ã¿ãã§ãã¯ãè¡ããŸãã
äŸ
Console(config)#ip arp inspection validate dst-macConsole(config)#
594 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection vlan
æå®ãã VLAN㧠ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
ip arp inspection vlan vlan-id
no ip arp inspection vlan < vlan-id | vlan-range >
⢠vlan-id â VLAN ID. (Range: 1-4093)
⢠vlan-range â ãã€ãã³ã䜿çšã VLANã®é£ç¶ããç¯å²ãæå®ããŸãã¯ã«ã³ãã§ããããã®ãšã³ããªãåºåããVLANã®ã©ã³ãã ã°ã«ãŒããæå®
åæèšå®
å šãŠã® VLANã§ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§æå¹ã§ãããéžæãã VLANã§ãæå¹ã§ããå Žåããããã® VLANã®å šãŠã® ARPãªã¯ãšã¹ã /ãªãã©ã€ãã±ãã㯠CPUãžãªãã€ã¬ã¯ããããã¹ã€ããã³ã°ã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ã«ãã£ãŠåŠçãããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®éããã㯠ARPã€ã³ã¹ãã¯ã·ã§ã³ãæå¹ã§ããç©ãå«ããŠãå šãŠã® VLANã§éã¢ã¯ãã£ãã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãç¡å¹ã®éãå šãŠã® ARPãªã¯ãšã¹ããšãªãã©ã€ãã±ããã¯ARPã€ã³ã¹ãã¯ã·ã§ã³ãšã³ãžã³ãåé¿ããã¹ã€ããã³ã°æ¹æ³ã¯ãã®ä»å šãŠã®ãã±ãããšåçã«ãªããŸãã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã«ããããšãšããã®åŸã«å床æå¹ã«ããããšã¯ãVLANã® ARPã€ã³ã¹ãã¯ã·ã§ã³èšå®ã«åœ±é¿ãäžããŸããã
⢠ARPã€ã³ã¹ãã¯ã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã®éãããããã® VLANã§ãARPã€ã³ã¹ãã¯ã·ã§ã³ã®èšå®ã¯äŸç¶å¯èœã§ãããããã®èšå®å€æŽã¯ ARPã€ã³ã¹ãã¯ã·ã§ã³ãå床ã°ããŒãã«ã§æå¹ã«ãªã£ãæã®ã¿ã¢ã¯ãã£ãã«ãªããŸãã
äŸ
Console(config)#ip arp inspection vlan 1,2Console(config)#
595FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection limit
ããŒãã "trusted"ãšããŠèšå®ããARPã€ã³ã¹ãã¯ã·ã§ã³ããå é€ããŸãã"no"ãåã«çœ®ãããšã§ ACLãã€ã³ãã£ã³ã°ãåæç¶æ ã«æ»ããŸãã
ææ³
ip arp inspection limit < rate pps | none >
no ip arp inspection limit
⢠pps â CPU㧠1ç§ããšã«åŠçå¯èœãª ARPãã±ããã®æ倧æ°(ç¯å²ïŒ0-2048, 0㯠ARPãã±ãã転éç¡å¹ )
⢠none â CPUã§åŠçå¯èœãª ARPãã±ããæ°ã«å¶éã¯ç¡ã
åæèšå®
15
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒPortïŒ
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㯠UntrustedããŒãã«ã®ã¿é©çšãããŸãã
â¢ å ¥å ARPãã±ããã®ã¬ãŒããèšå®ããå¶éãè¶ããå Žåãã¹ã€ããã¯ãå¶éãè¶ ããå šãŠã®ãã±ãããç Žæ£ããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#ip arp inspection limit rate 150Console(config-if)#
596 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
ip arp inspection trust
ããŒãã "trusted"ãšããŠèšå®ããARPã€ã³ã¹ãã¯ã·ã§ã³ããå é€ããŸãã"no"ãåã«çœ®ãããšã§ ACLãã€ã³ãã£ã³ã°ãåæç¶æ ã«æ»ããŸãã
ææ³
ip arp inspection trust
no ip arp inspection trust
åæèšå®
Untrusted
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒPortïŒ
ã³ãã³ã解説
⢠UntrustedããŒãã«å°çãããã±ããã¯èšå®ããã ARPã€ã³ã¹ãã¯ã·ã§ã³ãšè¿œå 劥åœæ§æ€æ»ãåããŸããtrustedããŒãã«å°çãããã±ããã¯ãããå šãŠã®ãã¹ããå é€ãããéåžžã®ã¹ã€ããã«ãŒã«ã«åŸã£ãŠè»¢éãããŸãã
äŸ
show ip arp inspection configuration
ARPã€ã³ã¹ãã¯ã·ã§ã³ã®ã°ããŒãã«èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#ip arp inspection trustConsole(config-if)#
Console#show ip arp inspection configuration
ARP inspection global information:
Global IP ARP Inspection status : disabledLog Message Interval : 1 sLog Message Number : 5Need Additional Validation(s) : NoAdditional Validation Type :Console#
597FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show ip arp inspection interface
ããŒãã® trustã¹ããŒã¿ã¹ããã³ ARPã€ã³ã¹ãã¯ã·ã§ã³ã¬ãŒããªãããã衚瀺ããŸãã
ææ³
show ip arp inspection interface { interface }
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show ip arp inspection log
é¢é£ä»ãããã VLANãããŒããã¢ãã¬ã¹ã³ã³ããŒãã³ããå«ãããã°ã«ä¿åãããŠãããšã³ããªã®æ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip arp inspection interface ethernet 1/5
Port Number Trust Status Limit Rate (pps)------------ ------------------ ----------------------------Eth 1/1 trusted 150Console#
Console#show ip arp inspection logTotal log entries number is 1
Num VLAN Port Src IP Address Dst IP Address Src MAC Address Dst MAC Address--- ---- ---- -------------- -------------- --------------- ---------------1 1 11 192.168.2.2 192.168.2.1 00-04-E2-A0-E2-7C FF-FF-FF-FF-FF-FFConsole#
598 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã»ãã¥ãªãã£
show ip arp inspection statistics
åŠçããã ARPãã±ããæ°ã«é¢ããçµ±èšããŸãã¯ç Žæ£ãããæ§ã ãªçç±ã®è¡šç€ºããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show ip arp inspection vlan
ARPã€ã³ã¹ãã¯ã·ã§ã³ã¹ããŒã¿ã¹ãARP ACLåããã³ ACL劥åœæ§æ€æ»çµäºåŸã« DHCPã¹ããŒãã³ã°ããŒã¿ããŒã¹ã䜿çšãããŠããããå«ããVLANèšå®ã衚瀺ããŸãã
ææ³
show ip arp inspection vlan { vlan-id | vlan-range }
⢠vlan-idïŒ VLAN ID. (ç¯å²ïŒ1-4093)
⢠vlan-rangeïŒãã€ãã³ã䜿çšã VLANã®é£ç¶ããç¯å²ãæå®ããŸãã¯ã«ã³ãã§ããããã®ãšã³ããªãåºåããVLANã®ã©ã³ãã ã°ã«ãŒããæå®
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip arp inspection statistics
ARP packets received before rate limit : 0ARP packets dropped due to rate limt : 0Total ARP packets processed by ARP Inspection : 0ARP packets dropped by additional validation (source MAC address) : 0ARP packets dropped by additional validation (destination MAC address): 0ARP packets dropped by additional validation (IP address) : 0ARP packets dropped by ARP ACLs : 0ARP packets dropped by DHCP snooping : 0
Console#
Console#show ip arp inspection vlan 1
VLAN ID DAI Status ACL Name ACL Status-------- --------------- ------------------- --------------------1 disable sales staticConsole#
599FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
4.10 ACLïŒAccess Control ListsïŒ
Access Control Lists (ACL)㯠IPv4ãã¬ãŒã ïŒã¢ãã¬ã¹ããããã³ã«ãã¬ã€ã€ 4ãããã³ã«ããŒãçªå·ãŸã㯠TCPã³ã³ãããŒã«ã³ãŒãïŒãŸãã¯ãã®ä»ã®ãã¬ãŒã ïŒMACã¢ãã¬ã¹ãã€ãŒãµãããã¿ã€ãïŒã«ãã IPãã±ãããžã®ãã±ãããã£ã«ã¿ãªã³ã°ãæäŸããŸãã
å ¥åããããã±ããã®ãã£ã«ã¿ãªã³ã°ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæããå¿ èŠãª ã«ãŒã«ãè¿œå ããŸãããã®åŸããªã¹ãã«ç¹å®ã®ããŒãããã€ã³ãããŸãã
4.10.1 IPv4 ACL
IPã¢ãã¬ã¹ãTCP/UDPããŒãçªå·ããããã³ã«ã¿ã€ããTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ãACLã®èšå®ããããªããŸãã
IP ACLã®èšå®ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæããå¿ èŠãª ã«ãŒã«ãè¿œå ããŸãããã®åŸããªã¹ãã«ç¹å®ã®ããŒãããã€ã³ãããŸãã
ã³ãã³ã æ©èœ ããŒãž
IPv4 ACLsIPã¢ãã¬ã¹ãTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ã ACLã®èšå®
P600
MAC ACLs ããŒããŠã§ã¢ã¢ãã¬ã¹ããã±ãããã©ãŒããããã€ãŒãµãããã¿ã€ãã«åºã¥ã ACLã®èšå®
P607
ARP ACLs ARPã¡ãã»ãŒãžã¢ãã¬ã¹ã«åºã¥ã ACLã®èšå® P612
ACL Information ACLåã³é¢é£ããã«ãŒã«ã®è¡šç€ºãåããŒãã® ACLã®è¡šç€º P614
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
access-list IP IPv4 ACLã®äœæãš configuration modeãžã®ç§»è¡ GC P601
permit,deny ãœãŒã¹ IPv4ã¢ãã¬ã¹ãäžèŽãããã±ããã®ãã£ã«ã¿ãªã³ã°
IPv4-STD-ACL
P602
permit,denyãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPv4ã¢ãã¬ã¹ãTCP/UDPããŒãçªå·ããããã³ã«ã¿ã€ããTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ããã£ã«ã¿ãªã³ã°
IPv4-EXT-ACL
P603
ip access-group IPv4 ACLãžã®ããŒãã®è¿œå IC P605
show ip access-group IPv4 ACLã«ã¢ãµã€ã³ãããããŒãã®è¡šç€º PE P606
show ipaccess-list èšå®æžã¿ IPv4 ACLã®ã«ãŒã«ã®è¡šç€º PE P606
600 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
access-list ip
IP ACLãè¿œå ããã¹ã¿ã³ããŒãåã¯æ¡åŒµ IPv4 ACLã®èšå®ã¢ãŒãã«ç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§ç¹å®ã® ACLãåé€ããŸãã
ææ³
access-list ip < standard | extended > acl_name
no access-list ip < standard | extended > acl_name
⢠standard ïŒãœãŒã¹ IPã¢ãã¬ã¹ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã ACL
⢠extendedïŒãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã ACL
⢠acl_nameïŒ ACLåïŒæ倧 16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ãã ACLãäœæããå Žåããæ¢åã® ACLã®èšå®ã¢ãŒãã«ç§»è¡ããå Žåã"permit"å㯠"deny"ã³ãã³ãã䜿çšããæ°ããã«ãŒã«ãè¿œå ããŸããACLãäœæããã«ã¯ãæäœ1ã€ã®ã«ãŒã«ãèšå®ããå¿ èŠããããŸãã
⢠ã«ãŒã«ãåé€ããã«ã¯ "no permit"å㯠"no deny"ã³ãã³ãã«ç¶ããŠèšå®æžã¿ã®ã«ãŒã«ãå ¥åããŸãã
⢠1ã€ã® ACLã«ã¯æ倧 128åã®ã«ãŒã«ãèšå®å¯èœã§ãã
äŸ
é¢é£ããã³ãã³ã
permit, denyïŒP602ïŒip access-groupïŒP605ïŒshow ip access-listïŒP606ïŒ
Console(config)#access-list ip standard davidConsole(config-std-acl)#
601FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒStandard IP ACLïŒ
ã¹ã¿ã³ããŒã IPv4 ACLã«ãŒã«ãè¿œå ããŸããæ¬ã«ãŒã«ã§ã¯ç¹å®ã®ãœãŒã¹ IPã¢ãã¬ã¹ããã®ãã±ãããžã®ãã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ãåé€ããŸãã
ææ³
[ permit | deny ] [ any | source bitmask | host source] { time-range time-range-name }
no [ permit | deny ] [any | source bitmask | host source]
⢠any â ãã¹ãŠã® IPã¢ãã¬ã¹
⢠source â ãœãŒã¹ IPã¢ãã¬ã¹
⢠bitmask â äžèŽããã¢ãã¬ã¹ããããè¡šã 10é²æ°å€
⢠host â ç¹å®ã® IPã¢ãã¬ã¹ãæå®
⢠time-range-name â ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Standard ipv4 ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã¢ãã¬ã¹ããããã¹ã¯ã¯ãµãããããã¹ã¯ãšäŒŒãŠããã4ã€ã® 0-255ã®å€ã§è¡šç€ºããããããããããªãªã ( . )ã«ããåå²ãããŠããŸãã2é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å ŽåãæåŠããããããšãªããŸããããããã¹ã¯ã¯ãããæ¯ã«ç¹å®ã® IPã¢ãã¬ã¹ãšå ±ã«äœ¿çšããACLãæå®ããå ¥å IPãã±ããã®ã¢ãã¬ã¹ãšæ¯èŒãããŸãã
äŸ
æ¬äŸã§ã¯ã10.1.1.21ã®ãœãŒã¹ã¢ãã¬ã¹ãžã®èš±å¯ (permit)ã«ãŒã«ãšããããã¹ã¯ã䜿çšãã168.92.16.x-168.92.31.xãŸã§ã®ãœãŒã¹ã¢ãã¬ã¹ãžã®èš±å¯ (permit)ã«ãŒã«ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
access-list ipïŒP601ïŒtime rangeïŒP448ïŒ
Console(config-std-acl)#permit host 10.1.1.21Console(config-std-acl)#permit 168.92.16.0 255.255.240.0Console(config-std-acl)#
602 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒExtended IPv4 ACLïŒ
æ¡åŒµ IPv4 ACLãžã®ã«ãŒã«ã®è¿œå ãè¡ããŸãããœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ã®åé€ãè¡ããŸãã
ææ³
[no] {permit | deny} [ protocol-number | udp ]
{ any | source address-bitmask | host source }
{ any | destination address-bitmask | host destination}
[ precedence precedence ] [ tos tos ] [ dscp dscp ]
[ source-port sport [ bitmask ] ] [ destination-port dport [ port-bitmask ] ]
{ time-range time-range-name }
[no] {permit | deny} tcp
{ any | source address-bitmask | host source}
{ any | destination address-bitmask | host destination}
[ precedence precedence ] [ tos tos ] [ dscp dscp ]
[ source-port sport [ bitmask ] ] [ destination-port dport [ port-bitmask ] ]
[ control-flag control-flags flag-bitmask ]
⢠protocol-number â ç¹å®ã®ãããã³ã«çªå·ïŒç¯å²ïŒ0-255ïŒ
⢠source â ãœãŒã¹ IPã¢ãã¬ã¹
⢠destination â ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
⢠address-bitmask â ã¢ãã¬ã¹ããããã¹ã¯
⢠host â ç¹å®ã® IPã¢ãã¬ã¹ã®æå®
⢠precedence â IP precedenceã¬ãã« (ç¯å²ïŒ0-7)
⢠tos â ToSã¬ãã« (ç¯å²ïŒ0-15)
⢠dscp â DSCPãã©ã€ãªãªãã£ã¬ãã« (ç¯å²ïŒ0-63)
⢠sport â ãããã³ã« * ãœãŒã¹ããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
⢠dport â ãããã³ã« * ãã£ã¹ãã£ããŒã·ã§ã³ããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
⢠port-bitmask â ãããããããŒãããããè¡šã 10é²æ° (ç¯å²ïŒ0-65535)
⢠control-flags â TCPãããã®ãã€ã 14ã§ãã©ãã°ããããæå®ãã 10é²æ°ïŒãããã¹ããªã³ã°ãè¡šãïŒ(ç¯å²ïŒ0-63)
⢠flag-bitmask â ãããããã³ãŒãããããè¡šã 10é²æ°
⢠time-range-name â ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
603FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
ã³ãã³ãã¢ãŒã
Extended IPv4 ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã¢ãã¬ã¹ããããã¹ã¯ã¯ãµãããããã¹ã¯ãšäŒŒãŠããã4ã€ã® 0-255ã®å€ã§è¡šç€ºããããããããããªãªã ( . )ã«ããåå²ãããŠããŸãã2é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å Žåãç¡èŠããããããšãªããŸããããããã¹ã¯ã¯ãããæ¯ã«ç¹å®ã® IPã¢ãã¬ã¹ãšå ±ã«äœ¿çšããACLãæå®ããå ¥å IPãã±ããã®ã¢ãã¬ã¹ãšæ¯èŒãããŸãã
⢠åãã«ãŒã«å 㧠Precedence åã³ ToS ã®äž¡æ¹ãæå®ããããšãã§ããŸããããããDSCP ã䜿çšããå Žåã Precedence åã³ ToS ã¯æå®ããããšãã§ããŸããã
⢠ã³ã³ãããŒã«ããããã¹ã¯ã¯ãã³ã³ãããŒã«ã³ãŒãã«äœ¿çšããã 10 é²æ°ã®å€ã§ãã10 é²æ°ã®å€ãå ¥åããç䟡㪠2 é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å Žåãç¡èŠããããããšãªããŸãã以äžã®ããããæå®ãããŸãã
ïŒ 1 (fin) â Finish
ïŒ 2 (syn) â Synchronize
ïŒ 4 (rst) â Reset
ïŒ 8 (psh) â Push
ïŒ 16 (ack) â Acknowledgement
ïŒ 32 (urg) â Urgent pointer
⢠äŸãã°ãã³ãŒãå€åã³ã³ãŒããã¹ã¯ãå©çšãããã±ãããã€ããã«ã¯ä»¥äžã®ãã©ã°ãã»ããããŸãã
ïŒæå¹ãª SYN flag â "control-code 2 2"
ïŒæå¹ãª SYN åã³ ACK â "control-code 18 18"
ïŒæå¹ãª SYN åã³ç¡å¹ãª ACK â "control-code 2 18"
äŸ
æ¬äŸã§ã¯ããœãŒã¹ã¢ãã¬ã¹ããµãããã 10.7.1.xå ã®å Žåããã¹ãŠã®å ¥åãã±ãããèš±å¯ããŸãã
æ¬äŸã§ã¯ããã£ã¹ãã£ããŒã·ã§ã³ TCPããŒãçªå· 80ã®ã¯ã©ã¹ Cã¢ãã¬ã¹ 192.168.1.0ãããã¹ãŠã®ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãžã® TCPãã±ãããèš±å¯ããŸãã
é¢é£ããã³ãã³ã
access-list ipïŒP601ïŒtime rangeïŒP448ïŒ
Console(config-ext-acl)#permit 10.7.1.1 255.255.255.0 anyConsole(config-ext-acl)#
Console(config-ext-acl)#permit 192.168.1.0 255.255.255.0 anydestination-port 80Console(config-ext-acl)##
604 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
ip access-group
IPv4 ACLãžã®ããŒãã®ãã€ã³ããè¡ããŸãã"no"ãåã«çœ®ãããšã§ããŒããå€ããŸãã
ææ³
ip access-group acl_name in { time-range time-range-name }
no ip access-group acl_name in
⢠acl_name â ïŒæ倧 16æåïŒ
⢠in â å ¥åãã±ãããžã®ãªã¹ã
⢠time-range-name â ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠ããŒãã«ã¯ã1ã€ã® ACLã®ã¿èšå®å¯èœã§ãã
⢠ããŒãããã§ã« ACLãèšå®æžã¿ã§ãä»ã® ACLããã€ã³ãããå Žåãæ°ãããã€ã³ããã ACLãæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
show ip access-listïŒP606ïŒtime rangeïŒP448ïŒ
Console(config)#interface ethernet 1/2Console(config-if)#ip access-group david inConsole(config-if)#
605FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show ip access-group
IP ACLã®ããŒãã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip access-groupïŒP605ïŒ
show ip access-list
èšå®æžã¿ã® IPv4 ACLã®ã«ãŒã«ã衚瀺ããŸãã
ææ³
show ip access-list < standard | extended > acl_name
⢠standardïŒã¹ã¿ã³ããŒã IP ACL
⢠extendedïŒæ¡åŒµ IP ACL
⢠acl_nameïŒ ACLåïŒæ倧 16æåïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
permit, denyïŒP602ïŒip access-groupïŒP605ïŒ
Console#show ip access-groupInterface ethernet 1/25 IP access-list david inConsole#
Console#show ip access-list standardIP standard access-list david: permit host 10.1.1.21 permit 168.92.16.0 255.255.240.0Console#
606 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
4.10.2 MAC ACL
access-list mac
MACã¢ãã¬ã¹ãªã¹ããè¿œå ããMAC ACLèšå®ã¢ãŒãã«ç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§æå®ãã ACLãåé€ããŸãã
ææ³
access-list mac acl_name
no access-list mac acl_name
⢠acl_name ïŒ ACLåïŒæ倧 16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ãã ACL ãäœæããå Žåããæ¢åã® ACL ã®èšå®ã¢ãŒãã«ç§»è¡ããå Žåã"permit"å㯠"deny"ã³ãã³ãã䜿çšããæ°ããã«ãŒã«ãè¿œå ããŸããACL ãäœæããã«ã¯ãæäœ1 ã€ã®ã«ãŒã«ãèšå®ããå¿ èŠããããŸãã
⢠ã«ãŒã«ãåé€ããã«ã¯ "no permit"å㯠"no deny"ã³ãã³ãã«ç¶ããŠèšå®æžã¿ã®ã«ãŒã«ãå ¥åããŸãã
⢠1ã€ã® ACL ã«ã¯æ倧 128åã®ã«ãŒã«ãèšå®å¯èœã§ãã
äŸ
é¢é£ããã³ãã³ã
permit, deny (MAC ACL)ïŒP602ïŒmac access-groupïŒP605ïŒshow mac access-listïŒP606ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
access-list mac MAC ACLã®äœæãš configuration modeãžã®ç§»è¡ GC P607
permit,denyãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ããã±ãããã©ãŒããããã€ãŒãµãããã¿ã€ãã«åºã¥ããã£ã«ã¿ãªã³ã°
MAC-ACL
P608
mac access-group MAC ACLãžã®ããŒãã®è¿œå IC P610
show mac access-group MAC ACLã«æå®ããããŒãã®è¡šç€º PE P610
show macaccess-list èšå®æžã¿ MAC ACLã®ã«ãŒã«ã®è¡šç€º PE P611
Console(config)#access-list mac jerryConsole(config-mac-acl)#
607FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒMAC ACLïŒ
MAC ACLãžã®ã«ãŒã«ã®è¿œå ãè¡ããŸããMACãœãŒã¹ /ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãã€ãŒãµããããããã³ã«ã¿ã€ãã«ãããã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ãåé€ããŸãã
ææ³
[no] {permit | deny}
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask] [ ethertype protocol [ protocol-bitmask ] ]
{ time-range time-range-name }
â»åæèšå®ã¯ Ethernet2ãã±ããã§ãã
[no] {permit | deny} tagged-eth2
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask] [ ethertype protocol [ protocol-bitmask ]
[no] {permit | deny} untagged-eth2
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ethertype protocol [ protocol-bitmask ]
{ time-range time-range-name }
[no] {permit | deny} tagged-802.3
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask]
[no] {permit | deny} untagged-802.3
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
{ time-range time-range-name }
⢠protocol-number â ç¹å®ã®ãããã³ã«çªå·ïŒç¯å²ïŒ0-255ïŒ
⢠tagged-eth2 â ã¿ã°ä»ãã€ãŒãµããã 2ãã±ãã
⢠untagged-eth2 â ã¿ã°ç¡ãã€ãŒãµããã 2ãã±ããå®
608 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
⢠tagged-802.3 â ã¿ã°ä»ãã€ãŒãµããã 802.3ãã±ãã
⢠untagged-802.3 â ã¿ã°ç¡ãã€ãŒãµããã 802.3ãã±ãã
⢠any â ãã¹ãŠã® MAC ãœãŒã¹ /ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹
⢠host â ç¹å®ã®MACã¢ãã¬ã¹
⢠source â ãœãŒã¹ MACã¢ãã¬ã¹
⢠destination â ããããã¹ã¯ãå«ããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ç¯å²
⢠address-bitmask â MACã¢ãã¬ã¹ã®ããããã¹ã¯ïŒ16 é²æ°ïŒ
⢠vid â VLAN IDïŒç¯å²ïŒ1-4094ïŒ
⢠vid bitmask â VLANããããã¹ã¯ïŒç¯å²ïŒ1-4095ïŒ
⢠protocol â ã€ãŒãµããããããã³ã«çªå·ïŒç¯å²ïŒ600-fff 16é²æ°ïŒ
⢠protocol -bitmaskâ ãããã³ã«ããããã¹ã¯ïŒç¯å²ïŒ600-fff 16é²æ°ïŒ
⢠time-range-nameâ ã¿ã€ã ã¬ã³ãžåïŒç¯å²ïŒ1-30æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
MAC ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã€ãŒãµãããã¿ã€ããªãã·ã§ã³ã¯ Ethernet II ã®ãã£ã«ã¿ã«ã®ã¿äœ¿çšããŸãã
⢠ã€ãŒãµããããããã³ã«ã¿ã€ãã®ãªã¹ã㯠RFC 1060 ã§å®çŸ©ãããŠããŸãããäžè¬çãªã¿ã€ãã¯ä»¥äžã®éãã§ãã
â 0800(IP)
â 0806(ARP)
â 8137(IPX)
äŸ
é¢é£ããã³ãã³ã
access-list mac (P607)time rangeïŒP448ïŒ
Console(config-mac-acl)#permit any host 00-e0-29-94-34-de ethertype 0800Console(config-mac-acl)#
609FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
mac access-group
MAC ACLãžã®ããŒãã®ãã€ã³ããè¡ããŸãã"no"ãåã«çœ®ãããšã§ããŒããå€ããŸãã
ææ³
mac access-group acl_name inãïœ time-range time-range-name ïœ
no mac access-group acl_name < in | out >
⢠acl_nameâ ACLåïŒæ倧 16æåïŒ
⢠in â å ¥åãã±ãããžã®ãªã¹ã
⢠time-range-name â ã¿ã€ã ã¬ã³ãžå
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
show mac access-listïŒP611ïŒ
time rangeïŒP448ïŒ
show mac access-group
MAC ACLã«æå®ãããããŒãã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
mac access-group (P610)
Console(config)#interface ethernet 1/2Console(config-if)#mac access-group jerry inConsole(config-if)#
Console#show mac access-groupInterface ethernet 1/5 MAC access-list M5 inConsole#
610 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show mac access-list
MAC ACLã®ã«ãŒã«ã衚瀺ããŸãã
ææ³
show mac access-list { acl_name }
⢠acl_name â ACLåïŒæ倧 16æåïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
permit, denyïŒP608ïŒmac access-groupïŒP610ïŒ
Console#show mac access-listMAC access-list jerry: permit any 00-e0-29-94-34-de ethertype 0800Console#
611FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
4.10.3 ARP ACL
ARPãªã¯ãšã¹ãã»ãªãã©ã€ã¡ãã»ãŒãžãå«ããIPãŸã㯠MACã¢ãã¬ã¹ã«åºã¥ã ACLã®èšå®ãè¡ããŸããARP ACLã®èšå®ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæãå¿ èŠãª ã«ãŒã«ãè¿œå ããŸãããã®åŸã" ip arp inspection vlan"ã³ãã³ãïŒP595ïŒã䜿çšããã¢ã¯ã»ã¹ãªã¹ãã 1ã€ãŸã㯠1ã€ä»¥äžã® VLANãžãã€ã³ãããŸãã
access-list arp
ARPã¢ã¯ã»ã¹ãªã¹ããè¿œå ããARP ACLã®èšå®ã¢ãŒãã«ç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§ç¹å®ã® ACLãåé€ããŸãã
ææ³
access-list arp acl-name
no access-list arp acl-name
⢠acl-name â ACLåïŒæ倧 16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ãã ACLãäœæããæ¢åã® ACLã®èšå®ã¢ãŒãã«ç§»è¡ããæã"permit"å㯠"deny"ã³ãã³ãã䜿çšããæ°ããã«ãŒã«ãè¿œå ããŸããACLãäœæããã«ã¯ãæäœ 1ã€ã®ã«ãŒã«ãèšå®ããå¿ èŠããããŸãã
⢠ã«ãŒã«ãåé€ããã«ã¯ "no permit"å㯠"no deny"ã³ãã³ãã«ç¶ããŠèšå®æžã¿ã®ã«ãŒã«ãå ¥åããŸãã
⢠1ã€ã® ACLã«ã¯æ倧 128åã®ã«ãŒã«ãèšå®å¯èœã§ãã
äŸ
é¢é£ããã³ãã³ã
permit, denyïŒP613ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
access-list Iarp ARP ACLãäœæããèšå®ã¢ãŒããžç§»è¡ããŸã GC P612
permit,denyARPã¡ãã»ãŒãžã®ãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãäžèŽãããã±ããã®ãã£ã«ã¿ãªã³ã°
ARP-ACL
P613
Console(config)#access-list arp factoryConsole(config-arp-acl)#
612 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒARP ACLïŒ
ARP ACLãžãã«ãŒã«ãè¿œå ããŸãããã®ã«ãŒã«ã¯ãARPã¡ãã»ãŒãžã§æå®ããããœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãšäžèŽããŠãããã±ããããã£ã«ã¿ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ãåé€ããŸãã
ææ³
[no] { permit | deny }
ip { any | host source-ip | source-ip ip-address-bitmask }
mac { any | host source-ip | source-ip ip-address-bitmask } [ log ]
ã泚æïŒãã®åœ¢åŒã¯ãªã¯ãšã¹ããŸãã¯ã¬ã¹ãã³ã¹ãã±ããã瀺ããŸãã
[no] { permit | deny } request
ip { any | host source-ip | source-ip ip-address-bitmask }
mac {any | host source-mac | source-mac mac-address-bitmask } [ log ]
[no] { permit | deny } response
ip { any | host source-ip | source-ip ip-address-bitmask }
{ any | host destination-ip | destination-ip ip-address-bitmask }
mac { any | host source-mac | source-mac mac-address-bitmask }
[ any | host destination-mac | destination-mac mac-address-bitmask ] [ log ]
⢠source-ip â ãœãŒã¹ IPã¢ãã¬ã¹
⢠destination-ip â ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
⢠ip-address-bitmask â ãããããã¢ãã¬ã¹ãããã瀺ã IPv4çªå·
⢠source-mac â ãœãŒã¹ MACã¢ãã¬ã¹
⢠destination-mac â ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ç¯å²
⢠mac-address-bitmask â MACã¢ãã¬ã¹ããããã¹ã¯
⢠log â ã¢ã¯ã»ã¹ã³ã³ãããŒã«çžæ®ãã«ããããããã±ããã®ãã°
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
ARP ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
äŸ
é¢é£ããã³ãã³ã
access-list arpïŒP612ïŒ
Console(config-arp-acl)#$permit response ip any 192.168.0.0 255.255.0.0 mac any anyConsole(config-mac-acl)#
613FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
4.10.4 ACLæ å ±ã®è¡šç€º
show access-group
ACLã®ããŒãã®æå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Executive
äŸ
show access-list
ãã¹ãŠã® ACLãšãŠãŒã¶å®çŸ©ãã¹ã¯ãå«ãé¢é£ããã«ãŒã«ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
show access-group ããããã®ããŒãã«å²ãåœãŠããã ACLã®è¡šç€º PE P614
show access-list å šãŠã® ACLãšé¢é£ããã«ãŒã«ã®è¡šç€º PE P614
Console#show access-groupInterface ethernet 1/2 IP access-list david MAC access-list jerryConsole#
Console#show access-listIP standard access-list david: permit host 10.1.1.21 permit 168.92.16.0 255.255.240.0IP extended access-list bob: permit 10.7.1.1 255.255.255.0 any permit 192.168.1.0 255.255.255.0 any destination-port 80 80IP access-list jerry: permit any host 00-30-29-94-34-de ethertype 800 800IP extended access-list A6: permit any anyConsole#
614 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
4.11 ã€ã³ã¿ãã§ãŒã¹
* ãã®ã³ãã³ãã§ããŒãã®ããŒããŠã§ã¢ã¬ãã«ã¹ããŒã ã³ã³ãããŒã«ãæå¹ã«ããæãåãããŒãã§"auto-traffic-control"ã³ãã³ãïŒP663ïŒã«ãããœãããŠã§ã¢ã¬ãã«èªåã¹ããŒã ã³ã³ãããŒã«ãèšå®ãããŠããå Žåã¯ç¡å¹ã«ãªããŸãã
ã³ãã³ã æ©èœã¢ãŒã
ããŒãž
ã€ã³ã¿ãã§ãŒã¹èšå®interface æ¬æ©ã® DHCPã¯ã©ã€ã¢ã³ã IDã®æå® GC P616
alias ã€ã³ã¿ãã§ãŒã¹ã®ãšã€ãªã¢ã¹åãèšå® IC
capabilities ãªãŒãããŽã·ãšãŒã·ã§ã³ç¡å¹æã®éä¿¡é床ãéä¿¡æ¹åŒã®èšå®
IC P617
descriptionã€ã³ã¿ãã§ãŒã¹ã¿ã€ãã®èšå®åã³ interface configurationã¢ãŒããžã®å€æŽ
IC P619
flowcontrol ã€ã³ã¿ãã§ãŒã¹ãžã®ãããŒã³ã³ãããŒã«èšå® IC P620
media-type ã³ã³ãããŒãã®åºå®ããŒãã¿ã€ããéžæ IC P621
negotiation ã€ã³ã¿ãã§ãŒã¹ãžã®ãªãŒãããŽã·ãšãŒã·ã§ã³ã®èšå® IC P622
shutdown ã€ã³ã¿ãã§ãŒã¹ã®ç¡å¹ IC P623
speed-duplex ã€ã³ã¿ãã§ãŒã¹ã®è§£èª¬ IC P624
switchportpacket-rate* ã¹ããŒã ã³ã³ãããŒã«ã®éŸå€ãèšå® IC
P625
clear counters ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã®ã¯ãªã¢ PE P626
show interfacescounters ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã®è¡šç€º
NE,PE
P627
show interfacesstatus ã€ã³ã¿ãã§ãŒã¹ã®èšå®ç¶æ³ã衚瀺
NE,PE
P629
show interfacesswitchport ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšç¶æ³ã®è¡šç€º
NE,PE
P630
ã±ãŒãã«èšºætest cable-diagnostics ã±ãŒãã«èšºæã®å®è¡ PE P632
show cable-diagnostics ã±ãŒãã«èšºæçµæã®è¡šç€º PE P633
ãã¯ãŒã»ãŒãã³ã°power-save æå®ã®ããŒãã§ãã¯ãŒã»ãŒãã³ã°ã¢ãŒããæå¹å IC P634
show power-save ãã¯ãŒã»ãŒãã³ã°ã®èšå®æ å ±ã衚瀺 PE P635
615FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
interface
ã€ã³ã¿ãã§ãŒã¹ã®èšå®åã³ interface configurationã¢ãŒããžã®ç§»è¡ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ã³ã¯ã解é€ããããšãã§ããŸãã
ææ³
interface interface
no interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-id â Channel ID (1-5)
ïŒ vlan vlan-id â VLAN ID (1-4093)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ 3çªããŒãã®æå®ãè¡ã£ãŠããŸãã
Console(config)#interface ethernet 1/3Console(config-if)#
616 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
alias
ã€ã³ã¿ãã§ãŒã¹ã®ãšã€ãªã¢ã¹åãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãšã€ãªã¢ã¹åãåé€ããŸãã
ææ³
alias string
no alias
⢠string â ã€ã³ã¿ãã§ãŒã¹ã«ååãèšå®ããŸããïŒç¯å²ïŒ1-64æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
æ¬äŸã¯ã3çªããŒãã«ååãä»ããŠããŸãã
Console(config)#interface ethernet 1/3Console(config-if)#alias financeConsole(config-if)#
617FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
capabilities
ãªãŒãããŽã·ãšãŒã·ã§ã³æã®ããŒãã®éä¿¡æ¹åŒãèšå®ããŸãã
"no"ãåã«çœ®ããã©ã¡ãŒã¿ãèšå®ããããšã§æå®ãããã©ã¡ãŒã¿ã®å€ãåé€ããŸãããã©ã¡ãŒã¿ãèšå®ãã "no"ãåã«çœ®ããå Žåã«ã¯åæèšå®ã«æ»ããŸãã
ææ³
capabilities <1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric>
no capabilities <1000full | 100full | 100half |10full |10half | flowcontrol | symmetric>
⢠1000full â 1000Mbps full-duplexéä¿¡
⢠100full â 100Mbps full-duplexéä¿¡
⢠100half â 100Mbps half-duplexéä¿¡
⢠10full â 10Mbps full-duplexéä¿¡
⢠10half â 10Mbps half-duplexéä¿¡
⢠flowcontrol â flow controlãµããŒã
⢠symmetric â ãããŒã³ã³ãããŒã«ããããŒãºãã¬ãŒã ãéåä¿¡ïŒæ¬æ©ã§ã¯symmetric ããŒãºãã¬ãŒã ã®ã¿ããµããŒããããŠããŸãïŒãïŒã®ã¬ãããç°å¢ã®ã¿ïŒ
åæèšå®
⢠100BASE-TXïŒ10half, 10full, 100half, 100full
⢠1000BASE-TïŒ10half, 10full, 100half, 100full, 1000full
⢠SFPïŒ1000full
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã"capabilites"ã³ãã³ãã§æå®ãããå 容ã«åºã¥ãæé©ãªéä¿¡æ¹åŒã§ãªã³ã¯ãè¡ããŸãããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ "speed-duplex"ã³ãã³ããš "flowcontrol"ã³ãã³ãã䜿çšããŠæåã§éä¿¡æ¹åŒãèšå®ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã« 100half, 100fullåã³ãããŒã³ã³ãããŒã«ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
speed-duplexïŒP624ïŒnegotiationïŒP622ïŒflow controlïŒP620ïŒ
Console(config)#interface ethernet 1/5Console(config-if)#capabilities 100halfConsole(config-if)#capabilities 100fullConsole(config-if)#capabilities flowcontrolConsole(config-if)#
618 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
description
åã€ã³ã¿ãã§ãŒã¹ã®è§£èª¬ãè¡ããŸãã"no"ãåã«çœ®ãããšã§è§£èª¬ãåé€ããŸãã
ææ³
description string
no description
⢠string â èšå®ãç£èŠäœæ¥ãè¡ããããããããã®åããŒãã®æ¥ç¶å ãªã©ã®ã³ã¡ã³ãã解説ïŒç¯å²ïŒ1-64æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
æ¬äŸã¯ã3çªããŒãã«è§£èª¬ãå ããŠããèšå®ã§ãã
Console(config)#interface ethernet 1/3Console(config-if)#description RD-SW#3Console(config-if)#
619FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
flow control
ãããŒã³ã³ãããŒã«ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãããŒã³ã³ãããŒã«ãç¡å¹ã«ããŸãã
ææ³
flowcontrol
no flowcontrol
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãããŒã³ã³ãããŒã«ã䜿çšãããšã¹ã€ããã®ãããã¡å®¹éããã£ã±ãã«ãªã£ãå Žåã«éä¿¡ã®ãã¹ãçºçããã®ãé²ãããšãã§ããŸãããããŒã³ã³ãããŒã«ãæå¹ã«ããå Žåãfull-duplexã§ã¯ IEEE802.3xæºæ ãhalf-duplexã§ã¯ããã¯ãã¬ãã·ã£ãçšããŠãããŒã³ã³ãããŒã«ãè¡ããŸãã"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ããå Žåã"capabilities"ã³ãã³ãã«ãããããŒã³ã³ãããŒã«ã䜿çšããã決å®ãããŸãããªãŒãããŽã·ãšãŒã·ã§ã³æã«ãããŒã³ã³ãããŒã«ãæå¹ã«ããããã«ã¯åããŒãã®æ©èœ (Capabilities)ã« "flowcontrol"ãå«ããå¿ èŠããããŸãã
⢠flowcontrol"ã³ãã³ãå㯠"no flowcontrol"ã³ãã³ãã䜿çšããŠãããŒã³ã³ãããŒã«ãåºå®èšå®ããå Žåã«ã¯ã"no negotiation"ã³ãã³ãã䜿çšããŠãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå¿ èŠããããŸãã
⢠HUBãšæ¥ç¶ãããããŒãã§ã¯ãããŒã³ã³ãããŒã«ã䜿çšããããšã¯é¿ããŠäžããã䜿çšããå Žåã«ã¯ããã¯ãã¬ãã·ã£ã®ãžã£ã ä¿¡å·ãå šäœã®ãããã¯ãŒã¯ããã©ãŒãã³ã¹ãäœäžãããå¯èœæ§ããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã§ãããŒã³ã³ãããŒã«ãæå¹ã«ããŠããŸãã
é¢é£ããã³ãã³ã
negotiationïŒP622ïŒcapabilitiesïŒflowcontrol, symmetricïŒïŒP617ïŒ
Console(config)#interface ethernet 1/5Console(config-if)#flowcontrolConsole(config-if)#no negotiationConsole(config-if)#
620 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
media-type
ã³ã³ãããŒã·ã§ã³ããŒã 9-10ã«ãéžæãããããŒãã¿ã€ããåºå®èšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
media-type mode
no media-type
⢠mode â ã¢ãŒããéžæ
ïŒ copper-forcedïŒåžžã«çµã¿èŸŒãŸãã RJ-45ããŒãã䜿çš
ïŒ sfp-forcedïŒåžžã« SFPããŒã (ã¢ãžã¥ãŒã«ãæªè£ çã§ã )ã䜿çš
ïŒ sfp-preferred-autoïŒäž¡æ¹ã®ã³ã³ãããŒã·ã§ã³ã¿ã€ããäœçšããSFPããŒããæå¹ãªãªã³ã¯ãä¿æããŠããæãSFPããŒãã䜿çš
åæèšå®
sfp-preferred-auto
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernet-ããŒã 9-10ïŒ
äŸ
Console(config)#interface ethernet 1/10Console(config-if)#media-type copper-forcedConsole(config-if)#
621FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
negotiation
åããŒãã®ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããŸãã
ææ³
negotiationno negotiation
åæèšå®
æå¹ (Enabled)
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernet, Port ChannelïŒ
ã³ãã³ã解説
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã"capabilities"ã³ãã³ãã«æå®ãããå 容ã«åºã¥ããæé©ãªéä¿¡æ¹æ³ãéžæããŸãããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ "speed-duplex"ã³ãã³ããš "flowcontrol"ã³ãã³ãã䜿çšããŠæåã§éä¿¡æ¹åŒãèšå®ããå¿ èŠããããŸãã
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ RJ-45ããŒãã® MDI-MDI-Xèªåèªèæ©èœãç¡å¹ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ 10çªããŒãããªãŒãããŽã·ãšãŒã·ã§ã³ã®èšå®ã«ããŠããŸãã
é¢é£ããã³ãã³ã
capabilitiesïŒP617ïŒspeed-duplexïŒP624ïŒ
Console(config)#interface ethernet 1/10Console(config-if)#negotiationConsole(config-if)#
622 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
shutdown
ã€ã³ã¿ãã§ãŒã¹ãç¡å¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ã€ã³ã¿ãã§ãŒã¹ãæå¹ã«ããŸãã
ææ³
shutdownno shutdown
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ãæå¹ã«ãªã£ãŠããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernet, Port ChannelïŒ
ã³ãã³ã解説
ã³ãªãžã§ã³ã®çºçãªã©ã«ããç°åžžãªåäœãåé¿ãããªã©ã®ç®çããã»ãã¥ãªãã£ã®ç®çã§ããŒããç¡å¹ã«ããããšãã§ããŸããåé¡ã解決ããå ŽåããããŒãã䜿çšããå Žåã«ã¯å床ããŒããæå¹ã«ããããšãã§ããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒããç¡å¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#shutdownConsole(config-if)#
623FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
speed-duplex
ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå Žåã®éä¿¡é床åã³éä¿¡æ¹åŒã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
speed-duplex ã< 1000full | 100full | 100half | 10full 10half >
no speed-duplex
⢠1000full â 1000 Mbps full-duplexåºå®
⢠100full â 100 Mbps full-duplexåºå®
⢠100half â 100 Mbps half-duplexåºå®
⢠10full â 10 Mbps full-duplexåºå®
⢠10half â 10 Mbps half-duplexåºå®
åæèšå®
⢠åæèšå®ã§ã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããŸãã
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹æãåæèšå®å€ã¯ 100BASE-TXãã®ã¬ãããã€ãŒãµãããå ±ã« 100fullã§ãã
ã³ãã³ãã¢ãŒã
Interface Configuration (EthernetãPort Channel)
ã³ãã³ã解説
⢠éä¿¡é床㚠Duplexãåºå®èšå®ã«ããããã«ã¯ "speed-duplex"ã³ãã³ãã䜿çšããŸããåã"no negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããŠäžããã
⢠"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã¯"capabilities"ã³ãã³ãã䜿çšããããšã§æé©ãªæ¥ç¶ãè¡ãããšãã§ããŸãããªãŒãããŽã·ãšãŒã·ã§ã³æã®éä¿¡é床ãéä¿¡æ¹åŒã®èšå®ãè¡ãããã«ã¯ "capabilities"ã³ãã³ãã䜿çšããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã« 100Mbps half-duplexåºå®ã®èšå®ãè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
negotiationïŒP622ïŒcapabilitiesïŒP617ïŒ
Console(config)#interface ethernet 1/5Console(config-if)#speed-duplex 100halfConsole(config-if)#no negotiationConsole(config-if)#
624 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
switchport packet-rate
ãããŒããã£ã¹ãããã«ããã£ã¹ããæªç¥ã®ãŠããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã®èšå®ãããŸãã"no"ãåã«çœ®ãããšã§ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ãç¡å¹ã«ããŸãã
ææ³
switchport [ broadcast | multicast | unicast ] packet-rate rate
no switchport [ broadcast | multicast | unicast ]
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠unicast â ãŠããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠rateâã¬ãŒãã®éŸå€ïŒç¯å²ïŒ64-100000ïŒ100MbpsïŒ64-1000000ïŒ1GbpsïŒïŒ
åæèšå®
ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ïŒæå¹ããã±ããã¬ãŒããªããã =64Kbps
ãã«ããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ïŒç¡å¹
æªç¥ã®ãŠããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ïŒç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernetïŒ
ã³ãã³ã解説
⢠ãã©ãã£ãã¯ãããããŒããã£ã¹ãããã«ããã£ã¹ããæªç¥ã®ãŠããã£ã¹ããã©ãã£ãã¯ãæå®ããéŸå€ãè¶ ããå Žåãè¶ ãããã±ããã¯ç Žæ£ãããŸãã
⢠åãã€ã³ã¿ãã§ãŒã¹äžã§åž¯åå¶åŸ¡ãšã¹ããŒã ã³ã³ãããŒã«ã®äž¡æ¹ã䜿çšããããšã¯ãäºæãã¬çµæãå°ãå¯èœæ§ããããŸããäŸãã°ããã¡ãŒã¹ãã€ãŒãµãããããŒã㧠"switchport broadcast packet-rate 500,"ã³ãã³ã㧠ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã 500kbpsã«èšå®ãã"rate-limit input 20000"ã³ãã³ãã§åž¯åå¶åŸ¡ã 20000Kbpsã«èšå®ããå Žåã2000kbpsã¯ã©ã€ã³ã¹ããŒãã® 1/5ïŒ100MbpsïŒã§ããããåä¿¡ã¬ãŒãã¯å®é 100KbpsãŸãã¯ã¹ããŒã ã³ã³ãããŒã«ã³ãã³ãã§èšå®ããããªãããã500Kbpsã® 1/5ã«ãªããŸããåãã€ã³ã¿ãã§ãŒã¹äžã«ãããäž¡æ¹ã®ã³ãã³ãã䜿çšããããšã¯è³¢æã§ã¯ãããŸããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#switchport broadcast packet-rate 600Console(config-if)#
625FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
clear counters
ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ãã¯ãªã¢ããŸãã
ææ³
clear counters interface
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-id (ç¯å²ïŒ1-5)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
çµ±èšæ å ±ã¯é»æºããªã»ããããå Žåã®ã¿åæåãããŸããæ¬æ©èœã䜿çšããå ŽåãçŸåšã®ç®¡çã»ãã·ã§ã³ã§è¡šç€ºãããŠããçµ±èšæ å ±ã¯ãªã»ãããããŸããäœããäžåºŠãã°ã¢ãŠããå床管çç»é¢ã«ãã°ã€ã³ããå Žåã«ã¯çµ±èšæ å ±ã¯æåŸã«é»æºããªã»ããããæããã®å€ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã®çµ±èšæ å ±ãã¯ãªã¢ããŠããŸãã
Console#clear counters ethernet 1/5Console#
626 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces counters
ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã衚瀺ããŸãã
ææ³
show interfaces counters { interface }
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ãïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãã¹ãŠã®ããŒãã®ã«ãŠã³ã¿ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠ããŒããæå®ããªãå Žåã¯ããã¹ãŠã®ããŒãã®ç¶æ³ã衚瀺ãããŸãã
⢠æ¬ã³ãã³ãã䜿çšããéã«è¡šç€ºãããæ å ±ã®è©³çŽ°ã¯ 58 ããŒãžã®ãããŒãã»ãã©ã³ã¯çµ±èšæ å ±è¡šç€ºããåç §ããŠäžããã
627FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
äŸ
Console#show interfaces counters ethernet 1/7Ethernet 1/ 7 ===== IF table Stats ===== 0 Octets Input 0 Octets Output 0 Unicast Input 0 Unicast Output 0 Discard Input 0 Discard Output 0 Error Input 0 Error Output 0 Unknown Protos Input 0 QLen Output ===== Extended Iftable Stats ===== 0 Multi-cast Input 0 Multi-cast Output 0 Broadcast Input 0 Broadcast Output ===== Ether-like Stats ===== 0 Alignment Errors 0 FCS Errors 0 Single Collision Frames 0 Multiple Collision Frames 0 SQE Test Errors 0 Deferred Transmissions 0 Late Collisions 0 Excessive Collisions 0 Internal Mac Transmit Errors 0 Internal Mac Receive Errors 0 Frames Too Long 0 Carrier Sense Errors 0 Symbol Errors ===== RMON Stats ===== 0 Drop Events 0 Octets 0 Packets 0 Broadcast PKTS 0 Multi-cast PKTS 0 Undersize PKTS 0 Oversize PKTS 0 Fragments 0 Jabbers 0 CRC Align Errors 0 Collisions 0 Packet Size <= 64 Octets 0 Packet Size 65 to 127 Octets 0 Packet Size 128 to 255 Octets 0 Packet Size 256 to 511 Octets 0 Packet Size 512 to 1023 Octets 0 Packet Size 1024 to 1518 OctetsConsole#
628 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces status
ã€ã³ã¿ãã§ãŒã¹ã®ç¶æ ã衚瀺ããŸãã
ææ³
show interfaces status interface
⢠interface
ïŒ ethernet unit/portãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ïŒ vlan vlan-id â VLAN ID (1-4093)
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã®ç¶æ³ã衚瀺ãããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠ããŒããæå®ããªãå Žåã¯ããã¹ãŠã®ããŒãã®ç¶æ³ã衚瀺ãããŸãã
⢠æ¬ã³ãã³ãã䜿çšããéã«è¡šç€ºãããæ å ±ã®è©³çŽ°ã¯ P51 ãæ¥ç¶ç¶æ³ã®è¡šç€ºããåç §ããŠäžããã
äŸ
Console#show interfaces status ethernet 1/7Information of Eth 1/7 Basic Information: Port Type : 100TX Mac Address : 00-12-CF-F3-DE-4D Configuration: Name : Port Admin : Up Speed-duplex : Auto Capabilities : 10half, 10full, 100half, 100full Broadcast Storm : Enabled Broadcast Storm Limit : 64 Kbits/second Multicast Storm : Disabled Multicast Storm Limit : 64 Kbits/second Unknown Unicast Storm : Disabled Unknown Unicast Storm Limit : 64 Kbits/second Flow Control : Disabled LACP : Disabled Port Security : Disabled Max MAC Count : 0 Port Security Action : None Media Type : Copper forced Current Status: Link Status : Down Operation Speed-duplex : 100full Flow Control Type : NoneConsole#
629FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces switchport
æå®ããããŒãã®ç®¡çãéçšç¶æ³ã衚瀺ããŸãã
ææ³
show interfaces switchport { interface }
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã¯ 7çªããŒãã®æ å ±ã衚瀺ããŠããŸãã
onsole#show interfaces switchport ethernet 1/7Information of Eth 1/7 Broadcast Threshold : Enabled, 64 Kbits/second Multicast Threshold : Disabled Unknown Unicast Threshold : Disabled LACP Status : Disabled Ingress Rate Limit : Disabled, 64 Kbits per second Egress Rate Limit : Disabled, 100000 Kbits per second VLAN Membership Mode : Hybrid Ingress Rule : Disabled Acceptable Frame Type : All frames Native VLAN : 1 Priority for Untagged Traffic : 0 GVRP Status : Disabled Allowed VLAN : 1(u), 4093(t) Forbidden VLAN : 802.1Q-tunnel Status : Disable 802.1Q-tunnel Mode : NORMAL 802.1Q-tunnel TPID : 8100(Hex)Console#
630 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
ã³ãã³ã解説
é ç® è§£èª¬
Broadcast thresholdãããŒããã£ã¹ãã¹ããŒã å¶åŸ¡æ©èœã®æå¹ /ç¡å¹ã®è¡šç€ºãæå¹æã«ã¯ãããå€ã衚瀺ïŒP625åç §ïŒ
Multicast ThresholdãŸãã¡ãã£ã¹ãã¹ããŒã å¶åŸ¡æ©èœã®æå¹ /ç¡å¹ã®è¡šç€ºãæå¹æã«ã¯ãããå€ã衚瀺ïŒP625åç §ïŒ
Unknown-unicastThreshold
æªç¥ã®ãŠããã£ã¹ãã¹ããŒã å¶åŸ¡æ©èœã®æå¹ /ç¡å¹ã®è¡šç€ºãæå¹æã«ã¯ãããå€ã衚瀺ïŒP625åç §ïŒ
Lacp status LACPã®æå¹ /ç¡å¹ïŒP638åç §ïŒ
Ingress/ Egress rate limit å ¥å /åºå垯åå¶åŸ¡ã®æå¹ /ç¡å¹ãçŸåšã®èšå®ïŒP657åç §ïŒ
VLAN membership mode ãã©ã³ã¯å㯠Hybridã®ã¡ã³ããŒã¢ãŒãã衚瀺ïŒP728åç §ïŒ
Ingress rule ã€ã³ã°ã¬ã¹ãã£ã«ã¿ã®æå¹ /ç¡å¹ã®è¡šç€ºïŒP727åç §ïŒ
Acceptable frame typeVLANãã¬ãŒã ã¯ãå šãŠã®ãã¬ãŒã ã¿ã€ãããã¿ã°ãã¬ãŒã ã®ã¿åãåãå¯èœãïŒP725åç §ïŒ
Native VLAN ããã©ã«ãããŒã VLAN IDã®è¡šç€ºïŒP729åç §ïŒ
Priority for untagged traffic
ã¿ã°ãªããã¬ãŒã ãžã®åæèšå®ã®ãã©ã€ãªãªãã£ã®è¡šç€ºïŒP758åç §ïŒ
Gvrp status GVRPã®æå¹ /ç¡å¹ïŒP716åç §ïŒ
Allowed Vlan åå ããŠãã VLANã®è¡šç€ºã "(u)"ã¯ã¿ã°ãªãã "(t)"ã¯ã¿ã°ïŒP726åç §ïŒ
Forbidden Vlan GVRPã«ãã£ãŠåçã«åå ã§ããªã VLANã®è¡šç€ºïŒP718åç §ïŒ
802.1Q-tunnel Status ãã®ã€ã³ã¿ãã§ãŒã¹ã§ 802.1Qãã³ãã«ãæå¹æã«è¡šç€ºïŒP734åç §ïŒ
802.1Q-tunnel Mode802.1Qãã³ãã«ãŸã㯠802.1Q ãã³ãã«ã¢ãããªã³ã¯ã®ãã³ãã«ã¢ãŒãã衚瀺ïŒP735åç §ïŒ
802.1Q-tunnel TPID åŠç¿ãšãã±ããã®ã¹ã€ããã³ã°ã«äœ¿çšããããã¿ã°ãããã³ã«èå¥ã衚瀺ïŒP736åç §ïŒ
631FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
test cable-diagnostics
ã±ãŒãã«é害ïŒã·ã§ãŒãããªãŒãã³ããã®ä»ïŒã蚺æãããããæå®ããããŒãã§ã±ãŒãã«èšºæãå®è¡ããŸãã
ææ³
test cable-diagnostics interface interface
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ã±ãŒãã«èšºæã¯ããžã¿ã«ä¿¡å·åŠç (DSP)ãã¹ãã¡ãœããã䜿çšããŠå®è¡ãããŸãã
⢠ãã®ã±ãŒãã«ãã¹ã㯠7ïœ 140mã®ã±ãŒãã«ã®ã¿æ£ç¢ºã«èšºæå¯èœã§ãã
⢠ãã¹ãã«ã¯çŽ 5ç§ããããŸãããã¹ããå®äºåŸãã¹ã€ããã¯ãã ã¡ã«ããããã®ã±ãŒãã«ãã¢ã®ãããã®é·ããšç¶æ ãå ±éãšã©ãŒãå«ãã蚺æçµæã衚瀺ããŸãã
⢠蚺æã§æ€åºãããå¯èœæ§ã®ããç¶æ
ã»OKïŒæ£ç¢ºã«çµçµãããã¢
ã»OpenïŒãªãŒãã³ãã¢ããªã³ã¯ããŒããç¡ã
ã»ShortïŒã·ã§ãŒããããã¢
ã»Not SupportedïŒãªã³ã¯ã¢ããããŠããã€ãŒãµãããããŒãããŸã㯠1000Mbpsäžã®ã¹ããŒãã§ãªã³ã¯ã¢ããããŠããã®ã¬ãããã€ãŒãµãããããŒãã«ã€ããŠè¡šç€ºãããŸãã
ã»Impedance mismatchïŒçµç«¯æ¥ç¶ã®ã€ã³ããŒãã³ã¹ãåºæºç¯å²å€ã§ãã
⢠ã±ãŒãã«èšºæå®è¡äžãããŒãã¯ãªã³ã¯ããŠã³ããŸãã
äŸ
Console#test cable-diagnostics interface ethernet 1/10Console#show cable-diagnostics interface ethernet 1/10Port Type Link Status Pair A (meters) Pair B (meters) Last Update------- ---- ----------- --------------- ---------------- -------------Eth 1/10 GE Up OK (21) OK (21) 2009-11-13 09:44:19Console#
632 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show cable-diagnostics
ã±ãŒãã«èšºæãã¹ãã®çµæã衚瀺ããŸãã
ææ³
show cable-diagnostics interface interface
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show cable-diagnostics interface ethernet 1/10Console#show cable-diagnostics interface e 1/10Port Type Link Status Pair A (meters) Pair B (meters) Last Update-------- ---- ----------- ---------------- ---------------- ------------Eth 1/10 GE Up OK (21) OK (21) 2009-11-13 09:44:19Console#
633FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
power-save
æå®ãããããŒãã§ããã¯ãŒã»ãŒãã³ã°ã¢ãŒããæå¹ã«ããŸãã
ææ³
power-save no power-save
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernetïŒ
ã³ãã³ã解説
⢠IEEE 802.3ã¯ã€ãŒãµããã 100mã§çšŒåããŠããã±ãŒãã«æ¥ç¶ã«åºã¥ããæšæºããã³ãµãã·ãŒã±ã³ã¹é»æºæ¡ä»¶ãå®çŸ©ããŠããŸãããã¯ãŒã»ãŒãã³ã°ã¢ãŒããæå¹ã«ããããšã§ã60m以äžã®ã±ãŒãã«ïŒ20m以äžã§ã¯ããé¡èã«ïŒã§äœ¿çšé»åãäœæžããããšãå¯èœã§ãããä¿¡å·å®å šæ§ãä¿èšŒãç¶ããŸãã
⢠ãã¯ãŒã»ãŒãã³ã°ã¢ãŒãã¯é ã¡ãã£ã¢ã䜿çšããŠããã®ã¬ãããã€ãŒãµãããããŒãã«ã®ã¿é©çšãããŸãã
⢠ãã¯ãŒã»ãŒãã³ã°ã¯ã®ã¬ããã RJ-45ããŒãã§ã®ã¿æå¹ã«åºæ¥ãŸãã
⢠æ¬æ©ã§æäŸããããã¯ãŒã»ãŒãã³ã°ã¡ãœãã
ãã»ãªã³ã¯ããŒããäžåšæã®ãã¯ãŒã»ãŒãã³ã°é垞皌åæãã¹ã€ããã¯ãªã³ã¯ããŒãããèŠã€ããããã«ç¶ç¶ããŠãªãŒãããŽã·ãšãŒããããããšããªã³ã¯æ¥ç¶ãååšããªããšããŠããMACã€ã³ã¿ãã§ãŒã¹ã¯ãã¯ãŒã¢ããç¶æ ãç¶æããŠããŸãããã¯ãŒã»ãŒãã³ã°ã¢ãŒãã䜿çšæãã¹ã€ããã¯ãªã³ã¯ããŒããã®æç¡ã決å®ããããããµãŒãããã®ãšãã«ã®ãŒããã§ãã¯ããŸããããäœãæ€åºãããªãå Žåãã¹ã€ããã¯ãã©ã³ã¹ããã¿ãšåä¿¡é»æ°åè·¯ã®å€§éšåãèªåçã«ã¿ãŒã³ãªãããŸããïŒã¹ãªãŒãã¢ãŒããžå ¥ããŸãïŒãã®ã¢ãŒãã§ã¯ãlow-power energy-detectionãµãŒããããé£ç¶çã«ã±ãŒãã«ã®ãšãã«ã®ãŒããã§ãã¯ããŸãããšãã«ã®ãŒæ€åºãããªãå Žåãã¹ã€ããã¯çŽã¡ã«ãã©ã³ã¹ããã¿ãšã¬ã·ãŒãæ©èœãã¿ãŒã³ãªãããMACã€ã³ã¿ãã§ãŒã¹ããã¯ãŒã¢ããããŸãã
ã»ãªã³ã¯ããŒãããããæã®ãã¯ãŒã»ãŒãã³ã°åŸæ¥ã®ã€ãŒãµãããæ¥ç¶ã¯ãå¹³åã®ãããã¯ãŒã¯ã±ãŒãã«é·ãçããŠããæäœ100mããµããŒãããããã«å åãªãã¯ãŒã§æ©èœããŠããŸããã±ãŒãã«é·ãããçãå Žåãä¿¡å·è¡°åŒ±ã¯ã±ãŒãã«é·ã«æ¯äŸããŠãããããã¯ãŒæ¶è²»ã¯äœæžåºæ¥ãŸãããã¯ãŒã»ãŒãã³ã°ã¢ãŒãæå¹æãã¹ã€ããã¯ç¹å®ã®ãªã³ã¯äžã§äœ¿çšãããä¿¡å·åºåã¬ãã«ãäœæžã§ãããã©ããã決å®ãããããã±ãŒãã«é·ãåæããŸãã
[ 泚æ ]ãã¢ã¯ãã£ããªã³ã¯ã®ãã¯ãŒã»ãŒãã³ã°ã¢ãŒãã¯ããªã³ã¯ã¢ããã®æ¥ç¶ã¹ããŒãã100Mbps以äžã®æã®ã¿çšŒåããã©ã€ã³é·ã¯ 60m以äžã§ãã
[ 泚æ ]ããã¯ãŒã»ãŒãã³ã°ã¯ãã€ã¹ããã¢ã±ãŒãã«ã䜿çšãããã®ã¬ãããã€ãŒãµãããããŒãã§ã®ã¿å®è¡å¯èœã§ããã¢ã¯ãã£ããªã³ã¯ã®ãã¯ãŒã»ãŒãã³ã°ã¢ãŒãã¯æ¥ç¶ã¹ããŒã1Gbpsã§ã©ã€ã³é·ã 60m以äžã®æã®ã¿çšŒåããŸãã
äŸ
Console(config)#interface ethernet 1/10Console(config-if)#power-saveConsole(config-if)#
634 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show power-save
ãã¯ãŒã»ãŒãã³ã°ã®èšå®ã衚瀺ããŸãã
ææ³
show power-save interface interface
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show power-save interface ethernet 1/10
Power Saving Status : EnabledConsole#
635FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
4.12 ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
ãã³ãå¹ æ¡åŒµãšãåãããã¯ãŒã¯é害æã®åé¿ã®ãããããŒããæããéçã°ã«ãŒããèšå®ããããšãã§ããŸãããŸããIEEE802.1adæºæ ã® Link Aggregation Control Protocol (LACP)ã䜿çšããæ¬æ©ãšä»ã®ããã€ã¹éã®ãã©ã³ã¯ãèªåçã«è¡ãããšãã§ããŸããéçãã©ã³ã¯ã§ã¯ãæ¬æ©ã¯ Cisco EtherChannelæšæºãšã®äºææ§ããããŸããåçãã©ã³ã¯ã«é¢ããŠã¯IEEE802.1adæºæ ã® LACPãšãªããŸãã
2ã€ã® 1000MbpsããŒãããã©ã³ã¯ããå Žåãfull duplexæã«ã¯æ倧 4Gbpsã®ãã³ãå¹ ãšãªããŸãã
ãã©ã³ã¯èšå®ã¬ã€ãã©ã€ã³
⢠ã«ãŒããé²ãããããããã¯ãŒã¯ã±ãŒãã«ãæ¥ç¶ããåã«ãã©ã³ã¯ã®èšå®ãå®äºãããŠäžããã
⢠åãã©ã³ã¯ã¯æ倧 8ããŒããŸã§ãã©ã³ã¯å¯èœã§ãã
⢠ãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯ãã©ã³ã¯ããŒããšããŠèšå®ãããå¿ èŠããããŸãã
⢠ãã©ã³ã¯ã«åå ãããã¹ãŠã®ããŒãã¯ãéä¿¡é床ãduplexã¢ãŒãããããŒã³ã³ãããŒã«ãVLANãCoSãªã©ãã¹ãŠåäžã®èšå®ã§ããå¿ èŠããããŸãã
⢠port-channelã䜿çšã VLANããã®ç§»åãè¿œå ãåé€ããå Žåããã©ã³ã¯ããããã¹ãŠã®ããŒãã¯ïŒã€ã®ãã®ãšããŠæ±ãããŸãã
⢠STPãVLANããã³ IGMPã®èšå®ã¯ãæå®ããããŒããã£ã³ãã«ã䜿çšããã¹ãŠã®ãã©ã³ã¯ã«èšå®ããããšãã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
æåèšå®ã³ãã³ãinterfaceport-channel
interface configurationã¢ãŒããžã®ç§»åãšãã©ã³ã¯èšå®
GC P616
channel-group ãã©ã³ã¯ãžã®ããŒãã®è¿œå IC P637
åçèšå®ã³ãã³ãlacp çŸåšã®ã€ã³ã¿ãã§ãŒã¹ã§ã® LACPã®èšå® IC P638
lacp admin-key ããŒãã¢ããã³ããŒã®èšå®IC(Ethernet)
P640
lacp port-priority LACPããŒããã©ã€ãªãªãã£ã®èšå®IC(Ethernet)
P641
lacpsystem-priority ããŒã LACPã·ã¹ãã ãã©ã€ãªãªãã£ã®èšå®
IC(Ethernet)
P642
lacp admin-key ããŒããã£ã³ãã«ã¢ããã³ããŒã®èšå®IC(PortChannel)
P643
ãã©ã³ã¯ã¹ããŒã¿ã¹è¡šç€ºã³ãã³ãshow interfacesstatus port-channel
ãã©ã³ã¯æ å ±ã®è¡šç€º NE,PE P629
show lacp LACPé¢é£æ å ±ã®è¡šç€º PE P644
636 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
LACPèšå®ã¬ã€ãã©ã€ã³
ããŒããåäžããŒããã£ã³ãã«ã«èšå®ããã«ã¯ä»¥äžã®æ¡ä»¶ã«äžèŽããå¿ èŠããããŸãã
⢠ããŒãã¯åäžã® LACPã·ã¹ãã ãã©ã€ãªãªãã£ã®å¿ èŠããããŸã
⢠ããŒãã¯åäžã®ããŒãã¢ããã³ããŒã®å¿ èŠããããŸã (Ethernet Interface)
⢠ãã£ã³ãã«ã°ã«ãŒãã圢æãããå Žåã«ãããŒããã£ã³ãã«ã¢ããã³ããŒãã»ããããªããã°ããã®ããŒã¯ãã°ã«ãŒãã®ã€ã³ã¿ãã§ãŒã¹ã®ããŒãã¢ããã³ããŒãšåäžã®å€ã«èšå®ãããŸãã
⢠ããŒããã£ã³ãã«ã¢ããã³ããŒãèšå®ããå Žåã«ã¯ãããŒãã¢ããã³ããŒã¯ãã£ã³ãã«ã°ã«ãŒããžã®åå ãå¯èœãªåãå€ãèšå®ããå¿ èŠããããŸãã
⢠ãªã³ã¯ãèœã¡ãå ŽåãLACPããŒããã©ã€ãªãªãã£ã¯ããã¯ã¢ãããªã³ã¯ãéžæããŸãã
channel-group
ãã©ã³ã¯ã«ããŒããè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ããŒãããã©ã³ã¯ããã¯ãããŸãã
ææ³
channel-group channel-id
no channel-group
⢠channel-id â ãã©ã³ã¯ IDïŒç¯å²ïŒ1-5ïŒ
åæèšå®
çŸåšã®ããŒãããæå®ãããã©ã³ã¯ã«è¿œå ãããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠éçãã©ã³ã¯ã®èšå®ãè¡ãå Žåã察åã®ã¹ã€ãã㯠Cisco EtherChannelæšæºãšäºææ§ããªããŠã¯ãããŸããã
⢠" no channel-group"ã³ãã³ãã䜿ãããšã§ããŒãã°ã«ãŒãããã©ã³ã¯ããã¯ãããŸãã
⢠" no interfaces port-channel"ã³ãã³ãã䜿ãããšã§ã¹ã€ãããããã©ã³ã¯ãåé€ããŸãã
äŸ
æ¬äŸã§ã¯ãtrunk 1ãçæãã11çªããŒããã¡ã³ããŒã«å ããŠããŸãã
Console(config)#interface port-channel 1Console(config-if)#exit
Console(config)#interface ethernet 1/11Console(config-if)#channel-group 1Console(config-if)#
637FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp
IEEE802.3adæºæ ã® LACPãçŸåšã®ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠèšå®ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
lacp
no lacp
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠LACPãã©ã³ã¯ã®äž¡ç«¯ã¯åºå®èšå®ãããã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ã«ãã full duplexã«èšå®ãããŠããå¿ èŠããããŸãã
⢠LACPã䜿çšãããã©ã³ã¯ã¯èªåçã«äœ¿çšå¯èœãªããŒããã£ã³ãã« IDãå²ãåœãŠãããŸãã
⢠察åã®ã¹ã€ãããæ¥ç¶ããããŒã㧠LACPãæå¹ã«ããŠããå Žåããã©ã³ã¯ã¯èªåçã«æå¹ã«ãªããŸãã
⢠8ã€ä»¥äžã®ããŒããåã察åã®ã¹ã€ããã«æ¥ç¶ãããŠãLACPãæå¹ã«ãªã£ãŠããå Žåãè¿œå ãããããŒãã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããä»ã®ã¢ã¯ãã£ããªãªã³ã¯ãèœã¡ãå Žåã«ã®ã¿æå¹ãšãªããŸãã
638 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
äŸ
æ¬äŸã§ã¯ã1ãã 3çªããŒãã® LACPãæå¹ã«ããŠããŸãã"show interfaces status port-channel 1"ã³ãã³ãã䜿çšããTrunk1ã察åã®æ©åšãšç¢ºç«ãããŠããããšã確èªããããšãã§ããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#lacpConsole(config-if)#exitConsole(config)#interface ethernet 1/2Console(config-if)#lacpConsole(config-if)#exitConsole(config)#interface ethernet 1/3Console(config-if)#lacpConsole(config-if)#exitConsole(config)#exitConsole#show interfaces status port-channel 1Information of Trunk 1Basic information:Port type: 100TXMac address: 00-00-e8-00-00-0bConfiguration:Name:Port admin: UpSpeed-duplex: AutoCapabilities: 10half, 10full, 100half, 100full,Flow control status: DisabledPort security: DisabledMax MAC count: 0Current status:Created by: lACPLink status: UpOperation speed-duplex: 100fullFlow control type: NoneMember Ports: Eth1/11, Eth1/12, Eth1/13,Console#
639FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp admin-keyïŒEthernet InterfaceïŒ
ããŒãã® LACPã¢ãããã¹ãã¬ãŒã·ã§ã³ããŒã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
lacp {actor | partner} admin-key key
no lacp {actor | partner} admin-key
⢠actor â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ããŒã«ã«åŽ
⢠partner â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ãªã¢ãŒãåŽ
⢠key â ããŒãã¢ããã³ããŒã¯åã LAGã®ããŒããåäžã®å€ãèšå®ããå¿ èŠããããŸãïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
0
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠åã LAGã«åå ããã«ã¯ãLACPã·ã¹ãã ãã©ã€ãªãªãã£ãäžèŽããLACPããŒãã¢ããã³ããŒãäžèŽããLACPããŒããã£ã³ãã«ããŒãäžèŽããå ŽåãšãªããŸãã
⢠ããŒããã£ã³ãã«ã¢ããã³ããŒãèšå®ããå Žåã«ã¯ãããŒãã¢ããã³ããŒã¯ãã£ã³ãã«ã°ã«ãŒããžã®åå ãå¯èœãªåãå€ãèšå®ããå¿ èŠããããŸãã
⢠ãªã¢ãŒãåŽã®ãªã³ã¯ã確ç«ããããšãLACPéçšèšå®ã¯äœ¿çšãããŠããç¶æ ã§ããããŒãããŒã® LACPèšå®ã¯éçšç¶æ ã§ã¯ãªã管çç¶æ ãè¡šããä»åŸ LACPãããŒãããŒãšç¢ºç«ãããéã«äœ¿çšãããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#lacp actor admin-key 120Console(config-if)#
640 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp port-priority
LACPããŒããã©ã€ãªãªãã£ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
lacp { actor | partner } port-priority priority
no lacp { actor | partner } port-priority
⢠actor â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ããŒã«ã«åŽ
⢠partner â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ãªã¢ãŒãåŽ
⢠priority â ããã¯ã¢ãããªã³ã¯ã«äœ¿çšãã LACPããŒããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
32768
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠äœãå€ãé«ããã©ã€ãªãªãã£ã瀺ããŸãã
⢠ã¢ã¯ãã£ããªããŒããããŠã³ããå Žåãé«ããã©ã€ãªãªãã£ãæã£ãããŒããããã¯ã¢ãããšãªããŸããè€æ°ã®ããŒããåããã©ã€ãªãªãã£ã®å Žåã«ã¯äœãããŒãçªå·ã®ããŒããããã¯ã¢ãããªã³ã¯ãšãªããŸãã
⢠ãªã¢ãŒãåŽã®ãªã³ã¯ã確ç«ããããšãLACPéçšèšå®ã¯äœ¿çšãããŠããç¶æ ã§ããããŒãããŒã® LACPèšå®ã¯éçšç¶æ ã§ã¯ãªã管çç¶æ ãè¡šããä»åŸ LACPãããŒãããŒãšç¢ºç«ãããéã«äœ¿çšãããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#lacp actor port-priority 128
641FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp system-priority
ããŒãã® LACPã·ã¹ãã ãã©ã€ãªãªãã£ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
lacp {actor | partner} system-priority priority
no lacp {actor | partner} system-priority
⢠actor â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ããŒã«ã«åŽ
⢠partner â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã®ãªã¢ãŒãåŽ
⢠priority â ãã©ã€ãªãªãã£ã¯ããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒã (LAG)ã¡ã³ããŒã·ããã決å®ããå LAGæ¥ç¶æã«ä»ã®ã¹ã€ãããæ¬æ©ãèå¥ããããã«äœ¿çšããŸãïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
32768
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠åäž LAGã«åå ããããŒãã¯åäžã·ã¹ãã ãã©ã€ãªãªãã£ã«èšå®ããå¿ èŠããããŸãã
⢠ã·ã¹ãã ãã©ã€ãªãªãã£ã¯æ¬æ©ã® MACã¢ãã¬ã¹ãšçµåã LAG IDãšãªããŸããIDã¯ä»ã®ã·ã¹ãã ãšã® LACPæ¥ç¶æã®ç¹å®ã® LAGãè¡šãããã«äœ¿çšãããŸãã
⢠ãªã¢ãŒãåŽã®ãªã³ã¯ã確ç«ããããšãLACPéçšèšå®ã¯äœ¿çšãããŠããç¶æ ã§ããããŒãããŒã® LACPèšå®ã¯éçšç¶æ ã§ã¯ãªã管çç¶æ ãè¡šããä»åŸ LACPãããŒãããŒãšç¢ºç«ãããéã«äœ¿çšãããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#lacp actor system-priority 3Console(config-if)#
642 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp admin-keyïŒPort ChannelïŒ
ããŒããã£ã³ãã« LACPã¢ãããã¹ãã¬ãŒã·ã§ã³ããŒã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
lacp admin-key key
no lacp admin-key
⢠key â ããŒãã¢ããã³ããŒã¯åã LAGã®ããŒããåäžã®å€ãèšå®ããå¿ èŠããããŸãïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
0
ã³ãã³ãã¢ãŒã
Interface Configuration (Port Channel)
ã³ãã³ã解説
⢠åã LAGã«åå ããã«ã¯ãLACPã·ã¹ãã ãã©ã€ãªãªãã£ãäžèŽããLACPããŒãã¢ããã³ããŒãäžèŽããLACPããŒããã£ã³ãã«ã¢ããã³ããŒãäžèŽããå ŽåãšãªããŸãã
⢠ãã£ã³ãã«ã°ã«ãŒãã圢æãããããŒããã£ã³ãã«ã¢ããã³ããŒãèšå®ãããŠããªãå ŽåãããŒãã¢ããã³ããŒãšåäžã®å€ã«èšå®ãããŸããLAGãããŒããã£ã³ãã«ã¢ããã³ããŒã䜿çšããªãå Žåã«ã¯ 0ã«ãªã»ãããããŸãã
äŸ
Console(config)#interface port-channel 1Console(config-if)#lacp actor admin-key 3Console(config-if)#
643FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
show lacp
LACPæ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show lacp [ port-channel | counters | internal | neighbors | sys-id ]
⢠port-channel â ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒã IDïŒç¯å²ïŒ1-5ïŒ
⢠counters â LACPãããã³ã«ã¡ãã»ãŒãžã®çµ±èšæ å ±
⢠internal â ããŒã«ã«ãµã€ãã®éçšç¶æ³ãšèšå®æ å ±
⢠neighbors â ãªã¢ãŒããµã€ãã®éçšç¶æ³ãšèšå®æ å ±
⢠sys-id â ãã¹ãŠã®ãã£ã³ãã«ã°ã«ãŒãã®MACã¢ãã¬ã¹ãšã·ã¹ãã ãã©ã€ãªãªãã£ã®ãµããª
åæèšå®
Port ChannelïŒãã¹ãŠ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show lacp 1 countersPort channel : 1-----------------------------------------------------------------Eth 1/ 2-----------------------------------------------------------------LACPDUs Sent : 21LACPDUs Received : 21Marker Sent : 0Marker Received : 0LACPDUs Unknown Pkts : 0LACPDUs Illegal Pkts : 0
é ç® è§£èª¬
LACPDUs Sent ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãª LACPDUã®æ°
LACPDUs Received ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãª LACPDUã®æ°
Marker Sent æ¬ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãªMarker PDUã®æ°
Marker Received æ¬ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãªMarker PDUã®æ°
LACPDUs Unknown Pkts 以äžã®ãã¬ãŒã ã®åä¿¡æ°(1) ã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéã³ãæªç¥ã®PDUãå«ãã§ãããã¬ãŒã (2) ã¹ããŒãããã³ã«ã°ã«ãŒãMACã¢ãã¬ã¹ã«å±ããã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéãã§ããªããã¬ãŒã
LACPDUs Illegal Pkts äžæ£ãª PDUåã¯ãããã³ã«ãµãã¿ã€ããäžæ£ãªå€ãå«ãã¹ããŒãããã³ã«ã€ãŒãµããããã±ãããéã¶ãã¬ãŒã æ°
644 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
äŸ
Console#show lacp 1 internalPort channel : 1-----------------------------------------------------------------Oper Key : 4Admin Key : 0Eth 1/1-----------------------------------------------------------------LACPDUs Internal : 30 secLACP System Priority : 32768LACP Port Priority : 32768Admin Key : 4Oper Key : 4Admin State : defaulted,aggregation,long timeout, LACP-activityOper State : distributing, collecting, synchronization, aggregation, long timeout, LACP-activity
é ç® è§£èª¬
Oper Key çŸåšã®ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ããŒã®éçšå€
Admin Key çŸåšã®ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ããŒã®ç®¡çå€
LACPDUsInternal
åä¿¡ãã LACPDUæ å ±ãç¡å¹ã«ãããŸã§ã®ç§æ°
LACP SystemPriority
æ¬ããŒããã£ã³ãã«ã«å²ãåœãŠããã LACP ã·ã¹ãã ãã©ã€ãªãªãã£
LACP Port Priority æ¬ããŒããã£ã³ãã«ã°ã«ãŒãã«å²ãåœãŠããã LACPããŒããã©ã€ãªãªãã£
Admin State,Oper State
Actorã®ç®¡çå€åã¯éçšå€ã®ç¶æ ã®ãã©ã¡ãŒã¿ãExpired â Actorã®åä¿¡æ©åšã¯å€±å¹ç¶æ ã§ãDefaulted â Actorã®åä¿¡æ©åšã¯åæèšå®ã®éçš partnerã®æ å ±ã䜿çšããŠããŸãDistributing â 誀ãã®å Žåããã®ãªã³ã¯äžã®åºåãã¬ãŒã ã®é ä¿¡ã¯ç¡å¹ã«ãªããŸããé ä¿¡ã¯çŸåšç¡å¹ç¶æ ã§ãåä¿¡ãããã³ã«æ å ±ã®ç®¡çäžã®å€æŽãåã¯å€æŽããªãç¶æ ã§æå¹ã«ã¯ãªããŸãããCollecting â ãã®ãªã³ã¯äžã®å ¥åãã¬ãŒã ã®åéã¯å¯èœãªç¶æ ã§ããåéã¯çŸåšå¯èœãªç¶æ ã§ãåä¿¡ãããã³ã«æ å ±ã®ç®¡çäžã®å€åãåã¯å€åããªãç¶æ ã§ç¡å¹ã«ã¯ãªããŸãããSynchronization â ã·ã¹ãã ã¯ãªã³ã¯ã IN_SYNCãšèªèããŸããããã«ããæ£ãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãã«å±ãããšãã§ããŸããã°ã«ãŒãã¯äºææ§ã®ãã Aggregatorã«é¢ä¿ããŸãããªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãã® IDã¯ã·ã¹ãã IDãšéä¿¡ããããªãã¬ãŒã·ã§ãã«ããŒæ å ±ãã圢æãããŸããAggregation â ã·ã¹ãã ã¯ãã¢ã°ãªã²ãŒã·ã§ã³å¯èœãªãªã³ã¯ãšèªèããŠããŸããã¢ã°ãªã²ãŒã·ã§ã³ã®ååšçãªåè£ã§ããLong timeout â LACPDUã®åšæçãªéä¿¡ã«ã¹ããŒè»¢éã¬ãŒãã䜿çšããŸããLACP-Activity â æ¬ãªã³ã¯ã«é¢ããã¢ã¯ãã£ãã³ã³ãããŒã«å€ïŒ0ïŒPassiveã1ïŒActiveïŒ
645FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
äŸ
äŸ
*LACP system priorityåã³ system MAC address㯠LAGã·ã¹ãã IDãã圢æããŸãã
Console#show lacp 1 neighborsPort channel : 1 neighbors-----------------------------------------------------------------Eth 1/1-----------------------------------------------------------------Partner Admin System ID : 32768, 00-00-00-00-00-00Partner Oper System ID : 32768, 00-00-00-00-00-01Partner Admin Port Number : 1Partner Oper Port Number : 1Port Admin Priority : 32768Port Oper Priority : 32768Admin Key : 0Oper Key : 4Admin State : defaulted, distributing, collecting, synchronization, long timeout,Oper State : distributing, collecting, synchronization, aggregation, long timeout, LACP-activity
é ç® è§£èª¬
Partner Admin System ID ãŠãŒã¶ã«ããæå®ããã LAG partnerã®ã·ã¹ãã ID
Partner Oper System ID LACPãããã³ã«ã«ããæå®ããã LAG partnerã®ã·ã¹ãã ID
Partner AdminPort Number
ãããã³ã« partnerã®ããŒãçªå·ã®çŸåšã®ç®¡çå€
Partner OperPort Number
ããŒãã®ãããã³ã« partnerã«ããã¢ã°ãªã²ãŒã·ã§ã³ããŒãã«æå®ãããéçšããŒãçªå·
Port Admin Priority ãããã³ã« partnerã®ããŒããã©ã€ãªãªãã£ã®çŸåšã®ç®¡çå€
Port Oper Priority partnerã«ããæå®ãããæ¬ã¢ã°ãªã²ãŒã·ã§ã³ããŒãã®ãã©ã€ãªãªãã£
Admin Key ãããã³ã« partnerã®ããŒã®çŸåšã®ç®¡çå€
Oper Key ãããã³ã« partnerã®ããŒã®çŸåšã®éçšå€
Admin State partnerã®ãã©ã¡ãŒã¿ã®ç®¡çå€ïŒåã®è¡šãåç §ïŒ
Oper State partnerã®ãã©ã¡ãŒã¿ã®éçšå€ïŒåã®è¡šãåç §ïŒ
Console#show lacp sysidPort Channel System Priority System MAC Address---------------------------------------------------------------- 1 32768 00-30-F1-D3-26-00 2 32768 00-30-F1-D3-26-00 3 32768 00-30-F1-D3-26-00Console#
é ç® è§£èª¬
Channel group æ¬æ©ã®ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã°ã«ãŒãèšå®
System Priority* æ¬ãã£ã³ãã«ã°ã«ãŒãã® LACPã·ã¹ãã ãã©ã€ãªãªãã£
System MAC Address* ã·ã¹ãã MACã¢ãã¬ã¹
646 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
4.13 ããŒããã©ãŒãªã³ã°
ãœãããŠã§ã¢ã¢ãã¿ãªã³ã°ããŒã«ãŸãã¯ããŒããŠã§ã¢æž¬å®ã䜿çšãã解æã®çºã«åãã¹ã€ããã®ããŒã«ã«ããŒããŸãã¯ä»ã®ã¹ã€ããã®ãªã¢ãŒãããŒãããããŒã¿ã®ãã©ãŒãè¡ãããšãå¯èœã§ããæ¬æ©ã¯ä»¥äžã®ãã©ãŒãªã³ã°ã¢ãŒãããµããŒãããŠããŸãã
4.13.1 ããŒã«ã«ããŒããã©ãŒãªã³ã°
ãã©ãŒã»ãã·ã§ã³ã®èšå®æ¹æ³ã解説ããŠããŸãã
ã³ãã³ã æ©èœ ããŒãž
Local Port Mirroring
ééããããŒã¿ãŸãã¯è¢«ã¢ãã¿ããŒãã®ããã©ãŒãã³ã¹ã«åœ±é¿ãäžããã«ãåæã®ããã«ãã 1ã€ã®ããŒããžããŒã¿ãã³ããŒããŸãã
P647
RSPAN Mirroring å°çš VLANäžã«ãªã¢ãŒãã¹ã€ããããããŒã¿ããã©ãŒããŸã
P650
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžport monitor ãã©ãŒã»ãã·ã§ã³ã®èšå® IC P648
show port monitor ãã©ãŒããŒãã®èšå®ã®è¡šç€º PE P649
647FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
port monitor
ãã©ãŒã»ãã·ã§ã³ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãŒã»ãã·ã§ã³ãã¯ãªã¢ããŸãã
ææ³
port monitor [ interface { rx | tx | both} | vlan vlan-id | mac-address mac-address ]
no port monitor interface
⢠interfaceïŒ ethernet unit/port (source port)
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠rx â åä¿¡ãã±ããã®ãã©ãŒ
⢠tx â éä¿¡ãã±ããã®ãã©ãŒ
⢠both â éåä¿¡äž¡ãã±ããã®ãã©ãŒ
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠mac-address â MACã¢ãã¬ã¹ïŒãã©ãŒãããïŒxx-xx-xx-xx-xx-xxãŸã㯠xxxxxxxxxxxxïŒ
åæèšå®
⢠ãã©ãŒã»ãã·ã§ã³æªå®çŸ©â¢ ã€ã³ã¿ãã§ãŒã¹ã§æå¹æããã©ãŒãªã³ã°ã¯åä¿¡ /éä¿¡ãã±ããã®äž¡æ¹
⢠VLANãŸã㯠MACã¢ãã¬ã¹ã§æå¹æããã©ãŒãªã³ã°ã¯åä¿¡ãã±ããã®ã¿
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, destination port)
ã³ãã³ã解説
⢠ãœãŒã¹ããŒããããã£ã¹ãã£ããŒã·ã§ã³ããŒãã«éä¿¡ããã©ãŒãããªã¢ã«ã¿ã€ã ã§ã®éä¿¡åæãè¡ããŸãããã£ã¹ãã£ãã€ã·ã§ã³ããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferç )å㯠RMONãããŒããæ¥ç¶ããéä¿¡ã«åœ±é¿ãäžããã«ãœãŒã¹ããŒãã®ãã©ãã£ãã¯ã解æããããšãã§ããŸãã
⢠ãã£ã¹ãã£ããŒã·ã§ã³ããŒã㯠Ethernetã€ã³ã¿ãã§ãŒã¹ã«èšå®ããŸãã
⢠ãœãŒã¹åã³ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã®éä¿¡é床ã¯åãå¿ èŠããããŸããåãéä¿¡é床ã§ãªãå Žåã«ã¯éä¿¡ããœãŒã¹ããŒãããèœãšãããŸãã
⢠VLANãã©ãŒãšããŒããã©ãŒã®äž¡æ¹ãæå¹ã§ããæãã¿ãŒã²ããããŒã㯠2åã®ãã©ãŒãã±ãããåä¿¡ããŸããäžåºŠç®ã¯ãœãŒã¹ãã©ãŒããŒãããåä¿¡ãããã®åŸåã³ãœãŒã¹ãã©ãŒ VLANããã«ãªããŸãã
⢠MACã¢ãã¬ã¹ã®ãã©ãŒæãã¹ã€ããã®ã¿ãŒã²ããããŒã以å€ã®å šãŠã®ããŒãã«å ¥ããæå®ããããœãŒã¹ã¢ãã¬ã¹ã®å ¥åãã©ãã£ãã¯ã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã«ãã©ãŒãããŸãã
⢠ã¹ããã³ã°ããªãŒ BPDUãã±ããã¯ã¿ãŒã²ããããŒããžãã©ãŒãããŸããã
⢠è€æ°ã®ãã©ãŒã»ãã·ã§ã³ãäœæããããšãå¯èœã§ãããå šãŠã®ã»ãã·ã§ã³ã¯åäžã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒããå ±æããŸãã
äŸ
æ¬äŸã§ã¯ 6çªãã 5çªããŒããžã®ãã©ãŒãè¡ããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#port monitor ethernet 1/6 rxConsole(config-if)#
648 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
show port monitor
ãã©ãŒæ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show port monitor { interface }
⢠interface
ïŒ ethernet unit/portïŒSource PortïŒ
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãã¹ãŠã®ã»ãã·ã§ã³ã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ãœãŒã¹ãããŒãã§ããæãã³ãã³ãã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒãããœãŒã¹ããŒãããã³ãã©ãŒã¢ãŒãïŒRXãTXãRX/TXïŒã衚瀺ããŸãããœãŒã¹ã VLANã§ããæããã£ã¹ãã£ããŒã·ã§ã³ããŒããšãœãŒã¹ããŒãã®ã¿ã衚瀺ãããŸãããœãŒã¹ã MACã¢ãã¬ã¹ã§ããæããã£ã¹ãã£ããŒã·ã§ã³ããŒããš MACã¢ãã¬ã¹ã®ã¿ã衚瀺ãããŸãã
äŸ
æ¬äŸã§ã¯ 6çªãã 5çªããŒããžã®ãã©ãŒã®èšå®ã衚瀺ãããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#port monitor ethernet 1/6Console(config-if)#endConsole#show port monitorPort Mirroring-------------------------------------Destination port(listen port) :Eth1/5Source port(monitored port) :Eth1/6Mode :RX/TXConsole#
649FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
4.13.2 RSPANãã©ãŒãªã³ã°
Remote Switched Port Analyzer (RSPAN)ã«ãããåæã®çºã«ããŒã«ã«ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã§ãªã¢ãŒãã¹ã€ããããã®ãã©ãã£ãã¯ã®ãã©ãŒãåºæ¥ãŸãã
èšå®ã¬ã€ãã©ã€ã³
RSPANã»ãã·ã§ã³ãèšå®ããã«ã¯ä»¥äžã®æé ãè¡ã£ãŠãã ããã
ïŒ1ïŒâvlan rspanâã³ãã³ãïŒP652ïŒã䜿çšããRSPANã«äœ¿çšãã VLANãèšå®ããŸããïŒããã©ã«ã VLAN1ãšã¹ã€ããã¯ã©ã¹ã¿ VLAN4093ã¯çŠæ¢ãããŠããŸãïŒ
ïŒ2ïŒârspan sourceâã³ãã³ãïŒP652ïŒã䜿çšããã€ã³ã¿ãã§ãŒã¹ãšã¢ãã¿ãè¡ããã©ãã£ãã¯ã¿ã€ãïŒRxãTxãBothïŒãæå®ããŸãã
ïŒ3ïŒârspan destinationâã³ãã³ãïŒP653ïŒã䜿çšããRSPANã»ãã·ã§ã³ã«ãã被ã¢ãã¿ãã©ãã£ãã¯ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒããæå®ããŸãã
ïŒ4ïŒârspan remote vlanâã³ãã³ãïŒP654ïŒã䜿çšããRSPANã»ãã·ã§ã³ã§äœ¿çšãããVLANãã¹ã€ããã®ããŒã«ãäžéãªã¬ãŒã被ãã©ãŒãã©ãã£ãã¯ã®ãã£ã¹ãã£ããŒã·ã§ã³ãã¢ãããªã³ã¯ããŒããæå®ããŸãã
RSPANå¶é
æ¬æ©ã® RSPANæ©èœã«ã¯ä»¥äžã®å¶éããããŸãã
⢠RSPANããŒãïŒããŒãã®ã¿ã RSPANãœãŒã¹ããã£ã¹ãã£ããŒã·ã§ã³ãŸãã¯ã¢ãããªã³ã¯ã«èšå®ã§ããŸããéçãŸãã¯åçãã©ã³ã¯ã¯èš±å¯ãããŸããããŸãããœãŒã¹ããŒããšãã£ã¹ãã£ããŒã·ã§ã³ã¯åãã¹ã€ããäžã§èšå®ããããšã¯åºæ¥ãŸããã
⢠Local/Remote MirrorïŒããŒã«ã«ã¢ãã¿ã»ãã·ã§ã³ã®ãã£ã¹ãã£ããŒã·ã§ã³ïŒport monitorã³ãã³ãã§äœæãããïŒã¯ RSPANãã©ãã£ãã¯ã®ãã£ã¹ãã£ããŒã·ã§ã³ã«ã¯äœ¿çšã§ããŸããã
⢠Spanning TreeïŒã¹ããã³ã°ããªãŒç¡å¹æãBPDU㯠RSPAN VLANäžã«ã¯ãã©ãããããŸãããRSPANãã¹ã€ããã§æå¹æãMACã¢ãã¬ã¹åŠç¿ã¯ RSPANã¢ãããªã³ã¯ããŒãã§ã¯ãµããŒããããŸããããã®ãããããšã RSPANãèšå®ãããåŸã«ã¹ããã³ã°ããªãŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
vlan rspanRSPANãã©ãã£ãã¯ãéã¶çºã«å°æãããVLANãäœæ
VC P723
rspan source ãã©ãŒãè¡ããœãŒã¹ããŒããšãã©ãã£ãã¯ã¿ã€ããæå®
GC P652
rspan destination 被ãã©ãŒãã©ãã£ãã¯ãã¢ãã¿ãããã£ã¹ãã£ããŒã·ã§ã³ããŒããæå®
GC P653
rspan remote vlanRSPAN VLANãã¹ã€ããããŒã«ïŒãœãŒã¹ãäžéããã£ã¹ãã£ããŒã·ã§ã³ïŒãã¢ãããªã³ã¯ããŒããæå®
GC P654
no rspan session èšå®ããã RSPANã»ãã·ã§ã³ãåé€ GC P655
show rspan RSPANã»ãã·ã§ã³ã®èšå®ã衚瀺 PE P656
650 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
ãæå¹ã«ãªã£ãŠã MACã¢ãã¬ã¹åŠç¿ã¯ RSPANã¢ãããªã³ã¯ããŒãäžã§åéãããŸããã
⢠IEEE 802.1XïŒ RSPANãš 802.1Xã¯çžäºã«æä»çãªæ©èœã§ãã802.1Xãã°ããŒãã«ã§æå¹æãRSPANãœãŒã¹ããã³ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã¯èšå®å¯èœã§ãããRSPANã¢ãããªã³ã¯ããŒãã¯èšå®ã§ããŸãããRSPANã¢ãããªã³ã¯ããŒããã¹ã€ããã§æå¹æã802.1Xã¯ã°ããŒãã«ã§æå¹ã«åºæ¥ãŸããã
⢠Port SecurityïŒããŒãã§ããŒãã»ãã¥ãªãã£ãæå¹æãRSPANãœãŒã¹ãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒããšããŠèšå®ã¯åºæ¥ãŸãããRSPANã¢ãããªã³ã¯ããŒããšããŠèšå®ã§ããŸããããŸããããŒãã RSPANã¢ãããªã³ã¯ããŒããšããŠèšå®ãããŠããæããã®ããŒãã§ããŒãã»ãã¥ãªãã£ã¯æå¹ã«ã§ããŸããã
651FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
rspan source
ãªã¢ãŒãã§ãã©ãŒãè¡ããœãŒã¹ããŒããšãã©ãã£ãã¯ã¿ã€ããæå®ããŸãã"no"ãåã«çœ®ãããšã§æå®ããããŒãã® RSPANãç¡å¹ã«ããããæå®ãããã¿ã€ãã®ãã©ãŒãªã³ã°ãç¡å¹ã«ããŸãã
ææ³
[no] rspan session session-id source interface interface-list { rx | tx | both }
⢠session-idïŒ RSPANã»ãã·ã§ã³ã®èå¥çªå·ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸãã"port monitor"ã³ãã³ãïŒP648ïŒã§ããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
⢠interface-listïŒ 1ã€ä»¥äžã®ãœãŒã¹ããŒããé£å³ãããªã¹ããæå®ããã«ã¯ãã€ãã³ã䜿çšããŠãã ãããé£ç¶ããŠããªããªã¹ãã«ã¯ã³ã³ãã䜿çšããŠãã ããã
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠rxâ åä¿¡ãã±ããããã©ãŒ
⢠txâ éä¿¡ãã±ããããã©ãŒ
⢠bothâ åä¿¡ãéä¿¡äž¡æ¹ã®ãã±ããããã©ãŒ
åæèšå®
TxãRxäž¡æ¹ã®ãã©ãã£ãã¯ããã©ãŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠1ã€ä»¥äžã®ãœãŒã¹ããŒããåãã¹ã€ãããŸãã¯ç°ãªãã¹ã€ããã®ããããåã RSPANã»ãã·ã§ã³ã«ã¢ãµã€ã³ã§ããŸãã
⢠ããŒãã®ã¿ã RSPANãœãŒã¹ãšããŠèšå®ã§ããŸããéçã»åçãã©ã³ã¯ã¯èš±å¯ãããŸããã
⢠ãœãŒã¹ããŒããšãã£ã¹ãã£ããŒã·ã§ã³ããŒããåãã¹ã€ããã«èšå®ããããšã¯ã§ããŸããã
äŸ
Console(config)#rspan session 1 source interface ethernet 1/2Console(config)#rspan session 1 source interface ethernet 1/3Console(config)#
652 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
rspan destination
ãã©ãŒãã©ãã£ãã¯ã®ã¢ãã¿ãè¡ããã£ã¹ãã£ããŒã·ã§ã³ããŒããæå®ããŸããåã« "no"ã眮ãããšã§ãæå®ããããŒãã® RSPANãç¡å¹ã«ããŸãã
ææ³
rspan session session-id destination interface interface { tagged | untagged }
⢠session-idïŒ RSPANã»ãã·ã§ã³ã®èå¥çªå·ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸãã"port monitor"ã³ãã³ãïŒP648ïŒã§ããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
⢠interface-listïŒ 1ã€ä»¥äžã®ãœãŒã¹ããŒããé£å³ãããªã¹ããæå®ããã«ã¯ãã€ãã³ã䜿çšããŠãã ãããé£ç¶ããŠããªããªã¹ãã«ã¯ã³ã³ãã䜿çšããŠãã ããã
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠taggedâ ãã£ã¹ãã£ããŒã·ã§ã³ããŒããåºããã©ãã£ãã¯ã« RSPAN VLANã¿ã°ãä»å ããŸãã
⢠untaggedâ ãã£ã¹ãã£ããŒã·ã§ã³ããŒããåºããã©ãã£ãã¯ãã¿ã°ç¡ãã«ããŸãã
åæèšå®
ã¿ã°ç¡ã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠åãã¹ã€ããã®ã»ãã·ã§ã³æ¯ã«ã1ã€ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã®ã¿èšå®ãå¯èœã§ãããåãã»ãã·ã§ã³ã® 1ã€ä»¥äžã®ã¹ã€ããã«èšå®ããããšã¯å¯èœã§ãã
⢠ããŒãã®ã¿ã RSPANãœãŒã¹ãšããŠèšå®ã§ããŸããéçã»åçãã©ã³ã¯ã¯èš±å¯ãããŸããã
⢠ãœãŒã¹ããŒããšãã£ã¹ãã£ããŒã·ã§ã³ããŒããåãã¹ã€ããã«èšå®ããããšã¯ã§ããŸããã
⢠ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã¯ããã以éããã©ãã£ãã¯ã®éåä¿¡ãšã¢ãµã€ã³ãããã¬ã€ã€ 2ãããã³ã«ã«åå ãå¯èœã§ãã
äŸ
Console(config)#rspan session 1 destination interface ethernet 1/2Console(config)#
653FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
rspan remote vlan
RSPAN VLANãšã¹ã€ããããŒã«ãã¢ãããªã³ã¯ããŒããæå®ããŸãã"no"ãåã«çœ®ãããšã§ãæå®ãã VLANã® RSPANãç¡å¹ã«ããŸãã
ææ³
[no] rspan session session-id remote vlan vlan-id < source | intermediate | destination> uplink interface
⢠session-idïŒ RSPANã»ãã·ã§ã³ã®èå¥çªå·ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸãã"port monitor"ã³ãã³ãïŒP648ïŒã§ããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
⢠vlan-idïŒ RSPAN VLANãèšå®ãã IDïŒç¯å²ïŒ2-4092ïŒRSPANãæå¹ã«ããåã«ã"vlan rspan"ã³ãã³ãã䜿çšããRSPANãã©ãŒãªã³ã°ãè¡ã VLANã確ä¿ããŸãã
⢠sourceïŒæ¬æ©ããªã¢ãŒããã©ãŒã®ãœãŒã¹ã«æå®
⢠intermediateïŒæ¬æ©ãäžéã¹ã€ããã«æå®
⢠destinationïŒæ¬æ©ããã£ã¹ãã£ããŒã·ã§ã³ããŒãã«æå®
⢠uplinkïŒæ¬æ©ãã¢ãããªã³ã¯ã«æå®
⢠interfaceïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠802.1Qãã©ã³ã¯ãŸãã¯ãã€ããªããããŒãã RSPANã¢ãããªã³ã¯ããŒããšããŠèšå®ã§ããŸããã¢ã¯ã»ã¹ããŒãã¯èš±å¯ãããŠããŸããïŒ" switchport mode"ïŒP728ïŒãåç §ïŒ
⢠ãœãŒã¹ã¹ã€ããã® 1ã€ã®ã¢ãããªã³ã¯ããŒãã®ã¿èšå®ãå¯èœã§ãããäžéãŸãã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¹ã€ããäžã®ã¢ãããªã³ã¯ããŒãã®æ°ã«å¶éã¯ãããŸããã
⢠ãã£ã¹ãã£ããŒã·ã§ã³ãšã¢ãããªã³ã¯ããŒãã®ã¿ããã® VLANã®ã¡ã³ããŒãšããŠã¹ã€ããã«ã¢ãµã€ã³ãããŸãã"switchport allowed vlan"ã³ãã³ãïŒP726ïŒã䜿çšããããŒããRSPAN VLANãžæåã§ã¢ãµã€ã³ããããšã¯ã§ããŸãããåæ§ã«ãGVRPã«ãã£ãŠ RSPAN VLANã«åçã«ããŒãã¡ã³ããŒãè¿œå ããããšãã§ããŸããããŸãã"show vlan"ã³ãã³ãïŒP726ïŒã䜿çšããŠããRSPAN VLANã®ã¡ã³ããŒã衚瀺ããŸããããèšå®ããã RSPAN VLANèå¥åã®ã¿è¡šç€ºããŸãã
äŸ
Console(config)#rspan session 1 remote vlan 2 destination uplink ethernet 1/3Console(config)#
654 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
no rspan session
èšå®ããã RSPANã»ãã·ã§ã³ãåé€ããŸãã
ææ³
no rspan session session-id
⢠session-idïŒ RSPANã»ãã·ã§ã³ã®èå¥çªå·ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸãã"port monitor"ã³ãã³ãïŒP648ïŒã§ããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠"no rspan session"ã³ãã³ãã¯ãVLANããŒã¿ããŒã¹ããåé€ãããåã«ãRSPAN VLANãç¡å¹ã«ããããã«äœ¿çšããŸãã("vlan"ã³ãã³ãïŒP723ïŒãåç § )
äŸ
Console(config)#no rspan session 1Console(config)#
655FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
show rspan
RSPANã»ãã·ã§ã³ã®èšå®ã衚瀺ããŸãã
ææ³
show rspan session { session-id }
⢠session-idïŒ RSPANã»ãã·ã§ã³ã®èå¥çªå·ãæå®ïŒç¯å²ïŒ1-2ïŒããŒã«ã«ãšãªã¢ãŒãã¢ãã¿ãªã³ã°äž¡æ¹ãå«ãã2ã€ã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãèš±å¯ãããŸãã"port monitor"ã³ãã³ãïŒP648ïŒã§ããŒã«ã«ãã©ãŒãªã³ã°ãæå¹æãRSPANã§äœ¿çšå¯èœãª 1ã€ã®ã»ãã·ã§ã³ã®ã¿ããããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show rspan sessionRSPAN Session ID : 2Source Ports (mirrored ports) RX Only : None TX Only : None BOTH : Eth 1/5Destination Port (monitor port) : NoneDestination Tagged Mode : NoneSwitch Role : NoneRSPAN VLAN : NoneRSPAN Uplink Ports : NoneOperation Status : DownConsole#
656 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹åž¯åå¶åŸ¡
4.14 垯åå¶åŸ¡
垯åå¶åŸ¡æ©èœã§ã¯åã€ã³ã¿ãã§ãŒã¹ã®éä¿¡åã³åä¿¡ã®æ倧é床ãèšå®ããããšãã§ããŸãã垯åå¶åŸ¡ã¯åããŒã /ãã©ã³ã¯æ¯ã«èšå®å¯èœã§ãã垯åå¶åŸ¡ãæå¹ã«ãããšãéä¿¡ã¯ããŒããŠã§ã¢ã«ããç£èŠãããèšå®ãè¶ ããéä¿¡ã¯ç Žæ£ãããŸããèšå®ç¯å²å ã®éä¿¡ã¯ãã®ãŸãŸè»¢éãããŸãã
rate-limit
ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®åž¯åå¶åŸ¡ã¬ãã«ãèšå®ããŸãã垯åãèšå®ããã«æ¬ã³ãã³ãã䜿çšãããšåæå€ãé©çšãããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ãšããŸãã
ææ³
rate-limit < input | output > { rate }
no rate-limit <input | output>
⢠input â å ¥å垯åïŒã¬ãŒãïŒ
⢠output â åºå垯åïŒã¬ãŒãïŒ
⢠rateâ ãã©ãã£ãã¯ã¬ãŒããªãããã¬ãã«ïŒç¯å²ïŒ64-100000KbpsïŒFast EthernetããŒãïŒããã64-1000000KbpsïŒGigabit EthernetããŒãïŒïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernet, Port ChannelïŒ
äŸ
é¢é£ããã³ãã³ã
show interafaces switchportïŒP630ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžrate-limit ããŒãã®å ¥åºåã®æ倧垯åã®èšå® IC P657
Console(config)#interface ethernet 1/1Console(config-if)#rate-limit input 2000Console(config-if)#
657FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
4.15 èªåãã©ãã£ãã¯å¶åŸ¡
Automatic Traffic ControlïŒATCïŒã¯ãèšå®ãããã¬ãŒããªããããŸãã¯ããŒãã®ã·ã£ããããŠã³ã®ããªã¬ã«äœ¿çšã§ããããããŒããã£ã¹ãããã«ããã£ã¹ãã¹ããŒã ã®ãããå€ã®å¢çãèšå®ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ãããå€ã³ãã³ãauto-traffic-controlapply-timer
å ¥åãã©ãã£ãã¯ãäžéå€ãè¶ ããåŸãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãé©çšããæéãèšå®
GC P661
auto-traffic-controlrelease-timer
å ¥åãã©ãã£ãã¯ãäžéå€ãäžãŸãã£ãåŸãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ããªãªãŒã¹ããæéãèšå®
GC P662
auto-traffic-control* ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ãã¹ããŒã ã®èªåãã©ãã£ãã¯ã³ã³ãããŒã«ãæå¹å
IC (Port)
P663
auto-traffic-control action å ¥åãã©ãã£ãã¯ã®ãªããããŸãã¯æ»æçããŒãã®ã·ã£ããããŠã³ã®ã³ã³ãããŒã«ã¢ã¯ã·ã§ã³ãèšå®
IC (Port)
P664
auto-traffic-controlalarm-clear-threshold
ã¯ãªã¢ãããã¹ããŒã ã³ã³ãããŒã«ãã©ãããéãããå ¥åãã£ã«ã¿ã®äžéå€ãèšå®
IC (Port)
P665
auto-traffic-controlalarm-fire-threshold
ã€ã³ã°ã¬ã¹ãã©ãã£ãã¯ã®äžéå€ãè¶ããŠãã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãã¢ãã©ã€ã¿ã€ã倱å¹ã®åŸã«åŒãèµ·ããããç«å ¥ããã©ãã£ãã¯ã«èšå®
IC (Port)
P666
auto-traffic-controlcontrol-release
æåã§ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ããªãªãŒã¹ IC (Port)
P667
auto-traffic-controlauto-control-release
èªåã§ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ããªãªãŒã¹ PE P667
SNMPãã©ããã³ãã³ã
snmp-serverenable port-traps atcbroadcast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãçºçããåŸããããŒããã£ã¹ããã©ãã£ãã¯ãäžéå€ãäžåã£ãç¹ã«ãã©ãããéä¿¡
IC (Port)
P668
snmp-server enable port-traps atc broadcast-alarm-fire
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ ããæã«ãã©ãããéä¿¡
IC (Port)
P669
snmp-serverenable port-traps atcbroadcast-control-apply
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port)
P670
snmp-serverenable port-traps atcbroadcast-control-release
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port)
P671
snmp-serverenable port-traps atcmulticast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãçºçããåŸããã«ããã£ã¹ããã©ãã£ãã¯ãäžéå€ãäžåã£ãç¹ã«ãã©ãããéä¿¡
IC (Port)
P672
snmp-server enable port-traps atc multicast-alarm-fire
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ ããæã«ãã©ãããéä¿¡
IC (Port)
P673
snmp-serverenable port-traps atcmulticast-control-apply
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port)
P674
snmp-serverenable port-traps atcmulticast-control-release
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéå€ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæã«ãã©ãããéä¿¡
IC (Port)
P675
ATC衚瀺ã³ãã³ã
show auto-traffic-control èªåã¹ããŒã ã³ã³ãããŒã«ã®ã°ããŒãã«èšå®ã衚瀺 PE P676
show auto-traffic-control interface
æå®ããããŒãã®ãã€ã³ã¿ãã§ãŒã¹èšå®ããã³ã¹ããŒã ã³ã³ãããŒã«ã¹ããŒã¿ã¹ã衚瀺
PE P676
658 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
*ããŒãã§ã®èªåã¹ããŒã å¶åŸ¡ã®æå¹ã¯ããã "switchport packet-rate"ã³ãã³ãïŒP625ïŒã§èšå®ãããŠããå Žåã åãããŒãã®ããŒããŠã§ã¢ã¬ãã«ã¹ããŒã ã³ã³ãããŒã«ãç¡å¹ã«ããŸãã
ãŠãŒã¶ã¬ã€ãã©ã€ã³
ATCã¯ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ããã©ãã£ãã¯ã®ã¹ããŒã ã³ã³ãããŒã«ãå«ã¿ãŸãã以äžã®å³ã§ç€ºãããã«ãããããã©ãã£ãã¯ã¿ã€ããšã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã¯åæ§ã§ãã
ãã®å³ã®ããŒãšã¬ã¡ã³ãã¯ä»¥äžã§ãã
⢠Alarm Fire ThresholdïŒå容å¯èœãªæ倧ãã©ãã£ãã¯ã¬ãŒããå ¥åãã©ãã£ãã¯ããããå€ãè¶ããæãATC㯠" Storm Alarm Fire Trap"ã®éä¿¡ãšãã°ãè¡ããŸãã
⢠ãã©ãã£ãã¯ã "alarm fire threshold"ãè¶ããã¢ãã©ã€ã¿ã€ãã倱å¹ããæããã©ãã£ãã¯ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãé©çšããã"Traffic Control Apply"ãã©ããéä¿¡ãšãã°ãè¡ããŸãã
⢠Alarm Clear ThresholdïŒãªãªãŒã¹ã¿ã€ãæéãåããåŸãäžéå€ãäžåãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã¯èªåçã«çµäºãããããããšãã§ããŸããå ¥åãã©ãã£ãã¯ããããå€ä»¥äžã«äžããæãATC㯠"Storm Alarm Clear Trap"ãã©ããã®éä¿¡ãšãã°ãè¡ããŸãã
⢠ãªãªãŒã¹ã¿ã€ã倱å¹åŸããã©ãã£ãã¯ãã¢ã©ãŒã ã¯ãªã¢ãããå€ãäžãŸããæããã©ãã£ãã¯ã³ã³ãããŒã«ã¯åæ¢ãã"Traffic Control Release Trap"ã®éä¿¡ãšãã°ããããªããŸãã
⢠ã¬ãŒããªãããã®ãã©ãã£ãã¯ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã¯èªåãŸãã¯æåã§ãªãªãŒã¹ãå¯èœã§ããããŒãã®ã·ã£ããããŠã³ã®ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã¯æåã§ã®ã¿ãªãªãŒã¹ãå¯èœã§ãã
Traffic[kpps]
Time
Release Timerespired(0
Auto Storm Control
Apply Timerespired(0
Alarm FireThreshold(1 255kpps)
Alarm ClearThreshold(1 255kpps)
Traffic without storm control
Traffic with storm controlStorm AlarmFire TRAP
Storm AlarmFire TRAP
Storm AlarmClear TRAP
Storm AlarmClear TRAP
TrafficControlApply TRAP
TrafficControlRelease TRAP
659FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
ããŒãã·ã£ããããŠã³ã«ããã¹ããŒã ã³ã³ãããŒã«
ãã®å³ã®ããŒãšã¬ã¡ã³ãã¯ãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã®èªåãªãªãŒã¹ãæäŸãããªãããšä»¥å€ã¯ãåã®å³ã§èª¬æããã®ãšåæ§ã§ãããã©ãã£ãã¯ã³ã³ãããŒã«ãé©çšãããæãããŒãã®åæå¹åã¯äœ¿çšã§è¡ããªããã°ãªããŸããã
æ©èœã®å¶é
èªåã¹ããŒã ã³ã³ãããŒã«ã¯ãœãããŠã§ã¢ã¬ãã«ã³ã³ãããŒã«æ©èœã§ãã
ãã©ãã£ãã¯ã¹ããŒã 㯠"switchport packet-rate"ã³ãã³ãïŒP625ïŒã䜿çšããŠãããŒããŠã§ã¢ã¬ãã«ã§ãã³ã³ãããŒã«ãå¯èœã§ãããããã®ã³ã³ãããŒã«ã¿ã€ãã®å 1ã€ã ããããŒããžé©çšå¯èœã§ããããŒãã§èªåã¹ããŒã ã³ã³ãããŒã«ãæå¹ã«ããããšãããŒããŠã§ã¢ã¬ãã«ã¹ããŒã ã³ã³ãããŒã«ã¯ç¡å¹ã«ãªããŸãã
Traffic[kpps]
Time
Port shut down
Apply Timerespired(0
Alarm FireThreshold(1 255kpps)
Alarm ClearThreshold(1 255kpps)
Traffic without storm control
Traffic with storm controlStorm AlarmFire TRAP
Storm AlarmFire TRAP
Storm AlarmClear TRAP
TrafficControlApply TRAP
Manualyre-enable port
660 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control apply-timer
å ¥åãã©ãã£ãã¯ãäžéå€ãè¶ããåŸãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãé©çšããæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > apply-timer seconds
no auto-traffic-control < broadcast | multicast > apply-timer
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠seconds â ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãé©çšããäžéå€ãè¶ ããåŸã®ã€ã³ã¿ãŒãã« (ç¯å²ïŒ1-300ç§ )
åæèšå®
300ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¢ãã©ã€ã¿ã€ãã倱å¹ããåŸã"auto-traffic-control action"ã³ãã³ãïŒP664ïŒã§æå®ãããã³ã³ãããŒã«ã¢ã¯ã·ã§ã³ãçºçãã"snmp-server enable port-traps atc broadcast-control-apply"ïŒP670ïŒãŸã㯠"snmp-server enable port-traps atc multicast-control-apply"ã³ãã³ãïŒP674ïŒã§æå®ããããã©ããã¡ãã»ãŒãžãéä¿¡ãããŸãã
äŸ
Console(config)#auto-traffic-control broadcast apply-timer 200Console(config)#
661FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control release-timer
å ¥åãã©ãã£ãã¯ãäžéå€ãäžãŸãã£ãåŸã«ãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ã®ãªãªãŒã¹æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > release-timer seconds
no auto-traffic-control < broadcast | multicast > release-timer
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠seconds â å ¥åãã©ãã£ãã¯ãäžéå€ãäžãŸãã£ãåŸã«ãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ããããããªãªãŒã¹ããæé (ç¯å²ïŒ1-900ç§ )
åæèšå®
900ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãçµäºãããåŸã®é 延ãèšå®ããŸãã"auto-traffic-control auto-control-release"ã³ãã³ãïŒP667ïŒãèªåãªãªãŒã¹ã®æå¹ /ç¡å¹ãèšå®ããããã«äœ¿çšãããŸãã
äŸ
Console(config)#auto-traffic-control broadcast release-timer 800Console(config)#
662 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control
ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ãã¹ããŒã ã®èªåãã©ãã£ãã¯ã³ã³ãããŒã«ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
auto-traffic-control < broadcast | multicast >
no auto-traffic-control < broadcast | multicast >
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠èªåã¹ããŒã ã³ã³ãããŒã«ã¯ãããŒããã£ã¹ããããã¯ãã«ããã£ã¹ããã©ãã£ãã¯ã«ãããæå¹ã«åºæ¥ãŸãããããäž¡æ¹ã®ãã©ãã£ãã¯ã«ããããåæã«æå¹ã«ããããšã¯åºæ¥ãŸããã
⢠èªåã¹ããŒã ã³ã³ãããŒã«ã¯ãœãããŠã§ã¢ã¬ãã«ã³ã³ãããŒã«æ©èœã§ãããã©ãã£ãã¯ã¹ããŒã 㯠"switchport packet-rate"ã³ãã³ãïŒP625ïŒã䜿çšããŠãããŒããŠã§ã¢ã¬ãã«ã§ãã³ã³ãããŒã«ãå¯èœã§ãããããã®ã³ã³ãããŒã«ã¿ã€ãã®å 1ã€ã ããããŒããžé©çšå¯èœã§ããããŒãã§èªåã¹ããŒã ã³ã³ãããŒã«ãæå¹ã«ããããšãããŒããŠã§ã¢ã¬ãã«ã¹ããŒã ã³ã³ãããŒã«ã¯ç¡å¹ã«ãªããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcastConsole(config-if)#
663FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control action
å ¥åãã©ãã£ãã¯ã®å¶éãŸãã¯éåã®ãã£ãããŒãã®ã·ã£ããããŠã³ãè¡ãçºã®ã³ã³ãããŒã«ã¢ã¯ã·ã§ã³ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > action < rate-control | shutdown >
no auto-traffic-control < broadcast | multicast > action
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠rate-control â ã³ã³ãããŒã«åå¿ãåŒãèµ·ããããéãå ¥åãã©ãã£ãã¯ã®ã¬ãŒã㯠" auto-traffic-control alarm-clear-threshold"ã³ãã³ãïŒP665ïŒã§èšå®ããããããå€ã«åºã¥ããŠå¶éãããŸãã
⢠shutdown â ã³ã³ãããŒã«åå¿ãåŒãèµ·ããããéãããŒãã¯ç¡å¹ã«ãªããŸããèªåãã©ãã£ãã¯ã³ã³ãããŒã«ã«ãã£ãŠç¡å¹ã«ãªã£ãããŒãã¯æåã§ã®ã¿åæå¹åãå¯èœã§ãã
åæèšå®
rate-control
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠äžéã®ãããå€ãè¶ ããããã¢ãã©ã€ã¿ã€ããæéåãã«ãªã£ãæããã®ã³ãã³ããåºã«ã³ã³ãããŒã«åå¿ãçºçããŸãã
⢠ã³ã³ãããŒã«åå¿ãããã®ã³ãã³ãã«ãã£ãŠã¬ãŒãå¶éã«èšå®ãããŠããéãã¬ãŒããªããã㯠" auto-traffic-control alarm-clear-threshold"ã³ãã³ãïŒP665ïŒã§æ±ºå®ãããŸãã
⢠ããŒããã³ã³ãããŒã«åå¿ã«ãã£ãŠã·ã£ããããŠã³ãããæãèªåãã©ãã£ãã¯ã³ã³ãããŒã«ã§ã¯å床æå¹ã«ããããšã¯åºæ¥ãŸããã" auto-traffic-control control-release"ã³ãã³ãïŒP667ïŒã«ããæåã§ã®ã¿åæå¹åãå¯èœã§ãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcast action shutdownConsole(config-if)#
664 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control alarm-clear-threshold
ã¹ããŒã ã³ã³ãããŒã«ã¯ãªã¢ãã©ãããéä¿¡ãããå ¥åãã©ãã£ãã¯ã®äžéå€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > alarm-clear-threshold threshold
no auto-traffic-control < broadcast | multicast > alarm-clear-threshold
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠threshold â ã¢ãã©ã€ã¿ã€ã倱å¹åŸãã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ããããããããããå ¥åãã©ãã£ãã¯ã®äžéå€ïŒç¯å²ïŒ1-255Kpacket/ç§ïŒ
åæèšå®
128Kpacket/ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠äžåºŠäžéå€ãäžåããš " snmp-server enable port-traps atc broadcast-alarm-clear"ã³ãã³ãïŒP668ïŒãŸã㯠" snmp-server enable port-traps atc multicast-alarm-clear"ã³ãã³ãïŒP672ïŒã§èšå®ããããã©ããã¡ãã»ãŒãžãéä¿¡ãããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcast alarm-clear-threshold 155Console(config-if)#
665FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control alarm-fire-threshold
ã¢ãã©ã€ã¿ã€ã倱å¹åŸãã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ããããå ¥åãã©ãã£ãã¯ã®äžéå€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > alarm-fire-threshold threshold
no auto-traffic-control < broadcast | multicast > alarm-fire-threshold
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠threshold â ã¢ãã©ã€ã¿ã€ã倱å¹åŸãã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ãããããããããå ¥åãã©ãã£ãã¯ã®äžéå€ïŒç¯å²ïŒ1-255Kpacket/ç§ïŒ
åæèšå®
128Kpacket/ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠" snmp-server enable port-traps atc broadcast-alarm-fire"ïŒP669ïŒãŸã㯠" snmp-server enable port-traps atc multicast-alarm-fire"ïŒP673ïŒã³ãã³ãã§èšå®ããããªãããŠããå ŽåãäžåºŠäžéå€ãè¶ãããšããã©ããã¡ãã»ãŒãžãéä¿¡ãããŸããäžéå€ãè¶ããåŸãã³ã³ãããŒã«ã¿ã€ãã¯ã"auto-traffic-control action"ïŒP664ïŒã«ãã£ãŠèšå®ãããå Žåãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ããããããåã« "auto-traffic-control apply-timer"ïŒP661ïŒã³ãã³ãã®èšå®ã«æºã倱å¹ããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcast alarm-fire-threshold 255Console(config-if)#
666 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
auto-traffic-control control-release
ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãæåã§ãªãªãŒã¹ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > control-release
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãæå®ãããã¢ã¯ã·ã§ã³ãåŒãèµ·ããããåŸãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãæåã§åæ¢ããããã«äœ¿çšããŸãã
äŸ
auto-traffic-control auto-control-release
"auto-traffic-control release-timer"ã³ãã³ãïŒP662ïŒã§æå®ãããæéãåããåŸãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãèªåã§ãªãªãŒã¹ããŸãã
ææ³
auto-traffic-control < broadcast | multicast > auto-control-release
⢠broadcast â ãããŒããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
⢠multicast â ãã«ããã£ã¹ããã©ãã£ãã¯ã®èªåã¹ããŒã ã³ã³ãããŒã«ãæå®
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernetïŒ
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãæå®ãããã¢ã¯ã·ã§ã³ãåŒãèµ·ãããããªãªãŒã¹ã¿ã€ãã®æéãåããåŸã«ãã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãèªåã§åæ¢ããããã«äœ¿çšããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcast auto-control-releaseConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#auto-traffic-control broadcast auto-control-releaseConsole(config-if)#
667FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc broadcast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ããããåŸããããŒããã£ã¹ããã©ãã£ãã¯ãäžéã®ãããå€ãäžåã£ãæã«ãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc broadcast-alarm-clear
no snmp-server enable port-traps atc broadcast-alarm-clear
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control actionïŒP664ïŒauto-traffic-control alarm-clear-thresholdïŒP665ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc broadcast-alarm-clearConsole(config-if)##
668 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc broadcast-alarm-fire
ãããŒããã£ã¹ããã©ãã£ãã¯ããèªåã¹ããŒã ã³ã³ãããŒã«ã®ãããå€ã®äžéãè¶ ããæã«ãã©ãããéããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc broadcast-alarm-fire
no snmp-server enable port-traps atc broadcast-alarm-fire
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-fire-threshold ïŒP666ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc broadcast-alarm-fireConsole(config-if)#
669FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc broadcast-control-apply
ãããŒããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéã®ãããå€ãè¶ ããã¢ãã©ã€ã¿ã€ããæéåãã«ãªã£ãæã«ãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc broadcast-control-apply
no snmp-server enable port-traps atc broadcast-control-apply
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-fire-thresholdïŒP666ïŒauto-traffic-control apply-timerïŒP661ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc broadcast-control-applyConsole(config-if)#
670 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc broadcast-control-release
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ãããããªãªãŒã¹ã¿ã€ãã®æéãåããåŸã«ããããŒããã£ã¹ããã©ãã£ãã¯ãäžéã®ãããå€ãäžåã£ãæãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc broadcast-control-release
no snmp-server enable port-traps atc broadcast-control-release
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-clear-thresholdïŒP665ïŒauto-traffic-control actionïŒP664ïŒauto-traffic-control release-timerïŒP662ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc broadcast-control-releaseConsole(config-if)#
671FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc multicast-alarm-clear
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ããããåŸããã«ããã£ã¹ããã©ãã£ãã¯ãäžéã®ãããå€ãäžåã£ãæã«ãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc multicast-alarm-clear
no snmp-server enable port-traps atc multicast-alarm-clear
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control actionïŒP664ïŒauto-traffic-control alarm-clear-thresholdïŒP665ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc multicast-alarm-clearConsole(config-if)#
672 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc multicast-alarm-fire
ãã«ããã£ã¹ããã©ãã£ãã¯ããèªåã¹ããŒã ã³ã³ãããŒã«ã®ãããå€ã®äžéãè¶ ããæã«ãã©ãããéããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc multicast-alarm-fire
no snmp-server enable port-traps atc multicast-alarm-fire
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-fire-threshold ïŒP666ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc multicast-alarm-fireConsole(config-if)#
673FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc multicast-control-apply
ãã«ããã£ã¹ããã©ãã£ãã¯ãèªåã¹ããŒã ã³ã³ãããŒã«ã®äžéã®ãããå€ãè¶ ããã¢ãã©ã€ã¿ã€ããæéåãã«ãªã£ãæã«ãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc multicast-control-apply
no snmp-server enable port-traps atc multicast-control-apply
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-fire-thresholdïŒP666ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc multicast-control-applyConsole(config-if)#
674 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
snmp-server enable port-traps atc multicast-control-release
ã¹ããŒã ã³ã³ãããŒã«ã¬ã¹ãã³ã¹ãåŒãèµ·ãããããªãªãŒã¹ã¿ã€ãã®æéãåããåŸã«ããã«ããã£ã¹ããã©ãã£ãã¯ãäžéã®ãããå€ãäžåã£ãæãã©ãããéä¿¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãããç¡å¹ã«ããŸãã
ææ³
snmp-server enable port-traps atc multicast-control-release
no snmp-server enable port-traps atc multicast-control-release
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
äŸ
é¢é£ããã³ãã³ã
auto-traffic-control alarm-clear-thresholdïŒP665ïŒauto-traffic-control actionïŒP664ïŒauto-traffic-control release-timerïŒP662ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#snmp-server enable port-traps atc multicast-control-releaseConsole(config-if)#
675FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹èªåãã©ãã£ãã¯å¶åŸ¡
show auto-traffic-control
èªåã¹ããŒã ã³ã³ãããŒã«ã®ã°ããŒãã«èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show auto-traffic-control interface
æå®ãããããŒãã®ã€ã³ã¿ãã§ãŒã¹èšå®ãšã¹ããŒã ã³ã³ãããŒã«ã¹ããŒã¿ã¹ã衚瀺ããŸãã
ææ³
show auto-traffic-control interface interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show auto-traffic-control
Storm-control: Broadcast Apply-timer (sec) : 300 release-timer (sec) : 900
Storm-control: Multicast Apply-timer(sec) : 300 release-timer(sec) : 900Console#
Console#show auto-traffic-control interface ethernet 1/1Eth 1/1 Information----------------------------------------------------------------Storm Control: Broadcast MulticastState: Disabled DisabledAction: rate-control rate-controlAuto Release Control: Disabled DisabledAlarm Fire Threshold(Kpps): 128 128Alarm Clear Threshold(Kpps):128 128Trap Storm Fire: Disabled DisabledTrap Storm Clear: Disabled DisabledTrap Traffic Apply: Disabled DisabledTrap Traffic Release: Disabled Disabled----------------------------------------------------------------Console#
676 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
4.16 ã¢ãã¬ã¹ããŒãã«
MACã¢ãã¬ã¹ããŒãã«ã«å¯Ÿããã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°ãçŸåšãšã³ããªãŒãããŠããã¢ãã¬ã¹ã®è¡šç€ºãããŒãã«ã®ã¯ãªã¢ããšãŒãžã³ã°ã¿ã€ã ã®èšå®ãè¡ããŸãã
mac-address-table aging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mac-address-table aging-time seconds
no mac-address-table aging-time
⢠seconds - ç§æ°ãèšå®ããŸã (10-844ã®å€ã0ã«èšå®ããå Žåã¯ãšãŒãžã³ã°ãç¡å¹ã«ããŸã )
åæèšå®
300ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãšãŒãžã³ã°ã¿ã€ã ã¯åç転éæ å ±ãæ¬æ©ã«ä¿æããæéãè¡šããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžmac-address-tableaging-time ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã®èšå® GC P677
mac-address-tablestatic
VLANããŒããžã® MACã¢ãã¬ã¹ã®éçãªãããã³ã°
GC P678
clearmac-address-tabledynamic
転éããŒã¿ããŒã¹ã«åŠç¿ãããæ å ±ã®åé€ PE P679
showmac-address-table 転éããŒã¿ããŒã¹ã«ç»é²ãããæ å ±ã®è¡šç€º PE P680
showmac-address-tableaging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã®è¡šç€º PE P681
Console(config)#mac-address-table aging-time 100Console(config)#
677FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
mac-address-table static
VLANã®ããŒãã«éçã« MACã¢ãã¬ã¹ããããã³ã°ããŸãã"no"ãåã«çœ®ãããšã§ MACã¢ãã¬ã¹ãåé€ããŸãã
ææ³
mac-address-table static mac-address interface interface vlan vlan-id [action]
no mac-address-table static mac-address vlan vlan-id
⢠mac-address â MACã¢ãã¬ã¹
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
⢠vlan vlan-id â VLAN ID (1-4093)
⢠action
ïŒ delete-on-reset â æ¬æ©ãåèµ·åããããŸã§ç»é²ãããŸãã
ïŒ permanent â æ°žä¹ ã«ç»é²ãããŸãã
åæèšå®
mac-addressïŒãªã
actionïŒpermanent
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
éçã¢ãã¬ã¹ã¯ç¹å®ã® VLANã®ç¹å®ã®ããŒãã«å²ãåœãŠãããšãã§ããŸããæ¬ã³ãã³ãã䜿çšããŠéçã¢ãã¬ã¹ã MACã¢ãã¬ã¹ããŒãã«ã«è¿œå ããããšãã§ããŸããéçã¢ãã¬ã¹ã¯ä»¥äžã®ç¹æ§ãæã£ãŠããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ãããŠã³ããŠããéçã¢ãã¬ã¹ã¯ã¢ãã¬ã¹ããŒãã«ããåé€ãããŸããã
⢠éçã¢ãã¬ã¹ã¯æå®ããã€ã³ã¿ãã§ãŒã¹ã«åºå®ãããä»ã®ã€ã³ã¿ãã§ãŒã¹ã«ç§»åããããšã¯ãããŸãããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã«çŸããå Žåãã¢ãã¬ã¹ã¯æåŠããã¢ãã¬ã¹ããŒãã«ã«èšé²ãããŸããã
⢠éçã¢ãã¬ã¹ã¯ "no"ã³ãã³ãã䜿ã£ãŠåé€ãããŸã§ãä»ã®ããŒãã§åŠç¿ãããŸããã
äŸ
Console(config)#mac-address-table static 00-e0-29-94-34-de interface ethernet 1/1 vlan 1 delete-on-resetConsole(config)#
678 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
clear mac-address-table dynamic
転éããŒã¿ããŒã¹ãããåŠç¿ããããšã³ããªãåé€ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#clear mac-address-table dynamicConsole#
679FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
show mac-address-table
ããªããžè»¢éããŒã¿ããŒã¹ã«ç»é²ãããŠããæ å ±ã衚瀺ããŸãã
ææ³
show mac-address-table {address mac-address { mask } } { interface interface }
{ vlan vlan-id } { sort <address | vlan | interface> }
⢠mac-address â MACã¢ãã¬ã¹
⢠mask â ã¢ãã¬ã¹å ã®äžèŽããããã
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
⢠port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
⢠vlan-id â VLAN ID (1-4093)
⢠sort â ã¢ãã¬ã¹ãVLANãã€ã³ã¿ãã§ãŒã¹ã«ãã䞊ã³æ¿ã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠MACã¢ãã¬ã¹ããŒãã«ã¯ããããã®ã€ã³ã¿ãã§ãŒã¹ã«é¢é£ä»ãããã MACã¢ãã¬ã¹ãå«ã¿ãŸããã¿ã€ããã£ãŒã«ãã«ã¯ä»¥äžã®ã¿ã€ãããããŸãã
⢠Learn - åçã¢ãã¬ã¹ãšã³ããªâ¢ Config - éçãšã³ããª
⢠ã¢ãã¬ã¹ãšã³ããªã®æ倧æ°ã¯ 16Kã§ãã
äŸ
Console#show mac-address-table Interface Mac Address Vlan Type --------- ----------------- ---- ----------------- Eth 1/1 00-00-E8-49-5E-DC 1 Delete-on-reset Trunk 2 00-E0-29-8F-AA-1B 1 LearnedConsole#
680 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
show mac-address-table aging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show mac-address-table aging-time Aging Status : Enabled Aging Time: 300 sec.Console#
681FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
4.17 ã¹ããã³ã°ããªãŒ
æ¬æ©ãžã®ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã (Spanning Tree Algorithm/STA)ã®èšå®ãšãéžæããã€ã³ã¿ãã§ãŒã¹ãžã® STAã®èšå®ãè¡ãã³ãã³ãã§ãã
ã³ãã³ã æ©èœ ã¢ãŒãããŒãž
spanning-tree ã¹ããã³ã°ããªãŒãããã³ã«ã®æå¹å GC P684
spanning-treeforward-time ã¹ããã³ã°ããªãŒããªããžè»¢éæéã®èšå® GC P685
spanning-tree hello-time ã¹ããã³ã°ããªãŒããªããžãããŒæéã®èšå® GC P686
spanning-tree max-age ã¹ããã³ã°ããªãŒããªããžæé·æéã®èšå® GC P687
spanning-tree mode STP/RSTP/MSTPã¢ãŒãã®éžæ GC P688
spanning-treepathcost method RSTP/MSTPã®ãã¹ã³ã¹ãæ¹æ³ã®èšå® GC P689
spanning-tree priority ã¹ããã³ã°ããªãŒããªããžãã©ã€ãªãªãã£ã®èšå® GC P690
spanning-treemst-configuration MSTPèšå®ã¢ãŒãã®å€æŽ GC P690
spanning-treetransmission-limit RSTP/MSTPã®éä¿¡ãªãããã®èšå® GC P691
max-hops BPDUãç Žæ£ãããåæ倧ãããæ°ã®èšå® MST P692
mst priority ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ã®èšå®
MST P693
mst vlan ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ãžã® VLANã®è¿œå MST P694
name MSTåã®èšå® MST P695
revision MSTãªããžã§ã³ãã³ããŒã®èšå® MST P696
spanning-treebpdu-filter ãšããžããŒãã® BPDUãã£ã«ã¿ IC P697
spanning-treebpdu-guard BPDUåä¿¡æã«ãšããžããŒããã·ã£ããããŠã³ IC P698
spanning-tree cost åã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ãã¹ã³ã¹ãèšå®
IC P699
spanning-treeedge-port ãšããžããŒããžã®ããŒããã¡ã¹ãã®æå¹å IC P700
spanning-tree link-type RSTP/MSTPã®ãªã³ã¯ã¿ã€ããèšå® IC P701
spanning-treeloopback-detection ããŒã㧠BPDUã«ãŒãããã¯æ€åºãæå¹å IC P702
spanning-treeloopback-detectionrelease-mode
ããŒãã§ã«ãŒãããã¯ãªãªãŒã¹ã¢ãŒããèšå® IC P703
spanning-treeloopback-detection trap
ããŒãã® BPDUã«ãŒããã㯠SNMPãã©ããéç¥ãæå¹å
IC P704
682 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mst cost MSTã€ã³ã¹ã¿ã³ã¹ã®ãã¹ã³ã¹ãã®èšå® IC P705
spanning-tree mst port-priority MSTã€ã³ã¹ã¿ã³ã¹ãã©ã€ãªãªãã£ã®èšå® IC P706
spanning-tree port-priority
åã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ãã©ã€ãªãªãã£èšå®
IC P707
spanning-tree root-guard æå®ãããããŒããäžäœã® BPDUééãé»æ¢ IC P708
spanning-treespanning-disabled ã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ç¡å¹å IC P709
spanning-tree loopbackdetection release
ã«ãŒãããã¯æ€çŽ¢ã«ãã£ãŠãDiscardingç¶æ ããããŠããããŒããæåã§éæŸããŸãã
PE P710
spanning-treeprotocol-migration é©å㪠BPDUãã©ãŒãããã®åç¢ºèª PE P711
show spanning-tree ã¹ããã³ã°ããªãŒã®èšå®ã衚瀺 PE P712
show spanning-treeãmst configuration
MSTèšå®ã®è¡šç€º PE P714
683FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree
æ¬æ©ã«å¯Ÿã㊠spanning-treeïŒSTAïŒãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
spanning-tree
no spanning-tree
åæèšå®
STAæå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
STAã¯ãããã¯ãŒã¯ã®ã«ãŒããé²ãã€ã€ããªããžãã¹ã€ããåã³ã«ãŒã¿éã®ããã¯ã¢ãããªã³ã¯ãæäŸããŸããSTAæ©èœãæããã¹ã€ãããããªããžåã³ã«ãŒã¿éã§äºãã«é£æºããåæ©åšéã®ãªã³ã¯ã§ 1ã€ã®ã«ãŒããã¢ã¯ãã£ãã«ãªãããã«ããŸãããŸããå¥éããã¯ã¢ããçšã®ãªã³ã¯ãæäŸããã¡ã€ã³ã®ãªã³ã¯ãããŠã³ããå Žåã«ã¯èªåçã«ããã¯ã¢ãããè¡ããŸãã
äŸ
æ¬äŸã§ã¯ STAãæå¹ã«ããŠããŸãã
Console(config)#spanning-treeConsole(config)#
684 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree forward-time
ã¹ããã³ã°ããªãŒè»¢éé 延æéãæ¬æ©ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree forward-time seconds
no spanning-tree forward-time
⢠seconds â ç§æ°ïŒç¯å²ïŒ4-30ç§ïŒæå°å€ã¯ 4å㯠[(max-age / 2) + 1]ã®ã©ã¡ããå°ããæ¹ãšãªããŸãã
åæèšå®
15ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã«ãŒãããã€ã¹ãã¹ããŒã¿ã¹ãå€æŽãããŸã§ã®æ倧æéãèšå®ããããšãã§ããŸããåããã€ã¹ããã¬ãŒã ã®è»¢éãã¯ãããåã«ããããžãŒå€æŽãåãåãããã«é 延æéãå¿ èŠã§ãããŸããåããŒãã®ç«¶åããæ å ±ãåä¿¡ããå»æ£ããããã«ãæéãå¿ èŠãšãªããŸããããããªããã°äžæçã«ã§ããããŒã¿ã®ã«ãŒããçºçããŸãã
äŸ
Console(config)#spanning-tree forward-time 20Console(config)#
685FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree hello-time
ã¹ããã³ã°ããªãŒ Helloã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree hello-time time
no spanning-tree hello-time
⢠time â ç§æ°ïŒç¯å²ïŒ1-10ç§ïŒæ倧å€ã¯ 10ãŸã㯠[(max-age / 2) -1]ã®å°ããæ¹ãšãªããŸãã
åæèšå®
2ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
èšå®æ å ±ã®éä¿¡ãè¡ãééãèšå®ããããã®ã³ãã³ãã§ãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree forward-timeïŒP685ïŒspanning-tree max-ageïŒP687ïŒ
Console(config)#spanning-tree hello-time 5Console(config)#
686 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree max-age
ã¹ããã³ã°ããªãŒã®æ倧ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree max-age seconds
no spanning-tree max-age
⢠seconds â ç§ïŒç¯å²ïŒ6-40ç§ïŒæå°å€ã¯ 6å㯠[2 x (hello-time + 1)]ã®ã©ã¡ãã倧ããå€ã§ããæ倧å€ã¯ 40å㯠[2 x (forward-time - 1)]ã®ã©ã¡ããå°ããå€ã§ãã
åæèšå®
20ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
èšå®å€æŽãè¡ãåã«èšå®æ å ±ãåãåããŸã§ã®æå€§åŸ ã¡æéïŒç§ïŒãæå®ããŒããé€ããã¹ãŠã®ããŒããèšå®æ å ±ãäžå®ã®ééã§åãåããŸããã¿ã€ã ã¢ãŠããã STPããŒãã¯ä»å±ãã LANã®ããã®æå®ããŒãã«ãªããŸãããã®ããŒããã«ãŒãããŒãã®å Žåããããã¯ãŒã¯ã«æ¥ç¶ãããä»ã®ããŒããã«ãŒãããŒããšããŠéžæãããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree forward-timeïŒP685ïŒspanning-tree hello-timeïŒP686ïŒ
Console(config)#spanning-tree max-age 40Console(config)#
687FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mode
STPã®ã¢ãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mode < stp | rstp | mstp >
no spanning-tree mode
⢠stp â Spanning Tree ProtocolïŒIEEE 802.1Dæºæ ïŒ
⢠rstp â Rapid Spanning Tree ProtocolïŒIEEE 802.1wæºæ ïŒ
⢠mstpâ mstp - Multiple Spanning TreeïŒIEEE 802.1sæºæ ïŒ
åæèšå®
rstp
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠Spanning Tree Protocol(STP)ã¹ã€ããå éšã§ã¯ RSTPãçšããŸãããå€éšãžã¯ IEEE802.1Dæºæ ã® BPDUã®éä¿¡ã®ã¿ãè¡ããŸãã
⢠Rapid Spanning Tree Protocol(RSTP)RSTPã¯ä»¥äžã®å ¥ã£ãŠããã¡ãã»ãŒãžã®çš®é¡ãå€æã STPåã³ RSTPã®ãããã«ãèªåçã«å¯Ÿå¿ããããšãã§ããŸãã
ïŒ STP Mode â ããŒãã®ç§»è¡é 延ã¿ã€ããŒãåããåŸã« IEEE802.1D BPDUãåãåããšãæ¬æ©ã¯ IEEE802.1Dããªããžãšæ¥ç¶ããŠãããšå€æããIEEE802.1D BPDUã®ã¿ã䜿çšããŸãã
ïŒ RSTP Mode â IEEE802.1D BPDUã䜿çšããããŒãã®ç§»è¡é 延ã¿ã€ããŒãåããåŸã«RSTP BPDUãåãåããšãRSTPã¯ç§»è¡é 延ã¿ã€ããŒãåã¹ã¿ãŒãããããã®ããŒãã«å¯Ÿã RSTP BPDUã䜿çšããŸãã
⢠Multiple Spanning Tree Protocol(MSTP)
ïŒãããã¯ãŒã¯äžã§ MSTPãæå¹ã«ããã«ã¯ãæ¥ç¶ãããé¢é£ããããªããžã«ãããŠãåæ§ã® MSTPã®èšå®ãè¡ãªããã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã«åå ããããšãèš±å¯ããå¿ èŠããããŸãã
ïŒã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã¯ãäºææ§ãæ〠VLANã€ã³ã¹ã¿ã³ã¹ãæã€ããªããžã«ã®ã¿èšå®å¯èœã§ãã
ïŒã¹ããã³ã°ããªãŒã¢ãŒããå€æŽããå Žåãå€æŽåã®ã¢ãŒãã®ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ããã¹ãŠæ¢ãããã®åŸæ°ããã¢ãŒãã«ãããŠéä¿¡ãåéããŸããã¹ããã³ã°ããªãŒã®ã¢ãŒãå€æŽæã«ã¯éä¿¡ãäžæçã«é®æãããã®ã§æ³šæããŠäžããã
äŸ
æ¬äŸã§ã¯ RSTPã䜿çšããèšå®ãããŠããŸãã
Console(config)#spanning-tree mode rstpConsole(config)#
688 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree pathcost method
RSTPã®ãã¹ã³ã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree pathcost method < long | short >
no spanning-tree pathcost method
⢠long â 0-200,000,000ãŸã§ã® 32ãããã®å€
⢠short â 0-65535ãŸã§ã® 16ãããã®å€
åæèšå®
long
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã¹ã³ã¹ãã¯ããã€ã¹éã®æé©ãªãã¹ã決å®ããããã«äœ¿çšãããŸããé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸããpath costïŒP699ïŒã¯ port priorityïŒP707ïŒãããåªå ãããŸãã
äŸ
Console(config)#spanning-tree pathcost method longConsole(config)#
689FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree priority
æ¬æ©å šäœã«å¯ŸããŠã¹ããã³ã°ããªãŒã®ãã©ã€ãªãªãã£ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree priority priority
no spanning-tree priority
⢠priority â ããªããžã®åªå é äœ(0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440)
åæèšå®
32768
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã©ã€ãªãªãã£ã¯ã«ãŒãããã€ã¹ãã«ãŒãããŒããæå®ããŒãã決å®ããéã«äœ¿çšãããŸããäžçªé«ããã©ã€ãªãªãã£ãæã£ãããã€ã¹ã STAã«ãŒãããã€ã¹ãšãªããŸãããã¹ãŠã®ããã€ã¹ãåããã©ã€ãªãªãã£ã®å ŽåãMACã¢ãã¬ã¹ãäžçªå°ããããã€ã¹ãã«ãŒãããã€ã¹ãšãªããŸãã
äŸ
spanning-tree mst configuration
MSTèšå®ã¢ãŒãã«ç§»è¡ããŸãã
åæèšå®
⢠MSTã€ã³ã¹ã¿ã³ã¹ã« VLANããããã³ã°ãããŠããŸãã
⢠ãªãžã§ã³åã¯æ¬æ©ã® MACã¢ãã¬ã¹ã§ã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#spanning-tree priority 40960Console(config)#
Console(config)#spanning-tree mst configurationConsole(config-mstp)#
690 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree transmission-limit
RSTP BPDUã®æå°éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree transmission-limit count
no spanning-tree transmission-limit
⢠count â 転éãªãããã®ç§æ°ïŒç¯å²ïŒ1-10ç§ïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ¬ã³ãã³ãã§ã¯ BPDUã®æ倧転éã¬ãŒããå¶éããŸãã
äŸ
Console(config)#spanning-tree transmission-limit 4Console(config)#
691FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
max-hops
BPDUãç Žæ£ãããåã® MSTå ã§ã®æ倧ãããæ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
max-hops hop-number
⢠hop-number â MSTã®æ倧ãããæ°ïŒèšå®ç¯å²ïŒ1-40ïŒ
åæèšå®
20
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTIãªãžã§ã³ã¯ STPãš RSTPãããã³ã«ã§ã¯åäžã®ããŒããšããŠæ±ãããŸããåŸã£ãŠMSTIãªãžã§ã³å ã® BPDUã®ã¡ãã»ãŒãžãšã€ãžã¯å€æŽãããŸããããããããªãžã§ã³å ã®åã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹åã³ã€ã³ã¹ã¿ã³ã¹ãæ¥ç¶ããå éšã¹ããã³ã°ããªãŒ (IST)ã¯ãBPDUãåºããããããªããžã®æ倧æ°ãæå®ããããã« hopã«ãŠã³ãã䜿çšããŸããåããªããžã¯ BPDUãæž¡ãåã« hopã«ãŠã³ãã 1ã€æžãããŸããhopã«ãŠã³ãã 0ã«ãªã£ãå Žåã«ã¯ã¡ãã»ãŒãžã¯ç Žæ£ãããŸãã
äŸ
Console(config-mstp)#max-hops 30Console(config-mstp)#
692 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
mst priority
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mst instance_id priority priority
no mst instance_id priority
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠priority â MSTã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£(0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440)
åæèšå®
32768
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
⢠MSTãã©ã€ãªãªãã£ã¯ã«ãŒãããã€ã¹ãç¹å®ã®ã€ã³ã¹ã¿ã³ã¹ã®ä»£çããªããžã®æ±ºå®ã«äœ¿çšãããŸããäžçªé«ããã©ã€ãªãªãã£ãæã£ãããã€ã¹ã MSTIã«ãŒãããã€ã¹ãšãªããŸãããã¹ãŠã®ããã€ã¹ãåããã©ã€ãªãªãã£ã®å ŽåãMACã¢ãã¬ã¹ãäžçªå°ããããã€ã¹ãã«ãŒãããã€ã¹ãšãªããŸãã
⢠ãã©ã€ãªãªãã£ã 0ã«èšå®ããããšã«ããæ¬æ©ã MSTIã®ã«ãŒãããã€ã¹ã«ã16384ã«èšå®ããããšã«ãã代çããã€ã¹ã«èšå®ã§ããŸãã
äŸ
Console(config-mstp)#mst 1 priority 4096Console(config-mstp)#
693FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
mst vlan
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã« VLANãè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ç¹å®ã® VLANãåé€ããŸããVLANãæå®ããªãå Žåã«ã¯ãã¹ãŠã® VLANãåé€ããŸãã
ææ³
mst instance_id vlan vlan-range
no mst instance_id vlan vlan-range
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠vlan-range â VLANç¯å²ïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã«ããã¹ããã³ã°ããªãŒã« VLANãã°ã«ãŒãåããŸããMSTPã¯åã€ã³ã¹ã¿ã³ã¹ã«å¯Ÿãç¹å®ã®ã¹ããã³ã°ããªãŒãçæããŸããããã«ãããããã¯ãŒã¯äžã«è€æ°ã®ãã¹ãæ§ç¯ããéä¿¡ã®ããŒããã©ã³ã¹ãè¡ããåäžã®ã€ã³ã¹ã¿ã³ã¹ã«äžå ·åãçºçããå Žåã«å€§èŠæš¡ãªãããã¯ãŒã¯ã®é害ãçºçããããšãåé¿ãããšå ±ã«ãäžå ·åã®çºçããã€ã³ã¹ã¿ã³ã¹ã®æ°ããããããžãŒãžã®å€æŽãè¿ éã«è¡ãªããŸãã
⢠åæèšå®ã§ã¯ãMSTãªãžã§ã³å ã®ãã¹ãŠã®ããªããžãš LANã«æ¥ç¶ããããã¹ãŠã®VLANãå éšã¹ããã³ã°ããªãŒ (MSTI 0)ã«å²ãåœãŠãããŠããŸããæ¬æ©ã§ã¯æ倧 58ã®ã€ã³ã¹ã¿ã³ã¹ããµããŒãããŠããŸããäœããåäžã€ã³ã¹ã¿ã³ã¹ã®ã»ããã«ããåäžMSTIå ã®ãã¹ãŠã®ããªããžãåã³åäž VLANã®ã»ããã«ããåäžã€ã³ã¹ã¿ã³ã¹ã圢æããå¿ èŠããããŸããRSTPã¯åäžããŒããšããŠå MSTIãæ±ãããã¹ãŠã® MSTIãCommon Spanning TreeãšããŠæ¥ç¶ããç¹ã«æ³šæããŠäžããã
äŸ
Console(config-mstp)#mst 1 vlan 2-5Console(config-mstp)#
694 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
name
æ¬æ©ã®èšçœ®ãããŠãã MSTãªãžã§ã³åã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ååãåé€ããŸãã
ææ³
name name
⢠name â ã¹ããã³ã°ããªãŒå
åæèšå®
æ¬æ©ã®MACã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTãªãžã§ã³åãšãªããžã§ã³ãã³ããŒã¯å¯äžã® MSTãªãžã§ã³ãæå®ããããã«äœ¿çšãããŸããïŒæ¬æ©ã®ãããªã¹ããã³ã°ããªãŒå¯Ÿå¿æ©åšã§ããïŒããªããžã¯ 1ã€ã® MSTãªãžã§ã³ã«ã®ã¿å±ãããšãã§ããŸããåããªãžã§ã³å ã®ãã¹ãŠã®ããªããžã¯ãã¹ãŠåã MSTã€ã³ã¹ã¿ã³ã¹ã®èšå®ãããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
revisionïŒP696ïŒ
Console(config-mstp)#name R&DConsole(config-mstp)#
695FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
revision
æ¬æ©ã® MSTèšå®ã®ãªããžã§ã³ãã³ããŒã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
revision number
⢠number â ã¹ããã³ã°ããªãŒã®ãªããžã§ã³ãã³ããŒïŒç¯å²ïŒ0-65535ïŒ
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTãªãžã§ã³åãšãªããžã§ã³ãã³ããŒã¯å¯äžã® MSTãªãžã§ã³ãæå®ããããã«äœ¿çšãããŸããïŒæ¬æ©ã®ãããªã¹ããã³ã°ããªãŒå¯Ÿå¿æ©åšã§ããïŒããªããžã¯ 1ã€ã® MSTãªãžã§ã³ã«ã®ã¿å±ãããšãã§ããŸããåããªãžã§ã³å ã®ãã¹ãŠã®ããªããžã¯ãã¹ãŠåã MSTã€ã³ã¹ã¿ã³ã¹ã®èšå®ãããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
nameïŒP695ïŒ
Console(config-mstp)#revision 1Console(config-mstp)#
696 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree bpdu-filter
ãšããžããŒãã§åä¿¡ãããå šãŠã® BUDUããã£ã«ã¿ããŸãã"no"ã䜿çšããããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
spanning-tree bpdu-filterno spanning-tree bpdu-filter
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
é¢é£ããã³ãã³ã
spanning-tree edge-port ïŒP700ïŒ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree edge-portConsole(config-if)#spanning-tree bpdu-filterConsole(config-if)#
697FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree bpdu-guard
BPDUãåä¿¡ãããéããšããžããŒããã·ã£ããããŠã³ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ãžæ»ããŸãã
ææ³
spanning-tree bpdu-guard
no spanning-tree bpdu-guard
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãšããžããŒã㯠BPDUãçæããªããšã³ãããŒããžã®ã¿æ¥ç¶ãããŸãããã BPDUããšããžããŒãã§åä¿¡ãããå Žåãäžæ£ãªãããã¯ãŒã¯èšå®ãŸãã¯ã¹ã€ãããããã«ãŒã«ããã¢ã¿ãã¯ãåããŠããããšã瀺ããŸããã€ã³ã¿ãã§ãŒã¹ã BPDUã¬ãŒãã«ãã£ãŠã·ã£ããããŠã³ãããå Žåã"no spanning-tree spanning-disable"ã³ãã³ãïŒP709ïŒã䜿çšããæåã§åæå¹åããå¿ èŠããããŸãã
⢠BPDUã¬ãŒããæå¹ã«ããåã«ã"spanning-tree edge-port"ïŒP700ïŒã³ãã³ãã䜿çšããã€ã³ã¿ãã§ãŒã¹ããšããžããŒããšããŠèšå®ããŠãã ããã
äŸ
é¢é£ããã³ãã³ã
spanning-tree edge-port ïŒP700ïŒspanning-tree spanning-disabledïŒP709ïŒ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree edge-portConsole(config-if)#spanning-tree bpdu-guardConsole(config-if)#
698 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree cost
åããŒãã® STAãã¹ã³ã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree cost cost
no spanning-tree cost
⢠cost â ã€ã³ã¿ãã§ãŒã¹ãžã®ãã¹ã³ã¹ãã®å€ïŒç¯å²ïŒ1-200,000,000)
åæèšå®
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ããã€ã¹éã® STAã®ãã¹ãæé©ã«æ±ºå®ããããã®ã³ãã³ãã§ããåŸã£ãŠãé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸãã
⢠ãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãã
⢠STPãã¹ã³ã¹ãã "short"ã«èšå®ãããŠããå Žåã«ã¯æ倧å€ã 65,535ãšãªããŸãã
äŸ
STAãã¹ã³ã¹ãæšå¥šç¯å²
ããŒãã¿ã€ã IEEE 802.1D-1998 IEEE 802.1w-2001
Fast Ethernet 10-60 20,000-2,000,000
Gigabit Ethernet 3-10 2,000-200,000
STAãã¹ã³ã¹ãæšå¥šå€
ããŒãã¿ã€ã ãªã³ã¯ã¿ã€ã IEEE 802.1D-1998 IEEE 802.1w-2001
Fast Ethernet Half DuplexFull DuplexTrunk
191815
200,000100,00050,000
Gigabit Ethernet Full DuplexTrunk
43
10,0005,000
åæå€
ããŒãã¿ã€ã ãªã³ã¯ã¿ã€ã IEEE 802.1w-2001
Fast Ethernet Half DuplexFull DuplexTrunk
200,000100,00050,000
Gigabit Ethernet Full DuplexTrunk
10,0005,000
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree cost 5000Console(config-if)#
699FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree edge-port
ãšããžã«å¯ŸããããŒããæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree edge-port
no spanning-tree edge-port
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯éžæããããŒãã«å¯Ÿããã¡ã¹ãã¹ããã³ã°ããªãŒã¢ãŒãã®èšå®ãè¡ããŸãããã®ã¢ãŒãã§ã¯ãããŒãã¯åŠç¿ã¹ããŒãããã¹ããŠããã©ã¯ãŒãã£ã³ã°ãè¡ããŸãããšã³ãããŒãã§ã¯ã«ãŒããçºçããªããããã¹ããã³ã°ããªãŒã¹ããŒãã®å€æŽãéåžžãããæ©ãè¡ãããšãã§ããŸãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯ããšã³ãããŒãã®ãµãŒããã¯ãŒã¯ã¹ããŒã·ã§ã³ã«å¯Ÿã STPã«ããã¿ã€ã ã¢ãŠãã軜æžããŸããïŒãã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯ LANã®ãšã³ãããŒãã®ããã€ã¹å㯠LANã®ãšã³ãã®ããªããžã«æ¥ç¶ãããããŒãã«ã®ã¿æå¹ã«ããŠäžãããïŒ
äŸ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree edge-portConsole(config-if)#
700 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree link-type
RSTPã®ãªã³ã¯ã¿ã€ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree link-type < auto | point-to-point | shared >
no spanning-tree link-type
⢠autoïŒ duplexã¢ãŒãã®èšå®ããèªåçã«èšå®
⢠point-to-pointïŒ point to pointãªã³ã¯
⢠sharedïŒã·ã§ã¢ãŒãããã£ã¢ã
åæèšå®
auto
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããŒãã察åã®ããªããžã«ã®ã¿æ¥ç¶ãããŠããå Žå㯠point-to-pointãªã³ã¯ããè€æ°ã®ããªããžã«æ¥ç¶ãããŠããå Žåã«ã¯ sharedãéžæããŸãã
⢠èªåæ€ç¥ãéžæãããŠããå Žåããªã³ã¯ã¿ã€ã㯠duplexã¢ãŒãããéžæãããŸããFull-duplexã®ããŒãã§ã¯ point-to-pointãªã³ã¯ããhalf-duplexããŒãã§ã¯ãsharedãªã³ã¯ãèªåçã«éžæãããŸãã
⢠RSTP㯠2ã€ã®ããªããžéã® point-to-pointãªã³ã¯ã§ã®ã¿æ©èœããŸããæå®ãããããŒãã sharedãªã³ã¯ã®å Žåã«ã¯ RSTPã¯èš±å¯ãããŸããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree link-type point-to-point
701FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree loopback-detection
ãã®ã³ãã³ãã¯ãããŒãã§æ€åºãšã¹ããã³ã°ããªãŒã«ãŒãããã¯ãã±ãããžã®è¿çãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
spanning-tree loopback-detection
no spanning-tree loopback-detection
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ã«ãŒãããã¯æ€åºãæå¹ã§ãããããŒããããèªèº«ã® BPDUãåä¿¡ããå ŽåãããŒã㯠IEEE Standard 802.1W-2001 9.3.4ã«åŸã£ãŠãã«ãŒããã㯠BPDUãç Žæ£ããŸãã.
⢠ã¹ã€ããã§ã¹ããã³ã°ããªãŒãç¡å¹ã®å Žåã ããŒãã«ãŒãããã¯æ€åºã¯ã¢ã¯ãã£ãã«ãªããŸããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree loopback-detection
702 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree loopback-detection release-mode
BPDUã«ãŒãããã¯ãåä¿¡ãããçºã«ãã£ã¹ã«ãŒãã£ã³ã°ã¹ããŒãã«çœ®ãããŠããããŒãã®ãªãªãŒã¹ã¢ãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
spanning-tree loopback-detection release-mode < auto | manual >
no spanning-tree loopback-detection
⢠auto â ã«ãŒãããã¯ã¹ããŒãçµäºæããã£ã¹ã«ãŒãã£ã³ã°ã¹ããŒãããèªåã§ãªãªãŒã¹ãããŸãã
⢠manual â ããŒãã¯æåã§ã®ã¿ãªãªãŒã¹ãããŸãã
åæèšå®
auto
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããŒããèªåã«ãŒãããã¯ãªãªãŒã¹ã«èšå®ãããŠããå Žåã以äžã®æ¡ä»¶ã®å äžã€ãæºãããããšããããŒãã¯ãã©ã¯ãŒãã£ã³ã°ã¹ããŒããžæ»ããŸãã
ïŒããŒããèªèº«ä»¥å€ã® BPDUãåä¿¡
ïŒããŒããªã³ã¯ã¹ããŒã¿ã¹ããªã³ã¯ããŠã³ãžå€æŽåŸåãªã³ã¯ã¢ãã
ïŒãã©ã¯ãŒãé 延ééã®éã«ããŒããèªèº«ã® BPDUã®åä¿¡ãäžæ¢ããå Žå
⢠ã«ãŒãããã¯æ€åºãç¡å¹ã§ãããããŒããèªèº«ã® BPDUãåä¿¡ããå ŽåãIEEE Standard 802.1W-2001 9.3.4ã«åŸãã«ãŒããã㯠BPDUãç Žæ£ããŸãã
⢠ã¹ã€ããã§ã¹ããã³ã°ããªãŒãç¡å¹ã®å Žåã ããŒãã«ãŒãããã¯æ€åºã¯ã¢ã¯ãã£ãã«ãªããŸããã
⢠æåãªãªãŒã¹ã¢ãŒãã«èšå®ãããŠããæããªã³ã¯ããŠã³ /ã¢ããã€ãã³ãã¯ããŒãããã£ã¹ã«ãŒãã£ã³ã°ã¹ããŒããããªãªãŒã¹ããŸããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree loopback-detection release-mode manual
703FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree loopback-detection trap
ã¹ããã³ã°ããªãŒã«ãŒããã㯠BPDUæ€åºã® SNMPãã©ããéç¥ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
spanning-tree loopback-detection trap
no spanning-tree loopback-detection trap
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree loopback-detection trap
704 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mst cost
MSTã®ã€ã³ã¹ã¿ã³ã¹ã®ãã¹ã³ã¹ãã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mst instance_id cost cost
no spanning-tree mst instance_id cost
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠cost â ã€ã³ã¿ãã§ãŒã¹ãžã®ãã¹ã³ã¹ãã®å€ (1-200,000,000)ããããã¹ã³ã¹ãæšå¥šç¯å²ã¯ P699 ãSTAãã¹ã³ã¹ãæšå¥šç¯å²ãããã¹ã³ã¹ãæšå¥šå€ã¯ãããããP699 ãSTAãã¹ã³ã¹ãæšå¥šå€ããåç §ããŠãã ããã
åæèšå®
ãã¹ã³ã¹ãåæå€ã¯ P699 ãåæå€ãã®è¡šãåç §ããŠãã ããã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠åã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã¯ VLAN IDã«é¢é£ä»ããããŸãã
⢠æ¬ã³ãã³ãã¯ããã€ã¹éã® MSTAã®ãã¹ãæé©ã«æ±ºå®ããããã®ã³ãã³ãã§ããåŸã£ãŠãé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸãã
⢠ãã¹ã³ã¹ãã¯ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£ããåªå ãããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree mst port-priorityïŒP706ïŒ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree mst 1 cost 50Console(config-if)#
705FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mst port-priority
MSTã€ã³ã¹ã¿ã³ã¹ã®ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£ã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mst instance_id port-priority priority
no spanning-tree mst instance_id port-priority
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠priority â ããŒãã®åªå é äœïŒ0-240ã®é㧠16ééã®å€ïŒ
åæèšå®
128
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠MSTã«äœ¿çšããã€ã³ã¿ãã§ãŒã¹ã®åªå é äœãæå®ããããã®ã³ãã³ãã§ããããããã¹ãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãé«ãåªå é äœïŒäœãèšå®å€ïŒã®ããŒããSTPã®ã¢ã¯ãã£ããªã³ã¯ãšãªããŸãã
⢠è€æ°ã®ããŒãã«æåªå é äœãå²ãåœãŠãããå ŽåãããŒãçªå·ã®äœãããŒããæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree mst cost ïŒP705ïŒ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree mst 1 port-priority 0Console(config-if)#
706 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree port-priority
æå®ããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree port-priority priority
no spanning-tree port-priority
⢠priority â ããŒãã®åªå é äœïŒ0-240ã®é㧠16ééã®å€ïŒ
åæèšå®
128
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠STPã«äœ¿çšããããŒãã®åªå é äœãæå®ããããã®ã³ãã³ãã§ããããããã¹ãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãé«ãåªå é äœïŒäœãèšå®å€ïŒã®ããŒãã STPã®ã¢ã¯ãã£ããªã³ã¯ãšãªããŸãã
⢠1ã€ä»¥äžã®ããŒãã«æåªå é äœãå²ãåœãŠãããå ŽåãããŒãçªå·ã®äœãããŒããæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree costïŒP699ïŒ
Console(config)#interface ethernet 1/5
Console(config-if)#spanning-tree port-priority 0Console(config-if)#
707FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree root-guard
ãã®ã³ãã³ãã¯ãæå®ãããããŒããäžäœã® BPDUãèæ ®ã«å ¥ããæ°ãã STPã«ãŒãããŒããéžæãããããšãé»æ¢ããããèšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
spanning-tree root-guard
no spanning-tree root-guard
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠äœãããªããžèå¥åïŒãŸãã¯åãèå¥åãšäœã MACã¢ãã¬ã¹ïŒãæã€ããªããžã¯ãã€ã§ãã«ãŒãããªããžãåŒãç¶ãããšãå¯èœã§ãã
⢠ã¹ããã³ã°ããªãŒãã¹ã€ãããŸãã¯ã€ã³ã¿ãã§ãŒã¹ã§ã§ã°ããŒãã«ã«åæåãããæãã¹ã€ããã¯ã«ãŒãã¬ãŒããæå¹ã«ããåã«ãã¹ããã³ã°ããªãŒãäžç¹ã«éãŸã£ãããšãä¿èšŒããããŸã§ã20ç§éåŸ ã¡ãŸãã
äŸ
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree edge-portConsole(config-if)#spanning-tree root-guardConsole(config-if)#
708 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree spanning-disabled
ç¹å®ã®ããŒãã® STAãç¡å¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åã³ STAãæå¹ã«ããŸãã
ææ³
spanning-tree spanning-disabled
no spanning-tree spanning-disabled
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
5çªããŒãã® STAãç¡å¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree spanning-disabledConsole(config-if)#
709FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree loopback-detection release
ã«ãŒãããã¯æ€çŽ¢ã«ãã£ãŠããã£ã¹ã«ãŒãã£ã³ã°ç¶æ ã«çœ®ãããŠããããŒããéæŸããŸãã
ææ³
spanning-tree loopback-detection release interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㯠"spanning-tree loopback-detection release-mode"ã³ãã³ãïŒP703ïŒã«ãã£ãŠã" loopback detection release mode"ã " manual"ã«èšå®ãããŠãããBPDUã«ãŒãããã¯ãçºçããæã«ããã£ã¹ã«ãŒãã£ã³ã°ç¶æ ããã€ã³ã¿ãã§ãŒã¹ã解æŸããŸãã
äŸ
Console#spanning-tree loopback-detection release ethernet 1/1Console#
710 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree protocol-migration
éžæããããŒãã«éä¿¡ããé©å㪠BPDUãã©ãŒããããå確èªããŸãã
ææ³
spanning-tree protocol-migration interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æ¬æ©ãèšå®ãããããžãŒãã§ã³ãž BPDUãå«ã STP BPDUãæ€ç¥ããå Žåã該åœããããŒãã¯èªåçã« STPäºæã¢ãŒãã«ã»ãããããŸãã"spanning-tree protocol-migration"ã³ãã³ãã䜿çšããæåã§éžæããããŒãã«å¯ŸããŠæé©ãª BPDUãã©ãŒãããïŒRSTPå㯠STPäºæïŒã®å確èªãè¡ãããšãã§ããŸãã
äŸ
Console#spanning-tree protocol-migration ethernet 1/5Console#
711FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
show spanning-tree
STPã®èšå®å 容ã衚瀺ããŸãã
ææ³
show spanning-tree { interface | mst instance-id }
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
⢠instance-id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ã䜿ãã "show spanning-tree"ã³ãã³ãã䜿çšããå ŽåãããªãŒå ã®åã€ã³ã¿ãã§ãŒã¹ã®ããã®æ¬æ©ã®ã¹ããã³ã°ããªãŒèšå®ã衚瀺ãããŸãã
⢠"show spanning-tree interface"ã³ãã³ãã䜿çšããå Žåãæå®ããã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒèšå®ã®ã¿è¡šç€ºãããŸãã
â¢ãSpanning-tree informationãã§è¡šç€ºãããæ å ±ã®è©³çŽ°ã¯ P120 ãã°ããŒãã«èšå®ããåç §ããŠäžãããåã€ã³ã¿ãã§ãŒã¹ã§è¡šç€ºãããå 容㯠P128 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããã
712 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
äŸ
Console#show spanning-treeSpanning Tree Information--------------------------------------------------------------- Spanning Tree Mode: RSTP Spanning Tree Enabled/Disabled: Disabled Instance: 0 VLANs Configuration: 1-4094 Priority: 32768 Bridge Hello Time (sec.): 2 Bridge Max Age (sec.): 20 Bridge Forward Delay (sec.): 15 Root Hello Time (sec.): 2 Root Max Age (sec.): 20 Root Forward Delay (sec.): 15 Max Hops: 20 Remaining Hops: 20 Designated Root: 32768.0012CFBBC0C0 Current Root Port: 0 Current Root Cost: 0 Number of Topology Changes: 0 Last Topology Change Time (sec.): 8822 Transmission Limit: 3 Path Cost Method: Long Flooding Behavior: To VLAN---------------------------------------------------------------Eth 1/ 2 Information--------------------------------------------------------------- Admin Status: Enabled Role: Disabled State: Forwarding Admin Path Cost: 0 Oper Path Cost: 1000000 Priority: 128 Designated Cost: 0 Designated Port: 128.2 Designated Root: 32768.0012CFBBC0C0 Designated Bridge: 32768.0012CFBBC0C0 Fast Forwarding: Enabled Forward Transitions: 0 Admin Edge Port: Enabled Oper Edge Port: Enabled Admin Link Type: Auto Oper Link Type: Point-to-point Flooding Behavior: Enabled Spanning Tree Status: Enabled.
.
.Console#
713FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
show spanning-tree mst configuration
MSTã®èšå®ã衚瀺ããŸãã
ææ³
show spanning-tree mst configuration
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
onsole#show spanning-tree mst configurationMSTP Configuration Information-------------------------------------------------------------- Configuration Name: 00 12 cf bb c0 c0 Revision Level: 0
Instance VLANs-------------------------------------------------------------- 0 1-4093Console#
714 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18 VLAN
VLANã¯ãããã¯ãŒã¯äžã®ã©ãã«ã§ãäœçœ®ããããšãã§ããŸãããããããããããç©ççãªåäžã»ã°ã¡ã³ãã«å±ãããã®ããã«åäœããéä¿¡ãè¡ãããŒãã®ã°ã«ãŒãã§ãã
ããã§ã¯ VLANé¢é£ã³ãã³ãã䜿çšããæå®ããããŒãã® VLANã°ã«ãŒãã®çæãã¡ã³ããŒããŒãã®è¿œå ãVLANã¿ã°äœ¿çšæ³ã®èšå®ãèªå VLANç»é²ã®æå¹åãè¡ããŸãã
4.18.1 GVRPã®èšå®
GARP VLAN Registration Protocol(GVRP)ã¯ã¹ã€ãããèªåçã«ãããã¯ãŒã¯ãä»ããŠã€ã³ã¿ãã§ãŒã¹ã VLANã¡ã³ããŒãšããŠç»é²ããããã« VLANæ å ±ã亀æããæ¹æ³ãå®çŸ©ããŸããåã€ã³ã¿ãã§ãŒã¹åã¯æ¬æ©å šäœãžã® GVRPã®æå¹åã®æ¹æ³ãšãBridge Extension MIBã®èšå®ã®è¡šç€ºæ¹æ³ã説æããŠããŸãã
ã³ãã³ãã°ã«ãŒã æ©èœ ããŒãžGVRP and Bridge Extension GVRPã®èšå® P715
Editing VLAN Groups VLANåãVIDãç¶æ ãå«ã VLANã®èšå® P722
Configuring VLANInterfaces
å ¥åãã£ã«ã¿ãå ¥å /åºåã¿ã°ã¢ãŒããPVIDãGVRPãå«ã VLANã€ã³ã¿ãã§ãŒã¹ãã©ã¡ãŒã¿ã®èšå®
P724
Displaying VLANInformation
ç¶æ ãããŒãã¡ã³ããŒãMACã¢ãã¬ã¹ãå«ã VLANã°ã«ãŒãã®è¡šç€º
P732
Configuring 802.1QTunneling 802.1Qãã³ããªã³ã°ïŒQinQãã³ããªã³ã°ïŒã®èšå® P733
Configuring Port-based Traffic Segmentation
æå®ããããŠã³ãªã³ã¯ /ã¢ãããªã³ã¯ããŒãã«åºã¥ããç°ãªãã¯ã©ã€ã¢ã³ãã»ãã·ã§ã³ã®ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³èšå®
P738
Configuring ProtocolVLANs
ãã¬ãŒã ã¿ã€ãããã³ãããã³ã«ãåºã«ãããããã³ã«ããŒã¹ VLANã®èšå®
P741
Configuring IP Subnet VLANs IPãµãããã VLANã®èšå® P745
Configuring MAC Based VLANs MACããŒã¹ VLANã®èšå® P748
Configuring Voice VLANs VoIPãã©ãã£ãã¯æ€åºãšãã€ã¹ VLANã®æå¹å P751
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
bridge-ext gvrp æ¬æ©å šäœã«å¯Ÿã GVRPãæå¹å GC P716
garp timer éžæããæ©èœãžã® GARPã¿ã€ããŒã®èšå® IC P717
switchport forbidden vlan ã€ã³ã¿ãã§ãŒã¹ãžã®ç»é²çŠæ¢ VLANã®èšå® IC P718
switchport gvrp ã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®æå¹å IC P719
show bridge-ext bridge extensionæ å ±ã®è¡šç€º PE P719
show garptimer éžæããæ©èœãžã® GARPã¿ã€ããŒã®è¡šç€º
NE,PEP720
show gvrpconfiguration
éžæããã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®èšå®ã®è¡šç€º
NE,PE P721
715FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
bridge-ext gvrp
GVRPãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
bridge-ext gvrp
no bridge-ext gvrp
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
GVRPã¯ãã¹ã€ããããããã¯ãŒã¯ãä»ããŠããŒãã VLANã¡ã³ããŒãšããŠç»é²ããããã« VLANæ å ±ã亀æããæ¹æ³ãå®çŸ©ããŸãããã®æ©èœã«ãã£ãŠèªåçã« VLANç»é²ãè¡ãããšãã§ããããŒã«ã«ã®ã¹ã€ãããè¶ãã VLANã®èšå®ããµããŒãããŸãã
äŸ
Console(config)#bridge-ext gvrpConsole(config)#
716 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
garp timer
leaveãleaveallãjoinã¿ã€ããŒã«å€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã®å€ã«æ»ããŸãã
ææ³
garp timer < join | leave | leaveall > timer_value
no garp timer < join | leave | leaveall >
⢠< join | leave | leaveall > â èšå®ããã¿ã€ããŒã®çš®é¡
⢠timer_value â ã¿ã€ããŒã®å€
ç¯å²ïŒ
joinïŒ20-1000ã»ã³ãã»ã«ã³ã
leaveïŒ60-3000ã»ã³ãã»ã«ã³ã
leaveallïŒ500-18000ã»ã³ãã»ã«ã³ã
åæèšå®
⢠joinïŒ20ã»ã³ãã»ã«ã³ã
⢠leaveïŒ60ã»ã³ãã»ã«ã³ã
⢠leaveallïŒ1000ã»ã³ãã»ã«ã³ã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããªããžããã LANå ã§ã®ã¯ã©ã€ã¢ã³ããµãŒãã¹ã®ã¯ã©ã€ã¢ã³ãå±æ§ã®ç»é²ãåé€ãè¡ãããã«ãGroup Address Registration Protocol(GARP)㯠GVRPåã³ GMRPã§äœ¿çšãããŸããGARPã¿ã€ããŒã®åæèšå®ã®å€ã¯ãã¡ãã£ã¢ã¢ã¯ã»ã¹æ¹æ³åã¯ããŒã¿ã¬ãŒããšç¬ç«ããŠããŸããGMRPå㯠GVRPç»é² /åé€ã«é¢ããåé¡ããªãå Žåã«ã¯ããããã®å€ã¯å€æŽããªãã§äžããã
⢠ã¿ã€ããŒã®å€ã¯ãã¹ãŠã® VLANã® GVRPã«èšå®ãããŸãã
⢠ã¿ã€ããŒã®å€ã¯ä»¥äžã®åŒã«é©å¿ããå€ã§ããå¿ èŠããããŸã :leave >= (2 x join)leaveall > leave
[泚æ ]ã GVRPã¿ã€ããŒã®å€ã¯åäžãããã¯ãŒã¯å ã®ãã¹ãŠã® L2ã¹ã€ããã§åãã«èšå®ããŠäžãããåãå€ã«èšå®ãããªãå Žå㯠GVRPãæ£åžžã«æ©èœããŸããã
äŸ
é¢é£ããã³ãã³ã
show garp timerïŒP720ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#garp timer join 100Console(config-if)#
717FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport forbidden vlan
çŠæ¢ VLANã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§çŠæ¢ VLANãªã¹ãããåé€ããŸãã
ææ³
switchport forbidden vlan [ add vlan-list | remove vlan-list ]
no switchport forbidden vlan
⢠add vlan-list â è¿œå ãã VLANã® IDã®ãªã¹ã
⢠remove vlan-list â 解é€ãã VLANã® IDã®ãªã¹ã
⢠vlan-list â é£ç¶ããªã VLAN IDãã«ã³ãã§åããŠå ¥åïŒã¹ããŒã¹ã¯å ¥ããªãïŒãé£ç¶ãã IDã¯ãã€ãã³ã§ç¯å²ãæå®ïŒç¯å²ïŒ1-4093)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠GVRPã§èªåçã« VLANã«å ããããããšãé²ãããã®ã³ãã³ãã§ãã
⢠ã€ã³ã¿ãã§ãŒã¹äžã§ VLANãèš±å¯ VLANã«ã»ãããããŠããå Žåãåãã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ VLANãªã¹ãã«å ããããšã¯ã§ããŸããã
äŸ
æ¬äŸã§ã¯ 1çªããŒãã VLAN 3ã«å ããããšãé²ãã§ããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport forbidden vlan add 3Console(config-if)#
718 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport gvrp
ããŒãã® GVRPãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
switchport gvrp
no switchport gvrp
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
show bridge-ext
ããªããžæ¡åŒµã³ãã³ãã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
衚瀺ãããå 容㯠P26 ãããªããžæ¡åŒµæ©èœã®è¡šç€ºããåç §ããŠäžããã
äŸ
Console(config)#interface ethernet 1/6Console(config-if)#switchport gvrpConsole(config-if)#
Console#show bridge-ext Maximum Supported VLAN Numbers : 256 Maximum Supported VLAN ID : 4093 Extended Multicast Filtering Services : No Static Entry Individual Port : Yes VLAN Learning : IVL Configurable PVID Tagging : Yes Local VLAN Capable : No Traffic Classes : Enabled Global GVRP Status : Disabled GMRP : DisabledConsole#
719FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show garp timer
éžæããããŒãã® GARPã¿ã€ããŒã衚瀺ããŸãã
ææ³
show garp timer { interface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãã¹ãŠã® GARPã¿ã€ããŒã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
é¢é£ããã³ãã³ã
garp timerïŒP717ïŒ
Console#show garp timer ethernet 1/1Eth 1/ 1 GARP Timer Status: Join Timer : 20 centiseconds Leave Timer : 60 centiseconds Leave All Timer : 1000 centiseconds
Console#
720 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show gvrp configuration
GVRPãæå¹ãç¡å¹ãã衚瀺ããŸãã
ææ³
show gvrp configuration { interface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
å šäœãšåã€ã³ã¿ãã§ãŒã¹äž¡æ¹ã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show gvrp configuration ethernet 1/6Eth 1/ 6: Gvrp configuration: EnabledConsole#
721FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.2 VLANã°ã«ãŒãã®èšå®
vlan database
VLANããŒã¿ããŒã¹ã¢ãŒãã«å ¥ããŸãããã®ã¢ãŒãã®ã³ãã³ãã¯èšå®åŸçŽã¡ã«æå¹ãšãªããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠VLANããŒã¿ããŒã¹ã³ãã³ãã䜿çšã VLANã®è¿œå ãå€æŽãåé€ãè¡ããŸããVLANã®èšå®çµäºåŸã¯ " show vlan"ã³ãã³ãã䜿çšããšã³ããªãŒæ¯ã« VLANèšå®ã衚瀺ããããšãã§ããŸãã
⢠"interface vlan"ã³ãã³ãã¢ãŒãã䜿çšããããŒãã¡ã³ããŒã®æå®ããVLANããã®ããŒãã®è¿œå ãåé€ãè¡ããŸããã³ãã³ãã䜿çšããçµæã¯ãå®è¡äžã®èšå®ãã¡ã€ã«ã«æžã蟌ãŸã "show running-config"ã³ãã³ãã䜿çšããããšã§ãã¡ã€ã«ã®å 容ã衚瀺ãããããšãã§ããŸãã
äŸ
é¢é£ããã³ãã³ã
show vlanïŒP732ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
vlan database VLAN databaseã¢ãŒãã«å ¥ããVLANã®èšå®ãè¡ã
GC P722
VLAN VID,VLANåãã¹ããŒããªã© VLANã®èšå® VC P723
Console(config)#vlan databaseConsole(config-vlan)#
722 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
vlan
VLANãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ VLANã®åé€ããããã¯åæèšå®ã«æ»ããŸãã
ææ³
vlan vlan-id [ name vlan-name ] [ media ethernet { state < active | suspend > } ] { rspan }
no vlan vlan-id { name | state }
⢠vlan-id â èšå®ãã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠name â èå¥ããããã® VLANå
⢠vlan-name â 1-32æå
⢠media ethernet â ã€ãŒãµãããã¡ãã£ã¢ã®çš®é¡
⢠state â VLANã®ã¹ããŒãã®èå¥
ïŒ active â VLANã®å®è¡
ïŒ suspend â VLANã®äžæãäžæäžã® VLANã¯ãã±ããã®è»¢éãè¡ããŸããã
ïŒ rspan â ãªã¢ãŒãã¹ã€ããããã®ãã©ãã£ãã¯ãã©ãŒãªã³ã°ã«äœ¿çšãããVLANãäœæããŸããRSPANã§äœ¿çšããã VLAN㯠VLAN1ïŒã¹ã€ããã®ããã©ã«ã VLANïŒãš VLAN4093ïŒã¹ã€ããã¯ã©ã¹ã¿ãªã³ã°ã§äœ¿çšïŒãå«ãããšãåºæ¥ãŸãããCLIããã® RSPANèšå®ã«ã€ããŠã¯ 650 ããŒãžã®ãRSPANãã©ãŒãªã³ã°ããåç §ããŠãã ããã
åæèšå®
åæèšå®ã§ã¯ VLAN 1ãååšããactiveç¶æ ã§ãã
ã³ãã³ãã¢ãŒã
VLAN Database Configuration
ã³ãã³ã解説
⢠"no vlan vlan-id"ã䜿çšããå ŽåãVLANãåé€ãããŸãã
⢠"no vlan vlan-id name"ã䜿çšããå ŽåãVLANåãåé€ãããŸãã
⢠" no vlan vlan-id state"ã䜿çšããå ŽåãVLANã¯åæèšå®ã®ç¶æ (active)ã«æ»ããŸãã
⢠æ倧 4093VLANã®èšå®ãå¯èœã§ãã
[泚æ ]ãæ¬æ©ã¯æ倧 256åã®ãŠãŒã¶ç®¡çå¯èœãª VLANãäœæããããšãåºæ¥ãŸãã
äŸ
VLAN IDïŒ105ãVLAN nameïŒRD5ã§æ°ãã VLANãè¿œå ããŠããŸããVLANã¯åæèšå®ã§activeã«ãªã£ãŠããŸãã
é¢é£ããã³ãã³ã
show vlan ïŒP732ïŒ
Console(config)#vlan databaseConsole(config-vlan)#vlan 105 name RD5 media ethernetConsole(config-vlan)#
723FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.3 VLANã€ã³ã¿ãã§ãŒã¹ã®èšå®
interface vlan
VLANã®èšå®ã®ããã« interfaceèšå®ã¢ãŒãã«å ¥ããåã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ããŸããânoâãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
interface vlan vlan-idno interface vlan vlan-id
⢠vlan-id â èšå®ãã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ãVLAN 1ã® interface configurationã¢ãŒãã«åå ããVLANã«å¯Ÿã IPã¢ãã¬ã¹ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
show vlan ïŒP732ïŒinterface vlan ïŒP724ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžinterface vlan VLANãèšå®ããããã® Interfaceèšå®ã¢ãŒããžã®åå IC P724
switchportacceptable frametypes
ã€ã³ã¿ãã§ãŒã¹ã§åãå ¥ãå¯èœãªãã¬ãŒã ã¿ã€ãã®èšå® IC P725
switchport allowed vlan ã€ã³ã¿ãã§ãŒã¹ã«é¢é£ãã VLANã®èšå® IC P726
switchportforbidden vlan ã€ã³ã¿ãã§ãŒã¹ã®ç»é²ãçŠæ¢ãã VLANã®èšå® IC P718
switchport gvrp ã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®æå¹å IC P719
switchportingress-filtering ã€ã³ã¿ãã§ãŒã¹ãžã®å ¥åãã£ã«ã¿ã®æå¹å IC P727
switchport mode ã€ã³ã¿ãã§ãŒã¹ã® VLANã¡ã³ããŒã¢ãŒãã®èšå® IC P728
switchportnative vlan ã€ã³ã¿ãã§ãŒã¹ã® PVID(native VLAN)ã®èšå® IC P729
switchport priority default ã¿ã°ãªãåä¿¡ãã¬ãŒã ã®ããŒããã©ã€ãªãªãã£ã®èšå® IC P761
vlan-trunking ã¹ã€ãããéãæªç¥ã® VLANãèš±å¯ IC P730
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.254 255.255.255.0Console(config-if)#
724 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport acceptable-frame-types
ããŒãã®åãå ¥ãå¯èœãªãã¬ãŒã ã®çš®é¡ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport acceptable-frame-types < all | tagged >
no switchport acceptable-frame-types
⢠all â ã¿ã°ä»ãã¿ã°ãªãã®ãã¹ãŠã®ãã¬ãŒã ãåãå ¥ããŸãã
⢠tagged â ã¿ã°ä»ãã¬ãŒã ã®ã¿ãåãå ¥ããŸãã
åæèšå®
ãã¹ãŠã®ãã¬ãŒã ã¿ã€ã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
ãã¹ãŠã®ãã¬ãŒã ãèš±å¯ããèšå®ã«ããå Žåãã¿ã°ãªãåä¿¡ãã¬ãŒã ã¯ããã©ã«ã VLANã«æå®ãããŸãã
äŸ
æ¬äŸã§ã¯ 1çªããŒãã«ã¿ã°ä»ãã¬ãŒã ã®ã¿ãèš±å¯ããèšå®ã«ããŠããŸãã
é¢é£ããã³ãã³ã
switchport mode ïŒP728ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#switchport acceptable-frame-types taggedConsole(config-if)#
725FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport allowed vlan
éžæããã€ã³ã¿ãã§ãŒã¹ã® VLANã°ã«ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport allowed vlan [add vlan-list { tagged | untagged } | remove vlan-list ]
no switchport allowed vlan
⢠add vlan-list â è¿œå ãã VLANã® IDã®ãªã¹ã
⢠remove vlan-list â 解é€ãã VLANã® IDã®ãªã¹ã
⢠vlan-list â é£ç¶ããªã VLAN IDãã«ã³ãã§åããŠå ¥åïŒã¹ããŒã¹ã¯å ¥ããªãïŒãé£ç¶ãã IDã¯ãã€ãã³ã§ç¯å²ãæå®ïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãã¹ãŠã®ããŒãã VLAN 1ã«åå ããã¬ãŒã ã¿ã€ãã¯ã¿ã°ãªãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠switchportã¢ãŒãã " trunk"ã«èšå®ãããŠããå Žåãã€ã³ã¿ãã§ãŒã¹ãã¿ã°ä»ã¡ã³ããŒãšããŠãã VLANã«èšå®ã§ããŸããã
⢠ã€ã³ã¿ãã§ãŒã¹ã® switchport modeã "hybrid"ã«èšå®ãããŠããå Žåãã€ã³ã¿ãã§ãŒã¹ãæäœ 1ã€ã® VLANã«ã¿ã°ãªãã¡ã³ããŒãšããŠèšå®ããå¿ èŠããããŸãã
⢠ã¹ã€ããå ã§ã¯åžžã«ãã¬ãŒã ã¯ã¿ã°ä»ãšãªã£ãŠããŸããã¿ã°ä»åã³ã¿ã°ãªããã©ã¡ãŒã¿ã¯ã€ã³ã¿ãã§ãŒã¹ãž VLANãå ãããšã䜿ãããåºåããŒãã§ãã¬ãŒã ã®ã¿ã°ãã¯ãããä¿æãããã決å®ããŸãã
⢠ãããã¯ãŒã¯ã®éäžã察åã®ããã€ã¹ã VLANããµããŒãããŠããªãå Žåãã€ã³ã¿ãã§ãŒã¹ã¯ãããã® VLANãã¿ã°ãªãã¡ã³ããŒãšããŠå ããŸãã1ã€ã® VLANã«ã¿ã°ãªããšããŠå ãããã® VLANããã€ãã£ã VLANãšãªããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ãªã¹ãäžã® VLANãæåã§ã€ã³ã¿ãã§ãŒã¹ã«å ããããå ŽåãVLANã¯èªåçã«ã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ãªã¹ãããåé€ãããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒãã®ã¿ã°ä» VLANèš±å¯ãªã¹ãã« VLAN1,2,5,6ãå ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport allowed vlan add 1,2,5,6 taggedConsole(config-if)#
726 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport ingress-filtering
ããŒãã«å¯ŸããŠã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switch port ingress-filtering
no switchport ingress-filtering
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ã¿ã°ä»ãã¬ãŒã ã«ã®ã¿æå¹ã§ãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã®å Žåãã¡ã³ããŒã§ãªã VLANãžã®ã¿ã°ãã€ãããã¬ãŒã ãåä¿¡ãããšããã®ãã¬ãŒã ã¯æšãŠãããŸãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ GVRPã STPãªã©ã® VLANãšé¢é£ã®ãªã BPDUãã¬ãŒã ã«ã¯åœ±é¿ãäžããŸãããäœããVLANã«é¢é£ãã GMRPãªã©ã® BPDUãã¬ãŒã ã«ã¯åœ±é¿ãäžããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒããæå®ããã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport ingress-filteringConsole(config-if)#
727FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport mode
ããŒãã® VLANã¡ã³ããŒã·ããã¢ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport mode < access | hybrid | trunk >
no switchport mode
⢠access â ã¢ã¯ã»ã¹ VLANã€ã³ã¿ãã§ãŒã¹ãæå®ããã®ããŒãã¯ã¿ã°ç¡ããã¬ãŒã ã®ã¿åä¿¡ /転éãè¡ããŸãã
⢠hybrid â ãã€ããªãã VLANã€ã³ã¿ãã§ãŒã¹ãæå®ãããŒãã¯ã¿ã°ä»åã³ã¿ã°ãªããã¬ãŒã ãéä¿¡ããŸãã
⢠trunk â VLANãã©ã³ã¯ã«äœ¿çšãããããŒããæå®ããŸãããã©ã³ã¯ã¯ 2ã€ã®ã¹ã€ããéã®çŽæ¥æ¥ç¶ã§ãããŒãã¯ãœãŒã¹ VLANã瀺ãã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸããããã©ã«ã VLANã«æå±ãããã¬ãŒã ãã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸãã
åæèšå®
ãã¹ãŠã®ããŒã㯠hybridã«æå®ãããVLAN 1ã PVIDã«èšå®ãããŠããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
ã¢ã¯ã»ã¹ã¢ãŒããš VLANãã©ã³ã¯ã³ã°ïŒ730 ããŒãžã®ãvlan-trunkingããåç §ïŒã¯çžäºã«æä»çã§ãããã VLANãã©ã³ãã³ã°ãã€ã³ã¿ãã§ãŒã¹ã§æå¹ã®å Žåãã€ã³ã¿ãã§ãŒã¹ã¯ã¢ã¯ã»ã¹ã¢ãŒãã«èšå®ã§ããããã®éããŸãåæ§ã§ãã
äŸ
æ¬äŸã§ã¯ã1çªããŒãã® configurationã¢ãŒãã«å ¥ããswitchportã¢ãŒãã hybridã«æå®ããŠããŸãã
é¢é£ããã³ãã³ã
switchport acceptable-frame-typesïŒP725ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#switchport mode hybridConsole(config-if)#
728 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport native vlan
ããŒããžã®ããã©ã«ã VLAN IDã§ãã PVIDã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport native vlan vlan-id
no switchport native vlan
⢠vlan-id â ããŒããžã®ããã©ã«ã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
VLAN 1
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠PVIDãèšå®ããããã«ã¯ã察象ã®ããŒããæå®ãã PVIDãšåã VLANã«æå±ããŠããããŸããã® VLANãã¿ã°ãªãã§ããå¿ èŠããããŸãã
⢠åãå ¥ãå¯èœãªãã¬ãŒã ã¿ã€ãã "all"ã«ããŠããå Žåããswitchportã¢ãŒãã "hybrid"ã«ããŠããå Žåãå ¥åããŒãã«å ¥ããã¹ãŠã®ã¿ã°ãªããã¬ãŒã ã«ã¯ PVIDãæ¿å ¥ãããŸãã
äŸ
æ¬äŸã§ã¯ PVIDã VLAN3 ãšã㊠1çªããŒãã«èšå®ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport native vlan 3Console(config-if)#
729FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
vlan-trunking
æªç¥ã® VLANã°ã«ãŒããæå®ãããã€ã³ã¿ãã§ãŒã¹ãééããããšãèš±å¯ããŸãã"no"ãåã«çœ®ãããšã§ããã®æ©èœãç¡å¹ã«ããŸãã
ææ³
vlan-trunking
no vlan-trunking
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãããããå±ããªã VLANã°ã«ãŒãã®ãã©ãã£ãã¯ãæž¡ã 1ã€ä»¥äžã®äžéã¹ã€ããã暪åããã³ãã«ãèšå®ããŸãã以äžã®å³ã¯ VLAN1ãš 2ãã¹ã€ãã Aãš Bãž VLANãã©ã³ãã³ã°ãšå ±ã«èšå®ããã¹ã€ãã C,Dããã³ Eã暪æãããããã® VLANã°ã«ãŒãããã©ãã£ãã¯ãæž¡ãããã«äœ¿çšãããŸãã
VLANãã©ã³ãã³ã°ãç¡ãå Žåãå šãŠã®äžéã¹ã€ãããž VLAN1ãš 2ãèšå®ããå¿ èŠããããŸãããããªããã°ãããã®ã¹ã€ããã¯æªç¥ã® VLANã°ã«ãŒãã¿ã°ã®ã€ãããã¬ãŒã ãç Žæ£ããŸããVLANãã©ã³ãã³ã°ãæå¹ã«ããã°ãã¹ã€ãã Aãš Bãžã®ã¿ããããã® VLANã°ã«ãŒããäœæããã ãã§äžéã¹ã€ããããŒãã¯çµè·¯ã«æ²¿ã£ãŠ VLAN1ãš VLAN2ã®æ¥ç¶ãè¡ããŸããDãš Eã¯ãVLANã°ã«ãŒãã¿ã° 1ãš 2ãä»ãããã¬ãŒã ãèªåçã«èš±å¯ããVLANãã©ã³ãã³ã°ããŒããééããããšãå¯èœã«ãªããŸãã
⢠ãã®æ©èœã«ã¯ä»¥äžã®å¶éãé©çšãããŸãã
ïŒ VLANãã©ã³ãã³ã°ã¯ "access"ã¹ã€ããããŒãã¢ãŒãïŒ728 ããŒãžã®ãswitchport modeããåç §ïŒãšçžäºã«æä»çã§ãããã VLANãã©ã³ãã³ã°ãã€ã³ã¿ãã§ãŒã¹ã§æå¹ã®å Žåããã®ã€ã³ã¿ãã§ãŒã¹ã¯ã¢ã¯ã»ã¹ã¢ãŒãã«ã¯èšå®ããããšãåºæ¥ãŸããããã®éããŸãåæ§ã§ãã
⢠ã¹ããã³ã°ããªãŒæ§æããã®ã«ãŒããé²ãçºãå šãŠã®æªç¥ã® VLANã¯äžã€ã®ã€ã³ã¹ã¿ã³ã¹ïŒSTP/RSTPãŸã㯠MSTPã€ã³ã¹ã¿ã³ã¹ãéžæããã STAã¢ãŒãã«äŸåïŒãžãã€ã³ããããŸãã
V1 V2
A
C
D
E
B
V1 V2
730 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
⢠ããŒãã§ãVLANãã©ã³ãã³ã°ãšã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã®äž¡æ¹ãç¡å¹ã®å Žåãæªç¥ã®ã¿ã°ãä»ãããã±ããã¯ãã®ã€ã³ã¿ãã§ãŒã¹ãžå ¥ãããšãèš±å¯ãããVLANãã©ã³ãã³ã°ãæå¹ã§ãããã®ä»å šãŠã®ããŒããžãã©ãããããŸããïŒVLANãã©ã³ãã³ã°ã®å¹æã¯æªç¥ã® VLANã§äŸç¶æå¹ã§ããïŒ
äŸ
Console(config)#interface ethernet 1/9Console(config-if)#vlan-trunkingConsole(config-if)#interface ethernet 1/10Console(config-if)#vlan-trunking
731FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.4 VLANæ å ±ã®è¡šç€º
show vlan
VLANæ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show vlan { id vlan-id | name vlan-name }
⢠vlan-id ïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠vlan-nameïŒ VLANåïŒç¯å²ïŒ1-32æåïŒ
åæèšå®
ãã¹ãŠã® VLANã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã§ã¯ VLAN 1ã®æ å ±ã衚瀺ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžshow interfacesstatus vlan ç¹å® VLANã€ã³ã¿ãã§ãŒã¹ã®ç¶æ ã®è¡šç€º NE,PE P629
show interfacesswitchport ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšç¶æ ã®è¡šç€º NE,PE P630
show vlan VLANæ å ±ã®è¡šç€º NE,PE P732
VLAN ID : 1Type : StaticName : DefaultVlanStatus : ActivePorts/Port Channels : Eth1/ 1(S) Eth1/ 2(S) Eth1/ 3(S) Eth1/ 4(S) Eth1/5(S) Eth1/ 6(S) Eth1/ 7(S) Eth1/ 8(S) Eth1/ 9(S) Eth1/10(S)
Console#
732 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.5 IEEE802.1Qãã³ããªã³ã°ã®èšå®
IEEE 802.1Q ãã³ããªã³ã°ïŒQinQïŒæ©èœã䜿çšããããšã«ããããµãŒãã¹ ãããã€ãã¯è€æ°ã® VLAN ãèšå®ããŠããã«ã¹ã¿ããã1 ã€ã® VLAN ã䜿çšããŠãµããŒãã§ããŸããã«ã¹ã¿ãã® VID ã¯ä¿æããããããããŸããŸãªã«ã¹ã¿ãããã®ãã©ãã£ãã¯ã¯ãåã VLAN äžã«ååšããããã«èŠããå Žåã§ãããµãŒãã¹ãããã€ãã®ã€ã³ãã©ã¹ãã©ã¯ãã£å ã§ã¯åé¢ãããŠããŸããQinQãã³ããªã³ã°ã§ã¯ãVLAN å VLAN éå±€ã䜿çšããŠãã¿ã°ä»ããã±ããã«å床ã¿ã°ä»ããè¡ãããšïŒããã«ã¿ã®ã³ã°ãšãåŒã°ããŸãïŒã«ãã£ãŠãVLAN ã¹ããŒã¹ãæ¡åŒµããŸãã
ãã®ç¯ã§ã¯ãQinQãã³ããªã³ã°ã®èšå®ã«äœ¿çšãããã³ãã³ãã«ã€ããŠèª¬æããŸãã
QinQã®äžè¬çãªèšå®ã¬ã€ã
ïŒ1ïŒã¹ã€ããã QinQã¢ãŒãã«èšå®ïŒdot1q-tunnel system-tunnel-control P734ïŒ
ïŒ2ïŒSPVLANãäœæïŒvlan P723ïŒ
ïŒ3ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒãã dot1Qãã³ãã«ã¢ã¯ã»ã¹ã¢ãŒãã«èšå®ïŒswitchport dot1q-tunnel mode P735ïŒ
ïŒ4ïŒãã³ãã«ã¢ã¯ã»ã¹ããŒãã® Tag Protocol Identifier (TPID)å€ãèšå®ããã®ã¹ãããã¯ãæ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ããã802.1Qã¿ã°ä»ããã¬ãŒã ã®èå¥ã«éæšæº 2-
byteã€ãŒãµã¿ã€ãã䜿çšããŠããå Žåã«å¿ èŠã§ããïŒswitchport dot1q-tunnel tpidãP736ïŒ
ïŒ5ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒããã¿ã°ç¡ãã¡ã³ããŒãšã㊠SPVLANã«è¿œå ïŒswitchport allowed vlan P726ïŒ
ïŒ6ïŒQinQãã³ãã«ã¢ã¯ã»ã¹ããŒãã® SPVLAN IDããã€ãã£ã VIDãšããŠèšå®ïŒswitchport native vlanãP729ïŒ
ïŒ7ïŒQinQãã³ãã«ã¢ãããªã³ã¯ããŒãã dot1Qãã³ãã«ã¢ãããªã³ã¯ã¢ãŒãã«èšå®ïŒswitchport dot1q-tunnel modeãP735ïŒ
ïŒ8ïŒQinQãã³ãã«ã¢ãããªã³ã¯ããŒããã¿ã°ä»ãã¡ã³ããŒãšã㊠SPVLANã«è¿œå ïŒswitchport allowed vlanãP726ïŒ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãždot1q-tunnelsystem-tunnel-control
ã¹ã€ãããããŒãã«ã¢ãŒããŸã㯠QinQã¢ãŒãã«èšå®
GC P734
switchport dot1q-tunnel mode ã€ã³ã¿ãã§ãŒã¹ã QinQãã³ãã«ããŒãã«èšå® IC P735
switchport dot1q-tunnel tpid
ãã³ãã«ããŒãã® TPIDïŒTag Protocol IdentifierïŒå€ãèšå®
IC P736
show dot1q-tunnel QinQãã³ãã«ããŒãã®èšå®ã衚瀺 PE P737
show interfaces switchport QinQããŒãã¹ããŒã¿ã¹ã衚瀺 PE P630
733FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
QinQã®å¶éäºé
⢠ãã³ãã«ã¢ãããªã³ã¯ããŒãã®ãã€ãã£ã VLANãšãã³ãã«ã¢ã¯ã»ã¹ããŒãã¯åäžã«ã¯åºæ¥ãŸããããåããµãŒãã¹ VLANãäž¡æ¹ã®ãã³ãã«ããŒãã¿ã€ãã«èšå®ããããšã¯å¯èœã§ãã
⢠ãã³ãã«ããŒãã§ã¯ IGMPã¹ããŒãã³ã°ãæå¹ã«åºæ¥ãŸããã
⢠ã¹ããã³ã°ããªãŒãããã³ã«ãæå¹æã«ãã¹ããã³ã°ããªãŒæ§é ãããªãŒã®äžæãå æããããã«èªåã§åé 眮ãããå Žåããã³ãã«ã¢ã¯ã»ã¹ãŸãã¯ãã³ãã«ã¢ãããªã³ã¯ããŒãã¯ç¡å¹ã«ãªããŸãããããã®ããŒãã§ã¯ã¹ããã³ã°ããªãŒãç¡å¹ã«ããããšãè³¢æã§ãã
dot1q-tunnel system-tunnel-control
ã¹ã€ããã QinQã¢ãŒãã§åäœããããèšå®ãè¡ããŸãã"no"ãåã«çœ®ããš QinQãªãã¬ãŒãã£ã³ã°ã¢ãŒããç¡å¹ã«ããŸãã
ææ³
dot1q-tunnel system-tunnel-control
no dot1q-tunnel system-tunnel-control
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
QinQã€ã³ã¿ãã§ãŒã¹èšå®ãæ©èœããããã«ãQinQãã³ãã«ã¢ãŒããã¹ã€ããã§æå¹ã«ããŠãã ããã
äŸ
é¢é£ããã³ãã³ã
show dot1q-tunnel ïŒP737ïŒshow interfaces switchport ïŒP630ïŒ
Console(config)#dot1q-tunnel system-tunnel-controlConsole(config)#
734 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport dot1q-tunnel mode
ã€ã³ã¿ãã§ãŒã¹ã QinQãã³ãã«ããŒããšããŠèšå®ããŸãã"no"ãåã«çœ®ãããšã§ã€ã³ã¿ãã§ãŒã¹ã® QinQãç¡å¹ã«ããŸãã
ææ³
switchport dot1q-tunnel mode < access | uplink >
no switchport dot1q-tunnel mode
⢠access â ããŒãã 802.1Qãã³ãã«ã¢ã¯ã»ã¹ããŒãã«èšå®
⢠uplink â ããŒãã 802.1Qãã³ãã«ã¢ãããªã³ã¯ããŒãã«èšå®
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠switchport dot1q-tunnel modeã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã䜿çšããåã«ãdot1q-tunnel system-tunnel-controlã³ãã³ãïŒP734ïŒã䜿çšã㊠QinQãã³ããªã³ã°ãæå¹ã«ããå¿ èŠããããŸãã
⢠ãã³ãã«ã¢ãããªã³ã¯ããŒããã«ã¹ã¿ãããã®ãã±ãããåä¿¡ããéãã«ã¹ã¿ãã¿ã°ïŒ1ã€ä»¥äžã®ã¿ã°ã¬ã€ã€ããããåŠãã«ãããããïŒã¯å åŽã«ä¿æããããµãŒãã¹ãããã€ãã®ã¿ã°ãå€åŽã®ã¿ã°ã«ä»å ãããŸãã
⢠ãã³ãã«ã¢ãããªã³ã¯ããŒãããµãŒãã¹ãããã€ãããã®ãã±ãããåä¿¡ããéãå€åŽã®ãµãŒãã¹ãããã€ãã¿ã°ã¯åãé€ããããã±ããã¯å åŽã®ã¿ã°ã瀺ã VLANãžæž¡ãããŸããå åŽã®ã¿ã°ãèŠã€ãããªãå Žåããã±ããã¯ã¢ãããªã³ã¯ããŒãã«å®çŸ©ããããã€ãã£ã VLANãžæž¡ãããŸãã
äŸ
é¢é£ããã³ãã³ã
show dot1q-tunnelïŒP737ïŒ
show interfaces switchportïŒP630ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#switchport dot1q-tunnel mode accessConsole(config-if)#
735FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport dot1q-tunnel tpid
ãã³ãã«ããŒãã® Tag Protocol Identifier (TPID)å€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ãžæ»ããŸãã
ææ³
switchport dot1q-tunnel tpid tpid
no switchport dot1q-tunnel tpid
⢠tpid â 802.1Qã«ãã»ã«åã®ã€ãŒãµã¿ã€ãå€ãèšå®ããã®èå¥å㯠802.1Qã¿ã°ä»ããã¬ãŒã ã®èå¥ã«éæšæº 2-byteãéžæããããã«äœ¿çšããŸããæšæºã€ãŒãµã¿ã€ãå€ã¯0x8100ïŒç¯å²ïŒ0800-FFFF16é²æ°ïŒ
åæèšå®
0x8100
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠"switchport dot1q-tunnel tpid"ã³ãã³ãã¯éžæãããã€ã³ã¿ãã§ãŒã¹ã®ã«ã¹ã¿ã 802.1Qã€ãŒãµã¿ã€ãå€ãèšå®ããŸãããã®æ©èœã¯æ¬æ©ãžã802.1Qã¿ã°ä»ããã¬ãŒã ã®èå¥ã«æšæº 0x8100ã€ãŒãµã¿ã€ãã䜿çšããªããµãŒãããŒãã£è£œã¹ã€ãããšã€ã³ã¿ãªãã¬ãŒãããããšãèš±å¯ããŸããäŸãã°ã0x1234ã¯ãã©ã³ã¯ããŒãã®ã«ã¹ã¿ã 802.1Qã€ãŒãµã¿ã€ããšããŠèšå®ããããã®ã€ãŒãµã¿ã€ããå«ãå ¥åãã¬ãŒã ã¯ãã€ãŒãµã¿ã€ããã£ãŒã«ãã«ç¶ãã¿ã°ã«å«ãŸãã VLANãžãæšæºç 802.1Qãã©ã³ã¯ãšããŠå²ãåœãŠãããŸãããã®ä»ã®ã€ãŒãµã¿ã€ããæã€ããŒããžå°çãããã¬ãŒã ã¯ã¿ã°ç¡ããã¬ãŒã ãšããŠèŠããããã®ããŒãã®ãã€ãã£ã VLANãžå²ãåœãŠãããŸãã
⢠ã¹ã€ããã®å šãŠã®ããŒãã¯åãã€ãŒãµã¿ã€ãã«èšå®ãããŸãã
äŸ
é¢é£ããã³ãã³ã
show interfaces switchportïŒP630ïŒ
Console(config)#interface ethernet 1/1Console(config-if)#switchport dot1q-tunnel tpid 9100Console(config-if)#
736 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show dot1q-tunnel
QinQãã³ãã«ããŒãæ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
switchport dot1q-tunnel modeïŒP735ïŒ
Console(config)#dot1q-tunnel system-tunnel-controlConsole(config)#interface ethernet 1/1Console(config-if)#switchport dot1q-tunnel mode accessConsole(config-if)#interface ethernet 1/2Console(config-if)#switchport dot1q-tunnel mode uplinkConsole(config-if)#endConsole#show dot1q-tunnel
Current double-tagged status of the system is Enabled
The dot1q-tunnel mode of the set interface 1/1 is Access mode, TPID is 0x8100.The dot1q-tunnel mode of the set interface 1/2 is Uplink mode, TPID is 0x8100.The dot1q-tunnel mode of the set interface 1/3 is Normal mode, TPID is 0x8100....
737FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.6 ããŒãããŒã¹ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³
ããŒã«ã«ãããã¯ãŒã¯ããã³ãµãŒãã¹ãããã€ããžã®ã¢ãããªã³ã¯ããŒãäžã§ãç°ãªãã¯ã©ã€ã¢ã³ãããããŠã³ãªã³ã¯ããŒããééãããã©ãã£ãã¯ã«ãããå³ããã»ãã¥ãªãã£ãå¿ èŠãšãããéãåã ã®ã¯ã©ã€ã¢ã³ãã»ãã·ã§ã³ã®ãã©ãã£ãã¯ãéé¢ããããã«ããŒãããŒã¹ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã䜿çšã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžtraffic-segmentation
ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã®æå¹åãšèšå®
GC P739
show traffic-segmentation ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³èšå®ã®è¡šç€º PE P740
738 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
traffic-segmentation
ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãã°ããŒãã«ã§æå¹ã«ããŸãããŸããããŒãã®ã»ã°ã¡ã³ããŒã·ã§ã³ã°ã«ãŒãã®ã¢ãããªã³ã¯ããã³ããŠã³ãªã³ã¯ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ããã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãã°ããŒãã«ã§ç¡å¹ã«ããŸãã
ææ³
[no] traffic-segmentation { uplink interface-list downlink interface-list }
⢠uplinkâ ã¢ãããªã³ã¯ã€ã³ã¿ãã§ãŒã¹ãæå®
⢠downlinkâ ããŠã³ãªã³ã¯ã€ã³ã¿ãã§ãŒã¹ãæå®
åæèšå®
ã°ããŒãã«ã§ç¡å¹
ã»ã°ã¡ã³ããŒã·ã§ã³ããŒãã°ã«ãŒãã¯æªå®çŸ©
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã¯ãããŒãããŒã¹ã»ãã¥ãªãã£ãš VLANå ã®ããŒãéã®éé¢ãæäŸããŸããããŠã³ãªã³ã¯ããŒãã®ããŒã¿ãã©ãã£ãã¯ã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãããªã³ã¯ããŒããšã®ã¿éåä¿¡ãå¯èœã§ããããŒã¿ã¯ãåãã»ã°ã¡ã³ããããã°ã«ãŒãå ã®ããŠã³ãªã³ã¯ããŒãéãŸãã¯åãã°ã«ãŒãã«å±ããªãããŒãéã§ããåããããŸããã
⢠ããŒãã¯ã¢ãããªã³ã¯ããŒããŸãã¯ããŠã³ãªã³ã¯ããŒããšããŠå®çŸ©ããããšãå¯èœã§ãããäž¡æ¹ã®åœ¹å²ã§åäœããããèšå®ã¯åºæ¥ãŸããã
⢠ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ããã³éåžž VLANã¯åãã¹ã€ããã®äžã«åæã«ååšããããšãåºæ¥ãŸãããã©ãã£ãã¯ã¯ã»ã°ã¡ã³ããããã°ã«ãŒãã®ã¢ãããªã³ã¯ããŒãéãšéåžž VLANã®ããŒããèªç±ã«éãããšãã§ããŸãã
⢠ãã©ã¡ãŒã¿ç¡ã㧠"traffic-segmentation"ã³ãã³ãã§ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãæå¹ã«ããã»ã°ã¡ã³ããããã°ã«ãŒãã®ã€ã³ã¿ãã§ãŒã¹ã¡ã³ããŒãèšå®ããŸãã
⢠"no"ãåã«ä»ãããšããã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ãç¡å¹ã«ããã»ã°ã¡ã³ããããã°ã«ãŒãã®èšå®ãã¯ãªã¢ããŸãã
äŸ
Console(config)#traffic-segmentationConsole(config)#traffic-segmentation uplink ethernet 1/10
ãdownlink ethernet 1/5-8Console(config)#
739FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show traffic-segmentation
ãã©ãã£ãã¯ã»ã°ã¡ã³ããŒã·ã§ã³ã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show traffic-segmentationPrivate VLAN status: DisabledUp-link Port:
ãEthernet 1/12Down-link Port:
ãEthernet 1/5
ãEthernet 1/6
ãEthernet 1/7
ãEthernet 1/8Console#
740 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.7 ãããã³ã« VLANã®èšå®
éåžžã® VLANã§ã¯ããããã³ã«æ¯ã® VLANã°ã«ãŒãã®åœ¢æã容æã«è¡ãªãããšã¯ã§ããŸããããã®ãããç¹å®ã®ãããã³ã«ã«é¢é£ãããã¹ãŠã®æ©åšãéä¿¡ãè¡ãããããç¹æ®ãªãããã¯ãŒã¯æ©åšã䜿çšããŠç°ãªã VLANéã®éä¿¡ããµããŒãããå¿ èŠããããŸãããããããã®ãããªæ¹æ³ã§ã¯ãã»ãã¥ãªãã£ãšå®¹æãªèšå®ãå¯èœãª VLANã®ã¡ãªããã倱ã£ãŠããŸããŸãã
ãã®ãããªåé¡ãåé¿ãããããæ¬æ©ã§ã¯ç©ççãªãããã¯ãŒã¯ã®æ§æãããããã³ã«ãåºã«ããè«çç VLANã®ãããã¯ãŒã¯æ§æãšããããšãå¯èœãªãããã³ã«ããŒã¹ VLANæ©èœãæäŸããŸããããŒãããã¬ãŒã ãåä¿¡ããéãåä¿¡ãã¬ãŒã ã®ãããã³ã«ã¿ã€ãã«å¿ããŠVLANã¡ã³ããŒã·ããã決å®ãããŸãã
ãããã³ã« VLANã®èšå®ã¯ä»¥äžã®æé ã§è¡ãªããŸãã
ïŒ1ïŒäœ¿çšãããããã³ã«ã®ããã® VLANã°ã«ãŒããäœæããŸããäž»èŠãªãããã³ã«æ¯ã«VLANã®äœæãè¡ãªãããšæšå¥šããŸãããŸãããã®æç¹ã§ã¯ããŒãã¡ã³ããŒã®è¿œå ãè¡ãªããªãã§äžããã
ïŒ2ïŒVLANã«èšå®ãããããã³ã«æ¯ã®ã°ã«ãŒãã "protocol-vlan protocol-group"ã³ãã³ã (Clobal Configuration mode)ãå©çšããŠçæããŸãã
ïŒ3ïŒé©å㪠VLANã«åã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ã "protocol-vlan protocol-group"ã³ãã³ã (Interface Configuration mode)ãå©çšããŠãããã³ã°ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžprotocol-vlanprotocol-group
ãããã³ã«ã°ã«ãŒãã®äœæåã³ãµããŒããããã³ã«ã®æå®
GC P742
protocol-vlanprotocol-group ãããã³ã«ã°ã«ãŒãã® VLAN ãžã®ãããã³ã° IC P743
showprotocol-vlanprotocol-group
ãããã³ã«ã°ã«ãŒãã®èšå®ã®è¡šç€º PE P744
show interfaces protocolvlanprotocol-group
VLANãžã®ãããã³ã«ã°ã«ãŒããããã³ã°ã®è¡šç€º
PE P744
741FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
protocol-vlan protocol-group (Configuring Groups)
ãããã³ã«ã°ã«ãŒãã®äœæåã³ç¹å®ã®ãããã³ã«ã®ã°ã«ãŒããžã®è¿œå ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ãããã³ã«ã°ã«ãŒããåé€ããŸãã
ææ³
protocol-vlan protocol-group group-id [ < add | remove > frame-type frameprotocol-type protocol ]no protocol-vlan protocol-group group-id
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
⢠frame â ãããã³ã«ã§äœ¿çšããããã¬ãŒã ã¿ã€ãïŒãªãã·ã§ã³ïŒethernetãrfc_1042ãllc_otherïŒ
⢠protocol â ãããã³ã«ã¿ã€ããiic_otherãã¬ãŒã ã¿ã€ã㯠ipx_rawã®ã¿éžæã§ããŸãããã®ä»å šãŠã®ãã¬ãŒã ã¿ã€ãã®ãªãã·ã§ã³ã¯ ipãarpãrarpãipv6ã§ãã
åæèšå®
ãããã³ã«ã°ã«ãŒãæªèšå®
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ãããã³ã«ã°ã«ãŒã "1"ãäœæãããã¬ãŒã ã¿ã€ãã "Ethernet"ããããã³ã«ã¿ã€ãã "IP"åã³ "ARP"ã«èšå®ããŠããŸãã
Console(config)#protocol-vlan protocol-group 1 add frame-type ethernet protocol-type arpConsole(config)#
742 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
protocol-vlan protocol-group (Configuring Interface)
ã€ã³ã¿ãã§ãŒã¹ã«ãããŠãããã³ã«ã°ã«ãŒãã VLANã«ãããã³ã°ããŸãã"no"ãåã«ããããšã§ã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ã®ãããã³ã°ã解é€ããŸãã
ææ³
protocol-vlan protocol-group group-id vlan vlan-id
no protocol-vlan protocol-group group-id vlan
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
⢠vlan-id â èŽãããããã³ã«ã®éä¿¡ã転éããã VLANïŒèšå®ç¯å²ïŒ1-4093ïŒ
åæèšå®
ãããã³ã«ã°ã«ãŒãã¯ã€ã³ã¿ãã§ãŒã¹ã«ããããããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã¬ãŒã ããããã³ã« VLANã«å²ãåœãŠãããããŒãã«å ¥åããå Žåã以äžã®æ¹æ³ã§åŠçãããŸãã
ïŒãã¬ãŒã ã«ã¿ã°ä»ãã¬ãŒã ã®å Žåãã¿ã°ã®æ å ±ã«åºã¥ãåŠçãããŸããïŒãã¬ãŒã ãã¿ã°ãªããã¬ãŒã ã§ããããã³ã«ã¿ã€ããäžèŽããå Žåããã¬ãŒã ã¯é©å㪠VLAN ã«è»¢éãããŸãã
ïŒãã¬ãŒã ãã¿ã°ãªããã¬ãŒã ã§ããããã³ã«ã¿ã€ããäžèŽããªãå Žåããã¬ãŒã ã¯ã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ã VLAN ã«è»¢éãããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒãã«å ¥ã£ãŠããéä¿¡ã§ãããã³ã«ã°ã«ãŒã 1ãšäžèŽããéä¿¡ã VLAN2ã«ãããã³ã°ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#protocol-vlan protocol-group 1 vlan 2Console(config-if)#
743FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show protocol-vlan protocol-group
ãããã³ã«ã°ã«ãŒãã«é¢é£ãããã¬ãŒã åã³ãããã³ã«ã¿ã€ãã®è¡šç€º
ææ³
show protocol-vlan protocol-group { group-id }
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
åæèšå®
ãã¹ãŠã®ãããã³ã«ã°ã«ãŒãã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show interfaces protocol-vlan protocol-group
ãããã³ã«ã°ã«ãŒããã VLANãžã®ãããã³ã°ã衚瀺ããŸãã
ææ³
show interfaces protocol-vlan protocol-group { interaface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãããã³ã°ãããå šãŠã®ãããã³ã«ã°ã«ãŒãã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show protocol-vlan protocol-group ProtocolGroup ID Frame Type Protocol Type------------------ ------------- --------------- 2 RFC 1042 08 00Console#
Console#show interfaces protocol-vlan protocol-group
Port ProtocolGroup ID VLAN ID---------- ------------------ -----------Eth 1/1 1 vlan2Console#
744 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.8 IPãµãããã VLAN
ããŒãããŒã¹ã®åé¡ã䜿çšããæãããŒãã«ãã£ãŠåãåãããå šãŠã®ã¿ã°ç¡ããã¬ãŒã ã¯ãããŒããšé¢é£ä»ãããã VIDïŒPVIDïŒã® VLANã«å±ããŠãããšããŠåé¡ãããŸããIPãµãããã VLANåé¡ãæå¹æãã¿ã°ç¡ãå ¥åãã¬ãŒã ã®ãœãŒã¹ã¢ãã¬ã¹ã¯ IP subnet-to-VLANãããã³ã°ããŒãã«ã«ããããŠãã§ãã¯ãè¡ãããŸãããšã³ããªããµããããã«èŠã€ãã£ãå Žåããããã®ãã¬ãŒã ã¯ãšã³ããªã瀺ã VLANãžå²ãåœãŠãããŸããIPãµãããããäžèŽããªãå Žåãã¿ã°ç¡ããã¬ãŒã ã¯åä¿¡ããŒãã® VLAN IDïŒPVIDïŒã«å±ããŠãããšããŠåé¡ãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
subnet-vlan IPãµãããã VLANãå®çŸ© GC P746
show subnet-vlan IPãµãããã VLANèšå®ã衚瀺 PE P747
745FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
subnet-vlan
IPãµãããã VLANå²ãåœãŠãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãIPãµããããããVLANãžã®å²ãåœãŠãåé€ããŸãã
ææ³
subnet-vlan subnet ip-address mask vlan vlan-id { priority priority }
no subnet-vlan < ip-address mask | all >
⢠ip-address â ip-address - ãµãããããå®çŸ©ãã IPã¢ãã¬ã¹ãæå¹ãª IPã¢ãã¬ã¹ã¯ããªãªãã§åºåããã 0-255ã® 4ã€ã® 10é²æ°ã§æãç«ã¡ãŸãã
⢠mask â IPãµããããã®ãã¹ãã¢ãã¬ã¹ããããèå¥ããŸãã
⢠vlan-id â VLAN ID(ç¯å²ïŒ 1-4093)
⢠priority â ã¿ã°ç¡ãå ¥åãã©ãã£ãã¯ã«ã¢ãµã€ã³ããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ã7ãæé«ãã©ã€ãªãªãã£ïŒ
åæèšå®
ãã©ã€ãªãªãã£ïŒ0
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ããããã® IPãµãããã㯠1ã€ã® VLAN IDãžã®ã¿ããããå¯èœã§ããIPãµãããã㯠IPã¢ãã¬ã¹ãšãã¹ã¯ããæ§æãããŸãã
⢠ããŒãã§ã¿ã°ç¡ããã¬ãŒã ãåä¿¡ãããéããœãŒã¹ IPã¢ãã¬ã¹ã¯ IP subnet-to-VLANãããã³ã°ããŒãã«ã«å¯ŸããŠãã§ãã¯ãè¡ããããããšã³ããªãèŠã€ãã£ãå Žåã察å¿ãã VLAN IDããã¬ãŒã ã«å²ãåœãŠãããŸãããããããã³ã°ãèŠã€ãããªãå Žåãåä¿¡ããŒãã® PVIDããã¬ãŒã ãžå²ãåœãŠãããŸãã
⢠IPãµããããã¯ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ã IPã¢ãã¬ã¹ã«ãªãããšã¯ã§ããŸããã
⢠MACããŒã¹ãIPãµããããããŒã¹ããããã³ã«ããŒã¹ VLANãåæã«ãµããŒããããæããã©ã€ãªãªãã£ã¯ãã®é çªã§é©çšãããããŒãããŒã¹ VLANã¯æåŸã«ãªããŸãã
äŸ
VLAN4ã«ãµãããã 192.168.12.192ããã¹ã¯ 255.255.255.224ã®ãã©ãã£ãã¯ãå²ãåœãŠãŸãã
Console(config)#subnet-vlan subnet 192.168.12.192 255.255.255.224 vlan 4Console(config)#
746 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show subnet-vlan
IPãµãããã VLANå²ãåœãŠã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã»æ¬ã³ãã³ã㯠subnet-to-VLANãããã³ã°ã衚瀺ããããã«äœ¿çšããŸãã
äŸ
å šãŠã®èšå®ããã IPãµããããããŒã¹ VLANã衚瀺ããŠããŸãã
Console#show subnet-vlanIP Address Mask VLAN ID Priority--------------- --------------- ------- --------192.168.1.1 255.255.255.0 1 0Console#
747FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.9 MACããŒã¹ VLAN
802.1QããŒãããŒã¹ VLANåé¡ã䜿çšããæãããŒãã§åä¿¡ãããå šãŠã®ã¿ã°ç¡ããã¬ãŒã ã¯ãVIDïŒPVIDïŒããã®ããŒããšé¢é£ä»ãããã VLANã«æå±ããããã«åé¡ãããŸããMACããŒã¹ VLANæå¹æãã¿ã°ç¡ãå ¥åãã¬ãŒã ã®ãœãŒã¹ã¢ãã¬ã¹ã¯ãMAC address-to-VLAN ããŒãã«ã«å¯ŸããŠç §åãè¡ãããŸãããã®ã¢ãã¬ã¹ã®ãšã³ããªãèŠã€ãã£ãå Žåããããã®ãã¬ãŒã ã¯ãšã³ããªã瀺ã VLANãžå²ãåœãŠãããŸããMACã¢ãã¬ã¹ãäžèŽããªãå Žåãã¿ã°ç¡ããã¬ãŒã ã¯åä¿¡ããŒãã® VLAN IDïŒPVIDïŒã«å±ããŠãããšããŠåé¡ãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
mac-vlan MAC address-to-VLANãããã³ã°ãèšå® GC P749
show mac-vlan MACããŒã¹ VLANèšå®ã®è¡šç€º PE P750
748 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
mac-vlan
MAC address-to-VLANãããã³ã°ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§å²ãåœãŠãåé€ããŸãã
ææ³
mac-vlan mac-address mac-address vlan vlan-id { priority priority }
no mac-vlan mac-address < all | mac-address >
⢠mac-address â ããããããœãŒã¹MACã¢ãã¬ã¹ãèšå®ããã MACã¢ãã¬ã¹ã¯ãŠããã£ã¹ãã¢ãã¬ã¹ã«ã®ã¿ãªããŸããMACã¢ãã¬ã¹ã¯ "xx-xx-xx-xx-xx-xx"ãŸãã¯"xxxxxxxxxxxx"ã®ãã©ãŒãããã§æå®ããŠãã ããã
⢠vlan-id â ãœãŒã¹ MACã¢ãã¬ã¹ãšããããã VLANïŒèšå®ç¯å²ïŒ1-4093ïŒ
⢠priority â ã¿ã°ç¡ãå ¥åãã©ãã£ãã¯ã«ã¢ãµã€ã³ããããã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ã7ãæé«ãã©ã€ãªãªãã£ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠MAC-to-VLANãããã³ã°ã¯æ¬æ©ã®å šãŠã®ããŒããžé©çšãããŸãã
⢠ãœãŒã¹ MACã¢ãã¬ã¹ã¯ 1ã€ã® VLAN IDãžã®ã¿ããããããããšãå¯èœã§ãã
⢠èšå®ããã MACã¢ãã¬ã¹ã¯ãããŒããã£ã¹ããŸãã¯ãã«ããã£ã¹ãã¢ãã¬ã¹ã«ã¯ãªããŸããã
⢠MACããŒã¹ãIPãµããããããŒã¹ããããã³ã« VLANãåæã«ãµããŒããããæããã®ã·ãŒã±ã³ã¹ã§ã¯ãã©ã€ãªãªãã£ãé©çšãããæåŸã«ããŒãããŒã¹ VLANã«ãªããŸãã
äŸ
Console(config)#mac-vlan mac-address 00-00-00-11-22-33 vlan 10Console(config)#
749FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show mac-vlan
MAC address-to-VLANå²ãåœãŠã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㯠MAC Address-to-VLANãããã³ã°ã衚瀺ããããã«äœ¿çšããŸãã
äŸ
Console#show mac-vlan
ãããMAC address ããVLAN ID------------------- ---------
ã00-00-00-11-22-33 ãã10Console#
750 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
4.18.10 Voice VLAN
IPé»è©±ããšã³ã¿ãŒãã©ã€ãºãããã¯ãŒã¯ã«é 眮ãããå Žåãä»ã®ããŒã¿ãã©ãã£ãã¯ããVoIPãããã¯ãŒã¯ãåé¢ããããšãæšå¥šããŸãããã©ãã£ãã¯ã®åé¢ã¯æ¥µç«¯ãªãã±ããå°éé 延ããã±ãããã¹ããžãã¿ãŒãé²ããããé«ãé³å£°å質ãåŸãããšã«ã€ãªãããŸãããã㯠1ã€ã® Voice VLANã«ãã¹ãŠã® VoIPãã©ãã£ãã¯ãå²ãåœãŠãããšã§å®çŸã§ããŸãã
Voice VLANã䜿çšããããšã«ã¯ããã€ãã®å©ç¹ããããŸããä»ã®ããŒã¿ãã©ãã£ãã¯ããVoIPãã©ãã£ãã¯ãåé¢ããããšã§ã»ãã¥ãªãã£ãä¿ãããŸãããšã³ããã¥ãŒãšã³ãã®QoSããªã·ãŒãšé«ãåªå 床ã®èšå®ã«ããããããã¯ãŒã¯ã暪æã㊠VoIP VLANãã©ãã£ãã¯ã«å¿ èŠãªåž¯åå¹ ãä¿èšŒããããšãã§ããŸãããŸããVLANåå²ã¯é³å£°å質ã«é倧ãªåœ±é¿ãåãŒããããŒããã£ã¹ãããã«ããã£ã¹ããããã©ãã£ãã¯ãä¿è·ããããšãã§ããŸãã
ã¹ã€ããã¯ãããã¯ãŒã¯é㧠Voice VLANãèšå®ããVoIPãã©ãã£ãã¯ã« CoSå€ãèšå®ããããšãã§ããŸããVoIPãã©ãã£ãã¯ã¯ãã±ããã®éä¿¡å MACã¢ãã¬ã¹ããããã¯æ¥ç¶ããã VoIPããã€ã¹ãçºèŠããããã« LLDPïŒIEEE802.1ABïŒã䜿ãããšã§ãã¹ã€ããããŒãäžã«ãããŠæ€åºãããŸããVoIPãã©ãã£ãã¯ãèšå®ãããããŒãäžã§æ€åºããããšããã¹ã€ããã¯èªåçã« Voice VLANã®ã¿ã°ã¡ã³ããŒãšããŠããŒããå²ãåœãŠãŸããã¹ã€ããããŒããæåã§èšå®ããããšãã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
voice vlan Voice VLAN IDãèšå® GC P752
voice vlan aging Voice VLANããŒãã®ãšãŒãžã³ã°ã¿ã€ã ãèšå® GC P752
voice vlan mac-address VoIPããã€ã¹ã®MACã¢ãã¬ã¹ãèšå®
GCP753
switchport voice vlan Voice VLANããŒãã¢ãŒããèšå® IC P754
switchport voice vlan priority ããŒãã® VoIPãã©ãã£ãã¯ãã©ã€ãªãªãã£ãèšå® IC P754
switchport voice vlan rule èªå VoIPãã©ãã£ãã¯æ€åºã¡ãœãããããŒãã«èšå® IC P755
switchport voice vlan security ããŒãã® Voice VLANã»ãã¥ãªãã£ãæå¹ IC P756
show voice vlan Voice VLANèšå®ã衚瀺 PE P757
751FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
voice vlan
VoIPãã©ãã£ãã¯ã®æ€åºãæå¹ã«ããVoice VLAN IDãå®çŸ©ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
voice vlan voice-vlan-id
no voice vlan
⢠voice-vlan-id â Voice VLAN IDãæå®ããŸãïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
voice vlan aging
Voice VLAN IDã¿ã€ã ã¢ãŠããèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
voice vlan aging minutes
no voice vlan
⢠minutes â ã¿ã€ã ã¢ãŠããæå®ããŸãïŒç¯å²ïŒ5-43200åïŒ
åæèšå®
1440å
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#voice vlan 1234Console(config)#
Console(config)#voice vlan aging 3000Console(config)#
752 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
voice vlan mac-address
OUIãã¬ãã©ããŒãªã¹ãã«è¿œå ãã MACã¢ãã¬ã¹ã®ç¯å²ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãªã¹ããããšã³ããªãåé€ããŸãã
ææ³
voice vlan mac-address mac-address mask mask-address { description description }
no voice vlan mac-address mac-address mask mask-address
⢠mac-address â ãããã¯ãŒã¯äžã® VoIPããã€ã¹ãèå¥ããMACã¢ãã¬ã¹ OUIãæå®ããŸãã(äŸïŒ01-23-45-00-00-00)
⢠mask-address â VoIPããã€ã¹ã®MACã¢ãã¬ã¹ã®ç¯å²ã確å®ããŸããïŒç¯å²ïŒ80-00-00-00-00-00 to FF-FF-FF-FF-FF-FFãåæèšå®ïŒFF-FF-FF-00-00-00ïŒ
⢠description â VoIPããã€ã¹ãèå¥ããããã®ãŠãŒã¶ãŒå®çŸ©ããã¹ãïŒç¯å²ïŒ1-32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠Maskã®èšå®ïŒãFF-FF-FF-00-00-00ããèšå®ãããšåã OUIçªå·ïŒæåã® 3ãªã¯ããããåäžïŒã§ãããã¹ãŠã®ããã€ã¹ã VoIPããã€ã¹ãšããŠèªèããŸããä»ã®å€ãæå®ããããšã§ MACã¢ãã¬ã¹ã®ç¯å²ãå¶éããããšãã§ããŸããããã§ãFF-FF-FF-FF-FF-FFããéžæãããš 1ã€ã® MACã¢ãã¬ã¹ã®ã¿ VoIPããã€ã¹ãšããŠèšå®ããŸã
äŸ
Console(config)#voice vlan mac-address 00-12-34-56-78-90 maskff-ff-ff-00-00-00 description A new phoneConsole(config)#
753FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport voice vlan
ããŒãã® Voice VLANã¢ãŒããæå®ããŸãã"no"ãåã«çœ®ãããšã§ãããŒãã® Voice VLANæ©èœãç¡å¹ã«ããŸãã
ææ³
switchport voice vlan < manual | auto >
no switchport voice vlan
⢠manual â Voice VLANæ©èœã¯ããŒãäžã§æå¹ã«ãªããŸãããããŒãã¯æå㧠Voice VLANã«è¿œå ãããŸãã
⢠auto â ããŒãã VoIPãã©ãã£ãã¯ãæ€åºãããšããããŒã㯠Voice VLANã®ã¿ã°ã¡ã³ããŒãšããŠè¿œå ãããŸããVoIPãã©ãã£ãã¯ãæ€åºããæ¹æ³ããOUIã 802.1ABã®ã©ã¡ããããéžæããªããŠã¯ãããŸãããOUIãéžæããå ŽåãTelephony OUI List㧠MACã¢ãã¬ã¹ã®ç¯å²ã確èªããŠãã ããã
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
switchport voice vlan priority
ããŒãã® VoIPãã©ãã£ãã¯ã«ãCoSãã©ã€ãªãªãã£ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
switchport voice vlan priority priority-value
no switchport voice vlan priority
priority-value â CoSãã©ã€ãªãªãã£å€ïŒç¯å²ïŒ0-6ïŒ
åæèšå®
6
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#switchport voice vlan autoConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#switchport voice vlan priority 5Console(config-if)#
754 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport voice vlan rule
ããŒã㧠VoIPãã©ãã£ãã¯ãæ€åºããæ¹æ³ãéžæããŸãã"no"ãåã«çœ®ãããšã§ãéžæããæ€åºã¡ãœãããç¡å¹ã«ããŸãã
ææ³
switchport voice vlan rule <oui | lldp>
no switchport voice vlan rule <oui | lldp>
⢠oui â VoIPããã€ã¹ããã®ãã©ãã£ãã¯ã¯éä¿¡å MACã¢ãã¬ã¹ã® Organizationally Unique IdentifierïŒOUIïŒã«ãã£ãŠæ€åºãããŸããOUIçªå·ã¯è£œé è ã«ãã£ãŠå²ãåœãŠãããããã€ã¹ã® MACã¢ãã¬ã¹ã®æåã® 3ãªã¯ããããæ§æããŸããã¹ã€ãããVoIPããã€ã¹ããã®ãã©ãã£ãã¯ãèªèããã«ã¯ãMACã¢ãã¬ã¹ã® OUIçªå·ãTelephony OUI Listã§æ§æããªããŠã¯ãããŸããã
⢠lldp â ããŒãã«æ¥ç¶ããã VoIPããã€ã¹çºèŠããããã« LLDPã䜿çšããŸããLLDP㯠System Capability TLVã®äžã® Telephone Bitãæå¹ã§ãããã©ããããã§ãã¯ããŸããLLDPïŒLink Layer Discovery ProtocolïŒã«ã€ããŠã¯ 836 ããŒãžã®ãLLDPã³ãã³ãããåç §ããŠãã ããã
åæèšå®
OUIïŒæå¹
LLDPïŒç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#switchport voice vlan rule ouiConsole(config-if)#
755FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport voice vlan security
ããŒãã®ãVoIPãã©ãã£ãã¯ã®ã»ãã¥ãªãã£ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ããã£ã«ã¿ãªã³ã°ãç¡å¹ã«ããŸãã
ææ³
switchport voice vlan security
no switchport voice vlan security
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#switchport voice vlan securityConsole(config-if)#
756 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show voice vlan
Voice VLANèšå®æ å ±ããã³ OUIãã¬ãã©ããŒãªã¹ãã衚瀺ããŸãã
ææ³
show voice vlan <oui | status>
oui â OUIãã¬ãã©ããŒãªã¹ãã®è¡šç€ºããŸãã
status â ã°ããŒãã«ããã³ããŒãã® Voice VLANèšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show voice vlan statusGlobal Voice VLAN StatusVoice VLAN Status : EnabledVoice VLAN ID : 1234Voice VLAN aging time : 1440 minutes
Voice VLAN Port SummaryPort Mode Security Rule Priority-------- -------- -------- --------- --------Eth 1/ 1 Auto Enabled OUI 6Eth 1/ 2 Disabled Disabled OUI 6Eth 1/ 3 Manual Enabled OUI 5Eth 1/ 4 Auto Enabled OUI 6Eth 1/ 5 Disabled Disabled OUI 6Eth 1/ 6 Disabled Disabled OUI 6Eth 1/ 7 Disabled Disabled OUI 6Eth 1/ 8 Disabled Disabled OUI 6Eth 1/ 9 Disabled Disabled OUI 6Eth 1/10 Disabled Disabled OUI 6
Console#show voice vlan ouiOUIAddress Mask Description00-12-34-56-78-9A FF-FF-FF-00-00-00 old phones00-11-22-33-44-55 FF-FF-FF-00-00-00 new phones00-98-76-54-32-10 FF-FF-FF-FF-FF-FF Chris' phone
Console#
757FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
4.19 Class Of Service
éä¿¡ã®éå¯ã«ãããã±ãããã¹ã€ããã«ãããã¡ãããå Žåãéä¿¡ã®åªå æš©ãæã€ããŒã¿ãã±ãããæ確ã«ããããšãã§ããŸããæ¬æ©ã¯åããŒãã« 4段éã®ãã©ã€ãªãªãã£ãã¥ãŒãæ〠CoSããµããŒãããŸããããŒãã®æé«ãã©ã€ãªãªãã£ãã¥ãŒã®ä»ããããŒã¿ãã±ããã¯ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã®ãã±ãããããå ã«éä¿¡ãããŸããåããŒãã«å¯Ÿãããã©ã«ããã©ã€ãªãªãã£ãåãã¥ãŒã®éã¿ã®é¢é£ããã¬ãŒã ãã©ã€ãªãªãã£ã¿ã°ã®ãããã³ã°ãã¹ã€ããã®ãã¥ãŒã«ä»ããããšãã§ããŸãã
4.19.1 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 2ïŒ
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
PriorityïŒLayer 2ïŒ
ã¿ã°ãªããã¬ãŒã ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå®ããã¥ãŒãŠãšã€ãã®èšå®ãCoSã¿ã°ã®ããŒããŠã§ã¢ãã¥ãŒãžã®ãããã³ã°
P758
PriorityïŒLayer 3 and 4 ïŒ
TCPããŒãã IP DSCP ã¿ã°ã® CoSå€ãžã®èšå® P763
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
queue modeãã¥ãŒã¢ãŒãã "strict"å㯠" Weighted Round-Robin (WRR)"ã«èšå®
GC P759
queue weightAssigns round-robin weights to the priority queues
GC
switchportpriority default
å ¥åã¿ã°ãªããã¬ãŒã ã«ããŒããã©ã€ãªãªãã£ãèšå®
IC P761
show interfacesswitchport
ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšã¹ããŒã¿ã¹ã®è¡šç€º
PE P630
show queue mode çŸåšã®ãã¥ãŒã¢ãŒãã衚瀺 PE P762
show queue weight
éã¿ä»ãããããã¥ãŒã«å²ãåœãŠããããŠã§ã€ãã衚瀺
PE P762
758 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
queue mode
ãã¥ãŒã¢ãŒãã®èšå®ãè¡ããŸããCoSã®ãã©ã€ãªãªãã£ãã¥ãŒã strictåã¯Weighted Round-Robin (WRR)ã®ã©ã¡ãã®ã¢ãŒãã§è¡ãããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
queue mode < strict | wrr | strict-wrr [queue-type-list ] >
no queue mode
⢠strict â åºåãã¥ãŒã®é«ããã©ã€ãªãªãã£ã®ãã¥ãŒãåªå ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã¯é«ããã©ã€ãªãªãã£ã®ãã¥ãŒããã¹ãŠãªããªã£ãåŸã«éä¿¡ãããŸãã
⢠wrr â WRRã¯ãã¥ãŒ 0-3ã«ããããã¹ã±ãžã¥ãŒãªã³ã°ãŠãšã€ã 1ã2ã4ã6ãèšå®ãããã®å€ã«å¿ããŠåž¯åãå ±æããŸãã
⢠strict-wrr â Strictãã©ã€ãªãªãã£ã¯é«ãã©ã€ãªãªãã£ãã¥ãŒãšæ®ãã®ãã¥ãŒã® SDWRRã«äœ¿çšãããŸãã
⢠queue-type-list â ãã¥ãŒãããŒãã«ãŸã㯠Strictã©ã¡ãã®ã¿ã€ãã§ãããã瀺ããŸããïŒãªãã·ã§ã³ïŒ0ã¯ããŒãã«ãã¥ãŒã1㯠Strictãã¥ãŒïŒ
åæèšå®
Strict and WRR, with Queue 3 using strict mode
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ã¢ãŒãã "strict"ã«èšå®ããå Žåãåºåãã¥ãŒã®é«ããã©ã€ãªãªãã£ã®ãã¥ãŒãåªå ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã¯é«ããã©ã€ãªãªãã£ã®ãã¥ãŒããã¹ãŠãªããªã£ãåŸã«éä¿¡ãããŸãããã©ã€ãªãªãã£ã¢ãŒãã "wrr"ã«èšå®ããå ŽåãWRRã¯ãã¥ãŒ 0-3ã«ããããã¹ã±ãžã¥ãŒãªã³ã°ãŠãšã€ã 1ã2ã4ã6ãèšå®ãããã®å€ã«å¿ããŠåãã¥ãŒã®äœ¿çšããæéã®å²åãèšå®ã垯åãå ±æããŸããããã«ãã "strict"ã¢ãŒãæã«çºçãã HOL Blockingãåé¿ããããšãå¯èœãšãªããŸãã
⢠ã¹ã€ãã㯠Strictãã©ã€ãªãªãã£ãSDWRRãStrictãšWeightedã®çµåããã«åºã¥ããŠãããŒããã¥ãŒã«ãµãŒãã¹ãæäŸããããšãå¯èœã§ãã
⢠Strictãã©ã€ãªãªãã£ã¯ãäœãã©ã€ãªãªãã£ãã¥ãŒã«ãµãŒãã¹ãæäŸãããåã«ãé«ãã©ã€ãªãªãã£ãã¥ãŒã®å šãŠã®ãã©ãã£ãã¯ãåŠçãããããšãå¿ èŠãšããŸãã
äŸ
æ¬äŸã§ã¯ãã¥ãŒã¢ãŒãã Strictã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
queue weightïŒP760ïŒshow queue modeïŒP762ïŒ
Console(config)#queue mode strictConsole(config)#
759FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
queue weight
å éããããã¥ãŒã€ã³ã°ã䜿çšããæã«ããŠã§ã€ãã 4ã€ã® Class of ServiceïŒCoSïŒãã©ã€ãªãªãã£ãã¥ãŒã«å²ãåœãŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
queue weight [ weight0...weight3 ]
no queue weight
⢠weight0...weight3 â 0-3ãã¥ãŒã®ãŠã§ã€ãã®æ¯ç㯠SWDRRã¹ã±ãžã¥ãŒã©ã«ãã£ãŠäœ¿çšããããŠã§ã€ãã決å®ããŸããïŒç¯å²ïŒ1-255ïŒ
åæèšå®
Weights 1, 2, 4, 6 ã¯ãããããã¥ãŒ 0-3ã«å²ãåœãŠãããŸãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠垯åã¯ãããããã®ã©ãŠã³ãã«ã€ããŠã®æ¯ç§ãã€ãã®æ£ç¢ºãªæ°ãèšç®ããããšã«ãã£ãŠãããããã®ãã¥ãŒã«å²ãåœãŠãããŸãã
äŸ
é¢é£ããã³ãã³ã
queue modeïŒP762ïŒshow queue weightïŒP762ïŒ
Console(config)#queue weight 1 2 3 4Console(config)#
760 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
switchport priority default
å ¥åãããã¿ã°ãªããã¬ãŒã ã«å¯ŸããŠãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport priority default default-priority-id
no switchport priority default
⢠default-priority-id â å ¥åãããã¿ã°ãªããã¬ãŒã ãžã®ãã©ã€ãªãªãã£çªå·ïŒ0-7ã7ãæé«ã®ãã©ã€ãªãªãã£ïŒ
åæèšå®
ãã©ã€ãªãªãã£æªèšå®ãã¿ã°ãªããã¬ãŒã ãžã®åæèšå®å€ã¯ 0ã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IP DSCPãããã©ã«ããã©ã€ãªãªãã£ã®é çªã§ãã
⢠ããã©ã«ããã©ã€ãªãªãã£ã¯ãã¿ã°ãªããã¬ãŒã ãåä¿¡ããéã«èšå®ãããŸããå ¥åããããã¬ãŒã ã IEEE8021Qã¿ã°ä»ãã¬ãŒã ã®å ŽåãIEEE802.1pã®ãã©ã€ãªãªã㣠bitã䜿çšãããŸãããã®ãã©ã€ãªãªãã£ã¯ IEEE802.1Q VLAN taggingãã¬ãŒã ã«ã¯é©çšãããŸããã
⢠æ¬æ©ã§ã¯ 4段éã®ãã©ã€ãªãªãã£ãã¥ãŒãåããŒãã«æäŸããŸãããããã¯éã¿ä»ãã©ãŠã³ãããã³ã䜿çšãã"show queue bandwidth"ã³ãã³ãã䜿çšã確èªããããšãå¯èœã§ããã¿ã° VLANã§ã¯ãªãå ¥åãã¬ãŒã ã¯å ¥åããŒãã§ã¿ã°ã«ããããã©ã«ããã©ã€ãªãªãã£ãä»ããããé©åãªãã©ã€ãªãªãã£ãã¥ãŒã«ããåºåããŒãã«éãããŸãããã¹ãŠã®ããŒãã®ããã©ã«ããã©ã€ãªãªãã£ã¯ "0"ã«èšå®ãããŠããŸãããããã£ãŠãåæèšå®ã§ã¯ãã©ã€ãªãªãã£ã¿ã°ãæããªããã¹ãŠã®å ¥åãã¬ãŒã ã¯åºåããŒãã® "0"ãã¥ãŒãšãªããŸãïŒåºåããŒããã¿ã°ãªãã«èšå®ãããŠããå Žåãéä¿¡ããããã¬ãŒã ã¯éä¿¡åã«ã¿ã°ãåãå€ãããŸãïŒ
äŸ
æ¬äŸã§ã¯ 3çªããŒãã®ããã©ã«ããã©ã€ãªãªãã£ã 5ã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
show interface switchportïŒP630ïŒ
Console(config)#interface ethernet 1/3Console(config-if)#switchport priority default 5
761FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
show queue mode
çŸåšã®ãã¥ãŒã¢ãŒãã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show queue weight
ãã¥ãŒã®éã¿ä»ãã«äœ¿çšããããŠã§ã€ãã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show queue mode
Queue Mode : Weighted Round Robin ModeConsole#
Console#show queue weight Queue ID Weight -------- ------ 0 1 1 2 2 4 3 6Console#
762 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
4.19.2 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 3 and 4ïŒ
ãã®é ã§ã¯ã¹ã€ããã®ãã¬ã€ã€ 3ã4ãã©ãã£ãã¯ãããã³ã°ã®èšå®ã«äœ¿çšããã³ãã³ãã«ã€ããŠè§£èª¬ããŸãã
*ãããã³ã°ãã©ã€ãªãªãã£å€ããå éš DSCPå€ãšããŒããŠã§ã¢ãã¥ãŒãžã®ãããã³ã°ã«äœ¿çšãããåæèšå®ã¯å€§å€æ°ã®ãããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ã®ãã©ã€ãªãªãã£ãµãŒãã¹ãæé©åããŸããç¹å®ã®ã¢ããªã±ãŒã·ã§ã³ã§ãã¥ãŒã€ã³ã°ã®åé¡ãèµ·ãããªãéããåæèšå®ã®ä¿®æ£ãè¡ãå¿ èŠã¯ãããŸããã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
qos map cos-dscpå éšåªå é äœåŠçã®ãããå ¥åãã±ããã®CoS/CFIå€ã per-hop behaviorããã³ drop precedenceå€ãžããã
IC P764
qos map dscp-mutation
å éšåªå é äœåŠçã®ãããå ¥åãã±ããã®DSCPå€ã per-hop behaviorããã³ drop precedenceå€ãžããã
IC P766
qos map phb-queue
å éš per-hop behaviorå€ãããŒããŠã§ã¢ãã¥ãŒãžããã
IC P767
qos map trust-mode QoSãããã³ã°ã DSCPãŸã㯠CoSãžèšå® IC P768
show qos map dscp-mutation
å ¥å DSCOããå éš DSCPãžã®ãããã衚瀺
PE P769
show qos map phb-queue
ããŒããŠã§ã¢ãã¥ãŒããããžã®å éš per-hop behaviorã衚瀺
PE P769
show qos map cos-dscp å éš DSCPããããžã®å ¥å CoSã衚瀺 PE P771
show qos map trust-mode QoSãããã³ã°ã¢ãŒãã衚瀺
PEP772
763FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
qos map cos-dscp
åªå é äœåŠçã®çºãå ¥åãã±ããã® CoS/CFIå€ã per-hop behaviorããã³ drop precedenceå€ãžãããããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
qos map cos-dscp phb drop-precedence from cos0 cfi0...cos7 cfi7
no qos map cos-dscp cos0 cfi0...cos7 cfi7
⢠phbâ ãã®ã«ãŒã¿ãããã§äœ¿çšããã Per-hop behaviorãŸãã¯ãã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ïŒ
⢠drop-precedence â ãã©ãã£ãã¯èŒ»èŒ³ã³ã³ãããŒã«ã® Random Early Detectionã«äœ¿çšããã Drop precedenceïŒç¯å²ïŒ0-ç·ã3-é»ã1-èµ€ïŒ
⢠cos â å ¥åãã±ããã® CoSå€ïŒç¯å²ïŒ0-7ïŒ
⢠cfi â æšæºãã©ãŒãããèå¥åïŒCanonical Format IndicatorïŒããã®ãã©ã¡ãŒã¿ã "0"ã«èšå®ããããšã¯ãMACã¢ãã¬ã¹æ å ±ã¯æšæºãã©ãŒãããå ã®ãã¬ãŒã ã§éã°ããããšã瀺ããŸããïŒç¯å²ïŒ0-1ïŒ
åæèšå®
ã³ãã³ãã¢ãŒã
Interface Configuration (Port, Static Aggregation)
ã³ãã³ã解説
⢠P764 ãå éš PHB/Drop Precedenceãžã® Cos/CFIã®ããã©ã«ããããã³ã°ãã«è¡šç€ºããã CoSãã PHBå€ãžã®åæãããã³ã°ã¯ãCoSå€ã®åºåãã¥ãŒãžã®ãããã³ã°ã®IEEE 802.1pã§æšå¥šãããèšå®ãåºã«ããŠããŸãã
⢠802.1Qããããä»å ãããŠãã IPãã±ãã以å€ã®ãã±ãããå°çããå ŽåãCoS/CFI-to-PHB/Drop Precedenceãããã³ã°ããŒãã«ã¯ãã©ã€ãªãªãã£ããã³å éšåŠçã®drop precedenceå€ãçæããŸãããªãªãžãã«ãã±ããã®ãã©ã€ãªãªãã£ã¿ã°ã¯ãã®ã³ãã³ãã§ã¯ç·šéãããŸããã
å éš PHB/Drop Precedenceãžã® Cos/CFIã®ããã©ã«ããããã³ã°
ãããããCFI 0 1
Cos
0 ïŒ0,0ïŒ ïŒ0,0ïŒ
1 ïŒ1,0ïŒ ïŒ1,0ïŒ
2 ïŒ2,0ïŒ ïŒ2,0ïŒ
3 ïŒ3,0ïŒ ïŒ3,0ïŒ
4 ïŒ4,0ïŒ ïŒ4,0ïŒ
5 ïŒ5,0ïŒ ïŒ5,0ïŒ
6 ïŒ6,0ïŒ ïŒ6,0ïŒ
7 ïŒ7,0ïŒ ïŒ7,0ïŒ
764 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
⢠å éš DSCPã¯ãã±ãããéããããã¥ãŒã決å®ãã per-hop behavior (PHB)ã® 3ããããšããã©ãã£ãã¯èŒ»èŒ³ãã³ã³ãããŒã«ãã Random EarlyDetection (RED)ã§äœ¿çšããã 2ãããã® drop precedenceããæããŸãã
⢠ãããã¡ã 1-8ããŒãã§æ倧 16ãã±ããã9-10ããŒãã§æ倧 72ãã±ãããäžæ¯ã«ãªã£ãæãREDã¯é»ã®ãããããéå§ããŸããããŸãããããã¡ã 1-8ããŒãã§æ倧58ãã±ããã9-10ããŒãã§æ倧 80ãã±ãããäžæ¯ã«ãªã£ãæãè²ã«é¢ä¿ãªãå šãŠã®ãã±ãããããããããŸãã
⢠æå®ãããããã³ã°ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#qos map cos-dscp 0 0 from 0 1Console(config-if)#
765FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
qos map dscp-mutation
åªå é äœåŠçã®çºãå ¥åãã±ããã® DSCPå€ã per-hop behaviorããã³ drop precedenceå€ã«ãããããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
qos map dscp-mutation phb drop-precedence from dscp0 ... dscp7
no qos map dscp-mutation dscp0 ... dscp7
⢠phbâ ãã®ã«ãŒã¿ãããã§äœ¿çšããã Per-hop behaviorãŸãã¯ãã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ïŒ
⢠drop-precedence â ãã©ãã£ãã¯èŒ»èŒ³ã³ã³ãããŒã«ã® Random Early Detectionã«äœ¿çšããã Drop precedenceïŒç¯å²ïŒ0-ç·ã3-é»ã1-èµ€ïŒ
⢠dscp â å ¥åãã±ããã® DSCPå€ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
*å ¥å DSCP㯠ingress-dscp10ïŒå·Šã³ã©ã ã®æãéèŠãªåïŒãš ingress-dscp1ïŒæãéèŠåºŠã®äœãäžçªäžã®è¡ïŒã§æ§æãããŠããŸããïŒingress-dscp = ingress-dscp10 * 10 + ingress-dscp1ïŒå¯Ÿå¿ããå éš DSCPã¯ããŒãã«ã®éãªãã»ã«ã«ç€ºãããŸããå ¥å DSCPã¯ãããã¯ã€ãºã drop precedenceã決å®ããããã« 2é²æ³ã®å€ 11㧠ANDããšãããŸããããçµæãšããŠä¹ããå€ã 2é²ã® 10ã§ãããªããdrop precedence㯠0ã«ã»ãããããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Port, Static Aggregation)
ã³ãã³ã解説
⢠ãã®ããã㯠"qos map trust-mode"ã³ãã³ãïŒP768ïŒã§ QoSãããã³ã°ã¢ãŒãã "DSCP"ã«èšå®ãããŠããŠãå ¥åãã±ããã¿ã€ãã IPv4ã®æã®ã¿äœ¿çšãããŸãã
⢠ãããã¡ãæ倧 0x60ãã±ãããäžæ¯ã«ãªã£ãæãRandom Early Detectionã¯é»ãšèµ€ã®ãããããéå§ããŸããããŸãããããã¡ã 0x 80ãã±ãããäžæ¯ã«ãªã£ãæãè²ã«é¢ä¿ãªãå šãŠã®ãã±ãããããããããŸãã
⢠æå®ãããããã³ã°ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
å éš PHB/Drop Precedenceãžã® DSCPå€ã®ããã©ã«ããããã³ã°
ããããingressããããdscp1
0 1 2 3 4 5 6 7 8 9
ingressdscp10
0 ïŒ0,0ïŒ ïŒ0,1ïŒ ïŒ0,0ïŒïŒ0,3ïŒ ïŒ0,0ïŒ ïŒ0,1ïŒ ïŒ0,0ïŒ ïŒ0,3ïŒ ïŒ1,0ïŒ ïŒ1,1ïŒ
1 ïŒ1,0ïŒ ïŒ1,3ïŒ ïŒ1,0ïŒïŒ1,1ïŒ ïŒ1,0ïŒ ïŒ1,3ïŒ ïŒ2,0ïŒ ïŒ2,1ïŒ ïŒ2,0ïŒ ïŒ2,3ïŒ
2 ïŒ2,0ïŒ ïŒ2,1ïŒ ïŒ2,0ïŒïŒ2,3ïŒ ïŒ3,0ïŒ ïŒ3,1ïŒ ïŒ3,0ïŒ ïŒ3,3ïŒ ïŒ3,0ïŒ ïŒ3,1ïŒ
3 ïŒ3,0ïŒ ïŒ3,3ïŒ ïŒ4,0ïŒïŒ4,1ïŒ ïŒ4,0ïŒ ïŒ4,3ïŒ ïŒ4,0ïŒ ïŒ4,1ïŒ ïŒ4,0ïŒ ïŒ4,3ïŒ
4 ïŒ5,0ïŒ ïŒ5,1ïŒ ïŒ5,0ïŒïŒ5,3ïŒ ïŒ5,0ïŒ ïŒ5,1ïŒ ïŒ6,0ïŒ ïŒ5,3ïŒ ïŒ6,0ïŒ ïŒ6,1ïŒ
5 ïŒ6,0ïŒ ïŒ6,3ïŒ ïŒ6,0ïŒïŒ6,1ïŒ ïŒ6,0ïŒ ïŒ6,3ïŒ ïŒ7,0ïŒ ïŒ7,1ïŒ ïŒ7,0ïŒ ïŒ7,3ïŒ
6 ïŒ7,0ïŒ ïŒ7,1ïŒ ïŒ7,0ïŒïŒ7,3ïŒ
766 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
äŸ
qos map phb-queue
å éš per-hop behaviorå€ã«åºã¥ããŠäœ¿çšãããããŒããŠã§ã¢ã¢ãŠãããããã¥ãŒã決å®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
qos map phb-queue queue-id from phb0 ... phb7no qos map phb-queue phb0 ... phb7
⢠phbâ ãã®ã«ãŒã¿ãããã§äœ¿çšããã Per-hop behaviorãŸãã¯ãã©ã€ãªãªãã£ïŒç¯å²ïŒ0-7ïŒ
⢠queue-id â ãã©ã€ãªãªãã£ãã¥ãŒã® IDïŒç¯å²ïŒ0-7ã7ãæé«ãã©ã€ãªãªãã£ãã¥ãŒïŒ
åæèšå®
ã³ãã³ãã¢ãŒã
Interface Configuration (Port, Static Aggregation)
ã³ãã³ã解説
⢠ããŒã¯ãŒã "from"ã«ç¶ããŠãã¥ãŒèå¥åãããããŠæ倧 8ã€ã®ã¹ããŒã¹ã§åå²ãããå éš per-hop behaviorå€ãå ¥åããŠãã ããã
⢠åºåãã±ããã¯ãã®ã³ãã³ãã§å®çŸ©ããããããã³ã°ã«åŸããããŒããŠã§ã¢ãã¥ãŒã«çœ®ãããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#qos map dscp-mutation 3 1 from 1Console(config-if)#
å éš Per-hop Behaviorãããžã®ããŒããŠã§ã¢ãã¥ãŒãžã®ãããã³ã°
Per-hop Behavior 0 1 2 3 4 5 6 7
Hardware Queues 1 0 0 1 2 2 3 3
Console(config)#interface ethernet 1/5Console(config-if)#qos map phb-queue 0 from 1 2 3Console(config-if)#
767FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
qos map trust-mode
QoSãããã³ã°ã DSCPãŸã㯠CoSã«ã»ããããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
qos map trust-mode < dscp | cos >no qos map trust-mode
⢠dscpâ QoSãããã³ã°ã¢ãŒãã DSCPã«èšå®
⢠cos â QoSãããã³ã°ã¢ãŒãã CoSã«èšå®
åæèšå®
CoS
ã³ãã³ãã¢ãŒã
Interface Configuration (Port, Static Aggregation)
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㧠QoSãããã³ã°ã¢ãŒãã DSCPã«èšå®ããå ¥åãã±ããã IPv4ã§ããå Žåããã©ã€ãªãªãã£åŠçã¯å ¥åãã±ããã® DSCPå€ãåºã«ããŸãã
⢠QoSãããã³ã°ã¢ãŒãã DSCPã«èšå®ããIPãã±ãã以å€ãåä¿¡ããéããã±ãããã¿ã°ä»ãã§ãããªããã±ããã® CoSãš CFå€ IïŒæšæºãã©ãŒãããèå¥åïŒããã©ã€ãªãªãã£åŠçã«äœ¿çšãããŸããã¿ã°ç¡ããã±ããã®å Žåããã©ã€ãªãªãã£åŠçã«ã¯ããã©ã«ãããŒããã©ã€ãªãªãã£ïŒ761 ããŒãžã®ãswitchport priority defaultããåç §ïŒã䜿çšãããŸãã
⢠ãã®ã³ãã³ã㧠QoSãããã³ã°ã¢ãŒãã CoSã«èšå®ããå ¥åãã±ããã IPv4ã§ããå Žåããã©ã€ãªãªãã£åŠçã¯å ¥åãã±ããã® CoSããã³ CFIå€ãåºã«ããŸããã¿ã°ç¡ããã±ããã®å Žåããã©ã€ãªãªãã£åŠçã«ã¯ããã©ã«ãããŒããã©ã€ãªãªãã£ïŒ761 ããŒãžã®ãswitchport priority defaultããåç §ïŒã䜿çšãããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#qos map trust-mode dscpConsole(config-if)#
768 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
show qos map dscp-mutation
å éš DSCPããããžã®å ¥å DSCPã衚瀺ããŸãã
ææ³
show qos map dscp-mutation interface interface
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ãïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã®ãããã¯ã"qos map trust-mode"ã³ãã³ãïŒP768ïŒã«ãã£ãŠ QoSãããã³ã°ã¢ãŒãã "DSCP"ã«èšå®ãããŠãããå ¥åãã±ããã¿ã€ãã IPv4ã®æã«ã®ã¿äœ¿çšãããŸãã
äŸ
Console#show qos map dscp-mutation interface ethernet 1/5dscp mutation map.(x,y),x: phb,y: drop precedence: d1: d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------------------------- 0 : (0,0) (0,1) (0,0) (0,3) (0,0) (0,1) (0,0) (0,3) (1,0) (1,1) 1 : (1,0) (1,3) (1,0) (1,1) (1,0) (1,3) (2,0) (2,1) (2,0) (2,3) 2 : (2,0) (2,1) (2,0) (2,3) (3,0) (3,1) (3,0) (3,3) (3,0) (3,1) 3 : (3,0) (3,3) (4,0) (4,1) (4,0) (4,3) (4,0) (4,1) (4,0) (4,3) 4 : (5,0) (5,1) (5,0) (5,3) (5,0) (5,1) (5,0) (5,3) (6,0) (6,1) 5 : (6,0) (6,3) (6,0) (6,1) (6,0) (6,3) (7,0) (7,1) (7,0) (7,3) 6 : (7,0) (7,1) (7,0) (7,3)Console#
769FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
show qos map phb-queue
ããŒããŠã§ã¢ãã¥ãŒããããžã®å éš per-hop behaviorã衚瀺ããŸãã
ææ³
show qos map phb-queue interface interface
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ãïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show qos map phb-queue interface ethernet 1/5Information of Eth 1/5 phb-queue map: phb: 0 1 2 3 4 5 6 7 ------------------------------------------------------- queue: 1 0 0 1 2 2 3 3Console#
770 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
show qos map cos-dscp
å éš DSCPããããžã®å ¥å CoS/CFIã衚瀺ããŸãã
ææ³
show qos map cos-dscp interface interface
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ãïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show qos map cos-dscp interface ethernet 1/5COS Information of Eth 1/5 cos-dscp map.(x,y),x: phb,y: drop precedence: cos : cfi 0 1 --------------------------------- 0 (0,0) (0,0) 1 (1,0) (1,0) 2 (2,0) (2,0) 3 (3,0) (3,0) 4 (4,0) (4,0) 5 (5,0) (5,0) 6 (6,0) (6,0) 7 (7,0) (7,0)Console#
771FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Class Of Service
show qos map trust-mode
QoSãããã³ã°ã¢ãŒãã衚瀺ããŸãã
ææ³
show qos map trust-mode interface interface
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ãïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show qos map trust-mode interface ethernet 1/5Information of Eth 1/5
ãCOS Map mode: ããããããcos modeConsole#
772 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
4.20 Quality of Service
ãã®ç« ã§èšèŒãããŠããã³ãã³ã㯠QoS(Quality of Service)æ©èœã®åºæºãšãµãŒãã¹ããªã·ãŒãæ§æããããã«äœ¿çšãããŸããDiffServ(Differentiated Services)æ©èœã¯ããããã¯ãŒã¯äžãæµãããã¬ãŒã ã® 1ã€ã®åäœãç¹å®ã®ãã©ãã£ãã¯ã®èŠä»¶ã«åèŽãããããããããã¯ãŒã¯ãªãœãŒã¹ãåªå ãã管çæ©èœãæäŸããŸããããããã®ãã±ããã¯ã¢ã¯ã»ã¹ãªã¹ããIP PrecedenceãDSCPãVLANãªã¹ããããŒã¹ã«ãããããã¯ãŒã¯ã®äžã®ãšã³ããªã«ãã£ãŠåé¡ãããŸããã¢ã¯ã»ã¹ãªã¹ãã䜿çšããããšã«ãããããããã®ãã±ãããå«ãã§ããã¬ã€ã€ 2ïœ 4ã®æ å ±ãå ã«ãã©ãã£ãã¯ã®éžå¥ãèš±å¯ããŸããèšå®ããããããã¯ãŒã¯ããªã·ãŒãããŒã¹ã«ããŠãç°ãªãçš®é¡ã®ãã©ãã£ãã¯ã«å¯Ÿããç°ãªãçš®é¡ã®è»¢éã®ããã«å°ãä»ããããšãã§ããŸãã
ã³ãã³ã æ©èœã¢ãŒã
ããŒãž
class-map ã¯ã©ã¹ããããäœæ GC P775
description ã¯ã©ã¹ãããã®èª¬æãæå® CM P776
match ã¯ã©ã¹åé¡ã®ãããã©ãã£ãã¯ã«äœ¿ãæ¡ä»¶ãå®çŸ© CM P777
rename ã¯ã©ã¹ãããã®ååãåå®çŸ© CM P778
policy-map ããªã·ãŒããããäœæ GC P779
description ã¯ã©ã¹ãããã®èšè¿°ãæå® PM P776
class ããªã·ãŒäžã§å®è¡ããã¯ã©ã¹ãèšå® PM P780
rename ã¯ã©ã¹ãããã®ååãåå®çŸ© PM P778
police flow ã¡ãŒã¿ããããããŒã¬ãŒãã«åºã¥ããŠãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©
PM-C P781
police srtcm-color
Single rate three color meterã«åºã¥ããŠãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©
PM-C P782
police trtcm-color
two rate three color meterã«åºã¥ããŠãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©
PM-C P784
set coså éšåŠçã®ããã«ããããããã±ããã«ããã㊠CoSå€ã§èšå®ããã IPãã©ãã£ãã¯ããµãŒãã¹
PM-C P786
set phbå éšåŠçã®ããã«ããããããã±ããã«ããã㊠per-hop behaviorå€ã§èšå®ããã IPãã©ãã£ãã¯ããµãŒãã¹
PM-C P787
service-policy ããªã·ãŒããããã€ã³ã¿ãŒãã§ãŒã¹ã«é©çš IC P788
show class-map ã¯ã©ã¹ãããã®æ å ±ã衚瀺 PE P789
show policy-map ããªã·ãŒãããã®æ å ±ã衚瀺 PE P790
show policy-map interface
ã€ã³ã¿ãŒãã§ãŒã¹ã«èšå®ãããããªã·ãŒãããã®æ å ±ã衚瀺
PE P791
773FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
æå®ãããå ¥åãã©ãã£ãã¯ã®ã«ããŽãªã®ãµãŒãã¹ããªã·ãŒãäœæããã«ã¯ã以äžã®æé ã«åŸã£ãŠãã ããã
ïŒ1ïŒ"Class-map"ã³ãã³ãã䜿çšããŠãæå®ãããã©ãã£ãã¯ã®ã«ããŽãªã«ã¯ã©ã¹åãæå®ããã¯ã©ã¹ãããèšå®ã¢ãŒããžç§»è¡ããŸãã
ïŒ2ïŒ"match"ã³ãã³ãã䜿çšããã¢ã¯ã»ã¹ãªã¹ãã»DSCPã»IP Precedenceå€ãŸãã¯VLANãããŒã¹ã«ãæå®ãããã©ãã£ãã¯ã®ã¿ã€ããéžæããŸãã
ïŒ3ïŒACLã "match"ã³ãã³ãã§ã§æå®ãããåºæºã®ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããããã«èšå®ããŸãã
ïŒ4ïŒ"Policy-map"ã³ãã³ãã䜿çšããŠãå ¥åãã©ãã£ãã¯ãåŠçãããæå®ãããããŒã®ããªã·ãŒåãæåããããªã·ãŒãããèšå®ã¢ãŒããžç§»è¡ããŸãã
ïŒ5ïŒ"class"ã³ãã³ãã䜿çšããã¯ã©ã¹ããããèå¥ããŠããªã·ãŒãããã¯ã©ã¹èšå®ã¢ãŒããžç§»è¡ããŸããããªã·ãŒãããã¯è€æ°ã®ã¯ã©ã¹ã¹ããŒãã¡ã³ããå«ãããšãåºæ¥ãŸãã
ïŒ6ïŒ"set phb"ãŸã㯠"set cos"ã䜿çšããããããããã©ãã£ãã¯ã¯ã©ã¹ã® per-hop behaviorãŸã㯠CoSã®ç·šéãè¡ããŸãããŸãã"police"ã³ãã³ãã®ããããã䜿çšããå¹³åãããŒããã³ããŒã¹ãã¬ãŒãã®ãããªãã©ã¡ãŒã¿ãã¢ãã¿ããæå®ããã¬ãŒããè¶ ãããã©ãã£ãã¯ãããããããããæå®ããã¬ãŒããè¶ ãããã©ãã£ãã¯ã®DSCPãµãŒãã¹å€ãæžå°ããŸãã
ïŒ7ïŒ"service-policy"ã³ãã³ãã䜿çšããŠãããªã·ãŒããããæå®ã®ã€ã³ã¿ãã§ãŒã¹ãžå²ãåœãŠãŸãã
[泚æ ]ãããªã·ãŒãããïŒP779ïŒãäœæããåã«ãã¯ã©ã¹ããã ïŒP775ïŒãäœæããŠãã ããã
774 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
class-map
ãã®ã³ãã³ãã¯ã¯ã©ã¹ããããäœæããã¯ã©ã¹ãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«ç§»è¡ããŸããnoãä»ãããšã¯ã©ã¹ããããåé€ããã°ããŒãã«ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«æ»ããŸãã
ææ³
class-map class-map-name { match-any }
no class-map class-map-name
⢠match-any â ã¯ã©ã¹ãããã®æ¡ä»¶ã®ãã¡ãããã 1ã€ã«äžèŽãããã©ãã£ãã¯ã察象
⢠class-map-name â ã¯ã©ã¹ãããåïŒ1-16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æåã«ãã®ã³ãã³ããå®è¡ããŠã¯ã©ã¹ããããäœæããã¯ã©ã¹ãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ããŸãã次ã«å ¥åãã©ãã£ãã¯ã®åé¡æ¡ä»¶ã matchã³ãã³ãã§æå®ããŸãã
⢠1ã€ä»¥äžã®ã¯ã©ã¹ããããããªã·ãŒãããïŒP779ïŒ ã«å²ãåœãŠãããšãå¯èœã§ããããªã·ãŒãããã¯ããããããµãŒãã¹ããªã·ãŒã«ãã£ãŠã€ã³ã¿ãã§ãŒã¹ã«ããŠã³ããããŸã ïŒP788ïŒããµãŒãã¹ããªã·ãŒã¯ãã±ããåé¡ããµãŒãã¹ã¿ã®ã³ã°ã垯åããªãã·ã³ã°ãå®çŸ©ããŸããããªã·ãŒããããã€ã³ã¿ãã§ãŒã¹ã«ããŠã³ãããããšãè¿œå ã¯ã©ã¹ãããã¯ããªã·ãŒãããã«å ããããã"match"ãŸã㯠"set"ã³ãã³ãã§å²ãåœãŠãããã¯ã©ã¹ãããã«å€æŽã¯è¡ãããŸããã
äŸ
é¢é£ããã³ãã³ã
show class mapïŒP789ïŒ
Console(config)#class-map rd_class match-anyConsole(config-cmap)#match ip dscp 3Console(config-cmap)#
775FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
description
ã¯ã©ã¹ããããŸãã¯ããªã·ãŒãããã®èª¬æãå ¥åããŸãã
ææ³
description string
string â ã¯ã©ã¹ããããŸãã¯ããªã·ãŒãããã®èª¬æïŒç¯å²ïŒ1-64æåïŒ
ã³ãã³ãã¢ãŒã
Class Map Configuration
Policy Map Configuration
äŸ
Console(config)#class-map rd-class#1Console(config-cmap)#description matchesConsole(config-cmap)#
776 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
match
ãã®ã³ãã³ãã¯ãã©ãã£ãã¯ãåé¡ããããã«äœ¿çšããæ¡ä»¶ãèšå®ããŸããnoãä»ãããšåºæºãåé€ããŸãã
ææ³
match { access-list acl-name | ip dscp dscp | ip precedence ip-precedence | vlan vlan }
no match access-list acl-name
⢠acl-name â ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãªã¹ãåïŒ1-16æåïŒ
⢠dscp â DSCPå€ïŒç¯å²ïŒ0-63ïŒ
⢠ip-precedence â IP Precedenceå€ïŒç¯å²ïŒ0-7ïŒ
⢠vlan â VLANïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Class Map Configuration
ã³ãã³ã解説
⢠æåã« class-mapã³ãã³ããå®è¡ããŠã¯ã©ã¹ããããäœæããã¯ã©ã¹ãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ããŸãã次ã«ãã®ã¯ã©ã¹ãããäžã§åèŽããããå ¥åãã±ããäžã®å€ã matchã³ãã³ãã§æå®ããŸãã
â¢ å ¥åãã±ãããããã®ã³ãã³ãã§æå®ããã ACLã«ãããããå ŽåãACLã«å«ãŸããæåŠã«ãŒã«ã¯ç¡èŠãããŸãã
⢠ãããåºæºã IP ACLãŸã㯠IPãã©ã€ãªãªãã£ã«ãŒã«ãå«ãå ŽåãVLANã«ãŒã«ã¯åãã¯ã©ã¹ãããã«å«ãŸããããšãåºæ¥ãŸããã
⢠ãããåºæºã MAC ACLãŸã㯠VLANã«ãŒã«ãå«ãå ŽåãIP ACLãš IPãã©ã€ãªãªãã£ã«ãŒã«ã®ããããåãã¯ã©ã¹ãããã«å«ãŸããããšãåºæ¥ãŸããã
⢠æ倧 16ããããšã³ããªãã¯ã©ã¹ãããã«å«ãŸããããšãå¯èœã§ãã
äŸ
Console(config)#class-map rd_class#1_ match-anyConsole(config-cmap)#match ip dscp 3Console(config-cmap)#
777FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
rename
ã¯ã©ã¹ããããŸãã¯ããªã·ãŒãããã®ååãåå®çŸ©ããŸãã
ææ³
rename map-name
map-name â ã¯ã©ã¹ããããŸãã¯ããªã·ãŒãããã®ååïŒç¯å²ïŒ1-16æåïŒ
ã³ãã³ãã¢ãŒã
Class Map Configuration
Policy Map Configuration
äŸ
Console(config)#class-map rd-class#1Console(config-cmap)#rename rd-class#9Console(config-cmap)#
778 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
policy-map
ãã®ã³ãã³ãã¯ããªã·ãŒããããäœæããããªã·ãŒãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ããŸããnoãä»ãããšããªã·ãŒãããã¯åé€ãããã°ããŒãã«ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«æ»ããŸãã
ææ³
policy-map policy-map-name
no policy-map policy-map-name
⢠policy-map-name â ããªã·ãŒãããåïŒ1-16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ããªã·ãŒãããã®ååãèšå®ããããã« policy-mapã³ãã³ãã䜿çšããŸãã次ã«ã¯ã©ã¹ãããã§æå®ãããæ¡ä»¶ã«åèŽãããã©ãã£ãã¯ã«ããªã·ãŒãèšå®ãããããclassã³ãã³ãã䜿çšããŸãã
⢠ããªã·ãŒãããã¯è€æ°ã®ã" service-policy"ã³ãã³ãã§åãã€ã³ã¿ãã§ãŒã¹ã«é©çšãããã¯ã©ã¹ã¹ããŒãã¡ã³ããå«ãããšãã§ããŸãã
⢠ããªã·ãŒããããäœæããåã«ã¯ã©ã¹ããããäœæããå¿ èŠããããŸãã
äŸ
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set cos 0Console(config-pmap-c)#police flow 10000 4000 conform-action transmit violate-action dropConsole(config-pmap-c)#
779FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
class
ãã®ã³ãã³ãã¯ããªã·ãŒããããå®è¡ããã¯ã©ã¹ããããæå®ããããªã·ãŒãããã»ã¯ã©ã¹ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ããŸããnoãä»ãããšã¯ã©ã¹ããããåé€ããããªã·ãŒãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«æ»ããŸãã
ææ³
class class-map-name
no class class-map-name
⢠class-map-name â ã¯ã©ã¹ãããåïŒ1-16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Configuration
ã³ãã³ã解説
⢠ããªã·ãŒãããã®èšå®ãè¡ãããã« policy-mapã³ãã³ãã䜿çšããããªã·ãŒãããã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ããŸãã次ã«ããªã·ãŒãããã»ã¯ã©ã¹ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã¢ãŒãã«å ¥ãããã« classã³ãã³ãã䜿çšããŸãããããŠæåŸã«ãsetã³ãã³ããš policeã³ãã³ãã䜿çšããŠèšå®ãè¡ããŸãã
ïŒ set phbïŒããããããã±ããã« per-hop behaviorå€ãèšå®ããããïŒå éšåŠçã®ããã®ã¿ãã±ãããã©ã€ãªãªãã£ãä¿®æ£ïŒ
ïŒ set cosïŒããããããã±ããã« CoSå€ãèšå®ããããïŒVLANã¿ã°ã®ãã±ãããã©ã€ãªãªãã£ãä¿®æ£ïŒ
ïŒ policeïŒã³ãã³ãã¯æ倧ã¹ã«ãŒããããããŒã¹ãã¬ãŒãçãèŠåã«åŸããªããããããã©ãã£ãã¯ã«å¯Ÿãã察å¿ãå®çŸ©ããŸãã
⢠1ã€ã®ã¯ã©ã¹ããããããæ倧 16åã®ã«ãŒã«ãèšå®ã§ããŸãããŸããããªã·ãŒãããã«ã¯è€æ°ã®ã¯ã©ã¹ãæå±ãããããšãã§ããŸãã
äŸ
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set phb 3Console(config-pmap-c)#police flow 10000 4000 conform-action transmit
ãviolate-action dropConsole(config-pmap-c)#
780 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
police flow
metered flow rateãåºã«ãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©ããŸãã"no"ãåã«çœ®ãããšã§ããªãµãåé€ããŸãã
ææ³
[no] police flow committed-rate committed-burst conform-action transmit
violate-action { drop | new-dscp }
⢠committed-rate â ã¬ãŒããæå®ãïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒãã§64-10000000 kbpsïŒã¬ãŒãã¯èšå®ãããã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããŸããã
⢠committed-burst â ããŒã¹ããµã€ãºãæå®ãïŒç¯å²ïŒ4kãã€ãã®ç²ŸåºŠã§ 4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠conform-action â ãã±ããã CIRãš BCå ã§ããæã®ã¢ã¯ã·ã§ã³ã
⢠violate-action â ãã±ããã CIRãš BC ãè¶ ããæã®ã¢ã¯ã·ã§ã³ã
⢠transmit â ã¢ã¯ã·ã§ã³ãããã«éä¿¡ã
⢠drop â éåã¢ã¯ã·ã§ã³ã«ãã£ãŠãã±ãããããããããŸãã
⢠new-dscp â DSCPå€ãå®çŸ©ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Configuration
ã³ãã³ã解説
â¢ å ¥åããŒãã«æ倧 16ã®ããªãµïŒã¯ã©ã¹ãããïŒãèšå®ã§ããŸãã
⢠committed-rateã¯ã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããšã¯ã§ãããcommitted-burstã¯16 Mbytesãè¶ããããšãã§ããŸããã
⢠ããªã·ã³ã°ã¯ããŒã¯ã³ãã±ããåºã«ãããã±ãã®æ·±ãïŒæ倧ããŒã¹ãã«ãªãåã®ãªãŒããŒãããŒïŒã¯ committed-burstãã£ãŒã«ãã§æå®ããããã±ãã«å ããããããŒã¯ã³ã®å¹³åã¬ãŒã㯠committed-rateãªãã·ã§ã³ã§æå®ãããŸãã
⢠ã¡ãŒã¿ã®ãµããŸãã¯ã1ã€ã®ãã±ãïŒCïŒãããŒã¯ã³ãå¢å ããã¬ãŒãïŒCIRïŒCommitted Information RateïŒãããŒã¯ã³ãã±ãã®æ倧ãµã€ãºïŒBCïŒ Committed Burstãµã€ãºïŒã«é¢ããŠç®å®ãããŸããããŒã¯ã³ãã±ã Cã¯åæç¶æ ã§æºæ¯ã§ãããŒã¯ã³ã«ãŠã³ã㯠Tc(0) = BCã«ãªããŸãããã®åŸã¯ä»¥äžã®ããã«æ¯ç§ CIR åãã€æŽæ°ãããŸãã
ã»Tc ã BCããå°ãããã°ã²ãšã€ã ãå¢å ãããã
ã»Tcã¯å¢å ããªãã
æå» t ã« B ãã€ãã®ãã±ãããå°çãããã以äžã®ããã«åäœããŸãã
781FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
ã»Tc(t)-B e 0ã®å Žåããã±ããã¯ç·ã«è²ã¥ããããTcã Bã ãæžå°ãããïŒTc ã®æäœå€ã¯ 0ïŒ
ã»ãã±ããã¯èµ€è²ã«ãããTc ã Te ãæžå°ããªã
äŸ
police srtcm-color
single rate three color meter (srTCM)ãåºã«ãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©ããŸãã"no"ãåã«çœ®ãããšã§ããªãµãåé€ããŸãã
ææ³
[no] police {srtcm-color-blind | srtcm-color-aware} committed-rate committed-burst
excess-burst conform-action transmit exceed-action {drop | new-dscp}
violate action {drop | new-dscp}
⢠srtcm-color-blind â ã«ã©ãŒãã€ã³ãã¢ãŒãã® Single rate three color meter
⢠srtcm-color-aware â ã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã® Single rate three color meter
⢠committed-rate â ã³ãããããã information rate (CIR)
⢠committed-burst â ããŒã¹ããµã€ãºãæå®ãïŒç¯å²ïŒ4kãã€ãã®ç²ŸåºŠã§ 4000-16000000ïŒ
⢠excess-burst â è¶ éããŒã¹ããµã€ãºïŒç¯å²ïŒ4kãã€ãã®ç²ŸåºŠã§ 4000-16000000ïŒ
⢠conform-action â ãã±ããã CIRãš BCå ã§ããæã®ã¢ã¯ã·ã§ã³
⢠exceed-action â ã¬ãŒãã CIRããã³ BCãè¶ éããããã©ãBEå ã§ããæã®ã¢ã¯ã·ã§ã³
⢠violate action â ãã±ããã BEãè¶ éããæã®ã¢ã¯ã·ã§ã³
⢠transmit â ã¢ã¯ã·ã§ã³ãããã«éä¿¡
⢠drop â éåã¢ã¯ã·ã§ã³ã«ãã£ãŠãã±ãããããããããŸãã
⢠new-dscp â DSCPå€ãå®çŸ©ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Class Configuration
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set phb 3Console(config-pmap-c)#police flow 100000 4000 conform-action transmit
ãviolate-action dropConsole(config-pmap-c)#
782 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
ã³ãã³ã解説
â¢ å ¥åããŒãã«æ倧 16ã®ããªãµïŒã¯ã©ã¹ãããïŒãèšå®ã§ããŸãã
⢠committed-rateã¯ã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããšã¯ã§ãããcommitted-burstã¯16 Mbytesãè¶ããããšãã§ããŸããã
⢠SrTCM㯠RFC2697ã§å®çŸ©ãããããã«ããã©ãã£ãã¯ã¹ããªãŒã ã枬ãã3ã€ã®ãã©ãã£ãã¯ãã©ã¡ãŒã¿ã«åŸã£ãŠãã±ãããåŠçããŸããïŒ Committed Information Rate (CIR), Committed Burst Size (BC), and Excess Burst Size (BE)
⢠PHBã©ãã«ã¯ã3ãããã® per-hop behaviorã2ãããã®ãã¥ãŒèŒ»èŒ³ã®ã³ã³ãããŒã«ã«äœ¿çšãããã«ã©ãŒã¹ããŒã ã® 5ãããã§æ§æãããŸããCIRãš BCãè¶ éããªãå Žåããã±ããã¯ç·ã«ããŒã¯ãããCIRãš BCãè¶ éããBEã¯ããŠããªãå Žåã¯é»ã«ããŒã¯ããããã®ä»ã¯èµ€ãšãªããŸãã
⢠ã¡ãŒã¿ã¯æ¬¡ã®äºã€ã®ã¢ãŒãã®ãã¡ã©ã¡ããã§åäœããŸããã«ã©ãŒãã€ã³ãã¢ãŒãã§ã¯ãã±ããã«ããŒãã³ã° (è²ä»ã )ããããŠããªããšã¿ãªããã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã§ã¯ãããããäœããã®å段ã®ååšããã±ããã«ããŒãã³ã°ïŒè²ä»ãïŒãããŠãããšã¿ãªããŸããïŒãã±ããã¯æ¢ã«ç·ã»é»è²ã»èµ€ã®ããããïŒãIPãã±ããã®è²ä»ãã¯ã¡ãŒã¿ã®çµæã«åŸã£ãŠããŸããè²ã¯ãã±ããã® DSãã£ãŒã«ãïŒRFC2474ïŒã§ã³ãŒãåãããŸãã
⢠ã¡ãŒã¿ã®ãµããŸãã¯ãã¢ãŒãã®åºæºãšãå ±éã®ã¬ãŒããµãŒã¯ã«ãå ±æãã Cãš Eã®ãµãã€ã®ããŒã¯ã³ãã±ãã§æå®ãããŸããCã®æ倧å€ã¯ BCãEã®æ倧å€ã¯ BEã§ããCãš Eã¯æå» 0 ã§ã¯æºæ¯ã§ãïŒTc(0) = BCãTe(0) = BEïŒããã®åŸã¯ä»¥äžã®ããã«æ¯ç§ CIR åãã€æŽæ°ãããŸãã
ã»Tc ã BCããå°ãããã°ã²ãšã€ã ãå¢å ãããã
ã»Te ã BE ããå°ãããã°ã²ãšã€ã ãå¢å ãããã
ã»Tc ã Te ãå¢ããããªãã
æå» t ã« B ãã€ãã®ãã±ãããå°çããããsrTCMãã«ã©ãŒãã€ã³ãã¢ãŒãã§æ©èœããŠããæã以äžã®ããã«åäœããŸã
ã»Tc(t)-B e 0ã®æããã±ããã¯ç·ã«ãªã Tc㯠0ã®æå°å€ãŸã§ Bæžå°ããã
ã»Te(t)-B e 0ã®æããã±ããã¯é»ã«ãªããTc㯠0ã®æå°å€ãŸã§ Bæžå°ããã
ã»ãã®ä»ã¯ãã±ããã¯èµ€ã«ãªããTcã Teãæžå°ããªãã
æå» t ã« B ãã€ãã®ãã±ãããå°çããããsrTCMãã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã§æ©èœããŠããæã以äžã®ããã«åäœããŸã
ã»ãã±ãããåãã£ãŠç·ã«å¡ãããTc(t)-B e 0ã®æããã±ããã¯ç·ã«ãªããTc㯠0ã®æå°å€ãŸã§ Bæžå°ããã
ã»ãã±ãããåãã£ãŠé»ã«å¡ãããTe(t)-B e 0ã®æããã±ããã¯é»ã«ãªããTeã¯0ã®æå°å€ãŸã§ Bæžå°ããã
ã»ãã®ä»ã¯ãã±ããã¯èµ€ã«ãªããTcã Teãæžå°ããªãã
783FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
äŸ
police trtcm-color
two rate three color meter (trTCM)ãåºã«ãåé¡ããããã©ãã£ãã¯ã®ãšã³ãã©ãŒãµãå®çŸ©ããŸãã"no"ãåã«çœ®ãããšã§ããªãµãåé€ããŸãã
ææ³
[no] police {trtcm-color-blind | trtcm-color-aware} committed-rate committed-burst peak-rate peak-burst conform-action transmit exceed-action {drop | new-dscp}
violate action {drop | new-dscp}
⢠trtcm-color-blind â ã«ã©ãŒãã€ã³ãã¢ãŒãã® Two rate three color meter
⢠trtcm-color-aware â ã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã® Two rate three color meter
⢠committed-rate â ã¬ãŒããæå®ãïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒãã§64-10000000 kbpsïŒã¬ãŒãã¯èšå®ãããã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããŸããã
⢠committed-burst â ããŒã¹ããµã€ãºãæå®ãïŒç¯å²ïŒ4kãã€ãã®ç²ŸåºŠã§ 4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠peak-rate (PIR) â ã¬ãŒããæå®ïŒç¯å²ïŒ64kbpsã®ç²ŸåºŠãŸãã¯æ倧ããŒãã¹ããŒãã§64-1000000ïŒ
⢠peak-burst â ããŒã¹ããµã€ãºãæå®ïŒç¯å²ïŒ4kbpsã®ç²ŸåºŠã§ 4000-16000000ïŒããŒã¹ããµã€ãºã¯ 16Mbytesãè¶ããããŸããã
⢠conform-action â ãã±ããã CIRãš BPå ã§ããæã®ã¢ã¯ã·ã§ã³
⢠violate actionâ ãã±ããã CIRãš BCãè¶ ããæã®ã¢ã¯ã·ã§ã³
⢠drop â éåã¢ã¯ã·ã§ã³ã«ãã£ãŠãã±ãããããããããŸãã
⢠transmit â ã¢ã¯ã·ã§ã³ãããã«éä¿¡ã
⢠new-dscp â DSCPå€ãå®çŸ©ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Class Configuration
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set phb 3Console(config-pmap-c)#police srtcm-color-blind 100000 4000 6000 conformactiontransmit exceed-action 0 violate-action dropConsole(config-pmap-c)#
784 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
ã³ãã³ã解説
â¢ å ¥åããŒãã«æ倧 16ã®ããªãµïŒã¯ã©ã¹ãããïŒãèšå®ã§ããŸãã
⢠committed-rateã¯ã€ã³ã¿ãã§ãŒã¹ã¹ããŒããè¶ããããšã¯ã§ãããcommitted-burstã¯16 Mbytesãè¶ããããšãã§ããŸããã
⢠SrTCM㯠RFC2698ã§å®çŸ©ãããããã«ããã©ãã£ãã¯ã¹ããªãŒã ã枬ãã2ã€ã®ãã©ãã£ãã¯ã¬ãŒãã«åŸã£ãŠãã±ãããåŠçããŸããïŒ Committed Information Rate (CIR), Peak Information Rate (PIR)ãŸãã¯ããããé¢é£ããããŒã¹ããµã€ãºïŒBCïŒãããŒã¯ããŒã¹ããµã€ãºïŒBPïŒ
⢠PHBã©ãã«ã¯ã3ãããã® per-hop behaviorã2ãããã®ãã¥ãŒèŒ»èŒ³ã®ã³ã³ãããŒã«ã«äœ¿çšãããã«ã©ãŒã¹ããŒã ã® 5ãããã§æ§æãããŸããRIPãè¶ éããå Žåãã±ããã¯èµ€ã«ãªããCIRãè¶ éãããããªããã§é»ãŸãã¯ç·ã®ããããã«ãªããŸããTrTCMã¯ãµãŒãã¹ã®å ¥åããªãã·ã³ã°ã«åœ¹ç«ã¡ãŸããããŒã¯ã¬ãŒãã¯ã³ããããããã¬ãŒãããåºå¥ãããŠå®æœããå¿ èŠããããŸãã
⢠ããŒã¯ã³ãã±ã Pãš Cã¯åæç¶æ ã§æºæ¯ã§ãããŒã¯ã³ã«ãŠã³ã㯠Tp(0) = BPãTc(0) = BCã«ãªããŸãããã®åŸã¯ä»¥äžã®ããã«æ¯ç§ CIR åãã€æŽæ°ãããŸãã
æå» t ã« B ãã€ãã®ãã±ãããå°çããããtrTCMãã«ã©ãŒãã€ã³ãã¢ãŒãã§æ©èœããŠããæã以äžã®ããã«åäœããŸã
ã»Tp(t)-B < 0ã®æã ãã±ããã¯èµ€ã«ãªãã
ã»Tc(t)-B < 0ã®ãšãããã±ããã¯é»ã«ãªããTP㯠Bæžå°ããã
ã»ãã±ããã¯ç·ã«ãªããTpãš Tcã®äž¡æ¹å ±ã Bæžå°ããã
æå» t ã« B ãã€ãã®ãã±ãããå°çããããtrTCMãã«ã©ãŒã¢ãŠã§ã¢ã¢ãŒãã§æ©èœããŠããæã以äžã®ããã«åäœããŸãïŒ
ã»ãã±ãããåãã£ãŠèµ€ã«å¡ãããããTp(t)-B < 0ã®æããã±ããã¯èµ€ã«ãªãã
ã»ãã±ãããåãã£ãŠé»ã«å¡ãããããTc(t)-B < 0ã®æããã±ããã¯é»ã«ãªããTp㯠BçŸè±¡ããã
ã»ãã±ãããç·ã§ãTpãš Tcã Bæžå°ããã
äŸ
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set phb 3Console(config-pmap-c)#police trtcm-color-blind 100000 4000 100000 6000 conform-action transmit exceed-action 0 violate-action dropConsole(config-pmap-c)#
785FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
set cos
ãã±ããã® VLANã¿ã°ã§ãããããããã±ããïŒ"match"ã³ãã³ãã§æå®ãããïŒã® CoSå€ã®å€æŽãè¡ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
set cos cos-value
no set cos cos-value
⢠cos-value â CoSã®å€ïŒ0-7ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Class Configuration
ã³ãã³ã解説
⢠"set cos"ã³ãã³ãã¯ããããããã±ããã® VLANã¿ã°å ã® CoSå€ã®èšå®ã«äœ¿çšãããŸãã
⢠"set cos"ããã³ "set phb"ã³ãã³ãã¯ãã©ã€ãªãªãã£ã®åãã¬ãã«ã§æ©èœããŸãããã®ããããããã®ã³ãã³ãã®ããããã®èšå®ã¯ãä»ã®ã³ãã³ãã«ãã£ãŠãã§ã«èšå®ãããŠããã¢ã¯ã·ã§ã³ãäžæžãããŸãã
äŸ
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set cos 3Console(config-pmap-c)#police flow 10000 4000 conform-action transmit
ãviolate-action dropConsole(config-pmap-c)#
786 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
set phb
å éšåŠçã§ãããããããã±ããïŒ"match"ã³ãã³ãã«ãã£ãŠæå®ãããïŒã® per-hop behaviorå€ãèšå®ããããšã«ãã£ãŠãIPãã©ãã£ãã¯ããµãŒãã¹ããŸãã"no"ãåã«çœ®ãããšã§ãã®èšå®ãåé€ããŸãã
ææ³
set phb phb-value
no set phb phb-value
⢠phb-value â PHBã®å€ïŒ0-7ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Policy Map Class Configuration
ã³ãã³ã解説
⢠"set cos"ããã³ "set phb"ã³ãã³ãã¯ãã©ã€ãªãªãã£ã®åãã¬ãã«ã§æ©èœããŸãããã®ããããããã®ã³ãã³ãã®ããããã®èšå®ã¯ãä»ã®ã³ãã³ãã«ãã£ãŠãã§ã«èšå®ãããŠããã¢ã¯ã·ã§ã³ãäžæžãããŸãã
⢠"set phb"ã³ãã³ãã¯ããããããã±ãã (P766 ãå éš PHB/Drop Precedenceãžã®DSCPå€ã®ããã©ã«ããããã³ã°ããåç § )ã®ããŒããŠã§ã¢ã®å éš QoSå€ãèšå®ããããã«äœ¿çšããŸããQoSã©ãã«ã¯ 3ãããã® per-hop behaviorã2ãããã®ãã¥ãŒèŒ»èŒ³ã®ã³ã³ãããŒã«ãè¡ãã«ã©ãŒã¹ããŒã ã® 5ãããããæ§æãããŸãã
äŸ
Console(config)#policy-map rd-policyConsole(config-pmap)#class rd-classConsole(config-pmap-c)#set phb 3Console(config-pmap-c)#police flow 10000 4000 conform-action transmit violate-action dropConsole(config-pmap-c)#
787FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
service-policy
"policy-map"ã³ãã³ãã§å®çŸ©ãããããªã·ãŒããããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®å ¥åãµã€ãã«é©çšããŸãã"no"ãåã«çœ®ãããšã§ãã®ãããã³ã°ãåé€ããŸãã
ææ³
service-policy input policy-map-name
no service-policy input policy-map-name
⢠input â å ¥åãã©ãã£ãã¯ã«ã€ã³ã¿ãã§ãŒã¹ãé©çš
⢠policy-map-name â ããªã·ãŒãããåïŒ1-32æåïŒ
åæèšå®
ã€ã³ã¿ãã§ãŒã¹ã«ããªã·ãŒãããã¯æªé©çš
ã³ãã³ãã¢ãŒã
Interface Configuration (EthernetãPort Channel)
ã³ãã³ã解説
⢠ã€ã³ã¿ãŒãã§ãŒã¹ã«ã¯ 1ã€ã®ããªã·ãŒãããã®ã¿å²ãåœãŠãããšãã§ããŸãã
⢠æåã«ã¯ã©ã¹ããããå®çŸ©ãã次ã«ããªã·ãŒããããèšå®ããæåŸã« service-policyã³ãã³ãã䜿çšããŠå¿ èŠãªã€ã³ã¿ãŒãã§ãŒã¹ã«ããªã·ãŒããããé¢é£ä»ããŠãã ããã
⢠æ¬æ©ã§ã¯ãããªã·ãŒããããåºåãã©ãã£ãã¯ã®ã€ã³ã¿ãã§ãŒã¹ã«ããŠã³ãããããšã¯åºæ¥ãŸããã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#service-policy input rd_policyConsole(config-if)#
788 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
show class-map
ãã®ã³ãã³ã㯠matchã³ãã³ãã§èšå®ãã QoSã®ã¯ã©ã¹ãããã衚瀺ããŸãã
ææ³
show class-map { class-map-name }
⢠class-map-name â ã¯ã©ã¹ãããåïŒ1-32æåïŒ
åæèšå®
å šãŠã®ã¯ã©ã¹ãããã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show class-mapClass Map match-any rd-class#1Description: Match ip dscp 10 Match access-list rd-access Match ip dscp 0
Class Map match-any rd-class#2 Match ip precedence 5
Class Map match-any rd-class#3 Match vlan 1
Console#
789FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
show policy-map
ãã®ã³ãã³ã㯠QoSã®ããªã·ãŒãããã衚瀺ããŸãã
ææ³
show policy-map { policy-map-name class class-map-nameïœ
⢠policy-map-name â ããªã·ãŒãããåïŒ1-16æåïŒ
⢠class-map-name â ã¯ã©ã¹ãããåïŒ1-16æåïŒ
åæèšå®
å šãŠã®ããªã·ãŒãããããã³ã¯ã©ã¹ãããã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show policy-mapPolicy Map rd_policyDescription: class rd-class set phb 3Console#show policy-map rd-policy class rd-classPolicy Map rd-policy class rd-class set phb 3Console#
790 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Quality of Service
show policy-map interface
ãã®ã³ãã³ãã¯ã€ã³ã¿ãŒãã§ãŒã¹ã«å²ãåœãŠããããµãŒãã¹ããªã·ãŒã衚瀺ããŸãã.
ææ³
show policy-map interface interface input
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show policy-map interface 1/5 inputService-policy rd-policyConsole#
791FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
4.21 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMP (Internet Group Management Protocol)ã䜿çšããç¹å®ã®ãã«ããã£ã¹ããµãŒãã¹ãåããããã¹ãã«å¯ŸããŠã¯ãšãªãå®è¡ããŸãããªã¯ãšã¹ãããŠãããã¹ããæå±ããããŒããç¹å®ãããããã®ããŒãã«ã®ã¿ããŒã¿ãéããŸãããã«ããã£ã¹ããµãŒãã¹ãåãåãç¶ããããã«ãé£æ¥ãããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«ãµãŒãã¹ãªã¯ãšã¹ããäŒæ¬ããŸãã
4.21.1 IGMP Snooping ã³ãã³ã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
IGMPSnooping
IGMP snoopingåã¯éçèšå®ã«ãããã«ããã£ã¹ãã°ã«ãŒãã®èšå®ãIGMPããŒãžã§ã³ã®èšå®ãèšå®ç¶æ ããã«ããã£ã¹ããµãŒãã¹ã°ã«ãŒããã¡ã³ããŒã®è¡šç€º
P792
StaticMulticast Routing éçãã«ããã£ã¹ãã«ãŒã¿ããŒãã®èšå® P816
IGMP Filtering and Throttling IGMPãã£ã«ã¿ãªã³ã°ããã³ã¹ããããªã³ã°ã®èšå® P818
Multicast VLAN Registration MVRã®èšå® P829
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip igmp snooping IGMP snoopingã®æå¹å GC P794
ip igmp snooping proxy-reporting
ãããã·ã¬ããŒãã£ã³ã°ã§ IGMPã¹ããŒãã³ã°ãæå¹å
GC P795
ip igmp snooping querier
ãã®è£ 眮ã IGMPã¹ããŒãã³ã°ã®ã¯ãšãªã¢ã«ããŸãã
GC P796
ip igmp snooping router-alert-option-check
ã«ãŒã¿ã¢ã©ãŒããªãã·ã§ã³ãå«ãŸãªã IGMPv2/v3ãã±ãããç Žæ£
GC P797
ip igmp snooping router-port- expire-time
ã¯ãšãªã¢ã¿ã€ã ã¢ãŠããèšå® GC P798
ip igmp snooping tcn-flood
ã¹ããã³ã°ããªãŒããããžã«å€æŽããã£ãæããã«ããã£ã¹ããã©ãã£ãã¯ããã©ãã
GC P799
ip igmp snooping tcn-query-solicit
ã¹ããã³ã°ããªãŒããããžã«å€æŽããã£ãæãIGMPã¯ãšãªã¢èŠè«ãéä¿¡
GC P800
ip igmp snoopingunregistered-data-flood
æªç»é²ã®ãã«ããã£ã¹ããã©ãã£ãã¯ãä»å±ããVLANã«ãã©ãã
GC P801
ip igmp snoopingunsolicited-report-interval
ã¢ããã¹ããªãŒã ã€ã³ã¿ãã§ãŒã¹ãéèŠè« IGMPã¬ããŒããéä¿¡ããééãæå®ïŒãããã·ã¬ããŒãã£ã³ã°ãæå¹æïŒ
GC P802
ip igmp snooping version ã¹ããŒãã³ã°ã® IGMPããŒãžã§ã³ãèšå® GC P803
792 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping version-exclusive
çŸåšã®èšå®ãšç°ãªãããŒãžã§ã³ã䜿çšããåä¿¡ããã IGMPã¡ãã»ãŒãžãç Žæ£
GC P804
ip igmp snooping vlan general-query-suppression
ããŠã³ã¹ããªãŒã ãã«ããã£ã¹ããã¹ãã«å±ããããŒã以å€ã®éåžžã¯ãšãªãæå¶
GC P805
ip igmp snooping vlan immediate-leave
ããŒã㧠Leaveãã±ãããåä¿¡ããã芪 VLANã§immediate-leaveãæå¹ã®å Žåããã«ããã£ã¹ããµãŒãã¹ã®ã¡ã³ããŒããŒããçŽã¡ã«åé€
GC P806
ip igmp snooping vlan last-memb-query-count
ã·ã¹ãã ãããŒã«ã«ãªã¡ã³ããŒãããªããšæ³å®ããåã«éããã IGMPãããã·ã¯ãšãªã¡ãã»ãŒãžã®æ°ãèšå®
GC P807
ip igmp snooping vlan last-memb-query-intvl
last-member-queryééãèšå® GC P808
ip igmp snooping vlan mrd ãã«ããã£ã¹ãã«ãŒã¿èŠè«ã¡ãã»ãŒãžãéä¿¡ GC P809
ip igmp snooping vlan proxy-address
ãããã· IGMPã¯ãšãªãšã¬ããŒãã®éçã¢ãã¬ã¹ãèšå®
GC P810
ip igmp snooping vlan proxy-query-interval
IGMPãããã·éåžžã¯ãšãªã®éä¿¡ééãèšå® GC P811
ip igmp snooping vlan proxy-query-resp-intvl
ã·ã¹ãã ããããã·éåžžã¯ãšãªã®è¿çãåŸ ã€æ倧æéãèšå®
GC P812
ip igmp snooping vlan proxy-reporting
ãããã·ã¬ããŒãã£ã³ã°ã® IGMPã¹ããŒãã³ã°ãæå¹å
GC P795
ip igmp snooping vlan static
ã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ãã°ã«ãŒãã®ã¡ã³ããŒãšããŠè¿œå
GC P813
ip igmp snoopingvlan version ã¹ããŒãã³ã°ã® IGMPããŒãžã§ã³ãèšå® GC P803
ip igmp snoopingvlan version-exclusive
çŸåšã®èšå®ãšç°ãªãããŒãžã§ã³ã䜿çšããåä¿¡ããã IGMPã¡ãã»ãŒãžãç Žæ£
GC P804
show ip igmpsnooping
IGMPã¹ããŒãã³ã°ããããã·ãã¯ãšãªèšå®ã衚瀺
PE P814
show ip igmpsnooping group
æ¢ç¥ã®ãã«ããã£ã¹ãã°ã«ãŒãããœãŒã¹ããã¹ãããŒããããã³ã°ã衚瀺
PE P815
793FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping
IGMP snoopingãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
ip igmp snooping { vlan vlan-id }
no ip igmp snooping
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§æå¹æãIGMPã¹ããŒãã³ã°ã® VLANã€ã³ã¿ãã§ãŒã¹æ¯ã®èšå®ãåªå ãããŸãã
⢠IGMPã¹ããŒãã³ã°ãã°ããŒãã«ã§ç¡å¹æãã¹ããŒãã³ã°ã¯äŸç¶ VLANã€ã³ã¿ãã§ãŒã¹æ¯ã®èšå®ãè¡ããŸãããã€ã³ã¿ãã§ãŒã¹èšå®ã¯ã¹ããŒãã³ã°ãã°ããŒãã«ã§å床æå¹åããããŸã§å¹æã¯çºããŸããã
äŸ
æ¬äŸã§ã¯ IGMP snoopingãæå¹ã«ããŠããŸãã
Console(config)#ip igmp snoopingConsole(config)#
794 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping proxy-reporting
ãããã·ã¬ããŒãã£ã³ã°ã® IGMPã¹ããŒãã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] ip igmp snooping proxy-reporting
ip igmp snooping vlan vlan-id proxy-reporting < enable | disable >no ip igmp snooping vlan vlan-id proxy-reporting
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠enable â æå®ãã VLANã§æå¹
⢠disableâ æå®ãã VLANã§ç¡å¹
åæèšå®
ã°ããŒãã«ïŒæå¹
VLANïŒã°ããŒãã«èšå®ã«æºãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãããã·ã¬ããŒãã£ã³ã°ããã®ã³ãã³ãã§æå¹æãã¹ã€ãã㯠last leaveãquery suppression ãå«ã "IGMP Snooping with Proxy Reporting"ïŒ DSL Forum TR-101, April 2006ã§å®çŸ©ïŒãå®è¡ããŸãã
⢠IGMPãããã·ã¬ããŒãã£ã³ã°ã VLANã§èšå®ãããŠããå Žåããã®èšå®ã¯ã°ããŒãã«èšå®ãããåªå ãããŸãã
äŸ
Console(config)#ip igmp snooping proxy-reportingConsole(config)#
795FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping querier
ã¹ã€ããã IGMPã¯ãšãªã¢ãšããŠæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«ããŸãã
ææ³
ip igmp snooping querierno ip igmp snooping querier
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPv3ã¹ããŒãã³ã°ïŒ803 ããŒãžã®ãip igmp snooping versionããåç §ïŒã§ã¯ IGMPã¹ããŒãã³ã°ã¯ãšãªã¢ã¯ãµããŒããããŠããŸããã
⢠æå¹ã«ããå Žåãéžåºããããšã¹ã€ããã¯ã¯ãšãªã¢ãšããŠåäœããŸããã¯ãšãªã¢ã¯ãã¹ãã«ãã«ããã£ã¹ããã©ãã£ãã¯ã®åä¿¡ã®èŠæ±ãå°ãã責任ãæã¡ãŸãã
äŸ
Console(config)#ip igmp snooping querierConsole(config)#
796 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping router-alert-option-check
ã«ãŒã¿ã¢ã©ãŒããªãã·ã§ã³ã«å«ãŸãªã IGMPv2/v3ãã±ãããç Žæ£ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping router-alert-option-checkno ip igmp snooping router-alert-option-check
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã«ãŒã¿ã¢ã©ãŒããªãã·ã§ã³ã¯ DOSæ»æããä¿è·ããããã«ä»æ§ã§ããŸããæ»æã® 1ã€ã®æ¹æ³ã¯ãã¯ãšãªã¢ã®åœ¹å²ãåŒãç¶ãäŸµå ¥è ã«ãã£ãŠå§åãããå€æ°ã® group-and-source-specificã¯ãšãªã¢ãéããã«ããã£ã¹ããã¹ããžå éè² è·ããããããšãéå§ããããããã®å€§ããªãœãŒã¹ãªã¹ããšæ倧è¿çæéã倧ããªå€ã«èšå®ããŸãããã®çš®é¡ã®æ»æããä¿è·ãããããïŒ1ïŒã«ãŒã¿ã¯è³ªåã転éããªããã¯ãšãªãã«ãŒãã¢ã©ãŒããªãã·ã§ã³ã䌎ãå Žåãããã¯å®¹æã§ããïŒ2ïŒãŸããã¹ã€ããããã«ããã£ã¹ããšããŠè¡åããŠããæïŒãããã·ã«ãŒãã£ã³ã°äœ¿çšæã®ããã«ïŒã«ãŒã¿ã¢ã©ãŒããªãã·ã§ã³ãå«ãŸãªãããŒãžã§ã³ 2ãŸã㯠3ã¯ãšãªã¢ãç¡èŠããŸãã
äŸ
Console(config)#ip igmp snooping router-alert-option-checkConsole(config)#
797FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping router-port- expire-time
ã¯ãšãªã¢ã¿ã€ã ã¢ãŠããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping router-port-expire-time secondsno ip igmp snooping router-port-expire-time
⢠seconds â æéãåããããšãèæ ®ããåã«ãåã®ã¯ãšãªã¢ãåæ¢åæ¢ããåŸã«ã¹ã€ãããåŸ ã€æéïŒç¯å²ïŒ1-65535ãæšå¥šç¯å²ïŒ300-500ïŒ
åæèšå®
300ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#ip igmp snooping router-port-expire-time 400Console(config)#
798 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping tcn-flood
ã¹ããã³ã°ããªãŒããããžå€æŽéç¥ïŒTCNïŒãçºçããæããã«ããã£ã¹ããã©ãã£ãã¯ã®ãã©ããã£ã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã©ããã£ã³ã°ãç¡å¹ã«ããŸãã
ææ³
ip igmp snooping tcn-floodno ip igmp snooping tcn-flood
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¹ããã³ã°ããªãŒããããžãŒãã§ã³ãžçºçæãã¹ã€ããã«ãã£ãŠåŠç¿ãããŠãããã«ããã£ã¹ãã¡ã³ããŒã·ããæ å ±ã¯å€ããªããŸããäŸãã°ãããããžãŒãã§ã³ãžïŒTCïŒåã« 1ã€ã®ããŒããžãªã³ã¯ãããŠãããã¹ããä»ã®ããŒããžç§»åããæãªã©ã§ããåæèšå®ã§ã¯ãããããžãå®å®ããå šãŠã®ãã«ããã£ã¹ãã¬ã·ãŒãã®æ°ããå ŽæãåŠç¿ããããŸã§ãããªããžãããã³ã«ããŒã¿ïŒBPDUïŒãš TCãããã»ããïŒã«ãŒãããªããžã«ãã£ãŠïŒãåãåã VLANã®ã¹ã€ããïŒIGMPãæå¹ã«ãªã£ãŠããïŒã¯ "multicast flooding mode"ã«å ¥ããŸãã
⢠ããããžå€æŽéç¥ïŒTCNïŒãåãåããããšãå šãŠã®ã¢ãããªã³ã¯ããŒããç¶ããŠåé€ãããã¿ã€ã ã¢ãŠãã¡ã«ããºã ã¯çŸåšåŠç¿ãããŠããå šãŠã®ãã«ããã£ã¹ããã£ã³ãã«ã®åé€ã«äœ¿çšãããŸãã
⢠æ°ããã¢ãããªã³ã¯ããŒããã¹ã¿ãŒãã¢ããããæãã¹ã€ããã¯å šãŠã®çŸåšåŠç¿ãããŠãããæ°ããã¢ãããªã³ã¯ããŒããéã£ãŠå€ãžåºããã£ã³ãã«ã®éèŠè«ã¬ããŒããéä¿¡ããŸãã
⢠åæèšå®ã§ã¯ã¹ããã³ã°ããªãŒããããžå€æŽãçºçæãã¹ã€ããã¯çŽã¡ã« "multicast flooding mode"ãžå ¥ããŸãããã®ã¢ãŒãã§ã¯ããã«ããã£ã¹ããã©ãã£ãã¯ã¯å šãŠã® VLANããŒããžãã©ãããããŸããããå€ãã®ããŒããç°ãªããã«ããã£ã¹ãã°ã«ãŒããäºçŽããŠããå Žåããã©ããã£ã³ã°ã¯ã¹ã€ãããšãšã³ããã¹ãéã®ãªã³ã¯äžã§é床ã®ããŒãã£ã³ã°ãèµ·ããå¯èœæ§ããããŸãã
⢠ã¹ããã³ã°ããªãŒããããžãå€æŽãããæãã«ãŒãããªããžã¯ãã«ããã£ã¹ããã£ã³ãã«ã«é¢é£ãããã¹ãã¡ã³ããŒã·ãããšããŒããæ©æ¥ã«ååŠç¿ããããã«ããããã·ã¯ãšãªãéä¿¡ããŸããã«ãŒãããªããžã¯ãŸãããã® VLANã®ãã«ããã£ã¹ãã«ãŒã¿ã®äœçœ®ãå®ããçºãæ©æ¥ã«éèŠè« Multicast Router Discover (MRD) ãªã¯ãšã¹ããéä¿¡ããŸãããããã·ã¯ãšãªãšéèŠè« MRDãªã¯ãšã¹ãã¯ã¹ã€ããããã®ãããªãã±ãããåãåã£ãæã«ãåä¿¡ããŒããé€ãå šãŠã® VLANããŒãã«ãã©ãããããŸãã
äŸ
Console(config)#ip igmp snooping tcn-floodConsole(config)#
799FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping tcn-query-solicit
ã¹ããã³ã°ããªãŒããããžå€æŽéç¥ïŒTCNïŒãèµ·ããæã«ãã¹ã€ããã IGMPéåžžã¯ãšãªèŠè«ãéä¿¡ããŸãã
"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
ip igmp snooping tcn-query-solicitno ip igmp snooping tcn-query-solicit
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¹ããã³ã°ããªãŒã®ã«ãŒãããªããžã IGMPã¹ããŒãã³ã°ãæå¹ã«ãªã£ãŠãã VLANã®ããããžå€æŽéç¥ãåä¿¡ããæãã°ããŒãã«ã® IGMP leave messageãçºè¡ããŸã (ã¯ãšãªèŠè« )ãã¹ã€ããããã®èŠè«ãåä¿¡ããæãããã¯ã¹ããã³ã°ããªãŒå€æŽãçºçãã VLANã®å šãŠã®ããŒãã«ãã©ãããããŸããã¢ããã¹ããªãŒã ãã«ããã£ã¹ãã«ãŒã¿ããã®èŠè«ãåä¿¡ããæãããã¯ãŸãçŽã¡ã« IGMPéåžžã¯ãšãªãçºè¡ããŸãã
⢠ãã® "ip igmp snooping tcn query-solicit"ã³ãã³ãã¯ãããšãã¹ããã³ã°ããªãŒãã«ãŒãããªããžã§ãªããšããŠããããããžãã§ã³ãžã«æ°ãã€ããæãã€ã§ãã¯ãšãªèŠè«ãéä¿¡ããããã«äœ¿çšãããŸãã
äŸ
Console(config)#ip igmp snooping tcn-query-solicitConsole(config)#
800 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping unregistered-data-flood
ç»é²ãããŠããªããã«ããã£ã¹ããã©ãã£ãã¯ãä»å±ãã VLANãžãã©ããããŸãã"no"ãåã«çœ®ãããšã§ç»é²ãããŠããªããã«ããã£ã¹ããã©ãã£ãã¯ãç Žæ£ããŸãã
ææ³
ip igmp snooping unregistered-data-floodno ip igmp snooping unregistered-data-flood
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPã¹ããŒãã³ã°ãšãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã®ãã«ããã£ã¹ããšã³ããªä¿åã«äœ¿çšãããããŒãã«ãäžæ¯ã«ãªããšãæ°ãããšã³ããªã¯åŠç¿ãããŸãããä»å±ããVLANã«ã«ãŒã¿ããŒããèšå®ãããŠããããæªç»é²ã®ãã©ããã£ã³ã°ãç¡å¹ã®å ŽåãããŒãã«ã§èŠã€ãããªã次ã®ãã«ããã£ã¹ããã©ãã£ãã¯ã¯ãããããããŸãã
äŸ
Console(config)#ip igmp snooping unregistered-data-floodConsole(config)#
801FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping unsolicited-report-interval
ãããã·ã¬ããŒãã£ã³ã°æå¹æãã¢ããã¹ããªãŒã ã€ã³ã¿ãã§ãŒã¹ã unsolicited IGMPã¬ããŒããéä¿¡ããééãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ip igmp snooping unsolicited-report-interval secondsno ip igmp snooping unsolicited-report-interval
⢠seconds â unsolicitedã¬ããŒããçºè¡ããééïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
400ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ããã¢ããã¹ããªãŒã ã€ã³ã¿ãã§ãŒã¹ïŒã¢ãããªã³ã¯ããŒãïŒã®éå§æãã¹ã€ããã¯çŸåšåŠç¿ãããŠããæ°ããã¢ããã¹ããªãŒã ã€ã³ã¿ãã§ãŒã¹ãéã£ãŠåºããå šãŠã®ãã«ããã£ã¹ããã£ã³ãã«ãžéèŠè«ã¬ããŒããéä¿¡ããŸãã
⢠ãã®ã³ãã³ãã¯ãããã·ã¬ããŒãã£ã³ã°ïŒP795ïŒãæå¹æã®ã¿é©çšãããŸãã
äŸ
Console(config)#ip igmp snooping unsolicited-report-interval 5Console(config)#
802 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping version
IGMPã¹ããŒãã³ã°ããŒãžã§ã³ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping [ vlan vlan-id ] version <1 | 2 | 3 >no ip igmp snooping version
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠1 â IGMP Version 1
⢠2 â IGMP Version 2
⢠3 â IGMP Version 3
åæèšå®
ã°ããŒãã«ïŒIGMPããŒãžã§ã³ 2
VLANïŒæªèšå®ãã°ããŒãã«èšå®ã«æºãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPã¹ããŒãã³ã°ã§äœ¿çšããããIGMPã¬ããŒã /ã¯ãšãªããŒãžã§ã³ãèšå®ããŸããããŒãžã§ã³ 1-3ã¯å šãŠãµããŒããããããŒãžã§ã³ 2ãš 3ã¯äžäœäºææ§ãããã®ã§ãã¹ã€ããã¯äœ¿çšãããŠããã¹ããŒãã³ã°ããŒãžã§ã³ã«é¢ä¿ãªããä»ã®ããã€ã¹ãšçšŒåããããšãå¯èœã§ãã
⢠VLAN㧠IGMPã¹ããŒãã³ã°ããŒãžã§ã³ãèšå®ãããŠããå Žåãèšå®ã¯ã°ããŒãã«ã³ã³ãã£ã°ã¬ãŒã·ã§ã³èšå®ã«åªå ãããŸãã
äŸ
Console(config)#ip igmp snooping version 1Console(config)#
803FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping version-exclusive
åä¿¡ãããã"ip igmp snooping version"ã§èšå®ãããçŸåšã®ããŒãžã§ã³ãšç°ãªãããŒãžã§ã³ã䜿çšãã IGMPã¡ãã»ãŒãžïŒãã«ããã£ã¹ããããã³ã«ãã±ãããé€ãïŒãåé€ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
ip igmp snooping [ vlan vlan-id ] version-exclusiveno ip igmp snooping version-exclusive
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ã°ããŒãã«ïŒç¡å¹
VLANïŒç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã version-exclusiveã VLANã§ç¡å¹ã®å Žåããã®èšå®ã¯ã°ããŒãã«èšå®ãåºã«ããŸããVLANã§æå¹ã®å Žåããã®èšå®ã¯ã°ããŒãã«èšå®ã«åªå ãããŸãã
⢠ãã®æ©èœã®ç¡å¹ã®å ŽåãçŸåšéžæãããŠããããŒãžã§ã³ã¯äžäœäºææ§ããããŸãã(" igmp snooping version"ã³ãã³ãïŒP803ïŒãåç §ïŒ
äŸ
Console(config)#ip igmp snooping version-exclusiveConsole(config)#
804 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan general-query-suppression
ããŠã³ã¹ããªãŒã ãã«ããã£ã¹ããã¹ãã«ä»å±ããããŒã以å€ã®éåžžã¯ãšãªãæŒãããŸãã
"no"ãåã«çœ®ãããšã§ãéåžžã¯ãšãªããã«ããã£ã¹ãã«ãŒã¿ããŒããé€ãå šãŠã®ããŒããžãã©ããããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id general-query-suppression
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠åæèšå®ã§ã¯ãéåžžã¯ãšãªã¡ãã»ãŒãžã¯åä¿¡ããããã«ããã£ã¹ãã«ãŒã¿ãé€ãå šãŠã®ããŒããžãã©ãããããŸãã
⢠éåžžã¯ãšãªãµãã¬ãã·ã§ã³ãæå¹ã®å Žåãã¡ãã»ãŒãžã¯ãã«ããã£ã¹ããµãŒãã¹ã«å ãã£ãŠããããŠã³ã¹ããªãŒã ããŒããžã®ã¿è»¢éãããŸãã
äŸ
Console(config)#ip igmp snooping vlan 1 general-query-suppressionConsole(config)#
805FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan immediate-leave
ããŒã㧠leave packetãåä¿¡ãããimmediate-leaveã芪 VLANã§æå¹ã«ãªã£ãŠããæããã«ããã£ã¹ããµãŒãã¹ã®ã¡ã³ããŒããŒãããã ã¡ã«åé€ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id immediate-leave
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠immediate-leaveã䜿çšãããªãå ŽåãIGMPv2/v3ã°ã«ãŒãã leaveã¡ãã»ãŒãžãåä¿¡ããæããã«ããã£ã¹ãã«ãŒã¿ïŒãŸãã¯ã¯ãšãªã¢ïŒã¯ã°ã«ãŒãæå®ã¯ãšãªã¡ãã»ãŒãžãéä¿¡ããŸããã¿ã€ã ã¢ãŠãæéã®å ã«ãã¹ããã¯ãšãªã«è¿çããªãå Žåã«éããã«ãŒã¿ /ã¯ãšãªã¯ã°ã«ãŒãã®ãã©ãã£ãã¯è»¢éãåæ¢ããŸããïŒãã®ãªãªãŒã¹ã®ã¿ã€ã ã¢ãŠãã¯çŸåš Last Member Query Intervalã«ãã£ãŠå®çŸ©ãããŠããŸãïŒ1ç§ã«åºå®ïŒ*RFC2236ã§å®çŸ©ãããä¿¡é Œé¢æ°ïŒ2ã«åºå®ïŒïŒ
⢠ãã®ã³ãã³ã㯠IGMPã¹ããŒãã³ã°æå¹ã§ãIGMPv2ãŸã㯠IGMPv3ã¹ããŒãã³ã°ã䜿çšãããŠããæã®ã¿å¹æããããŸãã
äŸ
Console(config)#ip igmp snooping vlan 1 immediate-leaveConsole(config)#
806 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan last-memb-query-count
ã·ã¹ãã ããã以äžããŒã«ã«ã¡ã³ããŒãããªããšæ³å®ããåã«éåºããããIGMPãããã·group-specificãŸã㯠group-and-source-specificã¯ãšãªã¡ãã»ãŒãžã®æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping vlan vlan-id last-memb-query-count countno ip igmp snooping vlan vlan-id last-memb-query-count
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠countïŒãããã· group-specificãŸã㯠group-and-sourcespecificã¯ãšãªã¡ãã»ãŒãžã®æ°ïŒç¯å²ïŒ1-255ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPã¹ããŒãã³ã°ãããã·ã¬ããŒãã£ã³ã°ãŸã㯠IGMPã¯ãšãªãæå¹ïŒP795ïŒã®å Žåã«éãããã®ã³ãã³ãã¯å¹åãçºæ®ããŸãã
äŸ
Console(config)#ip igmp snooping vlan 1 last-memb-query-count 7Console(config)#
807FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan last-memb-query-intvl
last-member-queryééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping vlan vlan-id last-memb-query-intvl intervalno ip igmp snooping vlan vlan-id last-memb-query-intvl
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠intervalïŒ group-specificãŸã㯠group-and-source-specificã¯ãšãªã¡ãã»ãŒãžã®è¿çãåŸ ã€éé ïŒç¯å²ïŒ1-31744ïŒ
åæèšå®
10
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㯠IGMPã¹ããŒãã³ã°ãããã·ã¬ããŒãã£ã³ã°ãæå¹æã®ã¿å¹æããããŸããïŒP795ïŒ
äŸ
Console(config)#ip igmp snooping vlan 1 last-memb-query-intvl 700Console(config)#
808 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan mrd
ãã«ããã£ã¹ãã«ãŒã¿ solicitationã¡ãã»ãŒãžã®éä¿¡ãæå¹ã«ããŸãã"no"ãåã«çœ®ããã§ãããã®ã¡ãã»ãŒãžãç¡å¹ã«ããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id mrd
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠Multicast Router Discovery (MRD)ã¯ãã«ããã£ã¹ãã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãããã«ããã£ã¹ãã«ãŒã¿èŠè«ããã³ãã«ããã£ã¹ãã«ãŒã¿ãçºèŠããããã«äœ¿ããã«ããã£ã¹ãã«ãŒã¿ã¿ãŒãããŒã·ã§ã³ã¡ãã»ãŒãžã䜿çšããŸããããã€ã¹ã¯ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžããã«ããã£ã¹ãã«ãŒã¿ããèŠè«ããããã«èŠè«ã¡ãã»ãŒãžãéä¿¡ããŸãããããã®ã¡ãã»ãŒãžã¯ãã€ã¬ã¯ãã«ä»å±ããããªã³ã¯ãããã«ããã£ã¹ãã«ãŒã¿ãçºèŠããããã«äœ¿çšããŸãããã«ããã£ã¹ã転éã€ã³ã¿ãã§ãŒã¹ãåæåãŸãã¯æåæåãããæã¯ãã€ããèŠè«ã¡ãã»ãŒãžãéä¿¡ãããŸããIPãã«ããã£ã¹ã転éããã³MRDæå¹ã§ãã€ã³ã¿ãã§ãŒã¹ã®èŠè«ãåãåããšããã«ã«ãŒã¿ã¯ã¢ããã¿ã€ãºã¡ã³ãã§è¿çããŸãã
äŸ
Console(config)#no ip igmp snooping vlan 1 mrdConsole(config)#
809FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan proxy-address
IGMPãããã·ã¬ããŒãã£ã³ã°ã«äœ¿çšããããããŒã«ã«ãªéåžžã¯ãšãªãšã¬ããŒãã¡ãã»ãŒãžã®éçã¢ãã¬ã¹ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id proxy-address source-address
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠source-addressïŒãããã·ããã IGMPã¯ãšãªãšã¬ããŒããleaveã¡ãã»ãŒãžã«äœ¿çšãããœãŒã¹ã¢ãã¬ã¹ (æå¹ãª IPãŠããã£ã¹ãã¢ãã¬ã¹ )
åæèšå®
0.0.0.0
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#ip igmp snooping vlan 1 proxy-address 10.0.1.8Console(config)#
810 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan proxy-query-interval
IGMPãããã·éåžžã¯ãšãªã¢éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping vlan vlan-id proxy-query-interval intervalno ip igmp snooping vlan vlan-id proxy-query-interval
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠interval ïŒ IGMPãããã·éåžžã¯ãšãªã¢ãéä¿¡ããééãïŒç¯å²ïŒ10-31744ç§ïŒ
åæèšå®
100 ïŒ10ç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã§æå®ãããééã§ãã¹ã€ãããã IGMPéåžžã¯ãšãªã¡ãã»ãŒãžãéä¿¡ãããŸãããã®ã¡ãã»ãŒãžãããŠã³ã¹ããªãŒã ãã¹ãã§åä¿¡ãããæãå šãŠã®ã¬ã·ãŒãã¯åæµãããã«ããã£ã¹ãã°ã«ãŒãã®ããã« IGMPã¬ããŒããæ§ç¯ããŸãã
⢠ãã®ã³ãã³ã㯠IGMPã¹ããŒãã³ã°ãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ãªã£ãŠããæã®ã®ã¿å¹æããããŸããïŒP795ïŒ
äŸ
Console(config)#ip igmp snooping vlan 1 proxy-query-interval 150Console(config)#
811FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan proxy-query-resp-intvl
ã·ã¹ãã ããããã·ã¯ãšãªã¢ã®è¿çãåŸ ã€æ倧æéã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping vlan vlan-id proxy-query-resp-intvl intervalno ip igmp snooping vlan vlan-id proxy-query-resp-intvl
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠interval ïŒã·ã¹ãã ããããã·éåžžã¯ãšãªã®è¿çãåŸ ã€æ倧æéïŒç¯å²ïŒ10-31744ïŒ
åæèšå®
100ïŒ10ç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ã㯠IGMPã¹ããŒãã³ã°ãããã·ã¬ããŒãã£ã³ã°ãæå¹ã«ãªã£ãŠããæã®ã®ã¿å¹æããããŸããïŒP795ïŒ
äŸ
Console(config)#ip igmp snooping vlan 1 proxy-query-resp-intvl 20Console(config)#
812 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan static
ããŒãããã«ããã£ã¹ãã°ã«ãŒãã«è¿œå ããŸãã"no"ãåã«çœ®ãããšã§ããŒããåé€ããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id static ip-address interface
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠ip-address ïŒãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠éçãã«ããã£ã¹ããšã³ããªã¯ãšã€ãžã¢ãŠãããŸããã
⢠ãã«ããã£ã¹ããšã³ããªãç¹å®ã® VLANã®ã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ãããæã察å¿ãããã©ãã£ãã¯ã¯ VLANå ã®ããŒãã«ã®ã¿è»¢éãããŸãã
äŸ
Console(config)#ip igmp snooping vlan 1 static 224.1.1.2 ethernet 1/5Console(config)#
813FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp snooping
IGMP snoopingã®èšå®æ å ±ã衚瀺ããŸãã
ææ³
show ip igmp snooping
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
衚瀺ãããå 容ã«é¢ããŠã¯ãP336 ãIGMP Snooping ãšã¯ãšãªãã©ã¡ãŒã¿ã®èšå®ããåç §ããŠäžããã
äŸ
æ¬äŸã§ã¯çŸåšã® IGMP snoopingã®èšå®ã衚瀺ããŠããŸãã
Console#show ip igmp snooping IGMP snooping : Enabled Router port expire time : 300 s Router alert check : Disabled Tcn flood : Disabled Tcn query solicit : Disabled Unregistered data flood : Disabled Unsolicited report interval : 400 s Version exclusive : Disabled Version : 2 Proxy reporting : Enabled Vlan 1: -------- IGMP snooping : Enabled IGMP snooping running status : Inactive Immediate leave : Disabled Last member query interval : 10 (1/10s) Last member query count : 2 Proxy query address : 0.0.0.0 Version : Using global version (2) Proxy query interval : 125 s Proxy query response interval : 100 (1/10s) Version exclusive : Disabled General query suppression : Disabled Proxy reporting : Using global status (Enabled).Multicast Router Discovery : Enabled.
814 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp snooping group
æ¢ç¥ã®ãã«ããã£ã¹ãã°ã«ãŒããšãæå®ãã VLANã€ã³ã¿ãã§ãŒã¹ãŸãã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«ãããããããã¹ãããŒãã衚瀺ããŸãã
ææ³
show ip igmp snooping group [ vlan vlan-id [user | igmpsnp] ] [ user | igmpsnp]
⢠vlan-idïŒ VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠user ïŒãŠãŒã¶èšå®ãã«ããã£ã¹ããšã³ããªã®ã¿è¡šç€º
⢠igmpsnp ïŒ IGMPã¹ããŒãã³ã°ã§åŠç¿ããããšã³ããªã®ã¿è¡šç€º
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã¡ã³ããŒã¿ã€ãã¯éžæãããªãã·ã§ã³ã«äŸåããIGMPãŸãã¯ãŠãŒã¶ãå«ãã§è¡šç€ºããŸãã
äŸ
Console#show ip igmp snooping group vlan 1Bridge Multicast Forwarding Entry Count:0VLAN Group Source Port List-------- ------------- ------------- --------------------------- 1 224.1.1.12 * Eth 1/ 9(S) 1 224.1.1.12 * Eth 1/10(D)Console#
815FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
4.21.2 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã³ãã³ã
ip igmp snooping vlan mrouter
ãã«ããã£ã¹ãã«ãŒã¿ããŒããéçã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
ip igmp snooping vlan vlan-id mrouter interface
no ip igmp snooping vlan vlan-id mrouter interface
⢠vlan-id - VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
éçãã«ããã£ã¹ãã«ãŒã¿ããŒãã¯èšå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãããã¯ãŒã¯æ¥ç¶ç¶æ³ã«ãããIGMP ã¹ããŒãã³ã°ã§ã¯åžžã« IGMPã¯ãšãªã¢ãé 眮ãããŸããããããã£ãŠãIGMPã¯ãšãªã¢ãã¹ã€ããã«æ¥ç¶ãããæ¢ç¥ã®ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããã§ããå Žåãã€ã³ã¿ãã§ãŒã¹ããã¹ãŠã®ãã«ããã£ã¹ãã°ã«ãŒãã«åå ãããèšå®ãæåã§è¡ããŸãã
äŸ
æ¬äŸã§ã¯ 11çªããŒãã VLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ããŒãã«èšå®ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip igmp snoopingVLAN mrouter ãã«ããã£ã¹ãã«ãŒã¿ããŒãã®è¿œå GC P816
show ip igmpsnooping mrouter ãã«ããã£ã¹ãã«ãŒã¿ããŒãã®è¡šç€º PE P817
Console(config)#ip igmp snooping vlan 1 mrouter ethernet 1/11Console(config)#
816 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp snooping mrouter
éçèšå®åã³åçåŠç¿ã«ãããã«ããã£ã¹ãã«ãŒã¿ããŒãã®æ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show ip igmp snooping mrouter { vlan vlan-id }
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
VLANã«èšå®ããããã¹ãŠã®ãã«ããã£ã¹ãã«ãŒã¿ããŒãã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ãã«ããã£ã¹ãã«ãŒã¿ããŒããšããŠè¡šç€ºãããã¿ã€ãã«ã¯éçåã³åçã®äž¡æ¹ãå«ãŸããŸãã
äŸ
æ¬äŸã§ã¯ãVLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããããŒãã衚瀺ããŸãã
Console#show ip igmp snooping mrouter vlan 1VLAN M'cast Router Ports Type---- ------------------- ------- 1 Eth 1/10 StaticConsole#
817FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
4.21.3 IGMP Filtering/Throttlingã³ãã³ã
ç¹å®ã®å®æ賌èªå¥çŽã«åºã¥ãã IP/TVãµãŒãã¹çã®ç°å¢ã«ãããŠã管çè ãããšã³ããŠãŒã¶ãŒã®å ¥æã§ãããã«ããã£ã¹ããµãŒãã¹ã®å¶åŸ¡ãåžæããã±ãŒã¹ããããŸãã
IGMPãã£ã«ã¿ãªã³ã°ã¯ãæå®ãããã¹ã€ããããŒãäžã®ãã«ããã£ã¹ããµãŒãã¹ãžã®ã¢ã¯ã»ã¹å¶éããããåæã«ã¢ã¯ã»ã¹ã§ãããã«ããã£ã¹ãã°ã«ãŒãã®æ°ã調æŽããããšã«ãã£ãŠããã®æ¡ä»¶ãæºããããšãå¯èœã§ãã
IGMPãã£ã«ã¿ãªã³ã°æ©èœã䜿çšããããšã«ããããããã¡ã€ã«ãç¹å®ã®ãã«ããã£ã¹ãã°ã«ãŒãã®ã¹ã€ãã ããŒãã«å²ãåœãŠãããŒãåäœã§ãã«ããã£ã¹ãå å ¥ããã£ã«ã¿ãªã³ã°ã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip igmp filter ã¹ã€ãã㧠IGMPãã£ã«ã¿ãªã³ã° /ã¹ããããªã³ã°ãæå¹
GC P819
ip igmp profile ãããã¡ã€ã«çªå·ã®èšå®åã³ IGMP profileèšå®ã¢ãŒããžç§»è¡
GC P820
permit, deny ãããã¡ã€ã«ã¢ã¯ã»ã¹ã¢ãŒããèšå® IPC P821
range ãããã¡ã€ã«ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ãèšå® IPC P822
ip igmp filter IGMPãã£ã«ã¿ãããã¡ã€ã«ãã€ã³ã¿ãã§ãŒã¹ãžã¢ãµã€ã³
IC P823
ip igmp max-groups IGMPã¹ããããªã³ã°çªå·ãæå® IC P824
ip igmp max-groups action
ã€ã³ã¿ãã§ãŒã¹ã®ã¹ããããªã³ã°ã¢ã¯ã·ã§ã³ãèšå®
IC P825
show ip igmp filter IGMPãã£ã«ã¿ãªã³ã°ã¹ããŒã¿ã¹ã衚瀺 PE P826
show ip igmp profile IGMPãããã¡ã€ã«ããã³èšå®ã®è¡šç€º PE P827
show ip igmp throttle interface
ã€ã³ã¿ãã§ãŒã¹ã® IGMPã¹ããããªã³ã°èšå®ã衚瀺
PE P828
818 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp filter (Global Configuration)
æ¬ã³ãã³ã㯠IGMPãã£ã«ã¿ãªã³ã°ããã³ã¹ããããªã³ã°ããã¹ã€ããã§æå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
ip igmp filter
no ip igmp filter
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠IGMPãã£ã«ã¿ãªã³ã°ã¯ãããŒãã§èš±å¯ãŸãã¯æåŠããããã«ããã£ã¹ãã°ã«ãŒããæå®ãããããã¡ã€ã«ãã¹ã€ããããŒãã«å²ãåœãŠãããšãå¯èœã«ããŸããIGMPãã£ã«ã¿ãããã¡ã€ã«ã¯ 1ã€ä»¥äžãŸãã¯ãã«ããã£ã¹ãã¢ãã¬ã¹ã®ç¯å²ã§å«ãŸããããšãåºæ¥ãŸãããäžã€ã®ãããã¡ã€ã«ã®ã¿ããŒãã«å²ãåœãŠãããšãå¯èœã§ãã
⢠æå¹æãããŒãã§åä¿¡ããã IGMP joinã¬ããŒãã¯ãã£ã«ã¿ãããã¡ã€ã«ã«ããããŠãã§ãã¯ãããŸããããèŠæ±ããããã«ããã£ã¹ãã°ã«ãŒããèš±å¯ãããå ŽåãIGMP joinã¬ããŒãã¯æ®éã«è»¢éãããŸããèŠæ±ããããã«ããã£ã¹ãã°ã«ãŒããæåŠãããå ŽåãIGMP joinã¬ããŒãã¯ãããããããŸãã
⢠IGMPãã£ã«ã¿ãªã³ã°ãšã¹ããããªã³ã°ã¯åçã«åŠç¿ããããã«ããã£ã¹ãã°ã«ãŒãã«ã®ã¿é©çšãããå¶çã«èšå®ãããã°ã«ãŒãã«ã¯é©çšãããŸããã
⢠転éããããã«ããã£ã¹ããã©ãã£ãã¯ã« MVRã䜿çšãããéãIGMPãã£ã«ã¿ãªã³ã°æ©èœã¯åããããŒã§çšŒåããŸãã
äŸ
Console(config)#ip igmp filterConsole(config)#
819FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp profile
æ¬ã³ãã³ããå®è¡ããããšã§ãIGMPãã£ã«ã¿ãããã¡ã€ã«çªå·ã®äœæãè¡ããšå ±ã«ãIGMPãããã¡ã€ã«èšå®ã¢ãŒãïŒIPCã¢ãŒãïŒãžç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§ãããã¡ã€ã«çªå·ãåé€ããŸãã
ææ³
ip igmp profile profile-number
no ip igmp profile profile-number
⢠profile-numberâ IGMPãã£ã«ã¿ãããã¡ã€ã«çªå·ïŒç¯å²ïŒ1-4294967295ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#ip igmp profile 19Console(config-igmp-profile)#
820 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
permit, deny
IGMPãã£ã«ã¿ãããã¡ã€ã«ã«ã¢ã¯ã»ã¹ã¢ãŒããèšå®ããŸãã
ææ³
permit | deny
åæèšå®
Deny
ã³ãã³ãã¢ãŒã
IGMP Profile Configuration
ã³ãã³ã解説
⢠ããããã®ãããã£ãŒã«ã¯ã²ãšã€ã®ã¢ã¯ã»ã¹ã¢ãŒããèšå®ãããŸããïŒèš±å¯ãããã¯æåŠïŒ
⢠ã¢ã¯ã»ã¹ã¢ãŒããèš±å¯ã«èšå®æããã«ããã£ã¹ãã°ã«ãŒããå¶åŸ¡ãããã³ã³ãããŒã«ç¯å²ã«äžèŽããå ŽåãIGMP joinã¬ããŒããåŠçãããŸããæåŠã«èšå®æããã«ããã£ã¹ãã°ã«ãŒããå¶åŸ¡ãããã³ã³ãããŒã«ç¯å²ã«äžèŽããªãå Žåã®ã¿ãIGMP joinã¬ããŒããåŠçãããŸãã
äŸ
Console(config)#ip igmp profile 19Console(config-igmp-profile)#permitConsole(config-igmp-profile)#
821FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
range
ãããã¡ã€ã«ã®ããã«ããã£ã¹ãã°ã«ãŒãã¢ãã¬ã¹ãèšå®ããŸãã
"no"ãåã«çœ®ãããšã§ãããã¡ã€ã«ããã¢ãã¬ã¹ãåé€ããŸãã
ææ³
range low-ip-address { high-ip-address }
no range low-ip-address { high-ip-address }
⢠low-ip-addressâ ãã«ããã£ã¹ãã°ã«ãŒã IPã¢ãã¬ã¹ããŸãã¯æå®ããç¯å²ã®æåã®ããããããã IPã¢ãã¬ã¹
⢠high-ip-addressâ æå®ããç¯å²ã®æåŸã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
IGMP Profile Configuration
äŸ
Console(config)#ip igmp profile 19Console(config-igmp-profile)#range 239.2.3.1 239.2.3.100Console(config-igmp-profile)#
822 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp filter (Interface Configuration)
IGMPãã£ã«ã¿ãªã³ã°ãããã¡ã€ã«ããã¹ã€ããäžã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãŸãã
"no"ãåã«çœ®ãããšã§ã€ã³ã¿ãã§ãŒã¹ãããããã¡ã€ã«ãåãé€ããŸãã
ææ³
ip igmp filter profile-number
no ip igmp filter { profile-number }
⢠profile-numberâ IGMPãã£ã«ã¿ãããã¡ã€ã«çªå·ïŒç¯å²ïŒ1-4294967295ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠ã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ã§ãããããã¡ã€ã«ã¯ïŒã€ã®ã¿ã§ãã
⢠ããŒãããã©ã³ã¯ã®ã¡ã³ããŒã§ããå Žåããã©ã³ã¯ã¯ãæåã«ããŒãã¡ã³ããŒãžé©çšãããèšå®ã䜿çšããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#ip igmp filter 19Console(config-if)#
823FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp max-groups
ã¹ã€ããäžã®ã€ã³ã¿ãã§ãŒã¹ã«ãIGMPã¹ããããªã³ã°çªå·ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ãžæ»ããŸãã
ææ³
ip igmp max-groups number
no ip igmp max-groups
⢠numberâã€ã³ã¿ãŒãã§ã€ã¹ãå å ¥ã§ãã IGMPã°ã«ãŒãã®æ倧æ°ïŒç¯å²ïŒ1-255ïŒ
åæèšå®
255
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒEthernetïŒ
ã³ãã³ã解説
⢠ããŒãããã©ã³ã¯ã®ã¡ã³ããŒã§ããå Žåããã©ã³ã¯ã¯ãæåã«ããŒãã¡ã³ããŒãžé©çšãããèšå®ã䜿çšããŸãã
⢠IGMPã¹ããããªã³ã°ã¯ãåæã«å å ¥ãå¯èœãªãã«ããã£ã¹ãã°ã«ãŒãããŒãã®æ倧å€ãèšå®ããŸããã°ã«ãŒãæ°ããèšå®ããæ倧å€ã«éããæãã¹ã€ããã¯ãã©ã¡ããæåŠãããã眮ãæããã®å ã©ã¡ããã®åŠçãè¡ãããšãã§ããŸãããæåŠãããèšå®ã«ãªã£ãŠããå Žåãå šãŠã®æ°èŠ IGMP joinã¬ããŒãã¯ç Žæ£ãããŸããã眮ãæããèšå®ã«ãªã£ãŠããå Žåãã¹ã€ããã¯ã©ã³ãã ã«æ¢åã®ã°ã«ãŒããåãå»ããæ°ãããã«ããã£ã¹ãã°ã«ãŒãã«çœ®ãæããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#ip igmp max-groups 10Console(config-if)#
824 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp max-groups action
ã¹ã€ããäžã®ã€ã³ã¿ãã§ãŒã¹ã«ãIGMPã¹ããããªã³ã°ã¢ã¯ã·ã§ã³ãèšå®ããŸãã
ææ³
ip igmp max-groups action < replace | deny >
⢠replaceïŒæ¢åã®ãã«ããã£ã¹ãã°ã«ãŒãã¯ãæ°ããã°ã«ãŒããžçœ®ãæããããŸãã
⢠denyïŒæ°èŠã®ã¬ããŒãã¯ç Žæ£ãããŸãã
åæèšå®
Deny
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠IGMPã¹ããããªã³ã°ã¯ãåæã«å å ¥ãå¯èœãªãã«ããã£ã¹ãã°ã«ãŒãããŒãã®æ倧å€ãèšå®ããŸããã°ã«ãŒãæ°ããèšå®ããæ倧å€ã«éããæãã¹ã€ããã¯ãã©ã¡ããæåŠãããã眮ãæããã®å ã©ã¡ããã®åŠçãè¡ãããšãã§ããŸãããæåŠãããèšå®ã«ãªã£ãŠããå Žåãå šãŠã®æ°èŠ IGMP joinã¬ããŒãã¯ç Žæ£ãããŸããã眮ãæããèšå®ã«ãªã£ãŠããå Žåãã¹ã€ããã¯ã©ã³ãã ã«æ¢åã®ã°ã«ãŒããåãå»ããæ°ãããã«ããã£ã¹ãã°ã«ãŒãã«çœ®ãæããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#ip igmp max-groups action replaceConsole(config-if)#
825FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp filter
ã°ããŒãã«ããã³ãã€ã³ã¿ãã§ãŒã¹ã® IGMPãã£ã«ã¿ãªã³ã°èšå®ã衚瀺ããŸãã
ææ³
show ip igmp filter { interface interface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip igmp filterIGMP filter enabledConsole#show ip igmp filter interface ethernet 1/1Ethernet 1/1 information---------------------------------IGMP Profile 19 Deny range 239.1.1.1 239.1.1.1 range 239.2.3.1 239.2.3.100Console#
826 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp profile
ã¹ã€ããäžã® IGMPãã£ã«ã¿ãªã³ã°ãããã¡ã€ã«ã衚瀺ããŸãã
ææ³
show ip igmp profile [profile-number]
⢠profile-numberâæ¢åã® IGMPãã£ã«ã¿ãããã¡ã€ã«çªå·ïŒç¯å²ïŒ1-4294967295ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip igmp profileIGMP Profile 19IGMP Profile 50Console#show ip igmp profile 19IGMP Profile 19Denyrange 239.1.1.1 239.1.1.1range 239.2.3.1 239.2.3.100Console#
827FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp throttle interface
IGMPã¹ããããªã³ã°ã®ã€ã³ã¿ãã§ãŒã¹èšå®ã衚瀺ããŸãã
ææ³
show ip igmp throttle interface { interface }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ãVLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããããŒãã衚瀺ããŸãã
Console#show ip igmp throttle interface ethernet 1/1Eth 1/1 InformationStatus : TRUEAction : DenyMax Multicast Groups : 32Current Multicast Groups : 0Console#
828 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
4.21.4 MVRã®èšå®
ãã®ç« 㯠Multicast VLAN Registration(MVR)ãèšå®ããããã«äœ¿çšãããã³ãã³ããèšèŒããŠããŸãã
ãµãŒãã¹ãããã€ããŒã®ãããã¯ãŒã¯ãéããŠåºãã·ã³ã°ã«ãããã¯ãŒã¯ã® VLANã«ãã«ããã£ã¹ããã©ãã£ãã¯ïŒäŸïŒãã¬ãã®ãã£ã³ãã«ïŒãéä¿¡ããããšãã§ããŸãã
MVR VLANã«å ¥ã£ãã©ã®ãã«ããã£ã¹ããã©ãã£ãã¯ããã¹ãŠã® Subscribersã«éä¿¡ããããšãã§ããŸããããã¯åçãªç£èŠã«å¿ èŠãªãªãŒããŒãããã®ããã»ã¹ãèããæžå°ãããæ£åžžãªãã«ããã£ã¹ã VLANã®é ä¿¡ããªãŒã確ç«ããŸãã
ãŸããMVRã¯ä»ã® VLANãã Subscribersãå±ãã VLANã«ãã«ããã£ã¹ããã©ãã£ãã¯ã ããééãããããšã«ãã£ãŠãVLANãåå²ããããšã«ãããŠãŒã¶ãŒã®åé¢ãšããŒã¿ä¿è·æ©èœãç¶æããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
mvrMVRã®æå¹ãããã³MVRã°ã«ãŒãã¢ãã¬ã¹ã MVR VLAN IDãéçã«æ§æ
GC P830
mvr immediate-leave å³æé¢è±æ©èœãæå¹å IC P831
mvr type ã€ã³ã¿ãã§ãŒã¹ã MVRã¬ã·ãŒããŸãã¯ãœãŒã¹ããŒããšããŠèšå®
IC P832
mvr vlan group ãã«ããã£ã¹ãã°ã«ãŒããããŒããžéçã«ãã€ã³ã
IC P833
show mvr
MVRèšå®ãMVR VLANé¢é£ã®ã€ã³ã¿ãã§ãŒã¹ãMVR VLANã«å²ãåœãŠããããã«ããã£ã¹ãã°ã«ãŒãã¢ãã¬ã¹ã衚瀺
PE P834
829FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
mvr
ãã®ã³ãã³ãã¯ã¹ã€ããäžã§ Multicast VLAN Registration(MVR)ãæå¹ã«ããŸããgroupãªãã·ã§ã³ã§ MVRãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹ãéçã«æ§æããŸããVLANãªãã·ã§ã³ã§ MVR VLANã® IDãèšå®ããŸãããªãã·ã§ã³ãªãã§ãã®ã³ãã³ãã« noãä»ãããš MVRæ©èœãç¡å¹ã«ããŸããgroupãªãã·ã§ã³ãšåæã« noãä»ãããšç¹å®ã®ã¢ãã¬ã¹ããããã¯è€æ°ã®ã¢ãã¬ã¹ãæ¶å»ããŸããvlanããŒã¯ãŒãã« noãä»ãããš MVR VLAN IDã®èšå®ã¯ããã©ã«ãã«æ»ããŸãã
ææ³
mvr { group ip-address { count } | vlan vlan-id }
no mvr { group ip-address { count } }
⢠ip-address â MVRãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹ããããããïŒç¯å²ïŒ224.0.1.0-239.255.255.255ïŒ
⢠count â é£ç¶ãã MVRã°ã«ãŒãã¢ãã¬ã¹ã®çªå·ïŒç¯å²ïŒ1-1024ïŒ
⢠vlan-id â MVR VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
MVRïŒç¡å¹
MVRã°ã«ãŒãã¢ãã¬ã¹ïŒæªå®çŸ©
é£ç¶ã¢ãã¬ã¹ã®åæçªå·ïŒ0
MVR VLAN ID ïŒ1
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠mvr groupã³ãã³ãã䜿çšã㊠MVR VLANã«åå ãããã¹ãŠã®ãã«ããã£ã¹ãã°ã«ãŒãã¢ãã¬ã¹ãéçã«æ§æããããšãã§ããŸããMVRã°ã«ãŒãã«é¢é£ä»ããããã©ã®ãã«ããã£ã¹ãããŒã¿ããã¹ãŠã®ãœãŒã¹ããŒãããããã«ããã£ã¹ãã®ããŒã¿ãåä¿¡ããããç»é²ããããã¹ãŠã®ã¬ã·ãŒããŒããŒãã«éä¿¡ãããŸãã
⢠224.0.0.0ïœ 239.255.255.255ã®ç¯å²ã® IPã¢ãã¬ã¹ã¯ãã«ããã£ã¹ãã¹ããªãŒã ãšããŠäœ¿çšãããŸããäºçŽããã IPãã«ããã£ã¹ãã¢ãã¬ã¹ïŒ224.0.0.0ïœ 224.0.0.255ïŒã¯ MVRã°ã«ãŒãã¢ãã¬ã¹ãšããŠäœ¿çšããããšãã§ããŸããã
⢠MVRãœãŒã¹ããŒãã¯ã"switchport allowed vlan"ïŒP726ïŒã³ãã³ããš "switchport native vlan"ïŒP729ïŒã³ãã³ãã䜿çšã㊠MVR VLANã®ã¡ã³ããŒãšããŠèšå®ãå¯èœã§ãããMVRã¬ã·ãŒãããŒãã¯ãã® VLANã®ã¡ã³ããŒãšããŠéçã«èšå®ããããšã¯åºæ¥ãŸããã
äŸ
æ¬äŸã§ã¯ãVLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããããŒãã衚瀺ããŸãã
Console(config)#mvrConsole(config)#mvr group 228.1.23.1 10Console(config)#
830 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
mvr immediate-leave
ãã®ã³ãã³ãã¯ãã°ã«ãŒãã® Leaveã¡ãã»ãŒãžåä¿¡ããåŸãçŽã¡ã«ã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ãã¹ããªãŒã ããåãé€ãããã«èšå®ããŸãã"no"ãåã«ã€ããããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
mvr immediate-leave
no mvr immediate-leave
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠Immediate leaveã¯ã¬ã·ãŒãããŒãã«ã®ã¿é©çšå¯èœã§ããæå¹æãã¬ã·ãŒãããŒã㯠leaveã¡ãã»ãŒãžã§ç¢ºèªããããã«ããã£ã¹ãã°ã«ãŒãããçŽã¡ã«åãé€ãããŸããç¡å¹æãã¹ã€ããã¯ã°ã«ãŒãã«æå®ãããã¯ãšãªãã¬ã·ãŒãããŒãã«éä¿¡ããããšã«ãã£ãŠæšæºã«ãŒã«ã«åŸããããŒããã°ã«ãŒããªã¹ãããåãé€ãåã«ããã«ããã£ã¹ãã°ã«ãŒãã«æ®ã£ãŠããå å ¥è ã®æç¡ã決å®ããããã«è¿çãåŸ ã¡ãŸãã
äŸ
ã¬ã·ãŒãããŒã㧠Immediate leaveãæå¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#mvr immediateConsole(config-if)#
831FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
mvr type
ã€ã³ã¿ãã§ãŒã¹ã MVRã¬ã·ãŒããŸãã¯ãœãŒã¹ããŒããšããŠèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mvr type < receiver | source >
no mvr type < receiver | source >
⢠receiverïŒã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ãããŒã¿ãåä¿¡åºæ¥ãããµãã¹ã¯ã©ã€ãããŒããšããŠèšå®ã
⢠sourceïŒã€ã³ã¿ãã§ãŒã¹ãèšå®ããããã«ããã£ã¹ãã°ã«ãŒãã®ãã«ããã£ã¹ãããŒã¿ã®éåä¿¡ãå¯èœãªã¢ãããªã³ã¯ããŒãã«èšå®ã
åæèšå®
ããŒãã¿ã€ãã¯æªå®çŸ©
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernetïŒ
ã³ãã³ã解説
⢠MVRã¬ã·ãŒããŸãã¯ãœãŒã¹ããŒãã«èšå®ãããŠããªãããŒãã¯ããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã®ã¹ã¿ã³ããŒãã«ãŒã«ã䜿çšãããã«ããã£ã¹ãã°ã«ãŒãã«åå ãŸãã¯è±éããããã« IGMPã¹ããŒãã³ã°ã䜿çšåºæ¥ãŸãã
⢠ã¬ã·ãŒãããŒãã¯ç°ãªã VLANã«å±ããããšãå¯èœã§ãããMVR VLANã®ã¡ã³ããŒãšããŠã¯èšå®ãããŸãããIGMPã¹ããŒãã³ã°ã¯ã¬ã·ãŒãããŒããåçã« MVR VLANãéããŠãœãŒã¹ãæã€ãã«ããã£ã¹ãã°ã«ãŒãã«å å ¥ /è±éãå¯èœã«ããããã«äœ¿çšãããŸãããŸããMVRã¬ã·ãŒãããŒãã® VLANã¡ã³ããŒã·ããããã©ã³ã¯ã¢ãŒãã«ã¯èšå®åºæ¥ãªãããšã«ã泚æäžããã(see the switchport mode command).
⢠IGMPã¹ããŒãã³ã°ã¯ããµãã¹ã¯ã©ã€ãã® MVRã°ã«ãŒããžã®åçåå ãŸãã¯è±éãå¯èœã«ãããããæå¹ã«ããªããŠã¯ãªããŸããã(see the ip igmp snooping command)IGMPv2ãŸã㯠3ãã¹ãã®ã¿ããã«ããã£ã¹ã JoinãŸã㯠leaveã¡ãã»ãŒãžãçºè¡ã§ããããšã«ã泚æãã ããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#mvr type sourceConsole(config-if)#exitConsole(config)#interface ethernet 1/6Console(config-if)#mvr type receiverConsole(config-if)#exitConsole(config)#interface ethernet 1/7Console(config-if)#mvr type receiverConsole(config-if)#
832 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
mvr vlan group
ãã«ããã£ã¹ãã°ã«ãŒããããã¹ãã®å®å®ããã»ããã«å²ãåœãŠãããé·æãã«ããã£ã¹ãã¹ããªãŒã ãåä¿¡ããããŒãã«éçã«ãã€ã³ãããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mvr vlan vlan-id group ip-address
⢠vlan-id â æå®ããããã«ããã£ã¹ããã©ãã£ãã¯ããã©ãããããã¬ã·ãŒã VLANïŒç¯å²ïŒ1-4093ïŒ
⢠group â éžæãããããŒããžéä¿¡ããããã«ããã£ã¹ããµãŒãã¹ãå®çŸ©
⢠IPã¢ãã¬ã¹ïŒç¯å²ïŒ224.0.1.0 - 239.255.255.255ïŒ
åæèšå®
èšå®ããããã«ããã£ã¹ãã°ã«ãŒãã«ã¡ã³ããŒã¯ããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration ïŒEthernetãPort ChannelïŒ
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã䜿çšãããã«ããã£ã¹ãã°ã«ãŒããã¬ã·ãŒãããŒãã«éçã«å²ãåœãŠãããšãå¯èœã§ãã
⢠IPã¢ãã¬ã¹ç¯å² 224.0.0.0ïœ 239.255.255.255ã¯ãã«ããã£ã¹ãã¹ããªãŒã ã«äœ¿çšãããŸããMVRã°ã«ãŒãã¢ãã¬ã¹ã¯äºçŽãããŠãã 224.0.0.xã® IPãã«ããã£ã¹ãã¢ãã¬ã¹ç¯å²å ã«ããããšã¯åºæ¥ãŸããã
⢠IGMPã¹ããŒãã³ã°ã¯ããµãã¹ã¯ã©ã€ãã® MVRã°ã«ãŒããžã®åçåå ãŸãã¯è±éãå¯èœã«ãããããæå¹ã«ããªããŠã¯ãªããŸããã(see the ip igmp snooping command)IGMPv2ãŸã㯠3ãã¹ãã®ã¿ããã«ããã£ã¹ã JoinãŸã㯠leaveã¡ãã»ãŒãžãçºè¡ã§ããããšã«ã泚æãã ããã
äŸ
The following statically assigns a multicast group to a receiver port:
Console(config)#interface ethernet 1/7Console(config-if)#mvr type receiverConsole(config-if)#mvr vlan 3 group 225.0.0.5Console(config-if)#
833FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show mvr
MVRã®æ å ±ã衚瀺ããŸãã
ææ³
show mvr { interface interface | members { ip-address} }
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
⢠ip-address â MVRãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹ããããããïŒç¯å²ïŒ224.0.1.0-239.255.255.255ïŒ
åæèšå®
ãªã
ã³ãã³ã解説
⢠ããŒã¯ãŒãç¡ãã§ããã³ãã³ããå ¥åãããšãMVRã®ã°ããŒãã«èšå®ã衚瀺ããŸãã"interface"ããŒã¯ãŒãã䜿çšããå ŽåãMVR VLANã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã«ã€ããŠã®æ å ±ã衚瀺ããŸãã"member"ããŒã¯ãŒãã䜿çšããå ŽåãMVR VLANã«æ¥ç¶ããããã«ããã£ã¹ãã°ã«ãŒãã«ã€ããŠã®æ å ±ã衚瀺ããŸãã
äŸ
ã°ããŒãã« MVRèšå®ã衚瀺ããŸãã
Console#show mvr
ãMVR Config Status : Enabled
ãMVR Running Status : Active
ãMVR Multicast VLAN : 1
ãMVR Group Address : 225.0.0.5
ãMVR Group Count : 10Console#
é ç® è§£èª¬
MVR Config Status MVRãã¹ã€ããäžã§æå¹ã§ãããã衚瀺
MVR Running Status MVR ç°å¢ã®äžã®ãã¹ãŠã®å¿ èŠæ¡ä»¶ãæºãããŠãããã衚瀺
MVR Multicast VLAN å šãŠã® MVRãã«ããã£ã¹ããã©ãã£ãã¯ã転éãããVLAN
MVR Group Address ãã«ããã£ã¹ããµãŒãã¹ãå šãŠã®ä»å±ãããµãã¹ã¯ã©ã€ãã«éä¿¡
MVR Group Count é£ç¶ãã MVRã°ã«ãŒãã¢ãã¬ã¹æ°
834 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
äŸ
ã€ã³ã¿ãã§ãŒã¹æ å ±ã衚瀺ããŸãã
äŸ
Console#show mvr interface Port Type Status Immediate Static Group Address -------- -------- ------------- --------- -------------------- Eth1/ 2 Source Active/Up Eth1/ 3 Source Inactive/Down Eth1/ 1 Receiver Active/Up Disabled 225.0.0.1(VLAN1) 225.0.0.9(VLAN3) Eth1/ 4 Receiver Active/Down Disabled
Console#
é ç® è§£èª¬
Port MVR VLANã«ä»å ãããŠããã€ã³ã¿ãã§ãŒã¹
Type MVRããŒãã¿ã€ã
Status
MVRãã¹ã€ããã§æå¹ã®å ŽåâACTIVEâã¬ã·ãŒãããŒãã® MVRãâACTIVEâã®å Žåãå å ¥è ãMVRã°ã«ãŒãã®å ã²ãšã€ãããã«ããã£ã¹ããã©ãã£ãã¯ãåä¿¡äžããŸãã¯ãã«ããã£ã¹ãã°ã«ãŒãã¯ã€ã³ã¿ãã§ãŒã¹ã«éçã«ã¢ãµã€ã³
Immediate Leave å³æè±éã®æå¹ /ç¡å¹
Static Group Addressã€ã³ã¿ãã§ãŒã¹ãšã¬ã·ãŒã VLANã«ã¢ãµã€ã³ããããéçMVRã°ã«ãŒãã衚瀺
Console#show mvr members MVR Forwarding Entry Count:1 Group Address Source Address VLAN Forwarding Port ------------- -------------- ---- -------------- 225.0.0.9 * 2 Eth1/ 1(VLAN3) Eth1/ 2(VLAN2)Console#
é ç® è§£èª¬
MVR Forwarding EntryCount
çŸåš MVR VLANãã転éãããŠãããã«ããã£ã¹ããµãŒãã¹æ°ã
Group Address MVR VLANã«ã¢ãµã€ã³ãããŠãããã«ããã£ã¹ãã°ã«ãŒãã
Source Addressãã«ããã£ã¹ããµãŒãã¹ã®ãœãŒã¹ã¢ãã¬ã¹ã瀺ãããã°ã«ãŒãã¢ãã¬ã¹ãéçã«å²ãåœãŠãããŠããå Žåã«ã¢ã¹ã¿ãªã¹ã¯ã衚瀺ã
VLAN ãã«ããã£ã¹ããµãŒãã¹ãåä¿¡ããŠãã MVR VLANã衚瀺ã
Forwarding Port
MVR VLANãéããŠãã«ããã£ã¹ããµãŒãã¹ãæäŸããããã€ã³ã¿ãã§ãŒã¹ãšãµãã¹ã¯ã©ã€ãã衚瀺ããŸãããµãŒãã¹ãåãã VLANã衚瀺ãããã°ã«ãŒãã¢ãã¬ã¹ãéçã«å²ãåœãŠãããå Žåã¯ãMVR VLANãšç°ãªãããšããããŸãã
835FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
4.22 LLDPã³ãã³ã
Link Layer Discovery ProtocolïŒLLDPïŒã¯ããŒã«ã«ãããŒããã£ã¹ããã¡ã€ã³ã®äžã®æ¥ç¶ããã€ã¹ã«ã€ããŠã®åºæ¬çãªæ å ±ãçºèŠããããã«äœ¿çšããŸããLLDPã¯ã¬ã€ã€ 2ã®ãããã³ã«ã§ãããããã€ã¹ã«ã€ããŠã®æ å ±ãåšæçãªãããŒããã£ã¹ãã§äŒéããŸããäŒéãããæ å ±ã¯ IEEE802.1abã«åŸã£ãŠ Type Length ValueïŒTLVïŒã§è¡šãããããã«ã¯ããã€ã¹èªèº«ã®èå¥æ å ±ãèœåãèšå®æ å ±ã®è©³çŽ°ãå«ãŸããŠããŸãããŸã LLDPã¯çºèŠããè¿é£ã®ãããã¯ãŒã¯ããŒãã«ã€ããŠéããããæ å ±ã®ä¿åæ¹æ³ãšç®¡çæ¹æ³ãå®çŸ©ããŸãã
Link Layer Discovery Protocol - Media Endpoint DiscoveryïŒLLDP-MEDïŒã¯ VoIPãã¹ã€ããã®ãããªãšã³ããã€ã³ãã®ããã€ã¹ã管çããããã®æ¡åŒµããã LLDPã§ããLLDP-MEDã® TLVã¯ãããã¯ãŒã¯ããªã·ãŒãé»åãã€ã³ãã³ããªãããã€ã¹ã®ãã±ãŒã·ã§ã³ã®è©³çŽ°æ å ±ãäŒéããŸããLLDPãš LLDP-MEDã®æ å ±ã¯ããã©ãã«ã·ã¥ãŒãã£ã³ã°ã®ç°¡æåããããã¯ãŒã¯ç®¡çã®æ¹åãééãã®ãªããããã¯ãŒã¯ããããžãŒãç¶æãããããSNMPã¢ããªã±ãŒã·ã§ã³ã«ãã£ãŠäœ¿çšããããšãã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒãããŒãž
lldp ã¹ã€ãã㧠LLDPãæå¹ GC P837
lldp holdtime-multiplier TTL(time-to-live)å€ã®èšå® GC P838
lldp notification-interval
LLDPã®å€æŽã«é¢ãã SNMPéç¥éä¿¡ã®ééãèšå®
GC P839
lldp refresh-interval LLDPé ä¿¡ã®è»¢éééãèšå® GC P839
lldp reinit-delay LLDPããŒããç¡å¹ãŸãã¯ãªã³ã¯ããŠã³æã®ååæåãŸã§ã®åŸ ã¡æéãèšå®
GC P840
lldp tx-delayããŒã«ã« LLDP MIBã®å€æ°ã«å€åãèµ·ãã£ãåŸã«ãã¢ããã¿ã€ãºã¡ã³ããéä¿¡ãããŸã§ã®æéãèšå®ããŸã
GC P840
lldp admin-status LLDPã¡ãã»ãŒãžã®éä¿¡ã»åä¿¡ã®ã¢ãŒããæå¹ IC P841
lldp basic-tlvmanagement-ip-address
TLV Type âmanagement-ip-addressâãèšå® IC P841
lldp basic-tlvport-description TLV Type âport-descriptionâãèšå® IC P842
lldp basic-tlvsystem-capabilities TLV Type âsystem-capabilitiesâãèšå® IC P842
lldp basic-tlvsystem-description TLV Type âsystem-descriptionâãèšå® IC P843
lldp basic-tlvsystem-name TLV Type âsystem-nameâãèšå® IC P844
lldp dot1-tlv proto-ident* lldp dot1-TLVâ proto-identâãèšå® IC P844
lldp dot1-tlv proto-vid* lldp dot1-TLVâ proto-vidâãèšå® IC P845
lldp dot1-tlv pvid* lldp dot1-TLVâpvidâãèšå® IC P845
lldp dot1-tlv vlan-name* lldp dot1-TLVâvlan-nameâãèšå® IC P846
836 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp
ã¹ã€ãã㧠LLDPãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp
no lldp
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
lldp dot3-tlv link-agg lldp dot3-TLVâlink-aggâãèšå® IC P846
lldp dot3-tlv mac-phy lldp dot3-TLVâmac-phyâãèšå® IC P847
lldp dot3-tlv max-frame lldp dot3-TLVâmax-frameâãèšå® IC P847
lldp notification LLDPãš LLDP-MEDã®å€æŽã«ã€ã㊠SNMPãã©ããéç¥ã®éä¿¡ãæå¹
IC P848
show lldp config LLDPèšå®ã®è¡šç€º PE P849
show lldp info local-device LLDPããŒã«ã«ããã€ã¹æ å ±ã衚瀺 PE P850
show lldp inforemote-device LLDPãªã¢ãŒãããã€ã¹æ å ±ã衚瀺 PE P851
show lldp infostatistics LLDPçµ±èšæ å ±ã衚瀺 PE P852
Console(config)#lldpConsole(config)#
837FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp holdtime-multiplier
LLDPã®ã¢ããã¿ã€ãºã¡ã³ãã§éä¿¡ããã Time-To-LiveïŒTTLïŒå€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
lldp holdtime-multiplier value
no lldp holdtime-multiplier
⢠value - TTLå€ãèšå®ããŸããTTLã¯ç§ã§è¡šãããäžã®æ°åŒã§èšç®ããŸããTransmission Interval à Hold Time Multiplier ⊠65536ïŒç¯å²ïŒ2ïŒ 10ïŒ
åæèšå®
Holdtime multiplierïŒ4
TTLïŒ4à 30 = 120ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
TTLã¯ãã¿ã€ã ãªãŒãªæ¹æ³ã§ã¢ããããŒããéä¿¡ãããªãå Žåãéä¿¡ãã LLDPãšãŒãžã§ã³ãã«é¢ä¿ã®ãããã¹ãŠã®æ å ±ãã©ã®ãããã®æéç¶æããããåä¿¡ãã LLDPãšãŒãžã§ã³ãã«äŒéããŸãã
äŸ
Console(config)#lldp holdtime-multiplier 10Console(config)#
838 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp notification-interval
LLDP MIBã®å€æŽãè¡ããSNMPéç¥ãéä¿¡ããããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
lldp notification-interval seconds
no lldp notification-interval
⢠seconds - SNMP éç¥ãéãããåšæçãªééãæå®ããŸãããããïŒç¯å²ïŒ5ïœ 3600ç§ãåæèšå® 5ç§ïŒ
åæèšå®
5ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
lldp refresh-interval
LLDPã¢ããã¿ã€ãºãéä¿¡ããããŸã§ã®ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
lldp refresh-interval seconds
no lldp refresh-delay
⢠seconds - LLDPã¢ããã¿ã€ãºãéä¿¡ããããŸã§ã®ééãæå®ããŸãããããïŒç¯å²ïŒ5ïœ 32768ç§ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
refresh-intervalà Hold Time Multiplier ⊠65536
äŸ
Console(config)#lldp notification-interval 30Console(config)#
Console(config)#lldp refresh-interval 60Console(config)#
839FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp reinit-delay
LLDPããŒããç¡å¹ã«ãªãããªã³ã¯ããŠã³ããåŸãååæåãè©Šã¿ããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
lldp reinit-delay seconds
no lldp reinit-delay
⢠seconds - ååæåãè©Šã¿ããŸã§ã®æéãæå®ããŸãïŒç¯å²ïŒ1-10ç§ïŒ
åæèšå®
2ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
lldp tx-delay
ããŒã«ã« LLDP MIBã®å€æ°ã«å€åãèµ·ãã£ãåŸã«åŒãç¶ããã¢ããã¿ã€ãºã¡ã³ããéä¿¡ãããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæç¶æ ã«æ»ããŸãã
ææ³
lldp tx-delay seconds
no lldp tx-delay
⢠seconds - ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ãããŸã§ã®æéãèšå®ãæå®ããŸãããããïŒç¯å²ïŒ1-8192ç§ïŒ
åæèšå®
2ç§
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#lldp reinit-delay 10Console(config)#
Console(config)#lldp tx-delay 10Console(config)#
840 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp admin-status
åå¥ã®ã€ã³ã¿ãŒãã§ãŒã¹ã«å¯Ÿããã¡ãã»ãŒãžã®å 容ãæå®ããããã« LLDPããŒãã»ãã©ã³ã¯ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp admin-status < rx-only | tx-only | tx-rx >
no lldp admin-status
⢠rx-only - LLDP PDUs.åä¿¡ã®ã¿
⢠tx-only - LLDP PDUs.éä¿¡ã®ã¿
⢠tx-rx - LLDP PDUs.éåä¿¡
åæèšå®
tx-rx
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
lldp basic-tlv management-ip-address
LLDPæå¹ããŒã㧠"management-ip-addressâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp basic-tlv management-ip-address
no lldp basic-tlv management-ip-address
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠management-ip-addressã«ã¯ãã¹ã€ããã® IPv4ã¢ãã¬ã¹ãå«ãŸããŸããã¹ã€ããã«ç®¡ççšã®ã¢ãã¬ã¹ããªãå Žåãã¢ãã¬ã¹ã¯ã¹ã€ããã® CPUã® MACã¢ãã¬ã¹ãããã®ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ããããŒãã® MACã¢ãã¬ã¹ã«ãªããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#lldp admin-status rx-onlyConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#lldp basic-tlv management-ip-addressConsole(config-if)#
841FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp basic-tlv port-description
LLDPæå¹ããŒã㧠"port-descriptionâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp basic-tlv port-descriptionno lldp basic-tlv port-description
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠port-descriptionã«ã¯ãRFC2863ã® ifDescrãªããžã§ã¯ãã§èŠå®ãããŠããŸããããã«ã¯è£œé è ãã¹ã€ããã®è£œååãã€ã³ã¿ãŒãã§ãŒã¹ã®ããŒããŠã§ã¢ãšãœãããŠã§ã¢ã®ããŒãžã§ã³ãå«ãŸããŸãã
äŸ
lldp basic-tlv system-capabilities
LLDPæå¹ããŒã㧠"system-capabilitiesâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp basic-tlv system-capabilitiesno lldp basic-tlv system-capabilities
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠system-capabilitiesã«ã¯ãã·ã¹ãã ã®äž»ãªæ©èœãå«ãŸããŸãããã®æ å ±ã«ã¯æ©èœèªäœãæå¹ãã©ããã¯é¢ä¿ãããŸããããã® TLVã«ãã£ãŠã¢ããã¿ã€ãºãããæ å ±ã¯ IEEE802.1ABèŠæ Œã«èšè¿°ãããŠããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#lldp basic-tlv port-descriptionConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#lldp basic-tlv system-capabilitiesConsole(config-if)#
842 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp basic-tlv system-description
LLDPæå¹ããŒã㧠"system-descriptionâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp basic-tlv system-description
no lldp basic-tlv system-description
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
system-description㯠RFC3418ã® sysDescrãªããžã§ã¯ãã§èŠå®ãããŠããŸããã·ã¹ãã ã®ããŒããŠã§ã¢ããªãã¬ãŒãã£ã³ã°ãœããããããã¯ãŒãã³ã°ãœããã®ãã«ããŒã ãšããŒãžã§ã³ãå«ãŸããŠããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#lldp basic-tlv system-descriptionConsole(config-if)#
843FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp basic-tlv system-name
LLDPæå¹ããŒã㧠"system-nameâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp basic-tlv system-nameno lldp basic-tlv system-name
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠System-name㯠RFC3418ã® sysNameãªããžã§ã¯ãã§èŠå®ãããŠããŸããã·ã¹ãã ã®ç®¡ççšã«å²ãåœãŠãããååãå«ãŸããŸãã
äŸ
lldp dot1-tlv proto-ident
LLDPæå¹ããŒã㧠"proto-identâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot1-tlv proto-identno lldp dot1-tlv proto-ident
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#lldp basic-tlv system-nameConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#no lldp dot1-tlv proto-identConsole(config-if)#
844 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp dot1-tlv proto-vid
LLDPæå¹ããŒã㧠"proto-vidâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot1-tlv proto-vidno lldp dot1-tlv proto-vid
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããŒãããŒã¹ããã³ãããã³ã«ããŒã¹ VLANæ å ±ãã¢ããã¿ã€ãºããŸãã詳现ã«ã€ããŠã¯ P724 ãVLANã€ã³ã¿ãã§ãŒã¹ã®èšå®ãããã³ P741 ããããã³ã« VLANã®èšå®ããåç §ããŠãã ããã
äŸ
lldp dot1-tlv pvid
LLDPæå¹ããŒã㧠"pvidâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot1-tlv pvidno lldp dot1-tlv pvid
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠PVIDæ å ±ãã¢ããã¿ã€ãºããŸãã詳现ã«ã€ããŠã¯ P729 ãswitchport native vlanããåç §ããŠãã ããã
äŸ
Console(config)#inter ethernet 1/1Console(config-if)#no lldp dot1-tlv proto-vidConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#no lldp dot1-tlv pvidConsole(config-if)#
845FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp dot1-tlv vlan-name
LLDPæå¹ããŒã㧠"vlan-nameâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot1-tlv vlan-nameno lldp dot1-tlv vlan-name
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æå®ããã€ã³ã¿ãã§ãŒã¹ãå²ãåœãŠããããå šãŠã® VLANåãã¢ããã¿ã€ãºããŸããVLANã«ã€ããŠã¯ P726 ãswitchport allowed vlanãããã³ P742 ãprotocol-vlan protocol-group (Configuring Groups)ããåç §ããŠãã ããã
äŸ
lldp dot3-tlv link-agg
LLDPæå¹ããŒã㧠"link-aggâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot3-tlv link-aggno lldp dot3-tlv link-agg
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³ã¹ããŒã¿ã¹ãã¢ããã¿ã€ãºããŸãã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#no lldp dot1-tlv vlan-nameConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#no lldp dot3-tlv link-aggConsole(config-if)#
846 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp dot3-tlv mac-phy
LLDPæå¹ããŒã㧠"mac-phyâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot3-tlv mac-phyno lldp dot3-tlv mac-phy
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠MAC/PHYèšå®ããã³ã¹ããŒã¿ã¹ãã¢ããã¿ã€ãºããŸãã
äŸ
lldp dot3-tlv max-frame
LLDPæå¹ããŒã㧠"max-frameâã®ã¢ããã¿ã€ãºãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp dot3-tlv max-frameno lldp dot3-tlv max-frame
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ倧ãã¬ãŒã ãµã€ãºæ å ±ãã¢ããã¿ã€ãºããŸãããã¬ãŒã ãµã€ãºã«ã€ããŠã®è©³çŽ°ã¯ P400 ããã¬ãŒã ãµã€ãºã³ãã³ãããåç §ããŠãã ããã
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#no lldp dot3-tlv mac-phyConsole(config-if)#
Console(config)#interface ethernet 1/1Console(config-if)#lldp dot3-tlv max-frameConsole(config-if)#
847FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
lldp notification
LLDP å€æŽã«ã€ã㊠SNMP ãã©ããéç¥ã®éä¿¡ãå¯èœã«ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
lldp notificationno lldp notification
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
Console(config)#interface ethernet 1/1Console(config-if)#lldp notificationConsole(config-if)#
848 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
show lldp config
å šãŠã®ããŒãã® LLDPèšå®ã衚瀺ããŸãã
ææ³
show lldp config [detail interface]
⢠detail â èšå®ãµããªã衚瀺
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show lldp config
LLDP Global Configuration
LLDP Enabled : Yes LLDP Transmit interval : 30 sec. LLDP Hold Time Multiplier : 4 LLDP Delay Interval : 2 sec. LLDP Re-initialization Delay : 2 sec. LLDP Notification Interval : 5 sec.
LLDP Port Configuration Port Admin Status Notification Enabled -------- ------------ -------------------- Eth 1/1 Tx-Rx False Eth 1/2 Tx-Rx False Eth 1/3 Tx-Rx False Eth 1/4 Tx-Rx False Eth 1/5 Tx-Rx False Eth 1/6 Tx-Rx False Eth 1/7 Tx-Rx False Eth 1/8 Tx-Rx False Eth 1/9 Tx-Rx False Eth 1/10 Tx-Rx FalseConsole#
849FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
show lldp info local-device
ã¹ã€ããã«ã€ããŠã®æ å ±ã衚瀺ããŸãã
ææ³
show lldp info local-device [detail interface]
⢠detail â 詳现æ å ±ã衚瀺
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show lldp info local-device
LLDP Local System Information Chassis Type : MAC Address Chassis ID : 00-12-CF-F3-DE-46 System Name : System Description : FXC3110 System Capabilities Support : Bridge, Router System Capabilities Enabled : Bridge, Router
LLDP Port Information Port PortID Type PortID Port Description -------- ---------------- ----------------- -------------------------------- Eth 1/1 MAC Address 00-12-CF-F3-DE-47 Ethernet Port on unit 1, port 1 Eth 1/2 MAC Address 00-12-CF-F3-DE-48 Ethernet Port on unit 1, port 2 Eth 1/3 MAC Address 00-12-CF-F3-DE-49 Ethernet Port on unit 1, port 3 Eth 1/4 MAC Address 00-12-CF-F3-DE-4A Ethernet Port on unit 1, port 4 Eth 1/5 MAC Address 00-12-CF-F3-DE-4B Ethernet Port on unit 1, port 5 Eth 1/6 MAC Address 00-12-CF-F3-DE-4C Ethernet Port on unit 1, port 6 Eth 1/7 MAC Address 00-12-CF-F3-DE-4D Ethernet Port on unit 1, port 7 Eth 1/8 MAC Address 00-12-CF-F3-DE-4E Ethernet Port on unit 1, port 8 Eth 1/9 MAC Address 00-12-CF-F3-DE-4F Ethernet Port on unit 1, port 9 Eth 1/10 MAC Address 00-12-CF-F3-DE-50 Ethernet Port on unit 1, port 10Console#
850 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
show lldp info remote-device
ããŒã«ã«ã¹ã€ããã®æå®ãããããŒãã«æ¥ç¶ããããLLDPãæå¹ã®ããã€ã¹ã«ã€ããŠã®è©³çŽ°æ å ±ã衚瀺ããŸãã
ææ³
show lldp info remote-device [detail interface]
⢠detail â 詳现æ å ±ã衚瀺
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show lldp info remote-deviceLLDP Remote Devices InformationInterface | ChassisId PortId SysName--------- + ----------------- ----------------- ---------------------Eth 1/1 | 00-01-02-03-04-05 00-01-02-03-04-06Console#show lldp info remote-device detail ethernet 1/1LLDP Remote Devices Information Detail---------------------------------------------------------------Local PortName : Eth 1/1Chassis Type : MAC AddressChassis Id : 00-01-02-03-04-05PortID Type : MAC AddressPortID : 00-01-02-03-04-06SysName :SysDescr : 24PORT GIGABIT L2 INTELLIGENT SWITCHPortDescr : Ethernet Port on unit 1, port 1SystemCapSupported : BridgeSystemCapEnabled : BridgeRemote Management Address :00-01-02-03-04-05 (MAC Address)Console#
851FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹LLDPã³ãã³ã
show lldp info statistics
ãã®ã¹ã€ããã«æ¥ç¶ãããŠãã LLDPãæå¹ãªãã¹ãŠã®ããã€ã¹ã®çµ±èšã衚瀺ããŸãã
ææ³
show lldp info statistics [ detail interface]
⢠detail â 詳现æ å ±ã衚瀺
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-10ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-5ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show lldp info statistics
LLDP Device Statistics
Neighbor Entries List Last Updated : 0 seconds New Neighbor Entries Count : 0 Neighbor Entries Deleted Count : 0 Neighbor Entries Dropped Count : 0 Neighbor Entries Ageout Count : 0
Port NumFramesRecvd NumFramesSent NumFramesDiscarded -------- -------------- ------------- ------------------ Eth 1/1 0 0 0 Eth 1/2 0 0 0 Eth 1/3 0 0 0 Eth 1/4 0 0 0 Eth 1/5 0 0 0 Eth 1/6 0 0 0 Eth 1/7 0 0 0 Eth 1/8 0 0 0 Eth 1/9 0 0 0 Eth 1/10 0 0 0Console#
852 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
4.23 DNSïŒDomain Name Server)
æ¬ã³ãã³ã㯠DNS(Domain Naming System)ãµãŒãã¹ã®èšå®ãè¡ãªããŸãããã¡ã€ã³åãšIPã¢ãã¬ã¹ã®ãããã³ã°ãè¡ãªã DNSããŒãã«ã®æåã§ã®èšå®ãè¡ãªããä»ãããã©ã«ããã¡ã€ã³åã®èšå®åã¯ã¢ãã¬ã¹å€æãè¡ãªãããã®è€æ°ã®ããŒã ãµãŒãã®æå®ãè¡ãªãã
ãšãã§ããŸãã
DNS㯠"ip name-server"ã³ãã³ãã䜿çšãæäœ 1ã€ã®ããŒã ãµãŒããæå®ããªããã°æå¹ã«ããããšã¯ã§ããŸããããŸãããã¡ã€ã³ã«ãã¯ã¢ãã㯠" ip domain-lookup"ã³ãã³ãã«ããæå¹ã«ããŸã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip domain-list äžå®å šãªãã¹ãçšã®ããã©ã«ããã¡ã€ã³åãªã¹ãã®èšå®
GC P854
ipdomain-lookup
DNSã«ãããã¹ãåïŒã¢ãã¬ã¹å€æã®æå¹å
GC P855
ip domain-name äžå®å šãªãã¹ãçšã®ããã©ã«ããã¡ã€ã³åã®èšå®
GC P856
ip host éç IPv4ãã¹ãåããã¢ãã¬ã¹ãžã®ãããã³ã°ãäœæ
GC P857
ip name-server ãã¹ãåïŒã¢ãã¬ã¹å€æã®ããã® 1ã€åã¯è€æ°ã®ããŒã ãµãŒãã®æå®
GC P858
ipv6 host Creates a static IPv6 host name-to-address mapping
GC P859
clear dns cache DNSãã£ãã·ã¥ã®ãšã³ããªã®ã¯ãªã¢ PE P859
clear host ãã¹ãåïŒã¢ãã¬ã¹ããŒãã«ããã®ãšã³ããªã®åé€
PE P856
show dns DNSãµãŒãã¹ã®èšå®ã®è¡šç€º PE P860
show dns cache DNSãã£ãã·ã¥ã®ãšã³ããªã®è¡šç€º PE P861
show hosts éçãã¹ãåïŒã¢ãã¬ã¹ãããã³ã°ããŒãã«ã®è¡šç€º
PE P862
853FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-list
ãã®ã³ãã³ãã¯ãäžå®å šãªãã¹ãåã«è¿œå ãããã¡ã€ã³åã®ãªã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãªã¹ããããã¡ã€ã³åãåé€ããŸãã
ææ³
ip domain-list name
no ip domain-list name
⢠name â ãã¹ãåããã¡ã€ã³åãšãã¹ãåã®éã®ããã ( . )ã¯å ¥åããªãã§äžããããããïŒèšå®ç¯å²ïŒ1-68 æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¡ã€ã³åã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠æ¬æ©ã® DNS ãµãŒããäžå®å šãªãã¹ãåãåä¿¡ãããã¡ã€ã³åãªã¹ããæå®ãããå Žåãæ¬æ©ã¯è¿œå ãããªã¹ãå ã®åãã¡ã€ã³åããã¹ãåã«å ããäžèŽããç¹å®ã®ããŒã ãµãŒãã確èªããŠããã¡ã€ã³ãªã¹ãã«ããåäœããŸãã
⢠ãã¡ã€ã³ãªã¹ãããªãå Žåãããã©ã«ããã¡ã€ã³åã䜿çšãããŸãããã¡ã€ã³ãªã¹ããããå Žåã«ã¯ãããã©ã«ããã¡ã€ã³åã¯äœ¿çšãããŸããã
äŸ
æ¬äŸã§ã¯ãçŸåšã®ãªã¹ãã« 2ã€ã®ãã¡ã€ã³åãè¿œå ãããã®åŸãªã¹ãã衚瀺ããŠããŸãã
é¢é£ããã³ãã³ã
ip domain-nameïŒP856ïŒ
Console(config)#ip domain-list sample.com.jpConsole(config)#ip domain-list sample.com.ukConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS disabledDefault Domain Name:
ãã.sample.comDomain Name List:
ãã.sample.com.jp
ãã.sample.com.ukName Server List:Console#
854 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-lookup
DNSãã¹ãåã»ã¢ãã¬ã¹å€æãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ DNSãç¡å¹ã«ããŸãã
ææ³
ip domain-lookupno ip domain-lookup
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠DNSãæå¹ã«ããåã«æäœ 1ã€ã®ããŒã ãµãŒããæå®ããå¿ èŠããããŸãã
⢠ãã¹ãŠã®ããŒã ãµãŒããåé€ãããå Žåã«ã¯ DNS ã¯èªåçã«ç¡å¹ã«ãªããŸãã
äŸ
æ¬äŸã§ã¯ãDNSãæå¹ã«ããèšå®ã衚瀺ããŠããŸãã
é¢é£ããã³ãã³ã
ip domain-nameïŒP856ïŒip name-serverïŒP858ïŒ
Console(config)#ip domain-lookupConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS enabledDefault Domain Name:
ãã.sample.comDomain Name List:
ãã.sample.com.jp
ãã.sample.com.ukName Server List:
ãã192.168.1.55
ãã10.1.0.55Console#
855FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-name
äžå®å šãªãã¹ãåã«è¿œå ããããã©ã«ããã¡ã€ã³åãèšå®ããŸãã
"no"ãåã«çœ®ãããšã§ãã¡ã€ã³åãåé€ããŸãã
ææ³
ip domain-name name
no ip domain-name
⢠name â ãã¹ãåããã¡ã€ã³åãšãã¹ãåã®éã®ããã ( . )ã¯å ¥åããªãã§äžããããããïŒèšå®ç¯å²ïŒ1-127 æåïŒ
åæèšå®
ãªã
äŸ
é¢é£ããã³ãã³ã
ip domain-listïŒP854ïŒip name-serverïŒP858ïŒip domain-lookupïŒP855ïŒ
Console(config)#ip domain-name sample.comConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS disabledDefault Domain Name:
ãã.sample.comDomain Name List:Name Server List:Console#
856 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip host
ãã¹ãåã IPv4ã¢ãã¬ã¹ãžããããã DNSããŒãã«ã«ãéçãšã³ããªãäœæããŸãã"no"ãåã«çœ®ãããšã§ãšã³ããªãåé€ããŸãã
ææ³
ip host name address
no ip host name address
⢠name â ãã¹ãåïŒèšå®ç¯å²ïŒ1-100æåïŒ
⢠address â 察å¿ãã IPv4 ã¢ãã¬ã¹
åæèšå®
éçãšã³ããªãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãµãŒããä»ã®ãããã¯ãŒã¯æ©åšã¯è€æ°ã® IPã¢ãã¬ã¹ã«ããè€æ°æ¥ç¶ããµããŒãããŠããŸãã2ã€ä»¥äžã® IPã¢ãã¬ã¹ãéçããŒãã«ãããŒã ãµãŒãããã®å¿çã«ãããã¹ãåãšé¢é£ä»ãããå ŽåãDNSã¯ã©ã€ã¢ã³ãã¯æ¥ç¶ã確ç«ãããŸã§åã¢ãã¬ã¹ã«æ¥ç¶ãè©Šã¿ãŸãã
äŸ
2ã€ã®ã¢ãã¬ã¹ããã¹ãåã«ãããã³ã°ããŠããŸãã
Console(config)#ip host rd5 192.168.1.55Console(config)#endConsole#show hostNo. Flag Type IP Address TTL Domain---- ---- ------- -------------------- ----- -------------------------- 0 2 Address 192.168.1.55 rd5Console#
857FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip name-server
ãã¡ã€ã³å解決ã®ããã« 1ã€åã¯è€æ°ã®ãã¡ã€ã³ããŒã ãµãŒãã®ã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãªã¹ãããããŒã ãµãŒããåé€ããŸãã
ææ³
ip name-server server-address1 [server-address2 ⊠server-address6 ]
no ip name-server server-address1 [ server-address2 ⊠server-address6 ]
⢠server-address1 â ãã¡ã€ã³ããŒã ãµãŒãã® IP ã¢ãã¬ã¹
⢠server-address2 ⊠server-address6 â ãã¡ã€ã³ããŒã ãµãŒãã® IP ã¢ãã¬ã¹ïŒè¿œå åïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ããªã¹ãå ã®ããŒã ãµãŒãã«å¯ŸããŠé çªã«ãªã¯ãšã¹ããéä¿¡ããŸãã
äŸ
å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ããªã¹ãå ã®ããŒã ãµãŒãã«å¯ŸããŠé çªã«ãªã¯ãšã¹ããéä¿¡ããŸãã
é¢é£ããã³ãã³ã
ip domain-nameïŒP856ïŒip domain-lookupïŒP855ïŒ
Console(config)#ip name-server 192.168.1.55 10.1.0.55Console(config)#endConsole#show dnsDomain Lookup Status: DNS disabledDefault Domain Name: .sample.comDomain Name List: .sample.com.jp .sample.com.ukName Server List:192.168.1.5510.1.0.55Console#
858 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ipv6 host
ãã¹ãåã IPv6ã¢ãã¬ã¹ãžããããããDNSããŒãã«ã®éçãšã³ããªãäœæããŸãã"no"ãåã«çœ®ãããšã§ãšã³ããªãåé€ããŸãã
ææ³
ipv6 host name ipv6-address
no ip host name address
⢠name â ãã¹ãåïŒèšå®ç¯å²ïŒ1-100æåïŒ
⢠ipv6-address â 察å¿ãã IPv6 ã¢ãã¬ã¹ããã®ã¢ãã¬ã¹ã¯ãRFC2373âIPv6 Addressing Architectureâã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
åæèšå®
éçãšã³ããªãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
This example maps an IPv6 address to a host name.
clear dns cache
DNSãã£ãã·ã¥ã®ãã¹ãŠã®å€ãã¯ãªã¢ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#ipv6 host rd6 2001:0db8:1::12Console(config)#endConsole# show hostNo. Flag Type IP Address TTL Domain---- ---- ------- -------------------- ----- -------------------------- 0 2 Address 192.168.1.55 rd5 1 2 Address 2001:DB8:1::12 rd6Console#
Console#clear dns cacheConsole#show dns cache
NO ãããFLAG ãããTYPE ããIP ããTTL ããDOMAINConsole#
859FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
clear host
DNSããŒãã«ã®ãšã³ããªãåé€ããŸãã
ææ³
clear host {name | *}
⢠name â ãã¹ãåïŒèšå®ç¯å²ïŒ1-100æåïŒ
⢠* â ãã¹ãŠã®ãšã³ããªãåé€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ãã¹ãŠã® DNSããŒãã«ã®ãšã³ããªãåé€ããŠããŸãã
show dns
DNSãµãŒãã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#clear host *Console#
Console#show dnsDomain Lookup Status:
ããDNS enabledDefault Domain Name:
ããsample.comDomain Name List:
ããsample.com.jp
ããsample.com.ukName Server List:
ãã192.168.1.55
ãã10.1.0.55Console#
860 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
show dns cache
DNSãã£ãã·ã¥ã®å 容ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show dns cache
No. Flag Type IP Address ãTTL Domain
------- ------- ------- --------------- ã------- --------
3 4 Host 209.131.36.158 115 www-real.wa1.b.yahoo.com
4 4 CNAME POINTER TO:3 115 www.yahoo.com 5 4 CNAME POINTER TO:3 115 www.wa1.b.yahoo.comConsole#
é ç® è§£èª¬NO åãªãœãŒã¹ã¬ã³ãŒãã®ãšã³ããªçªå·
FLAG ãã£ãã·ã¥ãšã³ããªã®ãã©ã°ã¯åžžã« "4"
TYPEæšæºçåã¯ãã©ã€ããªåãæå®ããããCNAMEããæ¢åã®ãšã³ããªãšåã IPã¢ãã¬ã¹ããããã³ã°ãããŠããå€æ°ã®ãã¡ã€ã³åãæå®ããããALIASã
IP Address ã¬ã³ãŒãã«é¢é£ãã IPã¢ãã¬ã¹
TTL ããŒã ãµãŒãã«ããå ±åãããçåå¯èœæéDOMAIN ã¬ã³ãŒãã«é¢é£ãããã¡ã€ã³å
861FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
show hosts
éçãã¹ãåïŒã¢ãã¬ã¹ãããã³ã°ããŒãã«ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
以åã«èšå®ããããšã³ããªãšåãã¢ãã¬ã¹ããããã³ã°ãããå Žåããã¹ãåã¯ãšã€ãªã¢ã¹ãšããŠè¡šç€ºãããŸãã
Console(config)#ipv6 host rd6 2001:0db8:1::12Console(config)#endConsole# show hostNo. Flag Type IP Address TTL Domain---- ---- ------- -------------------- ----- -------------------------- 0 2 Address 192.168.1.55 rd5 1 2 Address 2001:DB8:1::12 rd6Console#
é ç® è§£èª¬NO åãªãœãŒã¹ã¬ã³ãŒãã®ãšã³ããªçªå·
FLAGéçãšã³ããªã®ãã©ã°ã¯ "2"ããŸãã¯ãã£ãã·ã¥ã«ä¿åãããåçãšã³ããªã¯ "4"
TYPEãªãŒããŒã®ãã©ã€ããªåãæå®ãã "Address"ãå«ã¿ãæ¢åã®ãšã³ããªã« IPã¢ãã¬ã¹ãšåæ§ã«ããããããè€æ°ã®ãã¡ã€ã³åïŒãŸãã¯ãšã€ãªã¢ã¹ïŒãæå®ãã "CHAME"
IP Address ã¬ã³ãŒãã«é¢é£ãã IPã¢ãã¬ã¹
TTL ããŒã ãµãŒãã«ããå ±åãããçåå¯èœæéDOMAIN ã¬ã³ãŒãã«é¢é£ãããã¡ã€ã³å
862 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
4.24 DHCP
以äžã®ã³ãã³ãã¯ãDynamic Host Configuration Protocol (DHCP)ã¯ã©ã€ã¢ã³ãæ©èœã®èšå®ãè¡ãããã«äœ¿çšããŸãã
4.24.1 DHCPã¯ã©ã€ã¢ã³ã
ã¹ã€ããã® VLANã€ã³ã¿ãã§ãŒã¹ãåçã« IPã¢ãã¬ã¹æ å ±ãååŸããããšãå¯èœã«ããŸãã
[ 泚æ ]ãçŸåšã®ãœãããŠã§ã¢ãªãªãŒã¹ã§ã¯ãIP ã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã® DHCPv6 ç¶æ ãæã€èšå®ã¯ãµããŒããããŠããŸããããããã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã " otherstateful configuration" ãã©ã°ã»ãããæã€å Žåãã¹ã€ãã㯠DHCPv6 ãµãŒãããããã®ä»ã®éã¢ãã¬ã¹èšå®æ å ±ïŒããã©ã«ãã²ãŒããŠã§ã€çïŒãç²åŸããããšè©Šã¿ãŸãã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
DHCP Client ã€ã³ã¿ãã§ãŒã¹ãåçã« IPã¢ãã¬ã¹æ å ±ãååŸããããšãå¯èœã«ããŸã
P863
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžIPv4 DHCP
ip dhcp client class-id
ã€ã³ã¿ãã§ãŒã¹ã® DHCPã¯ã©ã€ã¢ã³ãèå¥åãæå®
IC P864
ip dhcp restart client
BOOTPãŸã㯠DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããåãå ¥ã
PE P865
IPv6 DHCP
ipv6 dhcp restart client vlan DHCPv6ã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããåãå ¥ã PE P866
show ipv6 dhcp duid ã¹ã€ããã® DHCPã®äžæãªèå¥åã衚瀺 PE P867
show ipv6 dhcp vlan
æå®ããã€ã³ã¿ãã§ãŒã¹ã® DHCPv6æ å ±ã衚瀺
PE P867
863FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ip dhcp client class-id
çŸåšã®ã€ã³ã¿ãã§ãŒã¹ã® DHCPã¯ã©ã€ã¢ã³ããã³ãã¯ã©ã¹èå¥åãæå®ããŸãã"no"ã䜿çšããããšã§èå¥åãåé€ããŸãã
ææ³
ip dhcp client class-id { text text | hex hex }
no ip dhcp client class-id
⢠text â ããã¹ãã¹ããªã³ã° ïŒç¯å²ïŒ1-32æåïŒ
⢠hex â 16é²æ°å€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒVLANïŒ
ã³ãã³ã解説
⢠ãµãŒã㯠TFTPãµãŒãåãšããŒããã¡ã€ã«ãå«ããªãã·ã§ã³ 66å±æ§ãèŠçŽãããªãã·ã§ã³ 43æ å ±ã§è¿çããŸãã
äŸ
é¢é£ããã³ãã³ã
ip dhcp restart clientïŒP865ïŒ
Console(config)#interface vlan 1Console(config-if)#ip dhcp client class-id hex 0000e8666572Console(config-if)#
864 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ip dhcp restart client
BOOTPãŸã㯠DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããé©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠"ip address"ã³ãã³ãã§ãBOOTPãŸã㯠DHCPã¢ãŒãã«ã»ãããããŠãã IPã€ã³ã¿ãã§ãŒã¹ã« BOOTPãŸã㯠DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããçºè¡ããŸãã
⢠DHCPã¯ãµãŒããŒã«ãå©çšå¯èœã®å Žåã«ã¯ã©ã€ã¢ã³ãã®ååã®ã¢ãã¬ã¹ãåå²ãåœãŠããããèŠæ±ããŸãã
⢠BOOTPãŸã㯠DHCPãµãŒããå¥ã®ãã¡ã€ã³ãžç§»åãããå Žåãã¯ã©ã€ã¢ã³ãã«æäŸãããã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã¯æ°ãããã¡ã€ã³ãåºã«ããŸãã
äŸ
é¢é£ããã³ãã³ã
ip addressïŒP869ïŒ
Console(config)#interface vlan 1Console(config-if)#ip address dhcpConsole(config-if)#exitConsole(config)#exConsole#ip dhcp restart clientConsole#show ip interfaceVlan 1 is Administrative Up - Link Up Address is 00-12-CF-F3-DE-46 (via 00-12-CF-F3-DE-46) Index: 1001, MTU: 1500, Bandwidth: 1g Address Mode is DHCP IP Address: 192.168.0.9 Mask: 255.255.255.0 Proxy ARP is disabledConsole#
865FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ipv6 dhcp restart client vlan
DHCPv6ã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããæåºããŸãã
ææ³
ipv6 dhcp restart client vlan vlan-id
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠DHCPã¯ã©ã€ã¢ã³ãããã»ã¹ãæå¹ã§ããã¬ãã£ãã¯ã¹ã®ç²åŸã«æåãããããã¬ãã£ãã¯ã¹ã¯ IPv6éåžžãã¬ãã£ãã¯ã¹ããŒã«ã«ä¿åãããŸããä»ã®ã³ãã³ããšã¢ããªã±ãŒã·ã§ã³ïŒipv6ã¢ãã¬ã¹ã³ãã³ããªã©ïŒã¯ãéåžžãã¬ãã£ãã¯ã¹ããŒã«ã§ãã¬ãã£ãã¯ã¹ãåç §ããããšãã§ããŸãã
⢠DHCPv6ã¯ã©ã€ã¢ã³ãã¯ãDNSãµãŒãã¢ãã¬ã¹ã®ãããªåã ã®ã¯ã©ã€ã¢ã³ãã®åçç¶æ ãä¿æããå¿ èŠããªããã©ã¡ãŒã¿ã®èšå®ããªã¯ãšã¹ãããããšãã§ããŸãã
äŸ
é¢é£ããã³ãã³ã
ipv6 addressïŒP878ïŒ
Console#ipv6 dhcp restart client vlan 1Console#
866 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
show ipv6 dhcp duid
ã¹ã€ããã® DHCPäžæã®èå¥åã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠DHCPv6ã¯ã©ã€ã¢ã³ããšãµãŒãã¹ã¯ãã¯ã©ã€ã¢ã³ãèå¥åãšãµãŒããŒèå¥åãªãã·ã§ã³ãå«ããDHCP Unique Identifier (DUID)ã«ãã£ãŠèå¥ãããŸããéçãŸãã¯åçã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã¯ãã¯ã©ã€ã¢ã³ãã® DUIDãåºã« DHCPv6ãµãŒãã«ãã£ãŠå²ãåœãŠãããŸãã
äŸ
show ipv6 dhcp vlan
æå®ãããã€ã³ã¿ãã§ãŒã¹ã® DHCPv6æ å ±ã衚瀺ããŸãã
ææ³
show ipv6 dhcp vlan vlan-id
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ipv6 dhcp duidDHCPv6 Unique Identifier (DUID): 0001-0001-4A8158B4-00E00C0000FDConsole#
Console#show ipv6 dhcp vlan 1VLAN 1 is in DHCP client mode, Rapid-Commit List of known servers: Server address : FE80::250:FCFF:FEF9:A494 DUID : 0001-0001-48CFB0D5-F48F2A006801
Server address : FE80::250:FCFF:FEF9:A405 DUID : 0001-0001-38CF5AB0-F48F2A003917Console#
867FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
4.25 IP ã€ã³ã¿ãã§ãŒã¹
IPã¢ãã¬ã¹ã¯æ¬æ©ãžã®ãããã¯ãŒã¯çµç±ã§ã®ç®¡ççšã¢ã¯ã»ã¹ã®éã«äœ¿çšãããŸããåæèšå®ã§ã¯ DHCPã䜿çšã㊠IPã¢ãã¬ã¹ã®ååŸãè¡ãèšå®ã«ãªã£ãŠããŸããIPã¢ãã¬ã¹ã¯æåã§èšå®ããããšããå BOOTP/DHCPãµãŒãããé»æºæå ¥æã«èªåçã«ååŸããããšãã§ããŸãããŸããä»ã®ã»ã°ã¡ã³ãããæ¬æ©ãžã®ã¢ã¯ã»ã¹ãè¡ãããã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãå¿ èŠãšãªããŸãã
åæèšå®ã§ã¯ãæ¬æ©ã® VLAN1ã® IPv4ã¢ãã¬ã¹ã¯ DHCPçµç±ã§ååŸãããŸãããŸããæ¬è£ 眮ãšç°ãªããããã¯ãŒã¯ã»ã°ã¡ã³ãã«ãã管çã¹ããŒã·ã§ã³éã®ãIPv4ãŸã㯠IPv6ããã©ã«ãã²ãŒããŠã§ã€ã確ç«ããå¿ èŠããããŸãã
4.25.1 IPv4ã€ã³ã¿ãã§ãŒã¹èšå®
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
IPv4 Interface ã¹ã€ããã® IPv4ã¢ãã¬ã¹ãèšå® P868
IPv6 Interface ã¹ã€ããã® IPv6ã¢ãã¬ã¹ãèšå® P876
ARP Configuration éçãåçããããã· ARPãµãŒãã¹ã®èšå® P874
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip address æ¬æ©ãžã® IPã¢ãã¬ã¹ã®èšå® IC P869
ipdefault-gateway
æ¬æ©ãšç®¡ç端æ«ãæ¥ç¶ããããã®ã²ãŒããŠã§ã€èšå®ã®è¡šç€º
GC P870
show ip default-gateway
æ¬æ©ã®ããã©ã«ãã²ãŒããŠã§ã€èšå®ã®è¡šç€º
PE P870
show ip interface æ¬æ©ã® IPèšå®ã®è¡šç€º PE P871
traceroute ãã±ãããæå®ããããã¹ãã«åãã«ãŒãã衚瀺
PE P872
pingãããã¯ãŒã¯äžã®ä»ã®ããŒããžã® ICMP echoãªã¯ãšã¹ããã±ããã®éä¿¡
NE,PE P873
arp timeout åçãšã³ããªã ARPãã£ãã·ã¥ã«æ®ãæéãèšå®
GC P874
clear arp-cache ARPãã£ãã·ã¥ããå šãŠã®åçãšã³ããªãåé€
PE P875
show arp ARPãã£ãã·ã¥ã衚瀺 NE,PE P870
868 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ip address
æ¬æ©ãžã® IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip address [ ip-address netmask | bootp | dhcp ]
no ip address
⢠ip-address â IPã¢ãã¬ã¹
⢠netmask â ãµãããããã¹ã¯
⢠bootp â IPã¢ãã¬ã¹ã BOOTPããååŸããŸãã
⢠dhcp â IPã¢ãã¬ã¹ã DHCPããååŸããŸãã
åæèšå®
IPã¢ãã¬ã¹ïŒ192.168.1.10
ãµãããããã¹ã¯ïŒ255.255.255.0
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒVLANïŒ
ã³ãã³ã解説
⢠管ççšã«ãããã¯ãŒã¯çµç±ã§æ¬æ©ãžã¢ã¯ã»ã¹ããå ŽåãIPã¢ãã¬ã¹ã®èšå®ãå¿ é ãšãªããŸããæå㧠IPã¢ãã¬ã¹ãå ¥åããæ¹æ³ãšãBOOTPãDHCPã䜿çšããŠèªå㧠IPã¢ãã¬ã¹ãååŸããæ¹æ³ããããŸãã
⢠bootpå㯠dhcpãéžæããå ŽåãBOOTPå㯠DHCPããã®å¿çããããŸã§ IPã¢ãã¬ã¹ã¯èšå®ãããŸãããIPã¢ãã¬ã¹ãååŸããããã®ãªã¯ãšã¹ãã¯åšæçã«ãããŒããã£ã¹ãã§éä¿¡ãããŸãïŒBOOTPåã³ DHCPã«ãã£ãŠååŸã§ããã®ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯åã³ããã©ã«ãã²ãŒããŠã§ã€ã®å€ã§ãïŒBOOTPå㯠DHCPã«å¯ŸãããããŒããã£ã¹ããªã¯ãšã¹ã㯠"ip dhcp restart"ã³ãã³ãã䜿çšããããæ¬æ©ãåèµ·åãããå Žåã«è¡ãããŸãã
äŸ
æ¬äŸã§ã¯ãVLAN 1ã«å¯Ÿã㊠IPã¢ãã¬ã¹ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
ip dhcp restart clientïŒP865ïŒipv6 addressïŒP872ïŒ
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.5 255.255.255.0Console(config-if)#
869FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ip default-gateway
ã»ã°ã¡ã³ããããããã¹ã€ãããšç®¡ç端æ«ãæ¥ç¶ããããã®ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ããã©ã«ãã²ãŒããŠã§ã€ãåé€ããŸãã
ææ³
ip default-gateway gateway
no ip default-gateway
⢠gateway â ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ç°ãªãã»ã°ã¡ã³ãã«ç®¡ç端æ«ãèšçœ®ãããŠããå Žåã«ã¯å¿ ãèšå®ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
ipv6 default-gatewayïŒP877ïŒ
show ip default-gateway
ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip default-gateway ïŒP870ïŒ
Console(config)#ip default-gateway 10.1.1.254Console(config)#
Console#show ip redirectsip default gateway 10.1.0.254Console#
870 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ip interface
IPã€ã³ã¿ãã§ãŒã¹ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip address ïŒP869ïŒshow ipv6 interfaceïŒP887ïŒ
Console#show ip interfaceVlan 1 is Administrative Up - Link Down Address is 00-12-CF-F3-DE-46 (via 00-12-CF-F3-DE-46) Index: 1001, MTU: 1500, Bandwidth: 1g Address Mode is User specified IP Address: 192.168.1.1 Mask: 255.255.255.0 Proxy ARP is disabledConsole#
871FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
traceroute
This command shows the route packets take to the specified destination.
ææ³
traceroute host
⢠host â IPã¢ãã¬ã¹ãŸãã¯ãã¹ããšã€ãªã¢ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠" traceroute"ã³ãã³ãã¯æå®ããããã£ã¹ãã£ããŒã·ã§ã³ãžã®å°éã«åããã¹ã決å®ããããã«äœ¿çšãããŸãã
äŸ
Console#traceroute 192.168.0.1Press "ESC" to abort.
Source address: 192.168.0.9Destination address: 192.168.0.1
Hop IP Address ãããPacket 1 ããããPacket 2 ãããPacket 3------------------------------------------------------------------------
ã1 ãã192.168.0.1 ãããã<10 ms ãããããã<10 ms ããããã<10 ms
Trace completed.Console#
872 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ping
ãããã¯ãŒã¯äžã®ä»ã®ããŒãã«å¯Ÿã ICMP echoãªã¯ãšã¹ããã±ãããéä¿¡ããŸãã
ææ³
ping host { count count } {size size }
⢠host â ãã¹ãã® IPã¢ãã¬ã¹ /ãšã€ãªã¢ã¹
⢠size â ãã±ããã®ãµã€ãº (bytes)ïŒç¯å² 32-512ãåæèšå®ïŒ32ïŒãããæ å ±ãä»å ããããããå®éã®ãã±ãããµã€ãºã¯èšå®ããå€ãã 8bytes倧ãããªããŸãã
⢠count â éä¿¡ãããã±ããæ°ïŒç¯å²ïŒ1-16ãåæèšå®ïŒ5ïŒ
åæèšå®
CountïŒ5SizeïŒ32bytes
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠pingã³ãã³ãã䜿çšããããšã§ãããã¯ãŒã¯ã®ä»ã®å ŽæïŒç«¯æ«ãªã©ïŒã«æ¥ç¶ãããŠããã確èªããããšãã§ããŸãã
⢠pingã³ãã³ãã®çµæã¯ä»¥äžã®ãããªå 容ãšãªããŸãïŒ
ïŒ Normal response â æ£åžžãªã¬ã¹ãã³ã¹ã¯ããããã¯ãŒã¯ã®ç¶æ ã«äŸåããŠã1ïœ 10ç§ã§çããŸã
ïŒ Destination does not respond â ãã¹ããå¿çããªãå Žåã"timeout"ã 10ç§ä»¥å ã«è¡šç€ºãããŸã
ïŒ Destination unreachable â ç®çã®ãã¹ãã«å¯Ÿããã²ãŒããŠã§ã€ãèŠã€ãããªãå Žå
ïŒ Network or host unreachable â ã²ãŒããŠã§ã€ãç®çãšãªãã«ãŒãããŒãã«ãèŠã€ããããªãå Žå
⢠<ESC>ããŒãæŒããš PingãäžæãããŸãã
äŸ
é¢é£ããã³ãã³ã
interfaceïŒP616ïŒ
Console#ping 10.1.0.9Type ESC to abort.PING to 10.1.0.9, by 5 32-byte payload ICMP packets, timeout is 5 secondsresponse time: 10 msresponse time: 10 msresponse time: 10 msresponse time: 10 msresponse time: 10 msPing statistics for 10.1.0.9:5 packets transmitted, 5 packets received (100%), 0 packets lost (0%)Approximate round trip times:Minimum = 10 ms, Maximum = 20 ms, Average = 10 msConsole#
873FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
4.25.2 ARPèšå®
arp timeout
Address Resolution Protocol (ARP) ãã£ãã·ã¥ã®åçãšã³ããªã®ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãã¿ã€ã ã¢ãŠããåæå€ã«æ»ããŸãã
ææ³
arp timeout seconds no arp timeout
⢠seconds â åçãšã³ããªã ARPãã£ãã·ã¥ã«æ®ãæéïŒç¯å²ïŒ300-86400ç§ïŒ
åæèšå®
1200ç§ïŒ20åïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ARPãšã³ããªã®æéãåããæãããã¯ãã£ãã·ã¥ããåé€ãããMACã¢ãã¬ã¹ãå確ç«ããããã« ARPãªã¯ãšã¹ããã±ãããéãããŸãã
⢠ãšãŒãžã³ã°ã¿ã€ã ã¯ãåçãšã³ããªãããã£ãã·ã¥ã«ã©ãã ãã®éæ®ããã決å®ããŸããã¿ã€ã ã¢ãŠããçããããšãããŒãã«ããã¢ãã¬ã¹ãé »ç¹ã«ã¯ãªã¢ãããŠããŸããããã«ãŒã¿ãŒã ARPãªã¯ãšã¹ããç¹°ãè¿ãããšã«ãã£ãŠãªãœãŒã¹ãæ¶è²»ããŠããŸããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
arp timeout åçãšã³ããªã ARPãã£ãã·ã¥ã«æ®çããæéãèšå®
IC P874
clear arp-cache ARPãã£ãã·ã¥ããå šãŠã®åçãšã³ããªãåé€
GC P875
show arp ARPãã£ãã·ã¥ã®ãšã³ããªã衚瀺 PE P875
Console(config)#arp timeout 900
Console(config)#
874 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
clear arp-cache
Address Resolution Protocol (ARP)ãã£ãã·ã¥ããå šãŠã®åçãšã³ããªãåé€ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show arp
ARPãã£ãã·ã¥ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯å¯Ÿå¿ãã IPã¢ãã¬ã¹ãMACã¢ãã¬ã¹ãã¿ã€ãïŒåçãŸã㯠otherïŒãVLANã€ã³ã¿ãã§ãŒã¹ãå«ããARPãã£ãã·ã¥ã«ã€ããŠã®æ å ±ã衚瀺ããŸãããšã³ããªã¿ã€ã "other"ã¯æ¬æ©ã®ããŒã«ã«ã¢ãã¬ã¹ã瀺ããŸãã
äŸ
Console#clear arp-cacheThis operation will delete all the dynamic entries in ARP Cache.Are you sure to continue this operation (y/n)?yConsole#
Console#show arp
IP Address ãããMAC Address ãããããããType Interface
--------------- ----------------- ã--------- -----------
192.168.0.1 ãã00-01-ec-f8-d8-c6 ã dynamic 1
192.168.0.2 ãã00-12-cf-12-34-56 ã other 1
192.168.0.3 ãã00-10-b5-62-03-74 ã dynamic 1
Total entry : 3Console#
875FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
4.25.3 IPv6ã€ã³ã¿ãã§ãŒã¹èšå®
æ¬æ©ã¯ä»¥äžã® IPv6ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãããµããŒãããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹èšå®ãšãŠãŒãã£ãªãã£
ipv6 default-gateway ãã©ãã£ãã¯ã® IPv6ããã©ã«ãã²ãŒããŠã§ã€ãèšå® GC P877
ipv6 addressIPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã®èšå®ãšãã€ã³ã¿ãã§ãŒã¹ã® IPv6ãæå¹å
IC P878
ipv6 addressautoconfig
ã€ã³ã¿ãã§ãŒã¹ã® IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã®èªåèšå®ãšãšãã€ã³ã¿ãã§ãŒã¹ã® IPv6æå¹å
IC P880
ipv6 address eui-64ããŒãªãŒã㌠64ãããã® EUI-64ã€ã³ã¿ãã§ãŒã¹ IDã䜿çšããŠãã€ã³ã¿ãã§ãŒã¹ã® IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ãšãã€ã³ã¿ãã§ãŒã¹ã® IPv6æå¹å
IC P881
ipv6 address link-local
ã€ã³ã¿ãã§ãŒã¹ã® IPV6ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã®èšå®ãšãã€ã³ã¿ãã§ãŒã¹ã® IPv6æå¹å
IC P883
ipv6 enableæ瀺ç IPv6ã¢ãã¬ã¹ã§èšå®ãããŠããªãã€ã³ã¿ãã§ãŒã¹ã§ IPv6ãæå¹å
IC P884
ipv6 mtuã€ã³ã¿ãã§ãŒã¹ã«éããã IPv6ãã±ããã® maximum transmission unit (MTU)ã®ãµã€ãºãèšå®
IC P885
show ipv6default-gateway çŸåšã® IPv6ããã©ã«ãã²ãŒããŠã§ã€ã衚瀺 NE,PE P886
show ipv6 interface ãŠãŒã¶ããªãã£ããã³ IPv6ã€ã³ã¿ãã§ãŒã¹ã衚瀺 NE,PE P887
show ipv6 mtu IPv6ã€ã³ã¿ãã§ãŒã¹ã®maximum transmission unit (MTU)æ å ±ã衚瀺
NE,PE P889
show ipv6 traffic IPv6ãã©ãã£ãã¯ã®çµ±èšã衚瀺 NE,PE P890
clear ipv6 traffic IPv6ãã©ãã£ãã¯ã«ãŠã³ã¿ããªã»ãã PE P895
ping6 ãããã¯ãŒã¯äžã®ä»ã®ããŒãã« IPv6 ICMPãšã³ãŒãªã¯ãšã¹ããã±ãããéä¿¡
PE P896
è¿é£æ¢çŽ¢
ipv6 nd dad attempts éè€ã¢ãã¬ã¹æ€åºã®éã«éä¿¡ãããé£ç¶ããè¿é£èŠè«ã¡ãã»ãŒãžã®æ°ãèšå®
IC P897
ipv6 nd ns-interval ã€ã³ã¿ãã§ãŒã¹ã® IPv6è¿é£èŠè«å転éã®éã®ééãèšå® IC P899
ipv6 nd reachable-time
ããããã®å°éå¯èœæ§ç¢ºèªã€ãã³ããèµ·ãã£ãåŸããªã¢ãŒã IPv6ããŒããå°çå¯èœã§ãããšæšæž¬ãããæéãèšå®
IC P900
clear ipv6 neighbors Ipv6è¿é£æ¢çŽ¢ãã£ãã·ã¥ã®å šãŠã®åçãšã³ããªãåé€ PE P900
show ipv6 neighbors Ipv6è¿é£æ¢çŽ¢ãã£ãã·ã¥ã®æ å ±ã衚瀺 PE P901
876 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 default-gateway
éä¿¡å ãç°ãªããããã¯ãŒã¯ã»ã°ã¡ã³ãã«ããå Žåã«äœ¿çšãããIPv6ããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãåã«èšå®ãããããã©ã«ãã²ãŒããŠã§ã€ãåé€ããŸãã
ææ³
ipv6 default-gateway ipv6-address
no ipv6 address
⢠ipv6-address â éä¿¡å ãç°ãªããããã¯ãŒã¯ã»ã°ã¡ã³ãã«ããå Žåã«äœ¿çšãããããã©ã«ããã¯ã¹ããããã«ãŒã¿ã® IPv6ã¢ãã¬ã¹
åæèšå®
ããã©ã«ãã²ãŒããŠã§ã€ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
â¢ å šãŠã® IPv6ã¢ãã¬ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
⢠åããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ããç°ãªããŸãŒã³ã®ç°ãªãã€ã³ã¿ãã§ãŒã¹ /ããŒãã§äœ¿çšãããŸãïŒRFC4007ïŒãåŸã£ãŠããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãæå®ããéã%ã®åŸã«VLANèå¥åã瀺ããŸãŒã³ IDæ å ±ãå«ã¿ãŸããäŸãã°ãFE80::7272%1㯠Pingãéãããã€ã³ã¿ãã§ãŒã¹ãšã㊠VLAN1ãèå¥ããŸãã
⢠éä¿¡å ãç°ãªããããã¯ãŒã¯ã»ã°ã¡ã³ãã«ãããIPv6ã¢ãã¬ã¹ãã¢ãµã€ã³ãããŠããå ŽåãIPv6ããã©ã«ãã²ãŒããŠã§ã€ãå®çŸ©ããå¿ èŠããããŸãã
⢠ã²ãŒããŠã§ã€ã«çŽæ¥æ¥ç¶ãããŠãããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ããã¹ã€ããäžã«èšå®ãããå ŽåãIPv6ããã©ã«ãã²ãŒããŠã§ã€ã¯èšå®ã«æåããŸãã
äŸ
é¢é£ããã³ãã³ã
show ipv6 default-gatewayïŒP886ïŒip default-gatewayïŒP870ïŒ
Console(config)#ipv6 default-gateway FE80::269:3EF9:FE19:6780%1Console(config)#
877FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 address
IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã®èšå®ãšãã€ã³ã¿ãã§ãŒã¹ã® IPv6ãæå¹ã«ããŸããåŒæ°ç¡ã㧠"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹ã®å šãŠã® IPv6ã¢ãã¬ã¹ãåé€ããŸãã"no"ãåã«çœ®ã IPv6ã¢ãã¬ã¹ãæå®ããããšã§ãã€ã³ã¿ãã§ãŒã¹ãããã®ã¢ãã¬ã¹ãåé€ããŸãã
ææ³
[no] ipv6 address ipv6-address / prefix-length
⢠ipv6-address â ãããã¯ãŒã¯ãã¬ãã£ãã¯ã¹ãšãã¹ãã¢ãã¬ã¹ããããå«ãããã«IPv6ã¢ãã¬ã¹ã
⢠prefix-length â ããã€ã®é£ç¶çãªã¢ãã¬ã¹ã®ãããïŒå·ŠããïŒããæ§æãããŠãããã瀺ã 10é²æ°å€ïŒã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšïŒ
åæèšå®
ããã©ã«ãã²ãŒããŠã§ã€ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
â¢ å šãŠã® IPv6ã¢ãã¬ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã« 1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
⢠è€æ°ã®ãµãããããæã€ã倧ããªãããã¯ãŒã¯ã«æ¥ç¶ããå Žåãã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãããã®ã¢ãã¬ã¹ã¯ããã§èª¬æããã³ãã³ãã«ãã£ãŠæåã§èšå®ãããã" ipv6 address autoconfig"ã³ãã³ãïŒP880ïŒã䜿çšããŠèªåã§èšå®ããããšãåºæ¥ãŸãã
⢠ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ããŸã ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŠããªãå Žåããã®ã³ãã³ãã¯æå®ããéçã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãå²ãåœãŠãã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ãåçã«çæããŸããïŒãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ FE80ã®ãã¬ãã£ãã¯ã¹ã¢ãã¬ã¹ãšãã¹ã€ããã® EUI-64ãã©ãŒãããã§ä¿®æ£ããã MACã¢ãã¬ã¹ãåºã«ãããã¹ãéšããäœæãããŸããïŒ
⢠éè€ã¢ãã¬ã¹ãæ€åºãããå Žåãã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãã
878 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
äŸ
é¢é£ããã³ãã³ã
ipv6 address eui-64ïŒP881ïŒipv6 address autoconfigïŒP880ïŒshow ipv6 interfaceïŒP887ïŒip addressïŒP869ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 address 2001:DB8:2222:7272::72/96Console(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address:
ãFE80::2E0:CFF:FE00:FD/64Global unicast address(es):
ã2001:DB8:2222:7272::72/96, subnet is 2001:DB8:2222:7272::/96Joined group address(es):FF02::1:FF00:72FF02::1:FF00:FDFF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
879FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 address autoconfig
ã€ã³ã¿ãã§ãŒã¹äžã§ã® IPv6ã¢ãã¬ã¹ã®ã¹ããŒãã¬ã¹ãªãŒãããŽã·ãšãŒã·ã§ã³ãšã€ã³ã¿ãã§ãŒã¹ã®IPv6ãæå¹ã«ããŸããã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã¯ãIPv6ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã§åä¿¡ããããã¬ãã£ãã¯ã¹ãåºã«ããŸãããã¹ãéšã¯ã€ã³ã¿ãã§ãŒã¹èå¥åããç·šéããã EUI-64ãåºã«ããŠããŸãã"no"ãåã«çœ®ãããšã§ãã®ã³ãã³ãã§çæãããã¢ãã¬ã¹ãåé€ããŸãã
ææ³
ipv6 address autoconfigno ipv6 address autoconfig
åæèšå®
IPv6ã¢ãã¬ã¹ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ããŸã ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŠããªãå Žåããã®ã³ãã³ãã¯æå®ããéçã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãå²ãåœãŠãã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ãåçã«çæããŸããïŒãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ FE80ã®ãã¬ãã£ãã¯ã¹ã¢ãã¬ã¹ãšãã¹ã€ããã® EUI-64ãã©ãŒãããã§ä¿®æ£ãããMACã¢ãã¬ã¹ãåºã«ãããã¹ãéšããäœæãããŸããïŒ
⢠éè€ã¢ãã¬ã¹ãæ€åºãããå Žåãã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãã
⢠ã«ãŒã¿ã¢ããã¿ã€ãºã¡ã³ãã "other stateful configuration"ãã©ã°ã»ãããæã€å Žåãã¹ã€ããã¯ä»ã®éã¢ãã¬ã¹èšå®æ å ±ãç²åŸããããšè©Šã¿ãŸãïŒããã©ã«ãã²ãŒããŠã§ã€çïŒ
äŸ
é¢é£ããã³ãã³ã
ipv6 addressïŒP878ïŒshow ipv6 interfaceïŒP887ïŒ
Console(config-if)#ipv6 address autoconfigConsole(config-if)#ipv6 enableConsole(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address: FE80::2E0:CFF:FE00:FD/64Global unicast address(es): 2001:DB8:2222:7272:2E0:CFF:FE00:FD/64, subnet is 2001:DB8:2222:7272::/ 64[AUTOCONFIG] valid lifetime 2591628 preferred lifetime 604428Joined group address(es):FF02::1:FF00:FDFF02::1IPv6 link MTU is 1280 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
880 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 address eui-64
ããŒãªãŒã㌠64ãããã® EUI-64ã€ã³ã¿ãã§ãŒã¹ IDã䜿çšããã€ã³ã¿ãã§ãŒã¹ã®ãIPv6ã¢ãã¬ã¹ãèšå®ããã€ã³ã¿ãã§ãŒã¹äžã§ IPv6ãæå¹ã«ããŸããåŒæ°ç¡ã㧠"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹ãããæåèšå®ãããå šãŠã® IPv6ã¢ãã¬ã¹ãåé€ããŸãã"no"ãåã«çœ®ã IPv6ã¢ãã¬ã¹ãæå®ããããšã§ãã€ã³ã¿ãã§ãŒã¹ãããã®ã¢ãã¬ã¹ãåé€ããŸãã
ææ³
ipv6 address ipv6-prefix / prefix-length eui-64no ipv6 address [ ipv6-prefix / prefix-length eui-64 ]
⢠ipv6-prefix âã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ãããã¢ãã¬ã¹ã® IPv6ãããã¯ãŒã¯éš
⢠prefix-length â ããã€ã®é£ç¶çãªã¢ãã¬ã¹ã®ãããïŒå·ŠããïŒããæ§æãããŠãããã瀺ã 10é²æ°å€ïŒã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšïŒ
åæèšå®
IPv6ã¢ãã¬ã¹ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã¬ãã£ãã¯ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
⢠ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ããŸã ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŠããªãå Žåããã®ã³ãã³ãã¯æå®ããéçã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãå²ãåœãŠãã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ãåçã«çæããŸããïŒãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ FE80ã®ãã¬ãã£ãã¯ã¹ã¢ãã¬ã¹ãšãã¹ã€ããã® EUI-64ãã©ãŒãããã§ä¿®æ£ããã MACã¢ãã¬ã¹ãåºã«ãããã¹ãéšããäœæãããŸããïŒ
⢠IPv6ãã¬ãã£ãã¯ã¹ã§æå®ãããå€ã¯ãæå®ããããã¬ãã£ãã¯ã¹é·ã 64ããã以äžã®å Žåããã€ãªãŒããŒãã¹ããããã®å¹Ÿã€ããå«ãããšã«ã泚æãã ãããæå®ããããã¬ãã£ãã¯ã¹é·ã 64ããããè¶ ããå Žåãã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã¯ã€ã³ã¿ãã§ãŒã¹èå¥åããåªå ãããŸãã
⢠éè€ã¢ãã¬ã¹ãæ€åºãããå Žåãã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãã
⢠IPv6ã¢ãã¬ã¹ã®é·ã㯠16ãã€ãã§ãæäžäœ 8ãã€ããäžè¬ã«è£ 眮㮠MACã¢ãã¬ã¹ã«åºã¥ããŠãŠããŒã¯ãªãã¹ãèå¥åã圢æããŸããEUI-64ä»æ§ã¯æ¡åŒµããã 8ãã€ãMACã¢ãã¬ã¹ã䜿çšããããã€ã¹ã®ããã«èšèšãããŠããŸããäŸç¶ 6ãã€ãMACã¢ãã¬ã¹ïŒEUI-48ãã©ãŒããããšããŠç¥ãããïŒã䜿çšããããã€ã¹ã®ãããããã¯ã¢ãã¬ã¹ã®ãŠãããŒãµã« /ããŒã«ã«ããããå転ããäžäžã® MACã¢ãã¬ã¹ã® 3ãã€ãã®éã« 16é²æ° FFFEãæ¿å ¥ããããšã«ãã£ãŠãEUI-64ãã©ãŒãããã«å€æãããªããŠã¯ãªããŸãããäŸãã°ãããããã€ã¹ã 28-9F-18-1C- 82-35ã® EUI-48ã¢ãã¬ã¹ãæã€å Žåãã°ããŒãã« /ããŒã«ã«ããã㯠28ã 2Aã«å€ããŠãã EUI-64å¿ èŠæ¡ä»¶ãæºããçºãæåã«å転ãããªããŠã¯ãªããŸããããããŠã2ãã€ã FFFEã OUIïŒOrganizationally
881FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
Unique IdentifierãŸã㯠Company IdentifierïŒã®éã«æ¿å ¥ãããæ®ãã®ã¢ãã¬ã¹ãã2A-9F-18-FF-FE-1C-82-35ã®ã¢ãã£ãã¡ã€ã EUI-64ã€ã³ã¿ãã§ãŒã¹èå¥åãçµæãšããŠãããããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ç°ãªããµããããã«ä»å±ããéãããã®ãã¹ãã¢ãã¬ãã·ã³ã°ã¡ãœããã¯ãåãã€ã³ã¿ãã§ãŒã¹èå¥åã 1ã€ã®ããã€ã¹ã®è€æ°ã® IPã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšãããããšãå¯èœã«ããŸãã
äŸ
é¢é£ããã³ãã³ã
ipv6 address autoconfigïŒP880ïŒshow ipv6 interfaceïŒP887ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 address 2001:0DB8:0:1::/64 eui-64Console(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address: FE80::2E0:CFF:FE00:FD/64Global unicast address(es): 2001:DB8::1:2E0:CFF:FE00:FD/64, subnet is 2001:DB8::1:0:0:0:0/64[EUI] 2001:DB8:2222:7272::72/96, subnet is 2001:DB8:2222:7272::/96[EUI]Joined group address(es):FF02::1:FF00:72FF02::1:FF00:FDFF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
882 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 address link-local
ã€ã³ã¿ãã§ãŒã¹ã® IPv6ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãèšå®ããã€ã³ã¿ãã§ãŒã¹äžã® IPv6ãæå¹ã«ããŸããåŒæ°ç¡ã㧠"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹ãããæåèšå®ãããå šãŠã® IPv6ã¢ãã¬ã¹ãåé€ããŸãã"no"ãåã«çœ®ã IPv6ã¢ãã¬ã¹ãæå®ããããšã§ãã€ã³ã¿ãã§ãŒã¹ãããã®ã¢ãã¬ã¹ãåé€ããŸãã
ææ³
ipv6 address ipv6-address link-localno ipv6 address [ ipv6-address link-local ]
⢠ipv6-address âã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ããã IPv6ã¢ãã¬ã¹
åæèšå®
IPv6ã¢ãã¬ã¹ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠æå®ãããã¢ãã¬ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã1ã€ã®ããã«ã³ãã³ã䜿çšãããã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã¯ FE80ã«ãªããŸãã
⢠ãã®ã³ãã³ãã§æå®ãããã¢ãã¬ã¹ã¯ãã€ã³ã¿ãã§ãŒã¹ã«èªåã§çæããããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã眮ãæããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ããšã«è€æ°ã® IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ãèšå®ã§ããŸãããã€ã³ã¿ãã§ãŒã¹ã«ä»ããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã¯ 1ã€ã®ã¿ã§ãã
⢠éè€ã¢ãã¬ã¹ãæ€åºãããå Žåãã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãã
äŸ
é¢é£ããã³ãã³ã
ipv6 enableïŒP884ïŒshow ipv6 interfaceïŒP887ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 address FE80::269:3EF9:FE19:6779 link-localConsole(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address: FE80::269:3EF9:FE19:6779/64Global unicast address(es): 2001:DB8::1:2E0:CFF:FE00:FD/64, subnet is 2001:DB8::1:0:0:0:0/64[EUI] 2001:DB8:2222:7272::72/96, subnet is 2001:DB8:2222:7272::/96[EUI]Joined group address(es):FF02::1:FF19:6779FF02::1:FF00:72FF02::1:FF00:FDFF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 millisecondsConsole#
883FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 enable
æ瀺ç IPv6ã¢ãã¬ã¹ã§èšå®ãããŠããªãã€ã³ã¿ãã§ãŒã¹äžã§ IPv6ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãæ瀺ç IPv6ã¢ãã¬ã¹ã§èšå®ãããŠããªãã€ã³ã¿ãã§ãŒã¹äžã§ IPv6ãç¡å¹ã«ããŸãã
ææ³
ipv6 enableno ipv6 enable
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãçŸåšã® VLANã€ã³ã¿ãã§ãŒã¹ã§ IPv6ãæå¹ã«ããèªåçã«ãªã³ã¯ããŒã«ã«ãŠããã£ã¹ãã¢ãã¬ã¹ãçæããŸããã¢ãã¬ã¹ãã¬ãã£ãã¯ã¹ã¯ FE80ã䜿çšããã¢ãã¬ã¹ã®ãã¹ãéšã¯ã¹ã€ããã® MACã¢ãã¬ã¹ã modified EUI-64圢åŒïŒP881ïŒã«å€æããããšã«ãã£ãŠçæãããŸãããã®ã¢ãã¬ã¹ã¿ã€ãã¯åãããŒã«ã«ãµããããã«ä»å±ããå šãŠã®ããã€ã¹ã®ããã«ãIPv6äžã§ã®ã¹ã€ããã®ã¢ã¯ã»ã¹ãå¯èœã«ããŸãã
⢠éè€ã¢ãã¬ã¹ãæ€åºãããå Žåãã³ã³ãœãŒã«ãžèŠåã¡ãã»ãŒãžãéãããŸãã
⢠"no ipv6 enable"ã³ãã³ãã¯ãIPv6ã¢ãã¬ã¹ã§æ瀺çã«èšå®ãããã€ã³ã¿ãã§ãŒã¹ã® IPv6ãç¡å¹ã«ããŸããã
äŸ
é¢é£ããã³ãã³ã
ipv6 address link-localïŒP883ïŒshow ipv6 interfaceïŒP887ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 enableConsole(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address:
ãFE80::2E0:CFF:FE00:FD/64Global unicast address(es):
ã2001:DB8:2222:7273::72/96, subnet is 2001:DB8:2222:7273::/96Joined group address(es):FF02::1:FF00:72FF02::1:FF00:FDFF02::1IPv6 link MTU is 1280 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
884 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 mtu
ã€ã³ã¿ãã§ãŒã¹ã§éããã IPv6ãã±ããã® maximum transmission unit (MTU)ã®ãµã€ãºãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ipv6 mtu sizeno ipv6 mtu
⢠size âMTUãµã€ãºãæå® ïŒç¯å²ïŒ1280-65535 bytesïŒ
åæèšå®
1500bytes
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠IPv6ã«ãŒã¿ã¯ãä»ã®ã«ãŒã¿ãã転éããã IPv6ãã±ããããã©ã°ã¡ã³ãããŸããããIPv6ã«ãŒã¿ãžæ¥ç¶ãããŠãããšã³ãã¹ããŒã·ã§ã³ããå§ãŸã£ãŠãããã©ãã£ãã¯ã¯ãã©ã°ã¡ã³ãããŸãã
⢠åãç©çåªäœäžã®å šãŠã®è£ 眮ã¯æ£ç¢ºã«çšŒåããããã«åã MTUã䜿çšããŸãã
⢠MTUãã»ããããåã«ãã€ã³ã¿ãã§ãŒã¹ã§ IPv6ãæå¹ã«ããŸãã
äŸ
é¢é£ããã³ãã³ã
show ipv6 mtuïŒP889ïŒjumbo frameïŒP400ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 mtu 1280Console(config-if)#
885FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ipv6 default-gateway
çŸåšã® IPv6ããã©ã«ãã²ãŒããŠã§ã€ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show ipv6 default-gatewayIPv6 default gateway 2001:DB8:2222:7272::254
Console#
886 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ipv6 interface
ãã®ã³ãã³ãã¯ãèšå®ããã IPv6ã€ã³ã¿ãã§ãŒã¹ã衚瀺ããŸãã
ææ³
show ipv6 interface [ brief [ vlan vlan-id [ ipv6-prefix / prefix-length ] ] ]
⢠brief â IPv6ãªãã¬ãŒã·ã§ãã«ã¹ããŒã¿ã¹ãšããããã®ã€ã³ã¿ãã§ãŒã¹ã«èšå®ãããã¢ãã¬ã¹ã®çãèŠçŽã衚瀺
⢠vlan-id âVLAN ID ïŒç¯å²ïŒ1-4093ïŒ
⢠ipv6-prefix âã€ã³ã¿ãã§ãŒã¹ã«ã¢ãµã€ã³ãããã¢ãã¬ã¹ã® IPv6ãããã¯ãŒã¯éšããã¬ãã£ãã¯ã¹ã¯ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒããããããªããŠã¯ãªããŸããã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã« 1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
⢠prefix-length â ããã€ã®é£ç¶çãªã¢ãã¬ã¹ã®ãããïŒå·ŠããïŒããæ§æãããŠãããã瀺ã 10é²æ°å€ïŒã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšïŒ
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address: FE80::2E0:CFF:FE00:FD/64Global unicast address(es): 2001:DB8:2222:7273::72/96, subnet is 2001:DB8:2222:7273::/96Joined group address(es):FF02::1:FF00:72FF02::1:FF00:FDFF02::1IPv6 link MTU is 1280 bytesND DAD is enabled, number of DAD attempts: 3.ND retransmit interval is 1000 milliseconds
Console#
887FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ãã®äŸã¯ã¹ã€ããäžã«èšå®ããã IPv6ã¢ãã¬ã¹ã®ç°¡åãªãŸãšãã衚瀺ããŠããŸãã
é¢é£ããã³ãã³ã
show ip interfaceïŒP871ïŒ
ãIpv6ã€ã³ã¿ãã§ãŒã¹ã®è¡šç€º
é ç® è§£èª¬
VLAN
ã¹ã€ããããã®ã€ã³ã¿ãã§ãŒã¹ã§ãã±ããã®éåä¿¡ãè¡ããæã"UP"ãããŒã¯ãããŸããã©ã€ã³ã·ã°ãã«ãç¡ãæã« "down"ããŸãã¯ã€ã³ã¿ãã§ãŒã¹ã管çè ã«ãã£ãŠç¡å¹ã«ãããŠããæ "administratively down"ãããŒã¯ãããŸãã
IPv6
ã¹ã€ããããã®ã€ã³ã¿ãã§ãŒã¹ã§ IPãã©ãã£ãã¯ã®éåä¿¡ãè¡ããæãIPv6㯠"enable"ãããŒã¯ãããŸããã¹ã€ãããã€ã³ã¿ãã§ãŒã¹ã§ IPãã©ãã£ãã¯ã®éåä¿¡ãè¡ããªãæ㯠"disable"ãŸãã¯ãã€ã³ã¿ãã§ãŒã¹äžã§éè€ã¢ãã¬ã¹ãæ€åºãããæã« "stalled"ãããŒã¯ãããŸãã
Link-local address ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŠãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã衚瀺
Global unicast address(es)
ãã®ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŠããã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã衚瀺
Joined group address(es)
ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠããããŠããã£ã¹ãã¢ãã¬ã¹ã«å ãããã¹ãã¯ãŸããå šãŠã®ããŒãã®ãã«ããã£ã¹ãã¢ãã¬ã¹ FF01::1ïŒã€ã³ã¿ãã§ãŒã¹ -ããŒã«ã«ç¯å²ïŒããã³FF02::1ïŒãªã³ã¯ããŒã«ã«ç¯å²ïŒãèŽåããå¿ èŠããããŸãã
ND DAD ïŒè¿é£æ¢çŽ¢ïŒéè€ã¢ãã¬ã¹æ€çŽ¢ãæå¹ãç¡å¹ãã瀺ããŸãã
number of DAD attempts éè€ã¢ãã¬ã¹æ€çŽ¢ã®éã«ãã€ã³ã¿ãã§ãŒã¹ã§éãããé£ç¶ããè¿é£èŠè«ã¡ãã»ãŒãžã®æ°
ND retransmit interval éè€ã¢ãã¬ã¹æ€çŽ¢ã®éã«ãã€ã³ã¿ãã§ãŒã¹ã§éãããIPv6è¿é£èŠè«åéã®éé
Console#show ipv6 interface brief
Interface ãããããVLAN ãããIPv6 ããããIPv6 Address--------------- ---------- ---------- ----------------------------------
VLAN 1 ãããããããUp ãããããUp ãããã2001:DB8:2222:7273::72/96VLAN 1 ãããããããUp ãããããUp ããããFE80::2E0:CFF:FE00:FD%1/64Console#
888 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ipv6 mtu
å容å¯èœãª MTUãšå ±ã«ãIGMP packet-too-bigã¡ãã»ãŒãžãæ¬æ©ã«è¿ãéä¿¡å ã® maximum transmission unit (MTU)ãã£ãã·ã¥ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
â»ã¹ã€ããã« IPv6ã¢ãã¬ã¹ãå²ãåœãŠãããŠããªãå Žåããããã®æ å ±ã¯è¡šç€ºãããŸããã
Console#show ipv6 mtu
MTU ãããSinceããã Destination Address
1400ãã 00:04:21 ãã5000:1::3
1280ãã 00:04:50ãã FE80::203:A0FF:FED6:141DConsole#
ãIPv6 MTUã®è¡šç€º
é ç® è§£èª¬
MTUãã®ç®çå°ããè¿ããã ICMP" packet-too-big"ã¡ãã»ãŒãžã«å«ãŸããã調æŽããã MTU
Since ICMP "packet-too-big"ã¡ãã»ãŒãžããã®ç®çå°ããåä¿¡ãããŠããã®æé
Destination Address ICMP "packet-too-big"ã¡ãã»ãŒãžãéãããã¢ãã¬ã¹
889FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ipv6 traffic
ãã®ã¹ã€ãããééãããIPv6ãã©ãã£ãã¯ã«ã€ããŠã®çµ±èšã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show ipv6 trafficIPv6 Statistics:IPv6 recived
ããããããããããtotal received
ããããããããããheader errors
ããããããããããtoo big errors
ããããããããããno routes
ããããããããããaddress errors
ããããããããããunknown protocols
ããããããããããtruncated packets
ããããããããããdiscards
ããããããããããdelivers
ããããããããããreassembly request datarams
ããããããããããreassembled succeeded
ããããããããããreassembled failedIPv6 sent
ããããããããããforwards datagrams
ãããããããã15 requests
ããããããããããdiscards
ããããããããããno routes
ããããããããããgenerated fragments
ããããããããããfragment succeeded
ããããããããããfragment failedICMPv6 Statistics:ICMPv6 received
ããããããããããinput
ããããããããããerrors
ããããããããããdestination unreachable messages
ããããããããããpacket too big messages
ããããããããããtime exceeded messages
ããããããããããparameter problem message
ããããããããããecho request messages
ããããããããããecho reply messages
ããããããããããredirect messages
ããããããããããgroup membership query messages
ããããããããããgroup membership response messages
ããããããããããgroup membership reduction messages
ããããããããããrouter solicit messages
ããããããããããrouter advertisement messages
ããããããããããneighbor solicit messages
ããããããããããneighbor advertisement messages
ããããããããããredirect messages
ïŒç¶ãïŒ
890 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ïŒç¶ãïŒICMPv6 sent
ãããããããã15 output
ããããããããããdestination unreachable messages
ããããããããããpacket too big messages
ããããããããããtime exceeded messages
ããããããããããparameter problem message
ããããããããããecho reply messages
ããããããããã7 router solicit messages
ããããããããã3 neighbor solicit messages
ããããããããããneighbor advertisement messages redirect messages group membership response messages group membership reduction messages UDP Statistics:
ããããããããããneighbor advertisement messages
ããããããããããredirect messages
ããããããããããgroup membership response messages
ããããããããããgroup membership reduction messagesUDP Statistics:
ããããããããããinput
ããããããããããno port errors
ããããããããããother errors
ããããããããããoutputConsole#
IPv6ãã©ãã£ãã¯
é ç® è§£èª¬
IPv6çµ±èšã®è¡šç€º
IPv6åä¿¡
total received ãšã©ãŒã§åä¿¡ãããã®ãå«ããã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ããå ¥åããŒã¿ã°ã©ã ã®ç·æ°ã
header errors
IPv6 ãããã®ãšã©ãŒãåå ã§ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ãããŒãžã§ã³çªå·ã®äžäžèŽããã®ä»ã®ãã©ãŒããããšã©ãŒããããæ°ã®èš±å®¹å€è¶ éãIPv6 ãªãã·ã§ã³ã®åŠçã§æ€åºããããšã©ãŒãªã©ãå«ãŸããŸãã
too big errors ãµã€ãºãéä¿¡ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ MTU ãè¶ ããããã«è»¢éã§ããªãã£ãåä¿¡ããŒã¿ã°ã©ã ã®æ°ã
no routes éä¿¡å ã«éä¿¡ããããã®ã«ãŒããæ€åºãããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
address errors
IPv6 ããããŒã®éä¿¡å ãã£ãŒã«ãå ã® IPv6 ã¢ãã¬ã¹ããã®ãšã³ãã£ãã£ã§åä¿¡ã§ããæå¹ãªã¢ãã¬ã¹ã§ãªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ãã«ã¯ãç¡å¹ãªã¢ãã¬ã¹ïŒ::0 ãªã©ïŒããã³ãµããŒããããŠããªãã¢ãã¬ã¹ïŒæªå²ãåœãŠã®ãã¬ãã£ãã¯ã¹ãæã€ã¢ãã¬ã¹ãªã©ïŒãå«ãŸããŸãã IPv6 ã«ãŒã¿ãŒã§ã¯ãªãããã®ããã«ããŒã¿ã°ã©ã ã転éããªããšã³ãã£ãã£ã«ã€ããŠã¯ããã®ã«ãŠã³ã¿ã®å€ã«ã¯ç Žæ£ãããããŒã¿ã°ã©ã ã®æ°ãå«ãŸããŸããéä¿¡å ã¢ãã¬ã¹ãããŒã«ã«ã¢ãã¬ã¹ã§ã¯ãªãã£ãããã§ãã
891FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
unknown protocols
æ£åžžã«åä¿¡ãããã®ã®ããããã³ã«ãäžæã§ãããããµããŒããããŠããªãããšãåå ã§ç Žæ£ãããããŒã«ã«ã¢ãã¬ã¹æå®ã®ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ããŒã¿ã°ã©ã ã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
truncated packets ããŒã¿ã°ã©ã ãã¬ãŒã ã®ããŒã¿éã足ããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
discards
åŠçã®ç¶ç¶ã劚ãããããªåé¡ãçºçããŠããªãã«ããããããïŒãããã¡é åã®äžè¶³ãªã©ã®çç±ã§ïŒç Žæ£ãããå ¥å IPv6 ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã®å€ã«ã¯ãåæ§æã®åŸ æ©äžã«ç Žæ£ãããããŒã¿ã°ã©ã ã®æ°ã¯å«ãŸããŸããã
delivers
IPv6 ãŠãŒã¶ãŒãããã³ã«ã«æ£åžžã«éä¿¡ãããããŒã¿ã°ã©ã ã®ç·æ°ïŒICMP ãå«ãïŒã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ããŒã¿ã°ã©ã ã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
reassembly requestdatagrams
ãã®ã€ã³ã¿ãã§ãŒã¹ã§åæ§æãããå¿ èŠããããåä¿¡ãã IPv6 ãã©ã°ã¡ã³ãã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ãã©ã°ã¡ã³ãã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
reassembled succeeded
æ£åžžã«åæ§æããã IPv6 ããŒã¿ã°ã©ã ã®æ°ã ãã®ã«ãŠã³ã¿ã¯ããããã®ããŒã¿ã°ã©ã ã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
reassembled failed
IPv6 åæ§æã¢ã«ãŽãªãºã ã«ãã£ãŠæ€åºããããšã©ãŒã®æ°ïŒã¿ã€ã ã¢ãŠããªã©ããšã©ãŒã®çš®é¡ã¯åããŸããïŒã ã¢ã«ãŽãªãºã ã«ãã£ãŠã¯ïŒç¹ã« RFC 815 å ã®ã¢ã«ãŽãªãºã ïŒãã©ã°ã¡ã³ããåä¿¡æã«çµåããŠããŸãããã®æ°ã远跡ã§ããªãããããã®å€ã¯å¿ ãããç Žæ£ããã IPv6 ãã©ã°ã¡ã³ãã®æ°ã§ãããšã¯éããŸããã ãã®ã«ãŠã³ã¿ã¯ããããã®ãã©ã°ã¡ã³ãã®å®å ã®ã€ã³ã¿ãã§ãŒã¹ã§ã€ã³ã¯ãªã¡ã³ããããŸããå®å ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãäžéšã®ãã©ã°ã¡ã³ãã«ãšã£ãŠã¯å¿ ãããå ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå ŽåããããŸãã
IPv6éä¿¡
forwards datagrams
ãã®ãšã³ãã£ãã£ãåä¿¡ããæçµéä¿¡å ã«è»¢éããåºåããŒã¿ã°ã©ã ã®æ°ã IPv6 ã«ãŒã¿ãŒãšããŠåäœããªããšã³ãã£ãã£ã§ã¯ããã®ã«ãŠã³ã¿ã®å€ã«ã¯ããã®ãšã³ãã£ãã£ãä»ã㊠Source-Route ïŒéä¿¡å ã«ãŒãæå®ïŒãããSource-Route ãé©åã«åŠçããããã±ããã®æ°ã®ã¿ãå«ãŸããŸãã æ£åžžã«è»¢éãããããŒã¿ã°ã©ã ã®å Žåã¯ãåºåã€ã³ã¿ãã§ãŒã¹ã®ã«ãŠã³ã¿ãã€ã³ã¯ãªã¡ã³ããããŸãã
IPv6ãã©ãã£ãã¯
892 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
requests
ããŒã«ã« IPv6ãŠãŒã¶ãããã³ã«ïŒICMPãå«ãïŒããã©ã³ã¹ããã·ã§ã³ã®èŠè«ã§ IPv6ã«äŸçµŠãã pv6ããŒã¿ã°ã©ã ã®ç·æ°"ipv6IfStatsOutForwDatagrams"ã§ã«ãŠã³ããããããŒã¿ã°ã©ã ã¯ãã®ã«ãŠã³ã¿ã«å«ãŸããŸããã
discardsåŠçã®ç¶ç¶ã劚ãããããªåé¡ãçºçããŠããªãã«ããããããïŒãããã¡é åã®äžè¶³ãªã©ã®çç±ã§ïŒç Žæ£ãããå ¥å IPv6 ããŒã¿ã°ã©ã ã®æ°ã
no routes éä¿¡å ã«éä¿¡ããããã®ã«ãŒããæ€åºãããªãã£ãããã«ç Žæ£ãããå ¥åããŒã¿ã°ã©ã ã®æ°ã
generated fragments ãã®åºåã€ã³ã¿ãã§ãŒã¹ã§è¡ããããã©ã°ã¡ã³ãåã«ãã£ãŠçæãããåºåããŒã¿ã°ã©ã ãã©ã°ã¡ã³ãã®æ°ã
fragment succeededãã®åºåã€ã³ã¿ãã§ãŒã¹ã§æ£åžžã«ãã©ã°ã¡ã³ãåããã IPv6 ããŒã¿ã°ã©ã ã®æ°ã
fragment failed ãã®ã€ã³ã¿ãã§ãŒã¹ã§ãã©ã°ã¡ã³ãåã§ããªãã£ãåºåããŒã¿ã°ã©ã ã®æ°ã
ICMPv6çµ±èš
ICMPv6åä¿¡
input
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã¡ãã»ãŒãžã®ç·æ°ãipv6IfIcmpInErrors ã«ãã£ãŠã«ãŠã³ããããã¡ãã»ãŒãžããã¹ãŠå«ãŸããŸãã ãã®ã€ã³ã¿ãã§ãŒã¹ã¯ãICMP ã¡ãã»ãŒãžã®å®å ãšãããã€ã³ã¿ãã§ãŒã¹ã§ãããå¿ ãããã¡ãã»ãŒãžã«ãšã£ãŠã®å ¥åã€ã³ã¿ãã§ãŒã¹ã§ã¯ãªãå¯èœæ§ããããŸãã
errorsã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã®ã® ICMP ç¹æã®ãšã©ãŒïŒç¡å¹ãª ICMP ãã§ãã¯ãµã ãç¡å¹ãªã¡ãã»ãŒãžé·ãªã©ïŒããããšå€æããã ICMP ã¡ãã»ãŒãžã®ç·æ°
destination unreachablemessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP éä¿¡å å°éäžèœã¡ãã»ãŒãžã®æ°ã
packet too big messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã "ICMP Packet Too Big"ïŒICMP ãã±ããã倧ããããŸãïŒã¡ãã»ãŒãžã®æ°ã
time exceeded messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP æéè¶ éã¡ãã»ãŒãžã®æ°ã
parameter problemmessage
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãã©ã¡ãŒã¿åé¡ã¡ãã»ãŒãžã®æ°ã
echo request messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãšã³ãŒïŒèŠæ±ïŒã¡ãã»ãŒãžã®æ°ã
echo reply messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ãšã³ãŒå¿çã¡ãã»ãŒãžã®æ°ã
redirect messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
group membership querymessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããã¯ãšãªãŒã¡ãã»ãŒãžã®æ°ã
group membershipresponse messages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããå¿çã¡ãã»ãŒãžã®æ°ã
IPv6ãã©ãã£ãã¯
893FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
group membershipreduction messages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããåãæ¶ãã¡ãã»ãŒãžã®æ°ã
router solicit messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã«ãŒã¿ãŒèŠè«ã¡ãã»ãŒãžã®æ°ã
router advertisementmessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP ã«ãŒã¿ãŒã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
neighbor solicit messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP è¿é£èŠè«ã¡ãã»ãŒãžã®æ°ã
neighbor advertisementmessages
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMP è¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
redirect messages ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã ICMPv6 ãªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
ICMPv6éä¿¡
outputãã®ã€ã³ã¿ãã§ãŒã¹ãéä¿¡ãè©Šã¿ã ICMP ã¡ãã»ãŒãžã®ç·æ°ã ãã®ã«ãŠã³ã¿å€ã«ã¯ãicmpOutErrors ã«ãã£ãŠã«ãŠã³ããããæ°ãå«ãŸããŸãã
destination unreachablemessages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP éä¿¡å å°éäžèœã¡ãã»ãŒãžã®æ°ã
packet too big messagesã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã "ICMP Packet Too Big"ïŒICMP ãã±ããã倧ããããŸãïŒã¡ãã»ãŒãžã®æ°ã
time exceeded messages ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP æéè¶ éã¡ãã»ãŒãžã®æ°ã
parameter problemmessage
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ãã©ã¡ãŒã¿åé¡ã¡ãã»ãŒãžã®æ°ã
echo reply messages ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ãšã³ãŒå¿çã¡ãã»ãŒãžã®æ°ã
router solicit messages ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP ã«ãŒã¿ãŒèŠè«ã¡ãã»ãŒãžã®æ°ã
neighbor advertisementmessages
ã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããã ICMP è¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžã®æ°ã
redirect messages éä¿¡ããããªãã€ã¬ã¯ãã¡ãã»ãŒãžã®æ°ã
group membershipresponse messages
éä¿¡ããã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããå¿çã¡ãã»ãŒãžã®æ°ã
group membershipreduction messages
éä¿¡ããã ICMPv6 ã°ã«ãŒãã¡ã³ããŒã·ããåãæ¶ãã¡ãã»ãŒãžã®æ°ã
UDPçµ±èš
input UDPãŠãŒã¶ã«éä¿¡ããã UDPããŒã¿ã°ã©ã ã®ç·æ°ã
no port errors åä¿¡ãããç®çå°ããŒãã«ã¢ããªã±ãŒã·ã§ã³ãç¡ãã£ãããŒã¿ã°ã©ã ã®ç·æ°
other errors ç®çå°ããŒãã§ãã¢ããªã±ãŒã·ã§ã³ã®æ¬ åŠä»¥å€ã®çç±ã§éä¿¡ãããããšãåºæ¥ãªãã£ãåä¿¡ UDPããŒã¿ã°ã©ã ã®æ°
output ãã®ãšã³ãã£ãã£ããéä¿¡ããã UDPããŒã¿ã°ã©ã ã®ç·æ°ã
IPv6ãã©ãã£ãã¯
894 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
clear ipv6 traffic
IPv6ãã©ãã£ãã¯ã«ãŠã³ã¿ããªã»ããããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ã"ipv6 traffic"ã³ãã³ãã§è¡šç€ºããããå šãŠã®ã«ãŠã³ã¿ããªã»ããããŸãã
äŸ
Console#clear ipv6 trafficConsole#
895FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ping6
ãããã¯ãŒã¯ã®ä»ã®ããŒããžïŒIPv6ïŒICMPãšã³ãŒãªã¯ãšã¹ããã±ãããéä¿¡ããŸãã
ææ³
ping6 { ipv6-address | host-name } [ count count ] [ size size ]
⢠ipv6-address âè¿é£è£ 眮㮠IPv6ã¢ãã¬ã¹ã
⢠host-name âãã¡ã€ã³ããŒã ãµãŒããéã㊠IPv6ã¢ãã¬ã¹ã®äžã«å€æãããããšãå¯èœãªãã¹ãåã¹ããªã³ã°ã
⢠count âéä¿¡ãããã±ããã®æ° . ïŒç¯å²ïŒ1-16ïŒ
⢠size âãã±ããã®ãã€ãæ° ïŒç¯å²ïŒ48-18024 bytesïŒã«ãŒã¿ããããæ å ±ãä»å ããçºãå®éã®ãã±ãããµã€ãºã¯æå®ããããµã€ãºããã8bytes倧ãããªããŸãã
åæèšå®
ã«ãŠã³ãïŒ5å
ãµã€ãºïŒ100bytes
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ping6ã³ãã³ãã¯ããããã¯ãŒã¯äžã®ä»ã®ãµã€ããžå°éããããšãã§ãããã©ããããŸãã¯ãã¹äžã«é 延ãç¡ãããè©äŸ¡ããããã«äœ¿çšããŸãã
⢠ãã¹ãåã« PingãéãæãDNSãµãŒããæå¹ (see page 898)ã«ãªã£ãŠããããšã確èªããŠãã ãããå¿ èŠãªãã°ãããŒã«ã«è£ 眮ã¯åãã DNSéçãã¹ãããŒãã«ã§æå®ããããšãå¯èœã§ãã
⢠ãã¹ãå㧠Ping6ã䜿çšããæãã¹ã€ããã¯æåã«ãIPv6ã¢ãã¬ã¹ã®äžã§ãšã€ãªã¢ã¹ã®è§£æ±ºãè©Šã¿ããã®åŸã« IPv4ã¢ãã¬ã¹ã®äžã§è§£æ±ºãè©ŠããŸãã
äŸ
Console#ping6 FE80::2E0:CFF:FE00:FC%1/64Type ESC to abort.PING to FE80::2E0:CFF:FE00:FC%1/64, by 5 32-byte payload ICMP packets, timeout is 3 secondsresponse time: 20 ms [FE80::2E0:CFF:FE00:FC] seq_no: 1response time: 0 ms [FE80::2E0:CFF:FE00:FC] seq_no: 2response time: 0 ms [FE80::2E0:CFF:FE00:FC] seq_no: 3response time: 0 ms [FE80::2E0:CFF:FE00:FC] seq_no: 4response time: 0 ms [FE80::2E0:CFF:FE00:FC] seq_no: 5Ping statistics for FE80::2E0:CFF:FE00:FC%1/64: 5 packets transmitted, 5 packets received (100%), 0 packets lost (0%)Approximate round trip times: Minimum = 0 ms, Maximum = 20 ms, Average = 4 msConsole#
896 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 nd dad attempts
éè€ã¢ãã¬ã¹æ€çŽ¢äžã«ãã€ã³ã¿ãã§ãŒã¹ã§éä¿¡ããé£ç¶ããè¿é£èŠè«ã¡ãã»ãŒãžã®æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ipv6 nd dad attempts count
⢠count âãã®ã€ã³ã¿ãã§ãŒã¹ã«éè€ã¢ãã¬ã¹ãååšãããåŠãã決å®ããããã«éããããè¿é£èŠè«ã¡ãã»ãŒãžã®æ°ïŒç¯å²ïŒ0-600ïŒ
åæèšå®
1
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠0ã®å€ã«èšå®ããããšã§ãéè€ã¢ãã¬ã¹æ€çŽ¢ãç¡å¹ã«ããŸãã
⢠éè€ã¢ãã¬ã¹æ€çŽ¢ã¯ãæ°ãããŠããã£ã¹ã IPv6ã¢ãã¬ã¹ãã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããåã«ãæ¢ã«ãããã¯ãŒã¯äžã«ååšãããã©ããã決å®ããŸãã
⢠éè€ã¢ãã¬ã¹æ€çŽ¢ã¯ãäŒæ¢ç¶æ ã®ã€ã³ã¿ãã§ãŒã¹äžã§åæ¢ããŸãã(âvlanâã³ãã³ãïŒP723ïŒãåç §ïŒã€ã³ã¿ãã§ãŒã¹ãäŒæ¢ç¶æ ã«ãªã£ãŠããéãå šãŠã®ãŠããã£ã¹ã IPv6ã¢ãã¬ã¹ã¯"pending"ã¹ããŒã¿ã¹ã§ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããŸããã€ã³ã¿ãã§ãŒã¹ã管çäžåéããæãéè€ã¢ãã¬ã¹æ€çŽ¢ãèªåçã«å皌åããŸãã
⢠å皌åããã€ã³ã¿ãã§ãŒã¹ã¯ãã€ã³ã¿ãã§ãŒã¹ã®å šãŠã® IPv6ãŠããã£ã¹ãã¢ãã¬ã¹ã®éè€ã¢ãã¬ã¹æ€çŽ¢ãåéããŸããéè€ã¢ãã¬ã¹æ€çŽ¢ãã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§å®è¡ãããŠããéãä»ã® IPv6ã¢ãã¬ã¹ã¯ "tentative"ç¶æ ã§æ®ããŸããéè€ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãèŠã€ãããªãå Žåãæ®ãã® IPv6ã¢ãã¬ã¹ã®ããã«éè€ã¢ãã¬ã¹æ€åºãéå§ããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãå€æŽãããå Žåãéè€ã¢ãã¬ã¹æ€åºã¯æ°ãããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ã§è¡ãããŸããããã§ã«ã€ã³ã¿ãã§ãŒã¹ãšé¢é£ä»ãããã IPv6ã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã«å¯ŸããŠã¯è¡ããŸããã
897FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
äŸ
é¢é£ããã³ãã³ã
ipv6 nd ns-intervalïŒP899ïŒshow ipv6 neighborsïŒP901ïŒ
Console(config)#interface vlan 1Console(config-if)#ipv6 nd dad attempts 5Console(config-if)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is stalled.Link-local address:
ãFE80::200:E8FF:FE90:0/64 [TENTATIVE]Global unicast address(es):
ã009:DB9:2229::79, subnet is 2009:DB9:2229:0::/64 [TENTATIVE]Joined group address(es):
ãFF01::1/16
ãFF02::1/16
ãFF02::1:FF00:79/104
ãFF02::1:FF90:0/104MTU is 1500 bytes.ND DAD is enabled, number of DAD attempts: 5.ND retransmit interval is 1000 millisecondsConsole#
898 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 nd ns-interval
ã€ã³ã¿ãã§ãŒã¹äžã§ IPv6è¿é£èŠè«ã¡ãã»ãŒãžãéä¿¡ãããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåæå€ã«æ»ããŸãã
ææ³
ipv6 nd ns-interval millisecondsno ipv6 nd ns-interval
⢠milliseconds â IPv6è¿é£èŠè«ã¡ãã»ãŒãžãéä¿¡ãããééïŒç¯å²ïŒ1000-3600000ïŒ
åæèšå®
1000ããªã»ã«ã³ã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãã¢ãã¬ã¹è§£æ±ºæãŸãã¯è¿é£ã®å°éå¯èœæ§ã調ã¹ãæã«ãIPv6è¿é£èŠè«ã¡ãã»ãŒãžãéä¿¡ãããééãèšå®ããŸããæšæºç㪠IPv6ãªãã¬ãŒã·ã§ã³ã§ã¯æ¥µç«¯ã«çãééã䜿çšããã®ãé¿ããŠãã ããã
äŸ
é¢é£ããã³ãã³ã
show running-configïŒP394ïŒ
Console(config)#interface vlan 1Console(config)#pv6 nd ns-interval 30000Console(config)#endConsole#show ipv6 interfaceVlan 1 is upIPv6 is enable.Link-local address: FE80::200:E8FF:FE90:0/64Global unicast address(es): 2009:DB9:2229::79, subnet is 2009:DB9:2229:0::/64Joined group address(es): FF01::1/16 FF02::1/16 FF02::1:FF00:79/104 FF02::1:FF90:0/104MTU is 1500 bytes.ND DAD is enabled, number of DAD attempts: 5.ND retransmit interval is 30000 millisecondsConsole#
899FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ipv6 nd reachable-time
ããããã®å°çå¯èœæ§ç¢ºèªã€ãã³ãçºçåŸããªã¢ãŒã IPv6ããŒãããå°çå¯èœã§ãããšæšæž¬ãããæéãèšå®ããŸãã
ææ³
ipv6 nd reachable-time millisecondsno ipv6 nd reachable-time
⢠milliseconds â å°éå¯èœæ§ã®ç¢ºèªãåããåŸãããŒããå°éå¯èœã§ãããšæšæž¬å¯èœãªæéïŒç¯å²ïŒ1000-3600000ïŒ
åæèšå®
30000ããªã»ã«ã³ã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã§èšå®ãããã¿ã€ã ãªãããã¯ãã¹ã€ãããäžåšã®è¿é£ãçºèŠããããšãå¯èœã«ããŸãã
äŸ
clear ipv6 neighbors
IPv6è¿é£æ¢çŽ¢ãã£ãã·ã¥ã®å šãŠã®åçãšã³ããªãåé€ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#interface vlan 1Console(config)#ipv6 nd reachable-time 1000Console(config)#
Console#clear ipv6 neighborsConsole#
900 FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ipv6 neighbors
IPv6è¿é£æ¢çŽ¢ãã£ãã·ã¥ã®æ å ±ã衚瀺ããŸãã
ææ³
show ipv6 neighbors [ vlan vlan-id | ipv6-address ]
⢠vlan-id â VLAN ID (Range: 1-4093)
⢠ipv6-address â è¿é£è£ 眮㮠IPv6ã¢ãã¬ã¹ãRFC2373"IPv6 Addressing Architecture"ã«åŸã£ãŠãã©ãŒãããããããªã³ã¯ããŒã«ã«ã¢ãã¬ã¹ãšã°ããŒãã«ãŠããã£ã¹ãã¢ãã¬ã¹ã®ãããããæå®ã§ããŸãã8ã€ã® 16ããã 16é²æ°ãã³ãã³ã§åºåã£ãå€ã䜿çšããŸããã¢ãã¬ã¹å ã®äžé©æ Œãªãã£ãŒã«ããæºããçºã«å¿ èŠãšããããŒãã®é©åãªæ°ã瀺ãããã1ã€ã®ããã«ã³ãã³ã䜿çšãããŸãã
åæèšå®
å šãŠã® IPv6è¿é£æ¢çŽ¢ãã£ãã·ã¥ãšã³ããªã衚瀺ã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ipv6 neighbors
IPv6 Address ãããããããAge Link-layer Addr State VLAN
2009:DB9:2229::79 ãããã666 00-00-E8-90-00-00 REACH 1
FE80::200:E8FF:FE90:0 ã 671 00-00-E8-90-00-00 REACH 1Console#
IPv6 ãã€ããŒã®è¡šç€º
é ç® è§£èª¬
IPv6 Address ãã€ããŒã® IPV6ã¢ãã¬ã¹
Age ã¢ãã¬ã¹ãå°éå¯èœãšããŠå®èšŒãããŠããã®æéïŒç§ïŒéçãšã³ããªã¯ " Permanent"ãšç€ºãããŸãã
Link-layer Addr ç©çå±€ MAã¢ãã¬ã¹
901FXC3110
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
é¢é£ããã³ãã³ã
show mac-address-tableïŒP680ïŒ
State
è¿é£ã®ãã£ãã·ã¥ãšã³ããªã®ç¶æ ãæå®ããŸãã IPv6 è¿é£æ€åºãã£ãã·ã¥å ã®åçãšã³ããªã®ç¶æ ã¯ã以äžã®ãšããã§ãã
INCMP (Incomplete) ïŒãšã³ããªäžã§ã¢ãã¬ã¹è§£æ±ºãå®è¡äžã§ãã è¿é£èŠè«ã¡ãã»ãŒãžããã¿ãŒã²ããã®èŠè«ããããã«ããã£ã¹ãã¢ãã¬ã¹ã«éä¿¡ãããŸãããã察å¿ããè¿é£ã¢ããã¿ã€ãºã¡ã³ãã¡ãã»ãŒãžããŸã åä¿¡ãããŠããŸããã
REACH ïŒå°éå¯èœïŒïŒè¿é£ãžã®è»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ã確èªã¡ãã»ãŒãžïŒæ£åžžïŒããæåŸã® Reachable TimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒå ã«åä¿¡ãããŸããã REACHïŒå°éïŒç¶æ ã®éã¯ãããã€ã¹ã¯ãã±ããã®éä¿¡äžã«ç¹å¥ãªåäœãããŸããã
STALEïŒè»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ãæåŸã®ç¢ºèªã¡ãã»ãŒãžïŒæ£åžžïŒãåä¿¡ãããŠãããReachableTimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒãè¶ ããæéãçµéããŸããã STALEïŒæéåãïŒç¶æ ã®éã¯ãããã€ã¹ã¯ãã±ãããéä¿¡ããããŸã§ç¹å¥ãªåäœãããŸãããDELAYïŒè»¢éãã¹ãæ£åžžã«æ©èœããŠããããšã瀺ãæåŸã®ç¢ºèªã¡ãã»ãŒãžïŒæ£åžžïŒãåä¿¡ãããŠãããReachableTimeïŒå°éå¯èœãªæéïŒïŒããªç§ïŒãè¶ ããæéãçµéããŸããã ååã®DELAY_FIRST_PROBE_TIME ç§å ã«ãã±ãããéä¿¡ãããŸããã DELAYïŒé 延ïŒç¶æ ã«å ¥ã£ãŠãã DELAY_FIRST_PROBE_TIME ç§å ã«å°éå¯èœæ§ç¢ºèªãåä¿¡ãããªãå Žåã¯ãè¿é£èŠæ±ã¡ãã»ãŒãžãéä¿¡ããç¶æ ã PROBEïŒèª¿æ»ïŒã«å€ããŸãã
PROBEïŒå°éå¯èœæ§ç¢ºèªãåä¿¡ããããŸã§ãè¿é£èŠè«ã¡ãã»ãŒãžã RetransTimer ããªç§ééã§åéä¿¡ããããšã§ãå°éå¯èœæ§ç¢ºèªãã¢ã¯ãã£ãã«æ±ããããŸããUNKNOïŒæªç¥ã®ç¶æ ã
以äžã®ç¶æ ã¯éçãšã³ããªã«äœ¿çšãããŸããINCMP (Incomplete)
REACH (Reachable)
VLAN å°éããã¢ãã¬ã¹ã® VLANã€ã³ã¿ãã§ãŒã¹ã
IPv6 ãã€ããŒã®è¡šç€º
902 FXC3110
FXC10-DC-200008-R1.0
æ¬ãŠãŒã¶ããã¥ã¢ã«ã¯ãFXCæ ªåŒäŒç€Ÿãå¶äœãããã®ã§ãå šãŠã®æš©å©ãåŒç€ŸãææããŸããåŒç€Ÿã«ç¡æã§æ¬æžã®äžéšããŸãã¯å šéšãè€è£œ /転èŒããããšãçŠããŸããæ¹è¯ã®ãã補åã®ä»æ§ãäºåãªãå€æŽããããšããããŸããããäºæ¿ãã ãããäºåãªãæ¬æžã®äžéšãŸãã¯å šäœãä¿®æ£ãå€æŽããããšããããŸããããäºæ¿ãã ããããŠãŒã¶ããã¥ã¢ã«ã®å 容ã«é¢ããŸããŠã¯ãäžå šãæããŠãããŸãããäžäžãäžæãªç¹ãããããŸããããåŒç€ŸãµããŒãã»ã³ã¿ãŒãŸã§ãçžè«ãã ããã
FXC3110 Management GuideïŒFXC10-DC-200008-R1.0ïŒ
åç 2011幎 3æ
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC3110
Management GuideFXC10-DC-200008-R1.0FXC3110 Management Guide