You are on page 1of 262

Nortel Metro Ethernet Services Unit 1800 and 1850

Configuration — Using Device


Manager for all Modes

NN46212-503
.
Document status: Standard
Document version: 01.00
Document date: 27 March 2008

Copyright © 2008, Nortel Networks


All Rights Reserved.

Sourced in Canada and the United States of America

LEGAL NOTICE

While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed
to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY
KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject
to change without notice.

* Nortel, the Nortel logo and the Globemark are trademarks of Nortel Networks.

All other trademarks are the property of their respective owners.

Restricted rights legend


Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph
(c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013.

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer
software, the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth
in the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.

The information in this document is subject to change without notice. The statements, configurations, technical
data, and recommendations in this document are believed to be accurate and reliable, but are presented without
express or implied warranty. Users must take full responsibility for their applications of any products specified in this
document. The information in this document is proprietary to Nortel Networks.

Nortel, the Nortel logo and the Globemark are trademarks of Nortel Networks.

All other trademarks are the property of their respective owners.

Sourced in Canada

Statement of conditions
In the interest of improving internal design, operational function, and/or reliability, Nortel Networks Inc. reserves the
right to make changes to the products described in this document without notice.

Nortel Networks Inc. does not assume any liability that may occur due to the use or application of the product(s) or
circuit layout(s) described herein.

Portions of the code in this software product may be Copyright © 1988, Regents of the University of California. All
rights reserved. Redistribution and use in source and binary forms of such portions are permitted, provided that the
above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising
materials, and other materials related to such distribution and use acknowledge that such portions of the software
were developed by the University of California, Berkeley. The name of the University may not be used to endorse or
promote products derived from such portions of the software without specific prior written permission.

SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE.
In addition, the program and information contained herein are licensed only pursuant to a license agreement that
contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices
imposed by third parties).

Nortel Networks Inc. software license agreement


This Software License Agreement ("License Agreement") is between you, the end-user ("Customer") and Nortel
Networks Corporation and its subsidiaries and affiliates ("Nortel Networks"). PLEASE READ THE FOLLOWING
CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE
SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE AGREEMENT.
If you do not accept these terms and conditions, return the Software, unused and in the original shipping container,
within 30 days of purchase to obtain a credit for the full purchase price.
"Software" is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is
copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data,
audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole
or partial copies. Nortel Networks grants you a license to use the Software only in the country where you acquired the
Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for
the selection of the Software and for the installation of, use of, and results obtained from the Software.
1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of
the Software on only one machine at any one time or to the extent of the activation or authorized usage level,
whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer furnished
equipment ("CFE"), Customer is granted a nonexclusive license to use Software only on such hardware or CFE,
as applicable. Software contains trade secrets and Customer agrees to treat Software as confidential information
using the same care and discretion Customer uses with its own similar information that it does not wish to disclose,
publish or disseminate. Customer will ensure that anyone who uses the Software does so only in compliance with
the terms of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as
expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c)
create derivative works or modifications unless expressly authorized; or d) sublicense, rent or lease the Software.
Licensors of intellectual property to Nortel Networks are beneficiaries of this provision. Upon termination or breach of
the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptly
return the Software to Nortel Networks or certify its destruction. Nortel Networks may audit by remote polling or other
reasonable means to determine Customer’s Software activation or usage levels. If suppliers of third party software
included in Software require Nortel Networks to include additional or different terms, Customer agrees to abide by
such terms provided by Nortel Networks with respect to such third party software.
2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer,
Software is provided "AS IS" without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS
ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT
NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated to provide support of
any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in such event, the
above exclusions may not apply.
3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE
LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR
DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL,
PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN
CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE
SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR
POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or supplier of the Software. Such
developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations
or exclusions and, in such event, they may not apply.
4. General
1. If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks
Software available under this License Agreement is commercial computer software and commercial
computer software documentation and, in the event Software is licensed for or on behalf of the United States
Government, the respective rights to the software and software documentation are governed by Nortel
Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections
12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).
2. Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer
fails to comply with the terms and conditions of this license. In either event, upon termination, Customer
must either return the Software to Nortel Networks or certify its destruction.
3. Customer is responsible for payment of any taxes, including personal property taxes, resulting from
Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable
export and import laws and regulations.
4. Neither party may bring an action, regardless of form, more than two years after the cause of the action
arose.
5. The terms and conditions of this License Agreement form the complete and exclusive agreement between
Customer and Nortel Networks.
6. This License Agreement is governed by the laws of the country in which Customer acquires the Software.
If the Software is acquired in the United States, then this License Agreement is governed by the laws of
the state of New York.
5

Contents
New in this release 11
Features 11
Enhanced Dual Home Ring ESU 11
IGMP Snooping on EVPN Endpoints 11
Security Enhancements 12
MLT UNI on the ESU1850 in QiQ mode 12
Automatic port shutdown 12
Change the Management of Daylight Saving Time 12
Other changes 12
Introduction 15
Before you begin 16
Setting up and managing the ESU 17
ESU menu 17
Port configuration 18
Editing ports 18
Setting a basic port configuration 18
Viewing DDI SFP types 21
Viewing FFP information 23
Configuring the serial port 24
Configuring the chassis 25
Editing the chassis 25
Editing system information 26
Editing chassis information 31
Editing topology alarms 33
Viewing interface statistics 34
Viewing port utilization statistics 36
Editing trap receivers 37
Editing RRP Hello settings in VPN and IPVLAN mode 38
Resetting the date and time of the chassis 40
Configuring IP management 44
Setting up the routing table 44
Enabling IP forwarding globally 44
Creating default IP routes 46

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
6 Contents

Deleting a default route 48


Viewing ARP translations in Layer 2 mode 49
Configuring Diagnostic Services 50
Configuring the topology 50
Configuring and monitoring port mirroring in Layer 2 and Q-in-Q mode 52
Configuring network time protocol 56
Configuration prerequisites 56
Setting NTP globals attributes 56
Setting NTP server attributes 58
Setting NTP key attributes 59
Configuring rapid ping 61
Enabling responses to pings in the data path 64
Rapid ping response dialog 65
Configuring security features 67
Configuring management station IP addresses 67
Configuring SNMP communities 68
Configuring SNMPv3 69
Default login 69
Loading the encryption module 70
Logging on using SNMPv3 70
Creating a user security model 71
Creating membership for a group 74
Creating access for a group 75
Assigning MIB view access for an object 77
Configuring RADIUS authentication and accounting 80
Enabling authentication type 81
Configuring RADIUS 82
Deleting a RADIUS configuration 84
Showing RADIUS authentication 85
Showing RADIUS accounting 86
Showing RADIUS server statistics in Layer 2 mode 88
Showing RADIUS statistics 89
Showing RADIUS session 91
Configuring the Supplicant 92
Navigation 92
Enabling the Supplicant module 92
Modifying Supplicant user name and password 93
Configuring SSH 94
Enabling SSH authentication type 94
Setting the SSH algorithm 95
Configuring the existing SSH user information 97
Configuring EAPoL in Layer 2 mode 98
Configuration prerequisites 98

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Contents 7

Globally configuring EAPoL in Layer 2 mode 99


Managing firmware configuration files 101
Downloading firmware from the server: ESU 1850 101
Creating firmware: ESU 1850 103
Booting firmware: ESU 1850 104
Uploading and downloading configuration settings to the server: ESU 1850 105
Saving a history log to the server: ESU 1850 106
Downloading firmware from the server: ESU 1800 107
Uploading and downloading configuration settings to the server: ESU 1800 108
Saving a history log to the server: ESU 1800 109
Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q
mode 111
Configuring a default VLAN 112
Variable definitions 112
Configuring IP VLANs in Ring and Standalone mode 112
Creating a port-based VLAN in Layer 2 and Q-in-Q mode 114
Advertising a static VLAN 117
Viewing current VLANs in Layer 2 mode 117
Configuring FDB in Layer 2 mode 118
Setting the FDB aging timer 119
Creating an FDB list in Layer 2 mode 120
Configuring multicast FDB in Layer 2 mode 121
Configuring GVRP in Layer 2 mode 123
Configuring IGMP snooping globally in Layer 2 mode 126
Configuring IGMP snooping in Layer 2 mode 126
Configuring IP VLAN IGMP snooping in Ring and Standalone mode 128
Configuring IGMP querier in Layer 2 mode 129
Configuring IGMP snooping group in Layer 2 mode 131
Configuring IP VLAN IGMP Snooping Group in Ring and Standalone mode 132
Configuring MLTs in Layer 2 and Q-in-Q mode 133
Configuring the MLT trunk algorithm 133
Enabling and inserting an MLT in Layer 2 and Q-in-Q mode 134
Configuring STP in Layer 2 mode 137
Enabling STP 137
Displaying STP port data in Layer 2 mode 140
Configuring Q-in-Q mode 143
Designating a port as access or uplink 143
Configuring the SVLAN 147
Configuring automatic port shutdown 148
Configuring automatic shutdown ports 149
Configuring filters and access control lists 151
Configuring packet filters 151

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
8 Contents

Configuring MAC filters 154


Configuring IGMP access lists in Layer 2, and VPN and IPVLAN modes 156
Applying access control lists in Layer 2, and VPN and IPVLAN modes 157
Configuring packet policing and policies 159
Configuring a CoS profile 159
Configuring packet classification 161
Configuring packet policing 164
Applying policies to ports 167
Clearing the out-of-profile counter 169
Configuring EVPN broadcast optimization in VPN and IPVLAN mode 170
Configuring EAPoL on Ethernet ports in Layer 2 Switch mode173
Configuration prerequisites 173
Changing a port authentication status in Layer 2 switch mode 174
Configuring QoS 181
Viewing and configuring IEEE 802.1p default priority 183
Viewing and configuring IEEE 802.1p user priority 185
Configuring broadcast storm control in Standalone, Layer 2, and VPN and IPVLAN
modes 186
Configuring RMON 189
Configuring and enabling RMON options 190
Configuring RMON history 191
Configuring RMON history parameters 192
Disabling RMON history 195
Using Ethernet statistics 196
Configuring a new host name 199
Disabling RMON statistics 201
Graphing RMON history 202
Configuring RMON alarms 203
Creating RMON alarms 203
Viewing alarm files 206
Configuring RMON events 208
Viewing log files 211
HP OpenView 212
Configuring HP OpenView to function with Device Manager 213
Displaying network statistics 215
Graphing port statistics 215
Graphing ports for single or multiple ports 215
Graphing interface statistics 216
Graphing Ethernet error statistics 217
Graphing port utilization statistics 220
Graphing bridging statistics 221
Graphing RMON port statistics 222

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Contents 9

Graphing EAPOL port statistics 224


Graphing chassis statistics 226
Graphing SNMP statistics 226
Graphing IP statistics 229
Graphing ICMP In statistics 231
Graphing ICMP Out statistics 232
Graphing TCP statistics 234
Graphing UDP statistics 235
System monitoring 236
Configuring a syslog host 237
Enabling and disabling syslog messages 238
Deleting syslog hosts 239
RMON alarm reference 241
Index 255

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
10 Contents

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
11

New in this release


The following sections detail what’s new in Nortel Metro Ethernet Services
Unit 1800 and 1850 Configuration — Using Device Manager for all Modes
(NN46212-503) for release 3.5:

Features
See the following sections for information about feature changes:
• "Enhanced Dual Home Ring ESU" (page 11)
• "IGMP Snooping on EVPN Endpoints" (page 11)
• "Security Enhancements" (page 12)
• "MLT UNI on the ESU1850 in QiQ mode " (page 12)
• "Automatic port shutdown " (page 12)
• "Change the Management of Daylight Saving Time " (page 12)

Enhanced Dual Home Ring ESU


The Metro ESU 1800/1850 now supports the Enhanced Dual Home Ring.
The RDP version is changed to version 2 (from version 1). New RDP
messages include:
• Home Direction Assignment Message (Msg ID=3) is introduced to
assign Metro ESU’s home MERS
• Last Metro ESU From Home Ring Port Message (Msg ID=0x10) is
introduced to indicate the last Metro ESU from its home ring port

Each Metro ESU on a DH ring has its designated Home MERS and Backup
MERS. The Metro ESU receives all egress EVPN traffic from its Home
MERS and sends all ingress EVPN traffic to its Home MERS instead of
sending all ingress traffic to the secondary MERS and receiving egress
traffic from the primary MERS.

IGMP Snooping on EVPN Endpoints


Due to the hardware limitation on the Metro ESU (1800/1850), Metro ESU
does not have the Port Filtering Mode (PFM) settings per vlan, which
prevents the 1G ESU ring from supporting IGMP snooping enabled/disabled

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
12 New in this release

on per end-point basis. The PFM bit in the stack tag is used by MERS
to instruct Metro ESU whether or not to forward based on the local
configuration of the IGMP snooping.

Security Enhancements
Release 3.5 introduces new Security Enhancements for Layer 2 and
QinQ modes. The IEEE802.1x standard is implemented to validate the
authorization of products connecting to the access ports of the Metro ESU,
and to pass required information to the MERS8600 to allow end products
connecting to the Metro ESU access into the network.

To support the 802.1x Supplicant for L2 and QinQ modes, new JDM menus
are implemented to control the 802.1x Supplicant setting.

See "Configuring the Supplicant" (page 92).

MLT UNI on the ESU1850 in QiQ mode


Multi-Link Trunking (MLT) is a point-to-point connection that aggregates
multiple ports so that they logically act like a single port with the aggregated
bandwidth. Metro ESU1850 device supports hardware-base trunking. Up to
8 ports can be bundled into a single logical port. 6 such trunk groups are
supported. This provides for increased bandwidth and redundancy.

Automatic port shutdown


This Metro ESU1850-only feature is to support automatic port shutdown.
Only ports one and two on the Metro ESU1850 (in Layer 2 and QiQ modes
only) are supported by this feature. This allows the product to be used as
a CPE device in a dark fiber implementation. The Metro ESU1850 can
be used as a CPE with port one being the uplink port, and port two being
the access port.

Change the Management of Daylight Saving Time


The Metro ESU now adopts the same approach as the MERS8600 platform,
where the date is not set to an absolute date, but rather to the last Saturday
night or Sunday morning in March and October.

Other changes
See the following list for non-feature changes in this release.
• The previous Nortel Metro Ethernet Services Unit 1800 and 1850 Device
Manager configuration documents have been consolidated into this
single document:

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Other changes 13

Release 3.4 technical document number and Release 3.5 technical document number and
title title
Nortel Metro Ethernet Services Unit 1800 Nortel Metro Ethernet Services Unit 1800 and
Configuration -- VPN & IP VLAN Services Using 1850 Configuration — Using Device Manager for
Device Manager (NN46210-500) all Modes (NN46212-503)
Nortel Metro Ethernet Services Unit 1800
Configuration -- Layer 2 Switch Mode Using
Device Manager (NN46210-503)
Nortel Metro Ethernet Services Unit 1850
Configuration -- VPN & IP VLAN Services Using
Device Manager (NN46211-502)
Nortel Metro Ethernet Services Unit 1850
Configuration -- Layer 2 Switch Mode Using
Device Manager (NN46211-503)
Nortel Metro Ethernet Services Unit 1850
Configuration -- QiQ Mode Using Device
Manager (NN46211-505)

• The HomeDirectionId field was added to the Procedure job aid: ESU
1850 and the Procedure job aid: ESU 1800 tables, in "Chassis dialog
box, System tab fields" (page 26).

• Added the following fields to "Chassis dialog box, Daylight Saving Time
tab fields" (page 43): Format, StartMinutes, StartNth, StartWeekday,
EndMinutes, EndNth, and EndWeekday.

• In the "Port dialog box, Interface tab fields" (page 144) table, in the
Designating a port as access or uplink section, updated the UplinkMode
field description, added the Pass-thru field, and added the Port Mode
field.

• The Attention box in "Viewing port utilization statistics" (page 36) was
updated with additional information.

• The following variables were added to "Port dialog box, EAPOL tab
fields" (page 177): SuppPaeState, SuppHeldPeriod, SuppAuthPeriod,
SuppStartPeriod, SuppMaxStart, SuppControlledPortStatus,
SuppAccessCtrlWithAuth, and SuppBackendState.

• Added "Configuring a default VLAN" (page 112) to "Configuring VLANs


in Ring, Standalone, Layer 2, and Q-in-Q mode" (page 111).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
14 New in this release

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
15

Introduction
This document contains procedural information to help you complete the
task of configuring the Nortel Metro Ethernet Services Unit 1800 and 1850
for the following modes:
• Layer 2 mode
• VPN and IPVLAN mode
• Q-in-Q mode

For conceptual information regarding features in this book, see Nortel Metro
Ethernet Services Unit 1800 and 1850 Fundamentals (NN46212-100).
For definitions of terms and acronyms used in this document, see Nortel
Metro Ethernet Services Unit 1800 and 1850 Documentation Roadmap
(NN46212-101).

Navigation
• "Setting up and managing the ESU" (page 17)
• "Configuring security features" (page 67)
• "Managing firmware configuration files" (page 101)
• "Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode"
(page 111)
• "Configuring Q-in-Q mode" (page 143)
• "Configuring filters and access control lists" (page 151)
• "Configuring packet policing and policies" (page 159)
• "Configuring EAPoL on Ethernet ports in Layer 2 Switch mode" (page
173)
• "Configuring QoS" (page 181)
• "Configuring RMON" (page 189)
• "Displaying network statistics " (page 215)

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
16 Introduction

Before you begin


This guide is intended for network administrators with the following
background:
• basic knowledge of networks and Ethernet bridging
• familiarity with networking concepts and terminology
• experience with Windows-based systems or GUIs
• basic knowledge of network topologies

Before using this guide, you must complete the following procedures for a
new switch:
• install the switch. See the installation guide that came with your switch)
• connect the switch to the network. See Nortel Metro Ethernet Services
Unit 1800 and 1850 Commissioning (NN46212-303) for instructions.

Enure that you have installed the latest version of Nortel Ethernet Services
Unit software and Device Manager software.

For information about upgrading the Metro ESU and Device Manager
software, see the release notes for your version of the Metro ESU.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
17

Setting up and managing the ESU


This section describes how to set up and edit your Metro ESU switch ports,
chassis, and IP management.

ATTENTION
Layer 2 features are available only in Layer 2 mode. All Layer 2 options are
blocked in Ring or stand-alone mode. For Metro ESU 1850 only, most Layer
2 options are blocked in Q-in-Q mode. See Nortel Metro Ethernet Routing
Switch 8600 Fundamentals — Using Device Manager (NN46225-300) for basic
information on using Device Manager.

ATTENTION
IP VLAN applies only in Ring and stand-alone modes.

Navigation
• "ESU menu" (page 17)
• "Port configuration" (page 18)
• "Configuring the chassis" (page 25)
• "Configuring Diagnostic Services" (page 50)
• "Configuring IP management" (page 44)
• "Configuring network time protocol" (page 56)

ESU menu
"ESU menu: ESU 1850" (page 18) shows the Metro ESU Menu that is
common for Ring, stand-alone, Q-in-Q, and Layer 2 modes.

"ESU menu: ESU 1800" (page 18) shows the Metro ESU Menu that is
common for Ring, stand-alone, and Layer 2 modes.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
18 Setting up and managing the ESU

ESU menu: ESU 1850

ESU menu: ESU 1800

Port configuration
This topic describes how to set the switch ports to operate in a basic
Ethernet environment.

Navigation
• "Editing ports" (page 18)
• "Setting a basic port configuration" (page 18)
• "Viewing DDI SFP types" (page 21)
• "Configuring the serial port" (page 24)

Editing ports
Edit ports to modify current ports settings. To edit a single port or multiple
ports, select the port or ports you want to edit.
• Double-click a port.
• Right-click a port. On the shortcut menu, choose Edit.
• From the Device Manager menu bar, choose Edit > Port.
• On the Device Manager toolbar, click Edit Selected.

Setting a basic port configuration


You can set options for a basic port configuration through the Interface
tab in the Port dialog box.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Port configuration 19

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.


2 From the Device Manager menu bar, choose Edit > Port.
The Port dialog box appears with the Interface tab displayed.
See the following procedure job aid.
3 Enter the information in the fields as required.

4 Click Apply to save the changes.

—End—

Procedure job aid


Field Description
Index A unique value assigned to each interface. The value range is 1 to 12.
Name Displays the alphanumeric name for the port.
Alias A field in which you can further identify the port.
Descr The specific location of this interface.
Type The media type of this interface.
Mtu The maximum packet size, in octets, that can be sent/received on
this interface.
Speed The port current speed (10 Mbit/s, 100 Mbit/s, 1 Gbit/s).
PhysAddress The MAC address assigned to this interface.
AdminStatus Sets the port administrative status value to one of the following states:
• up
• down

When a managed system initializes, all interfaces start with


AdminStatus in the up state. As a result of an explicit management
action or per-configuration information retained by the managed
system, AdminStatus is then changed to the down state.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
20 Setting up and managing the ESU

Field Description
OperStatus The current operational state of the interface.
Possible state values are:
• up
• down

If the AdminStatus field is set to down, the OperStatus field indicates


down. If the AdminStatus field is changed to up, then the OperStatus
field changes to up if the interface is ready to transmit and receive
network traffic. The Metro ESU remains in the down state only if a
fault exists that prevents it from going to the up state.
LinkTrap Generate (enabled) or do not generate (disabled) link Up/link Down
traps for this interface.
PortType The port type for this interface.
PortLinkStatus Read-only field-the port link status.
Possible values are:
• other
• link-pass
• link-fail
AdminSpeedDuplex Sets the port duplex value (half-duplex or full-duplex mode).
Possible duplex values are:
• auto—sets the port to Autonegotiation mode.
• 10Mbps-Half—sets the port to operate at 10 Mbit/s in half-duplex
mode.
• 10Mbps-Full—sets the port to operate at 10 Mbit/s in full-duplex
mode.
• 100Mbps-Half—sets the port to operate at 100 Mbit/s in
half-duplex mode.
• 100Mbps-Full—sets the port to operate at 100 Mbit/s in full-duplex
mode.
• 1Gigabps-Full—sets the port to operate at 1 Gbit/s in full-duplex
mode (Gigabit ports are statically set for 1000 Mbit/s and cannot
be set to slower speeds.)
OperSpeedDuplex The current port duplex value.
FlowCtrlState Enables or disables flow control on this port interface.
AddressLearningState Enables or disables the address learning state in Layer 2 mode or
VPN and IPVLAN modes. For Layer 2 switch mode only, this option
can be set on one or more ports.
PortName The name of the Ethernet port.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Port configuration 21

Field Description
UplinkMode If a port is an access port or an uplink port. The default is disabled
or access port.
This parameter is only configurable in Q-in-Q mode.
TDPMode Enables or disables TDP/SONMP protocol on a port. If set to bypass,
the TDP/SONMP packet is forwarded as customer traffic. If active,
the TDP/SONMP packet is forwarded and the TDP table is updated.
When active, the TDP/SONMP packet is also forwarded to the
neighboring device.

Viewing DDI SFP types


You can view the types of SFPs installed on a Metro ESU.

Procedure steps
Step Action

1 From the Device Manager menu bar, select Edit > Port.
The Interface tab appears.

2 Select DDI/SFP.
The DDI/SFP tab appears.
See the following procedure job aid.

3 Click Refresh to update the statistics.

—End—

Procedure job aid: ESU 1850


Field Description (ESU 1850)
SFPType The type of Small Form Factor Pluggable (SFP).
VendorNameSFPVendor The name of the SFP or 10 Gigabit Small Form Factor Pluggable
(XFP) transceiver manufacturer.
VendorPartNumber The Nortel Product Engineering Code (PEC) part number for the
SFP or XFP transceiver.
VendorRevNumber The manufacturer revision level for the SFP or XFP.
VendorSN The manufacturer serial number for the SFP or XFP.
VendorDateCode The manufacturer date code for the SFP or XFP.
PEC The PEC assignment number.
CLEI The Telcordia register assignment Nortel Common Language
Equipment Identification (CLEI) code.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
22 Setting up and managing the ESU

Field Description (ESU 1850)


DdmStatus If digital diagnostic monitoring (DDM) is enabled.
Calibration If the calibration is internal or external.
PowerMeasure Rx power measurement as average or Optical Modulation
Amplitude (OMA).
ConnectorType The type of SFP or XFP connector.
SupportsDDM If the SFP or XFP supports DDM.
Wavelength The wavelength in nm of the SFP or XFP.
Temperature The current temperature in degrees Celsius of the SFP or XFP.
HighAlarmThreshold The high alarm threshold in degrees Celsius for the temperature.
LowAlarmThreshold The low alarm threshold in degrees Celsius for the temperature.
HighWarningThreshold The high warning threshold in degrees Celsius for the temperature.
LowWarningThreshold The low warning threshold in degrees Celsius for the temperature.
TemperatureStatus If any temperature thresholds were exceeded.
Voltage The current voltage in volts.
HighAlarmThreshold The high alarm threshold in volts for the voltage.
LowAlarmThreshold The low alarm threshold in volts for the voltage.
HighWarningThreshold The low warning threshold in volts for the voltage.
LowWarningThreshold The high warning threshold in volts for the voltage.
VoltageStatus If any voltage thresholds were exceeded.
Bias The current laser bias in mA.
HighAlarmThreshold The high alarm threshold in mA for the bias.
LowAlarmThreshold The low alarm threshold in mA for the bias.
HighWarningThreshold The high warning threshold in mA for the bias.
LowWarningThreshold The low warning threshold in mA for the bias.
BiasStatus If any bias thresholds were exceeded.
TxPower The current Tx power in mW.
HighAlarmThreshold The high alarm threshold in mW for the Tx power.
LowAlarmThreshold The low alarm threshold in mW for the Tx power.
HighWarningThreshold The low warning threshold in mW for the Tx power.
LowWarningThreshold The high warning threshold in mW for the Tx power.
TxPowerStatus If any Tx power thresholds were exceeded.
RxPower The current Rx power in mW.
HighAlarmThreshold The high alarm threshold in mW for the Rx power.
LowAlarmThreshold The low alarm threshold in mW for the Rx power.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Port configuration 23

Field Description (ESU 1850)


HighWarningThreshold The high warning threshold in mW for the Rx power.
LowWarningThreshold The low warning threshold in mW for the Rx power.
RxPowerStatus If any Rx power thresholds were exceeded.

Procedure job aid: ESU 1800


Variable Value (ESU 1800)
SFPType The type of Small Form Factor Pluggable (SFP).
VendorNameSFPVendor The name of the SFP or 10 Gigabit Small Form
Factor Pluggable (XFP) manufacturer.

Viewing FFP information


Use the following procedure to view fast filter processor (FFP) attributes.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.


2 From the Device Manager menu bar, choose Edit > Port.
The Port dialog box opens with the Interface tab displayed.
3 Select the FFP Info tab.
See the following procedure job aid.

—End—

Procedure job aid


Parameter Description
ActiveUsedRules Identifies an instance of an FFP info entry.
RemainedRules The number of remaining rules.
UsedProfile The number of used profiles.
RemainedProfile The number of remaining profiles.
UsedMeter The number of used meters.
RemainedMeter The number of remaining meters.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
24 Setting up and managing the ESU

Configuring the serial port


You can use Device Manager to configure your serial port. The serial
ports allows you to connect a PC directly to the Metro ESU to manage
its functions.

Procedure steps
Step Action

1 On the device view (with the whole Metro ESU selected), select
the serial port or console.

2 From the Device Manager menu bar, choose Edit > Console.
The Serial Port dialog box appears with the Serial Port tab
displayed. See "Figure" (page 24).

See the following procedure job aid.


3 Enter the information in the fields.

4 Click Apply.

—End—

Procedure job aid


Field Description
BaudRateConfig Sets the serial bit rate used to communicate with a management
station. The console baud rate is 9600 Bit/s.
SerialPortDataBits Read-only field—displays the number of bits that make up a word
when communicating with a management station. The console
interface uses 8 data bits.
SerialPortParityBits Read-only field—displays the number of parity bits used. The default
value is none.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 25

Field Description
SerialPortStopBits Read-only field—displays the number of bits used to indicate that a
word has been completely transmitted. The console interface uses
1 stop bit.
Rs232PortConfig Sets the Rs232C mode the console uses at restart. The default value
is console mode.
StatusConsoleInUse Read-only field—indicates whether the console is in use or not in use.
AutoLogoutConfig Sets the time (in minutes) the interface can be idle before the
Metro ESU automatically logs out. The options are never,
autoLogout-2mins, autoLogout-5mins, autoLogout-10mins, and
autoLogout-15mins.

Configuring the chassis


This topic describes how you can use Device Manager to configure your
Metro Ethernet Services Unit chassis.

This section describes how to edit the chassis using the Chassis dialog box.

Navigation
• "Editing the chassis" (page 25)
• "Editing system information" (page 26)
• "Editing chassis information" (page 31)
• "Editing topology alarms" (page 33)
• "Viewing interface statistics" (page 34)
• "Viewing port utilization statistics" (page 36)
• "Editing trap receivers" (page 37)
• "Editing RRP Hello settings in VPN and IPVLAN mode" (page 38)
• "Resetting the date and time of the chassis" (page 40)
• "Editing daylight saving time settings" (page 41)

Editing the chassis


To edit the Metro ESU chassis, select the chassis
• Double-click the chassis.
• Right-click the chassis. From the shortcut menu, choose Edit.
• From the Device Manager menu bar, choose Edit > Chassis.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
26 Setting up and managing the ESU

Editing system information


You can edit system information such as the contact person, the name of
the device, and where it is located. Other information, such as the version of
the software that is running on the device, cannot be edited.

ATTENTION
Nortel recommends that all system IP management changes occur using the
command line interface (CLI). System changes require a resetting of the device,
resulting in the loss of Device Manager service.

Procedure steps
Step Action

1 On the Device Manager menu bar, choose Edit > Chassis.


The Chassis dialog box appears with the System tab displayed.
See the following procedure job aid.

2 Enter the information in the fields. For Q-in-Q mode, in the QinqTpid
field, enter the TPID number.

ATTENTION
When rebooting the Metro ESU, Nortel recommends selecting only one
option at a time on this tab. Selecting SystemRestart and SaveCfg resets
the switch to the factory default settings.

3 Click Apply to save the changes.

—End—

Procedure job aid: ESU 1850


Field Description (ESU 1850)
Descr The name assigned by the system and the software version it is
running. This is a read-only field.
ModuleVersion The version of the extension module. This is a read-only field
and does not apply to the ESU 1850. This field applies to Layer
2 mode only.
UpTime The time since the system was last booted. This is a read-only
field.
Contact The contact information (a name or an e-mail address) for the
Nortel support group.
Name The name of this device.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 27

Field Description (ESU 1850)


Location The physical location of this device.
Mode The operating mode of the Metro ESU. The valid options are:
• ring—sets the Metro ESU in ring mode. In ring mode, up to
14 Metro ESU 18xx can be daisy-chained, and both ends
of the chain are connected to two Metro ESM 8668 ports to
form a ring. Note that up to 24 ports physically exist on the
Metro ESU 1800, but only 14 are supported in this release.
• stand-alone—sets the Metro ESU in stand-alone mode.
In Metro ESU 1800 stand-alone mode, port 25 and port 26
are trunk ports—either one (and only one) is used to connect
directly to the Metro ESM 8668 port. The unused trunk port
cannot be used as a customer facing port in stand-alone
mode. Ports 1 to 24 can be used as customer facing ports.
In Metro ESU 1850 stand-alone mode, port 1 and port 2 are
trunk ports—either one (and only one) is used to connect
directly to the Metro ESM 8668 port. The unused trunk port
cannot be used as a customer facing port in stand-alone
mode. Ports 3 to 12 can be used as customer facing ports.
• Layer 2 switch—sets the Metro ESU in Layer 2 switch mode.
• Q-in-Q—sets the Metro ESU in Q-in-Q mode.
SystemIPAddr The Metro ESU IP management address.
SystemSubNetMask The subnet mask of the Metro ESU IP management address.
DefaultGateway The system default gateway.
ArpAgingTime The Address Resolution Protocol (ARP) aging time. This feature
is only available in Layer 2 switch mode.
AuthenticationTraps Enables or disables authentication traps. When you enable,
SNMP traps are sent to trap receivers for all SNMP access
authentication.
To view traps, click Trap Log on the Device Manager toolbar.
CleanAllStatisticCounter Allows you to clear all statistic counters.
• reset—click to clear all counters.
ClearHistoryLog Allows you to clear all History log entries.
• reset—click to clear all log entries.
MgmtProtocolCapability Displays the network management protocol(s) supported by this
agent. This is a read-only field.
SystemRestart Allows you to restart the system. The default value is no-reset.
• cold-start—restarts the agent. The agent always returns to
no-restart when this object is read.
• no-restart—has no effect.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
28 Setting up and managing the ESU

Field Description (ESU 1850)


FactoryReset Sets the agent system reset state:
• no-reset—has no effect.
• reset—resets the Metro ESU mod-id to 0 and sets filters and
ports to default settings except IP address, user account,
and history log. This option will not reboot the Metro ESU.

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID must be
reset using the console port.

• config—resets config to factory default. This option will not


reboot the Metro ESU.

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID and Metro
ESU IP address must be reset using the
console port.

• system—resets the agent to default settings. Then, the


Metro ESU unit does a factory reset, save, and reboot.

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID and Metro
ESU IP address must be reset using the
console port

SaveCfg When set to save, the current device configuration is saved into
NV-RAM.
InfoSaveCfg The status of the device configuration. This is a read-only field.
QinqTpid The Q-in-Q TPID. This parameter is only configurable in Q-in-Q
mode.
CPUUtilization The percent of CPU utilized.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 29

Field Description (ESU 1850)


MemoryUtilization The percent of memory used.
HomeDirectionId The RDP Home Direction Assignment message is sent from the
MERS 8600, or set by the super user. This field configures and
shows the Metro ESU Home ID.
• 0—no Home
• 1—homed on primary
• 2—homed on secondary

Procedure job aid: ESU 1800


Field Description (ESU 1800)
Descr The name assigned by the system and the software version it is
running. This is a read-only field.
ModuleVersion The version of the extension module. This is a read-only field
and does not apply to the Metro ESU 1850. This field applies to
Layer 2 only.
UpTime The time since the system was last booted. This is a read-only
field.
Contact The contact information (a name or an e-mail address) for the
Nortel support group.
Name The name of this device.
Location The physical location of this device.
Mode The operating mode of the Metro ESU. The valid options are:
• ring—sets the Metro ESU in ring mode. In ring mode, up
to 14 Metro Metro ESU 18xx can be daisy-chained, and
both ends of the chain are connected to two Metro ESM
8668 ports to form a ring. Note that up to 24 ports physically
exist on the Metro ESU 1800, but only 14 are supported in
this release.
• stand-alone—sets the Metro ESU in stand-alone mode.
In Metro ESU 1800 stand-alone mode, port 25 and port 26
are trunk ports—either one (and only one) is used to connect
directly to the Metro ESM 8668 port. The unused trunk port
cannot be used as a customer facing port in stand-alone
mode. Ports 1 to 24 can be used as customer facing ports.
In Metro ESU 1850 stand-alone mode, port 1 and port 2 are
trunk ports—either one (and only one) is used to connect
directly to the Metro ESM 8668 port. The unused trunk port
cannot be used as a customer facing port in stand-alone
mode. Ports 3 to 12 can be used as customer facing ports.
• Layer 2 switch—sets the Metro ESU in Layer 2 switch mode.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
30 Setting up and managing the ESU

Field Description (ESU 1800)


SystemIPAddr The Metro ESU IP management address.
SystemSubNetMask The subnet mask of the Metro ESU IP management address.
DefaultGateway The system default gateway.
ArpAgingTime The Address Resolution Protocol (ARP) aging time. This feature
is only available in Layer 2 switch mode.
AuthenticationTraps Enables or disables authentication traps. When you enable,
SNMP traps are sent to trap receivers for all SNMP access
authentication.
To view traps, click Trap Log on the Device Manager toolbar.
CleanAllStatisticCounter Allows you to clear all statistic counters.
• reset—click to clear all counters.
ClearHistoryLog Allows you to clear all History log entries.
• reset—click to clear all log entries.
MgmtProtocolCapability Displays the network management protocol(s) supported by this
agent. This is a read-only field.
SystemRestart Allows you to restart the system. The default value is no-reset.
• cold-start—restarts the agent. The agent always returns to
no-restart when this object is read.
• no-restart—has no effect.
FactoryReset Sets the agent system reset state:
• no-reset—has no effect.
• reset—resets the Metro ESU mod-id to 0 and sets filters and
ports to default settings except IP address, user account,
and history log. This option will not reboot the Metro ESU.

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID must be
reset using the console port.

• config—resets config to factory default. This option will not


reboot the Metro ESU.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 31

Field Description (ESU 1800)

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID and Metro
ESU IP address must be reset using the
console port.

• system—resets the agent to default settings. Then, the


Metro ESU unit does a factory reset, save, and reboot.

CAUTION
Metro ESU Mod-ID is set to 0. After reset
is applied, access to Metro ESU is lost. To
recover, the Metro ESU Mod-ID and Metro
ESU IP address must be reset using the
console port

SaveCfg When set to save, the current device configuration is saved into
NV-RAM.
InfoSaveCfg The status of the device configuration. This is a read-only field.
QinqTpid The Q-in-Q TPID. This parameter is only configurable in Q-in-Q
mode.
CPUUtilization The percent of CPU utilized.
HomeDirectionId The RDP Home Direction Assignment message is sent from the
MERS 8600, or set by the super user. This field configures and
shows the Metro ESU Home ID.
• 0—no Home
• 1—homed on primary
• 2—homed on secondary

Editing chassis information


You can edit the current chassis settings using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click on the Chassis tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
32 Setting up and managing the ESU

The Chassis tab appears. See the following figures.


Chassis tab: Layer 2 and Q-inQ modes

Chassis tab: VPN and IPVLAN mode

See the following procedure job aid.


3 Enter the information in the fields.

4 Click Apply to save the changes.

—End—

Procedure job aid


Field Description
BootPromVersion Read-only field; the current Bootprom version
installed.
FirmwareVersion Read-only field; the current firmware revision of the
device chassis.
HWRevision Read-only field; the current hardware revision of
the device chassis.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 33

Field Description
DeviceSerialNumber Read-only field; the device serial number.
TelnetState Sets the TELNET state to enabled or disabled;
enabled by default.
BootServerAddr Read-only field; the IP Address of Boot Server.

Editing topology alarms


You can use Device Manager to enable or disable topology alarms. Alarms
generate traps under configured circumstances.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.
2 Click on the Topology Alarm Control tab. The Topology Alarm
Control tab appears. See the following figures.
Topology Alarm Control tab: Layer 2 and VPN, and IPVLAN mode

Topology Alarm Control tab: Q-in-Q mode

See the following procedure job aid.

3 Click disabled or enabled for a topology alarm you want to disable


or enable.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
34 Setting up and managing the ESU

4 Click Apply to update the configuration.

ATTENTION
In stand-alone or Ring mode, only one alarm is displayed.

—End—

Procedure job aid


Field Description
STPAlarmNewRoot Enables or disables this alarm. If you enable it, when a bridge
becomes the new root of the Spanning Tree, it sends a trap to a trap
receiver (if the receiver is available) and writes the trap to a log on
the Metro ESU.
This parameter is only configurable in Layer 2 mode.
STPTopologyChange Enables or disables this alarm. If you enable it, when an STP
topology change occurs (for example, a bridge port transitions from
the Learning state to the Forwarding state), the bridge sends a trap
to a trap receiver (if the receiver is available) and writes the trap to
a log on the Metro ESU.
This parameter is only configurable in Layer 2 mode.
AlarmLinkStatusChange Enables or disables this alarm. If you enable it, when a bridge
detects a change in the status of one of its links (a non-operational
communication link has become operational), the bridge sends a trap
to a trap receiver (if the receiver is available) and writes the trap to
a log on the Metro ESU.

Viewing interface statistics


You can use Device Manager to view interface statistics. The interfaces
include port, VLAN, and IP interfaces.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click the Interfaces tab. The Interfaces tab appears.


3 Click Refresh to update the screen data.
See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 35

—End—

Procedure job aid


Field Description
Index A unique value, greater than zero, for each interface. The values are assigned
contiguously, starting from 1. This is a read-only field.
Descr A textual string containing information about the interface. Include the name
of the manufacturer, the product name, and the version of the interface
hardware/software in the string. This is a read-only field.
Type The type of interface, which is determined by the physical/link protocol or
protocols immediately below the network layer in the protocol stack. This is
a read-only field.
Mtu The size of the largest packet that can be sent or received on the interface,
specified in octets. For interfaces that are used for transmitting network
datagrams, this is the size of the of the largest network datagram that can be
sent on the interface. This is a read-only field.
Speed An estimate of the interface current bandwidth in bits per second. For interfaces
that do not vary in bandwidth or for those where no accurate estimation can
be made, include the nominal bandwidth in this field. If the bandwidth of the
interface is greater than the maximum value that can be reported by this object,
then report its maximum value (4, 294, 967, 295) in this field and if HighSpeed
must be used to report the interface speed. For a sublayer for which bandwidth
has no meaning, this value is 0. This is a read-only field.
PhysAddr The interface address at its protocol sublayer. For example, for an 802.x
interface, this field normally contains a MAC address. The interface
media-specific MIB must define the bit and byte ordering and the format of
the value of this object. For interfaces that do not have such an address (for
example, a serial line), include an octet string of zero length in this field. This is
a read-only field.
AdminStatus The desired state of the interface; no operational packets can be passed. When
a managed system initializes, all interfaces start with AdminStatus in the down
state. As a result of either explicit management action or per configuration
information retained by the managed system, AdminStatus is then changed to
either the up or testing state (or remains in the down state).
OperStatus The current operational state of the interface; no operational packets can be
passed. If AdminStatus is down, then OperStatus is down. If AdminStatus is
changed to up, then OperStatus is changed to up if the interface is ready to
transmit and receive network traffic. OperStatus changes to dormant if the
interface is waiting for external actions (such as a serial line is waiting for an
incoming connection). OperStatus remains in the down state if a fault prevents
it from going to the up state. It remains in the noPresent state if the interface
has missing (usually hardware) components. This is a read-only field.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
36 Setting up and managing the ESU

Field Description
LastChange The value of sysUpTime at the time the interface entered its current operational
state. If the current state was entered prior to the last reinitialization of the local
network management subsystem, then this object is 0. This is a read-only field.
LinkTrap Link up or link down traps are generated on this interface. By default, the
value is enabled.

Viewing port utilization statistics


You can use Device Manager to view port utilization statistics to assist you
in adjusting traffic loads.

ATTENTION
Port utilization statistics are view-only.
Utilization is based on bidirectional traffic; it is for transmitting and receiving.
Utilization is not a separate statistic.
Example:
tx 100% & rx 0% => 50 % of line utilization
tx =0 % & rx = 100% => 50 % of line utilization
tx =100% & rx=100% => 100% of line utilization

To view port utilization statistics:

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click the Port Utilization tab.


The Port Utilization tab appears.

3 Click Refresh to update the screen data.


See the following procedure job aid.
4 Click Refresh to update the screen data.

—End—

Procedure job aid


Field Description
PortIndex A unique value assigned to each port.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 37

Field Description
TxSec How many transmit packets were transmitted by this port in
one second.
RxSec The number of receive packets received by this port in one
second.
Utilization The port utilization as percentage of bidirectional link
capacity. Transmit at line rate only will show as 50%
utilization, whereas transmit and receive at line rate will show
as 100% utilization.

Editing trap receivers


You can use Device Manager to edit how devices receive Simple Network
Management Protocol (SNMP) traps.

ATTENTION
If the Trap Receivers tab takes a long time to open, it can be that the IP address
of a trap receiver cannot be resolved to a DNS name. By default, Device Manager
attempts to resolve IP addresses to DNS names. If there is no resolution, it stops
trying to resolve the IP address.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click on the Trap Receivers tab.


The Trap Receivers tab appears. See the following figures.
Trap Receivers tab: Layer 2 and Q-in-Q mode

Trap Receivers tab: VPN and IPVLAN mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
38 Setting up and managing the ESU

3 Click Insert
The Chassis, Insert Trap Receivers dialog box appears.

See the following procedure job aid.


4 In the Chassis, Insert Trap Receivers dialog box, enter the
appropriate information for your configuration .

5 Click Insert.
The new information is displayed in the Chassis dialog box, Trap
Receivers tab. See "Procedure job aid" (page 38).

—End—

Procedure job aid


Field Description
IpAddr IP address for the trap receiver. (This value was originally an IP
address, but can be displayed as a DNS host name.)
Comm Community string used for trap messages to this trap receiver.

Editing RRP Hello settings in VPN and IPVLAN mode


The Ring Resiliency Protocol (RRP) Layer 2 function, RRP Hello, allows
a ring to detect if it is broken. The RRP Hellos are messages that if not
received, indicate a problem with the ring. RRP Hello enhances the fault
detection coverage of an Metro ESU ring.

ATTENTION
The enhanced single-homed Metro ESU ring protection is a soft-fault
protocol-based mechanism. The minimum Hello interval is one second. In the
event of a soft-fault detection, the minimum failover time is three to four seconds.
The 50 ms failover recovery period is not supported due to the soft-fault failure
detection.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 39

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click the RRP tab.


The RRP tab appears.

See "Chassis dialog box, RRP tab fields" (page 39).


3 Change the values to those you want by clicking on the State,
TimeInterval, and Threshold fields and using the drop-down
menus.

4 Click Apply to save your changes.


5 Click Refresh to update the screen data to the current state, time
interval, and threshold.

—End—

Chassis dialog box, RRP tab fields

Procedure job aid


Field Description
PortIndex The port.
State Enables or disables RRP on the specified port. Use
disabled for backward compatibility. The default is
disabled.
TimeInterval Set the RRP Hello time interval. The value range is
1000 to 10000 seconds, and the default is 1000.
Threshold Set the number of response hello packets that can be
missed before a fault is logged. The value range of the
threshold is 1 to 100, and the default is 3.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
40 Setting up and managing the ESU

Field Description
InfoRespCnt The number of RRP Hellos received. This is a read-only
field.
InfoMissingCnt The number of RRP Hellos missing. This is a read-only
field.
InfoPartnerModid The partner Metro ESU Module ID connected to this
port. This is a read-only field.

Resetting the date and time of the chassis


You can reset the year, month, date, hour, minute, or second of the chassis
using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click the User Set Time tab.


The User Set Time tab appears. See the following figures.
User Set Time tab: Layer 2 and Q-in-Q mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 41

User Set Time tab: VPN and IPVLAN mode

3 In the User Set Time tab, enter the appropriate information for your
configuration.
See the following procedure job aid.

4 Click Apply to save your changes.

5 Click Refresh to update the screen data.

—End—

Procedure job aid


Field Description
Year The current year. Change by entering an integer in the range
from 2000 to 2099.
Month The current month. Change by entering an integer in the range
from 1 to 12.
Date The current day. Change by entering an integer in the range
from 1 to 31.
Hour The current hour. Change by entering an integer in the range
from 0 to 23.
Minute The current minute. Change by entering an integer in the range
from 0 to 59.
Second The current second. Change by entering an integer in the range
from 0 to 59.

Editing daylight saving time settings


You can edit the daylight saving time settings using Device Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
42 Setting up and managing the ESU

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis dialog box appears with the System tab displayed.

2 Click the Daylight Saving Time tab.


The Daylight Saving Time tab appears. See the following figures.
Daylight Saving Time tab: Layer 2 and Q-in-Q mode

Daylight Saving Time tab: VPN and IPVLAN mode

See the following procedure job aid.

3 If necessary, change the value of the parameter. Click the text box
and enter an integer value from the range (shown).
4 Click Apply to save your changes.

5 Click Refresh to update the screen data.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the chassis 43

—End—

Procedure job aid


Field Description
Enable Check the Enable box to enable Daylight Saving Time. Uncheck
this box to ensure normal time is used.
Offset Since Daylight Saving Time drifts in minutes, this is the length of
time that can be used to offset the local variation of the standard
time zone. Enter an integer in the range from 1 to 120. For
example, enter 15 for 15 minutes.
StartMonth The starting month for Daylight Saving Time. Enter an integer in
the range from 1 to 12.
StartDate The starting date for Daylight Saving Time. Enter an integer in
the range from 1 to 31.
StartHour The starting hour for Daylight Saving Time. Enter an integer in
the range from 0 to 23.
EndMonth The ending month for Daylight Saving Time. Enter an integer in
the range from 1 to 12.
End Date The ending date for Daylight Saving Time. Enter an integer in
the range from 1 to 31.
EndHour The ending hour for Daylight Saving Time. Enter an integer in
the range from 0 to 23.
Format The format of the Daylight Saving Time setting.
StartMinutes The start date configuration in minutes. Enter an integer in the
range from 0 to 59.
StartNth The start date configuration in nth number of weekday. Enter an
integer in the range from 1 to 5.
StartWeekday The start date configuration in weekday. Enter an integer in the
range from 0 to 6.
EndMinutes The end date configuration in minutes. Enter an integer in the
range from 0 to 59.
EndNth The end date configuration in nth number of weekday. Enter an
integer in the range from 1 to 5.
EndWeekday The end date configuration in weekday. Enter an integer in the
range from 0 to 6.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
44 Setting up and managing the ESU

Configuring IP management
This topic explains how to initially set up the routing table and default IP
address using Device Manager. By default, the Metro ESU is not configured
for IP VLAN management, but rather for management through a TDI using
untagged packets. Nortel recommends that in this and future releases, all
Metro ESU management be done using IP VLANs.

WARNING
Changing parameters using Device Manager could result in
the loss of connectivity. Use the console port when making IP
management configuration changes.

Navigation
• "Setting up the routing table" (page 44)
• "Enabling IP forwarding globally" (page 44)
• "Creating default IP routes" (page 46)
• "Deleting a default route" (page 48)
• "Viewing ARP translations in Layer 2 mode" (page 49)

Setting up the routing table


The routing table allows you to change routes directly. Entries in the routing
table are automatically reflected if the next hop address in the route is
reachable and the route is enabled.

The table is indexed by six attributes: Destination Network, Destination


Mask, Next Hop, Hop or Metric, Interface, Proto, Age, and Type.

You can enter one route that has different costs, and the lowest-cost route
that is reachable is used in the routing table. Note that if you enter multiple
next hops for the same route with the same cost, the software does not
replace the existing route. If you enter the same route with the same cost
and a different next hop, the first route is used. However, if that first route
becomes unreachable, the second route (with a different next hop) is
activated with no loss of connectivity.

Enabling IP forwarding globally


You can enable IP forwarding, or routing, using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP Routing > IP.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IP management 45

The IP dialog box appears with the Globals tab displayed. See the
following figures.
Globals tab: Layer 2 mode

Globals tab: VPN and IPVLAN mode

2 Select the forwarding option.


See the following procedure job aid.

3 Click Apply.

—End—

Procedure job aid


Field Description
Forwarding Sets the switch for forwarding (routing) or not-forwarding.
The default value is forwarding.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
46 Setting up and managing the ESU

Field Description
DefaultTTL Sets the Default TTL value for a routed packet. The value is
the maximum number of hops before a frame is discarded.
Enter an integer between 1 and 255. The default value of
255 is inserted in the DefaultTTL field whenever a value is
not supplied in the datagram header.
ReasmTimeout The maximum number of seconds that received fragments
are held while they are waiting for reassembly at this entity.
The default value is 60 seconds. This is a read-only field.
ArpAgingTime Sets the (Address Routing Protocol (ARP) age-out time, in
the range of 0 to 65535 seconds. The default is 20.
This parameter is for Layer 2.

Creating default IP routes


The default IP route is used to specify a route to all networks for which there
are no explicit routes in the Forwarding Information Base or the routing
table. This route has a prefix length of zero (RFC1812).
You can create a default IP route using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP Routing > IP.
The IP dialog box appears with the Globals tab displayed. See
"Globals tab: Layer 2 mode" (page 45).
2 Click the Routes tab.
The Routes tab appears. See the following figures.
Routes tab: Layer 2 mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IP management 47

Routes tab: VPN and IPVLAN mode

3 Click Insert.
The IP, Insert Routes dialog box appears.

See the following procedure job aid.

4 In the Dest field, type the IP address (0.0.0.0 for the default).

5 In the Mask field, type the mask (0.0.0.0 for the default).

6 In the NextHop field, type the IP address of the router through which
the specified route is accessible.
7 In the HopOrMetric field, type the metric value.

8 Click Insert.
The route appears in the routing table.

—End—

Procedure job aid


Field Description
Dest Shows the destination network address.
Mask Shows the destination mask.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
48 Setting up and managing the ESU

Field Description
NextHop Shows the next hop IP address.
When creating a black hole static route, set this field to
255.255.255.255.
HopOrMetric Shows the primary routing metric for this route. The semantics
of this metric are determined by the routing protocol specified
in the route Proto field.
Interface Shows the ifIndex value, which identifies the local interface
through which the next hop of this route is reached. This is
a Read-only field.
Proto Shows the routing protocol through which this route was learned.
Inclusion of values for gateway routing protocols is not intended
to imply that hosts support those protocols. This is a Read-only
field. This protocol can be one of the following:
• local—a local interface.
• netmgmt—a static route.
Age Shows the number of seconds since this route was last updated
or determined to be correct. This is a Read-only field. This field
applies to Layer 2 mode only.
Type Shows the routing type. This is a Read-only field. This field
applies to Layer 2 mode only.
• reject—a route that discards traffic.
• local—a route created from a local interface.
• remote—a route created from a remote destination.

Deleting a default route


You can delete a default route using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP Routing > IP.
The IP dialog box appears with the Globals tab displayed. See
"Globals tab: Layer 2 mode" (page 45).
2 Click the Routes tab.
The Routes tab appears. See "Routes tab: Layer 2 mode" (page 46).

3 Select the route you want to delete.

4 Click Delete.
The route is removed from the Routes tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IP management 49

5 Click Close.

—End—

Viewing ARP translations in Layer 2 mode


The Address Resolution Protocol (ARP) allows a switch to map any address
protocol to the local network addressing protocol, for example, an IP
address to a MAC address. If configured as a dynamically learned address,
the Metro ESU automatically updates any changes.
You can view ARP translations using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP Routing > IP.
The IP dialog box appears with the Globals tab displayed. See
"Globals tab: Layer 2 mode" (page 45).

2 Click the ARP tab.


The ARP tab appears.

See the following procedure job aid.

3 Change the fields, if desired.


Change the MAC address and IP address by typing in the
MacAddress and IpAddress fields.
Change the type by clicking the Type field and selecting an option
from the drop-down list.

4 Click Apply to save the changes.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
50 Setting up and managing the ESU

—End—

Procedure job aid


Field Description
Interface The interface number.
MacAddress The MAC address.
IpAddress The IP address.
Type The type of ARP learning (other, invalid, static, or dynamic).

Configuring Diagnostic Services


Each Metro ESU on the same ring has a unique module ID so that the
Metro Ethernet Routing Switch 8600 can forward egress EVPN packets to
the destination Metro ESU. The factory default module ID is 0. When the
Metro ESU first comes up, it determines, using the Ring Topology Discovery
Protocol (RTDP), which of its 10/100/1000 BASE-TX (UTP)/SFP ports (1 or
2) connects to the previous Metro ESU or Metro ESM 8668 port, while the
other 10/100/1000 BASE-TX (UTP)/SFP port connects to the next Metro
ESU or Metro ESM 8668 port for the ring configuration. For the stand-alone
configuration, the Metro ESU determines which of the 10/100/1000
BASE-TX (UTP)/SFP ports (1 or 2) is connected to the Metro ESM 8668
port, while the other connects to the customer.

This topic describes how to use the diagnostic tools provided by Device
Manager.

Navigation
• "Configuring the topology" (page 50)
• "Configuring and monitoring port mirroring in Layer 2 and Q-in-Q mode"
(page 52)

Configuring the topology


This section describes how to use the diagnostic tools provided by Device
Manager. It includes the following sections:
• "Configuring topology" (page 50)
• "Displaying topology details" (page 51)

Configuring topology
Use the Topology tab to view Nortel Management MIB (NMM) status
information.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring Diagnostic Services 51

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Diagnostics.
The Diagnostics dialog box appears with the Topology tab
displayed.
See the following procedure job aid.

2 Change the status, if desired.

3 Click Apply to save the changes.

—End—

Procedure job aid


Field Description
IpAddr The IP address of the device. This is a read-only field.
Status Whether Nortel topology is on or off for the device. By default,
topology is on.
NmmLstChg The value of sysUpTime the last time an entry in the Nortel
Management MIB (NMM) topology table was added, deleted,
or modified if the table did not change since the last cold or
warm start of the agent. This is a read-only field.
NmmMaxNum The maximum number of entries in the NMM topology table.
This is a read-only field.
NmmCurNum The current number of entries in the NMM topology table.
This is a read-only field.

Displaying topology details


Use the Topology Table tab to view details of Nortel Management MIB
(NMM) status information.

ATTENTION
The fields in this table are read-only.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Diagnostics.
The Diagnostics dialog box appears with the Topology tab
displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
52 Setting up and managing the ESU

2 Click the Topology Table tab.


The Topology Table tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
Slot The slot number in the chassis in which the topology message
was received.
Port The port on which the topology message was received.
IpAddr The IP address of the sender of the topology message.
SegId The segment identifier of the segment from which the remote
agent sent the topology message. This value is extracted from
the message.
MacAddr The MAC address of the sender of the topology message.
ChassisType The chassis type of the device that sent the topology message.
BkplType The backplane type of the device that sent the topology
message.
LocalSeg If the sender of the topology message is on the same Ethernet
segment as the reporting agent.
CurState The current state of the sender of the topology message. The
choices are:
• topChanged—Topology information has recently changed.
• heartbeat—Topology information is unchanged.
• new—The sending agent is in a new state.

Configuring and monitoring port mirroring in Layer 2 and Q-in-Q mode


This topic describes how to use port mirroring using Device Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring Diagnostic Services 53

Navigation
• "Configuring port mirroring ports" (page 53)
• "Selecting ports for mirroring" (page 54)

Configuring port mirroring ports


You can configure ports for port mirroring, which allows you to monitor
network traffic, using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > Port Mirror.
The Port Mirror dialog box appears with the Port Mirror tab
displayed.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
State The state of port mirroring (enabled or disabled) for a port.
The default is disabled.
TargetPort Specify the port to send the traffic to (target port). You can
select ports from your configuration by clicking the ellipsis
button (...) to the right of the field.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
54 Setting up and managing the ESU

Field Description
SourceIngress Specify received traffic to be mirrored (source port). You can
select ports from your configuration by clicking the ellipsis
button (...) to the right of the field.
SourceEgress Specify transmitted traffic to be mirrored (source port). You
can select ports from your configuration by clicking the
ellipsis button (...) to the right of the field.

Selecting ports for mirroring


You must select ports that you want to mirror.

Procedure steps
Step Action

1 On the device view, select a mirrored (source) port by clicking the


ellipsis button (...) in the TargetPort field.
The esuSwL2MirrorLogicTargetPort dialog box appears. See the
following figures.
esuSwL2MirrorLogicTargetPort dialog box: ESU 1850

esuSwL2MirrorLogicTargetPort dialog box: ESU 1800

2 Select a target port.

3 Click Ok.
The Port Mirror dialog box, Port Mirror tab displays the new entry in
the TargetPort field.

4 Select a SourceIngress port by clicking the ellipsis button (...) in


the SourceIngress field.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring Diagnostic Services 55

The esuSwL2MirrorPortSourceIngress dialog box appears. See


the following figures.
esuSwL2MirrorPortSourceIngress dialog box: ESU 1850

esuSwL2MirrorPortSourceIngress dialog box: ESU 1800

5 Select a Source Ingress port or, if you want all ports, select All.

6 Click Ok.
The Port Mirrors dialog box—Port Mirror tab displays the new entry
in the SourceIngress field.
7 Select a source egress port by clicking the ellipsis button (...) in
the SourceEgress field.
The esuSwL2MirrorPortSourceEgress dialog box appears. See
the following figures.
esuSwL2MirrorPortSourceEgress dialog box: ESU 1850

esuSwL2MirrorPortSourceEgress dialog box: ESU 1800

8 Select a Source Egress port or, if you want all ports, select All.

9 Click Ok.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
56 Setting up and managing the ESU

The Port Mirror dialog box—Port Mirror tab displays the new entry
in the SourceEgress field.

10 Click Apply to accept your configuration choices.

—End—

Configuring network time protocol


This topic describes how to configure network time protocol (NTP) using
the Device Manager.

Navigation
• "Configuration prerequisites" (page 56)
• "Setting NTP globals attributes" (page 56)
• "Setting NTP server attributes" (page 58)
• "Setting NTP key attributes" (page 59)

Configuration prerequisites
Before you can configure NTP, you must do the following:
• Configure an IP interface using CLI on the Metro ESU switch and ensure
that the NTP server is reachable through this interface. See Nortel Metro
Ethernet Services Unit 1800 and 1850 Commissioning (NN46212-303).
• Make sure that the Real Time Clock is present on the CPU board.

ATTENTION
NTP server MD5 authentication does not support passwords (keys) that start with
a special character or that contain a space between characters.

Setting NTP globals attributes


When you enable NTP globally on the Metro ESU switch, default values are
in effect for most NTP parameters.
You can edit the NTP global attributes using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > NTP.
The NTP dialog box appears with the Globals tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring network time protocol 57

See the following procedure job aid.


2 Change the Globals tab value(s), if necessary

3 Click Enabled.
4 Click Apply to save your changes.

5 Click Refresh to update the screen data.

—End—

Procedure job aid


Field Description
Enable Enables (true) or disables (false) NTP. By default, NTP is
disabled.
Interval
The time interval (10 to 1440 minutes) between
successive NTP updates. The default interval is 15
minutes.

ATTENTION
If NTP is already enabled, this setting does not take
effect until you disable NTP and then reenable it.

LastSynServer The IP address of the server to which the last


synchronization occurred.
LastSynTime(UTC) The last synchronization time in UTC.
Timezone If the local time zone is ahead or behind GMT.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
58 Setting up and managing the ESU

Field Description
GMTHourOffset The number of hours’ difference between the local time
zone and GMT.
GMTMinOffset The number of minutes for local variation from the time
zone.

Setting NTP server attributes


After you enable NTP globally on the Metro ESU, you can add a remote
NTP server by specifying the server’s IP address. NTP adds this IP address
to a list of servers, which the local NTP client uses when querying remote
time servers for time information. The list of qualified servers is referred to
as a peer list.
You can configure a maximum of eight NTP servers.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > NTP.
The NTP dialog box appears.

2 Select the Server tab.


The NTP server tab appears.

3 To insert new values, click Insert.


The NTP, Insert Server dialog box appears.
NTP, Insert Server dialog

• To change Id, Address, or KeyId, enter an integer value.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring network time protocol 59

• To enable authentication, click the Authentication check box,


and click Enabled. To disable, unclick the check boxes.

See the following procedure job aid.

4 Click Insert to insert the server changes, or Close to exit the insert
function.
5 In the Server tab, click Apply to save changes.

6 Click Refresh to update the screen data to your new values.

—End—

Procedure job aid


Field Description
Id The entry number for a particular NTP server configuration.
Address The IP address of the remote NTP server.
KeyId The key ID used to generate the MD5 digest for this server. By default, the
key ID is 0 (MD5 authentication is disabled).
Authentication Enables or disables MD5 authentication on this server. If you enable
authentication on a server but do not specify a value for the public key, the
server is assumed disabled. The default is no MD5 authentication.
Stratum The number of layers or levels found within the server.
Version The version number for the server.
Synchronized If the server is synchronized to the remote NTP server.
Reachable If the remote NTP server is reachable.
AccessAttempts The number of access attempts made to reach the remote NTP server.
AccessSuccess The number of successful access attempts made to reach the remote NTP
server.
AccessFailure The number of unsuccessful attempts made to reach the remote NTP server
Enabled Enables or disables the remote NTP server.

Setting NTP key attributes


If you enable MD5 authentication on the server, you must assign an NTP key.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > NTP.
The NTP dialog box appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
60 Setting up and managing the ESU

2 Select the Key tab.


The NTP key tab appears.

3 To insert new values, click Insert.


The NTP, Insert Key dialog box appears.

• To add or change the Id, enter a value in the range from 1 to 255.
• If necessary, enter the Secret (private key information used to
generate the MD5 digest).

See the following procedure job aid.

4 Click Insert to insert the server changes, or Close to exit the insert
function.
5 In the Server tab, click Apply to save changes.

6 Click Refresh to update the screen data to your new values.

—End—

Procedure job aid


Field Description
Id The key ID used to generate the MD5 digest for this NTP server.
You must specify a value between 1 and 255. The default value is
1, which indicates that authentication is disabled.
Secret
The MD5 key ID used to generate the MD5 digest for this NTP
server.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring rapid ping 61

Field Description

ATTENTION
You cannot specify the number sign (#) as a value in the Secret
field. The NTP server interprets the number sign (#) as the
beginning of a comment and truncates all text entered after the
number sign (#). This is a limitation of xntpd version 3 or lower.

Configuring rapid ping


You can use rapid ping to troubleshoot traffic issues between customer
devices and the Metro ESU. Rapid ping is based on the ESU standard
ICMP ping protocol.

Procedure steps
Step Action

1 From the Device Manager menu bar, select Rapid Ping > Ping.
The RapidPing dialog box appears.

For more information, see "RapidPing dialog box" (page 61).


2 Click each field to change the value.

3 Click Refresh to refresh the statistics.

—End—

Procedure job aid


Field Description
SrcIpAddr The configured source, or sending, IP address of the test.
DestIpAddr The IP address of the destination (receiving) customer router.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
62 Setting up and managing the ESU

Field Description
Mode The ESU mode: as round trip time (RTT) or throughput. RTT indicates that
only one IP rapid ping packet is sent, at a time, during the test session.
Throughput indicates IP rapid ping packets are being sent out in the specified
transmission interval during the test session. The only difference in test
results is that RTT information (minimum, maximum, and average) does not
display in Throughput mode. The default value is rtt.
Custvid The customer’s VLAN identification information in the range of 1 to 4094 or
4096. In ring or stand-alone mode, Custvid = 4094 indicates an untagged
test packet. In Layer 2 switch mode, Custvid = 4096 indicates an untagged
test packet.
Pbit The configured pbit value for the tagged test packet. This value applies to
management traffic. Tagged test packet values are 1 through 4094 in ring
and stand-alone mode. The pbit value range is zero through seven; the
default value is zero.
CustPort The ESU port connected to the customer router that forwards and receives
test packets.
PktSize The Ethernet test packet size on the ESU. The range is 64 to 1522 for tagged
packets and 64 to 1518 for untagged packets. The default is 1522.
PktCnt The number of test packets to be sent. The range is 1 to 10 000. The default
is one.
PktInterval The time interval between test packets measured in milliseconds (ms). The
range is 10 to 1000 ms in 10 ms increments. The default is 1000 ms.
TimeoutInterval The maximum interval between transmission and reception of test frame.
After the expiration of this interval time, it is considered that the test packet is
considered to have failed. The range is 1 to 10 seconds (s) in one second
increments. The default is three seconds.
Action The action of the test. Options include:
• ready
• run—conducts the test
• delete—deletes the test
• stop—stops the test
Status The status of the test. Options include:
• running—the test is running
• finished—the test is complete
MinRTT The minimum Round Trip Time, in milliseconds, for the test packet.
MaxRTT The maximum Round Trip Time, in milliseconds, for the test packet.
AverageRTT The average Round Trip Time, in milliseconds, for the test packet.
LossPercent The packet loss percentage.
PktTx The number of test packets transmitted.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring rapid ping 63

Field Description
PktRx The number of test packets received.
PercentComplete The percentage of complete packets received (Read only).
DefaultGatewayIpA The rapid ping session uses the DefaultGatewayIPAddr as the destination
ddr IP or dest-ip-addr. This is the IP address of the customer device within the
subnet.
DefaultGatewayIpN The destination network mask for the rapid ping session.
etMask
DefaultGatewaySta Enables or disables the rapid ping gateway feature on this ESU device.
te
SrcIpAddr The configured source, or sending, IP address of the test.
DestIpAddr The IP address of the destination (receiving) customer router.
Mode The ESU mode: as round trip time RTT or throughput. RTT indicates that
only one IP rapid ping packet is sent, at a time, during the test session.
Throughput indicates IP rapid ping packets are being sent out in the specified
transmission interval during the test session. The only difference in test
results is that RTT information (minimum, maximum, and average) does not
display in Throughput mode. The default value is rtt.
Custvid The customer’s VLAN identification information in the range of 1 to 4094 or
4096. In ring or stand-alone mode, Custvid = 4094 indicates an untagged
test packet. In Layer 2 switch mode, Custvid = 4096 indicates an untagged
test packet.
Pbit The configured pbit value for the tagged test packet. This value applies to
management traffic. Tagged test packet values are 1 through 4094 in ring
and stand-alone mode. The pbit value range is zero through seven; the
default value is zero.
CustPort The ESU port connected to the customer router that forwards and receives
test packets.
PktSize The Ethernet test packet size on the ESU. The range is 64 to 1522 for tagged
packets and 64 to 1518 for untagged packets. The default is 1522.
PktCnt The number of test packets to be sent. The range is 1 to 10 000. The default
is one.
PktInterval The time interval between test packets measured in milliseconds (ms). The
range is 10 to 1000 ms in 10 ms increments. The default is 1000 ms.
TimeoutInterval The maximum interval between transmission and reception of test frame.
After the expiration of this interval time, it is considered that the test packet is
considered to have failed. The range is 1 to 10 seconds (s) in one second
increments. The default is three seconds.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
64 Setting up and managing the ESU

Field Description
Action The action of the test. Options include:
• ready
• run—conducts the test
• delete—deletes the test
• stop—stops the test
Status The status of the test. Options include:
• running—the test is running
• finished—the test is complete
MinRTT The minimum Round Trip Time, in milliseconds, for the test packet.
MaxRTT The maximum Round Trip Time, in milliseconds, for the test packet.
AverageRTT The average Round Trip Time, in milliseconds, for the test packet.
LossPercent The packet loss percentage.
PktTx The number of test packets transmitted.
PktRx The number of test packets received.
PercentComplete The percentage of complete packets received (Read only).
DefaultGatewayIpA The rapid ping session uses the DefaultGatewayIPAddr as the destination
ddr IP or dest-ip-addr. This is the IP address of the customer device within the
subnet.
DefaultGatewayIpN The destination network mask for the rapid ping session.
etMask
DefaultGatewaySta Enables or disables the rapid ping gateway feature on this ESU device.
te

Enabling responses to pings in the data path


Enable responses to pings in the data path to allow the ESU to perform
service layer and end-to-end tests from one ESU through the service
provider network to a second ESU switch.

Procedure steps
Step Action

1 From the Device Manager menu bar, select Rapid Ping > Response
to open the Rapid Ping Response dialog box.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Rapid ping response dialog 65

2 Click the entry in the State column you want to modify to open the
list.

3 Select enabled.
4 Click Apply.

—End—

Rapid ping response dialog


Rapid ping response dialog
Field Description
State Enable or disable responses to rapid ping on
this ESU device.
SrcIpAddr The IP address that the ESU device responding
to the ping assumes.
SrcIpAddrNetMask The net mask for the device responding to the
ping.
CustVid The ID for the customer VLAN where pings are
received.
CustPort The customer port associated with pings.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
66 Setting up and managing the ESU

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
67

Configuring security features


This section describes configurable security features allowing the Metro
ESU to be securely managed from an SNMP-based Network Management
System. This section covers SNMP v1, RADIUS, EAPoL (Layer 2 mode
only), and Secure Shell (SSH).

Navigation
• "Configuring management station IP addresses" (page 67)
• "Configuring RADIUS authentication and accounting" (page 80)
• "Configuring SNMP communities" (page 68)
• "Configuring SNMPv3" (page 69)
• "Configuring the Supplicant" (page 92)
• "Configuring SSH" (page 94)
• "Configuring EAPoL in Layer 2 mode" (page 98)

Configuring management station IP addresses


Management stations are computers on the network that you use to manage
the switch. You can use Device Manager to allow a maximum of three
management stations access to the switch by entering IP addresses. If the
three configured IP addresses contain all zeros (0), any station with an IP
address can access the switch to manage and configure it.

If you configure one or more IP addresses with access privileges, only


those stations with the specified IP addresses can access the switch for
management or configuration purposes.

CAUTION
You will lose access privileges if the configurations do not include
your IP address.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
68 Configuring security features

You can restrict management access to the switch using Device Manager.

Configuring SNMP communities


You can create up to ten SNMP community strings for the SNMP
management host and specify the strings as having read-only or read-write
privileges. A community string is an alphanumeric string of up to 32
characters used to authenticate user access to the switch SNMP agent.
Read-only community strings allows read-only access to the switch SNMP
agent. The default read-only community string is public.
Read-write community strings allows read and write access to the switch
SNMP agent. The default read-write community string is private.

ATTENTION
Only administrator-level users can configure community strings. A maximum
of ten community strings is allowed.

You can configure SNMP community strings using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click Insert
The Security, Insert SNMP Community dialog box appears.

3 In the CommunityString field, enter a community string name (up


to 32 alphanumeric characters.
4 In the CommunityLevel field, select the appropriate read or write
privilege.

5 Click Insert.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 69

The new community string appears in the Security dialog


box—SNMP Community tab.

—End—

Configuring SNMPv3
This section describes how to use Device Manager to configure the
SNMPv3 options.

Navigation
• "Default login" (page 69)
• "Loading the encryption module" (page 70)
• "Creating a user security model" (page 71)
• "Creating membership for a group" (page 74)
• "Creating access for a group" (page 75)
• "Assigning MIB view access for an object" (page 77)
• "Creating a community" (page 79)

Default login
When using Device Manager, there are default parameters in effect that you
must use to initially log on when the SNMPv3 check box is enabled. These
default parameters are also listed in the USM table:
• V3 enable checkbox: selected
• Login name: initialmd5
• Authentication Protocol: MD5
• Authentication password: initial
• Privacy Protocol: None
• Privacy Password: None

ATTENTION
To log on using SNMPv3, you must configure SNMPv3. See "Creating a user
security model" (page 71).

An SNMPv3 engine provides services for sending and receiving messages,


authenticating and encrypting messages, and controlling access to
managed objects. There is a one-to-one association between an SNMP
engine and the SNMP entity, which contains it.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
70 Configuring security features

Loading the encryption module


Before you access the switch using SNMPv3 with DES encryption, you
must load the encryption module, p86cxxxx.des, which allows you to use
the Privacy protocol (xxxx refers to the code running on the Metro Ethernet
Routing Switch 8600).

Procedure steps
Step Action

1 Open a browser and enter the following URL:


www.nortel.com

2 Click on Support & Training and select Software Downloads.

3 Log on and search for the following:


Metro Ethernet Routing Switch 8600
4 Click on the Software hyperlink.

5 Double-click on the Metro Ethernet Routing Switch 8600 3des


hyperlink.
6 Answer the questions on the questionnaire.
A download dialog box appears.

7 Enter a file location in which to copy the p86cxxxx.des encryption


module.
8 Click OK.
The file is downloaded.

ATTENTION
Note the location of this file. Load the file on the switch before you can
use the protocol.

—End—

Logging on using SNMPv3


To log on using SNMPv3, you must first configure SNMPv3. See "Creating
a user security model" (page 71).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 71

Creating a user security model

ATTENTION
You must configure a valid SNMPv3 group and user through the CLI before you
can access the SNMPv3 USM table, VACM table, and Community table. Users
can only be created by cloning from existing users. Since the default user is initial,
you create noauth_nopriv users through the Device Manager. You can create
users with other privileges through the CLI. Additional users can be cloned from
Device Manager. See Nortel Metro Ethernet Services Unit 1850 Configuration
— Using CLI for all Modes (NN46212-501). To enable SNMPv3 before changing
any configurations on the ESU, you must check the SNMPv3 enabled box on the
Device > Open pathway. To gain full access the SNMPv3 configurations, you
must provide a valid username, authentication protocol, authentication password,
privacy protocol, and privacy password.

You can create a user security model (USM) using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, click Edit > SnmpV3 > USM
Table.
The USM dialog box appears.

See the following procedure job aid.

2 Click Insert.
The USM, Insert USM Table dialog box appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
72 Configuring security features

3 In the New User Name field, enter a user name.

4 In the Clone From User field, select a security name from which the
new entry copies authentication data and private data.
5 In the Auth Protocol field, select an authentication protocol.

6 In the Cloned User’s Auth Password field, enter the old


authentication password.
7 In the New User’s Auth Password field, enter a new authentication
password for this user model.

8 In the Priv Protocol field, select a privacy protocol.


9 In the Cloned User’s Priv Password field, enter the old privacy
password.

10 In the New User’s Priv Password field, enter a new a privacy


password for this user model.
11 Click Insert.
The USM dialog box appears. The new user model is shown in the
list.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 73

CAUTION
To ensure security, change the GroupAccess table default
views after you set up new users in the USM table. This
prevents unauthorized people from accessing the switch
using the default user login. Also, change the Community
table defaults, since the community name is used as a
community string in SNMPv1/v2 PDU.

See the following procedure job aid.


For more information on the USM Insert USM Table dialog box
fields, go to "USM, Insert USM Table dialog box fields" (page 73).

—End—

Procedure job aid


Field Description
EngineID The SNMP engine administratively unique identifier.
UserName The name of the user in usmUser.
SecurityName Creates the name used as an index to the table. The range
is 1 to 32 characters.
Auth Protocol Identifies the authentication protocol used.
Priv Protocol Identifies the privacy protocol used.

USM, Insert USM Table dialog box fields


Field Description
New User Name Creates the new entry with this security name. The name is
used as an index to the table. The range is 1 to 32 characters.
Clone From User The security name from which the new entry must copy
privacy and authentication parameters. The range is 1 to
32 characters.
AuthProtocol Assigns an authentication protocol (or no authentication)
(Optional) from a pulldown menu. If you select this, you must enter and
old AuthPass and a new AuthPass.
Cloned User’s The current authentication password.
Auth Password
New User’s Auth The name of the new authentication password.
Password

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
74 Configuring security features

Field Description
Priv Protocol Assigns a privacy protocol (or no privacy) from a pulldown
(Optional) menu. If you select this, you must enter and old PrivPass
and a new PrivPass.
Cloned User’s The current privacy password.
Priv Password
New User’s Priv The name of the new privacy password.
Password

Creating membership for a group


You can add membership for a group in the view-based access control
model (VACM) using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, click Edit > SnmpV3 > VACM
table.
The VACM dialog box appears with the Group Membership tab
options visible opens.

2 Click Insert.
The VACM, Insert Group Membership dialog box appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 75

See the following procedure job aid.


3 In the SecurityModel field, enter a security model number.

4 In the SecurityName field, enter a security name.


5 In the GroupName field, enter a group name.

6 Click Insert.
The VACM dialog box appears. The new group membership is
shown in the list.

—End—

Procedure job aid


Field Description
SecurityModel The type of authentication checking to communicate with
the switch.
SecurityName The security name assigned to this entry in the VACM table.
The range is 1 to 32 characters.
GroupName The name assigned to this group in the VACM table. The
range is 1 to 32 characters.

Creating access for a group


You can create new access for an SNMP group using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, click Edit > SnmpV3 > VACM
table.
The VACM dialog box displays.

2 Click the Group Access Right tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
76 Configuring security features

The Group Access Right tab displays.

3 Click Insert.
The VACM, Insert Group Access Right dialog box appears.

See the following procedure job aid.


4 Enter values for GroupName, SecurityModel, and SecurityLevel
field.

5 In the ReadViewName field, enter the number of object instances


authorized for the group when reading objects.
6 In the WriteViewName field, enter the number of object instances
authorized for the group when writing objects.

7 In the NotifyViewName field, enter the number of object instances


authorized for the group when notifying objects.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 77

8 Click Insert to open the VACM dialog box. The new group access
appears in the list.

—End—

Procedure job aid


Field Description
vacmGroupName The name of the new group name in the VACM table. The name is a
numeral. The range is 1 to 32 characters.
SecurityModel The authentication checking to communicate to the switch.
SecurityLevel The minimum level of security required to gain the access rights allowed.
The security levels are:
• noAuthNoPriv
• authNoPriv
• authpriv
ReadViewName The number of object instances authorized for the group when reading
objects.
WriteViewName The number of object instances authorized for the group when writing
objects.
NotifyViewName The number of object instances authorized for the group when notifying
objects.

Assigning MIB view access for an object


You can assign MIB view access for an object using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, click Edit > SnmpV3 > VACM
table.
The VACM dialog box appears.
2 Select the MIB View tab.
The MIB View tab opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
78 Configuring security features

3 Click Insert.
The VACM, Insert MIB View dialog box appears.

See the following procedure job aid.


4 In the ViewName field, enter a MIB view name.

5 In the Subtree field, enter a MIB subtree.


6 In the Mask field, enter the bit mask for the MIB.

7 In the Type field, select an MIB access type.


8 Click Insert.
The VACM dialog box appears. The assigned MIB view appears in
the list.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SNMPv3 79

Procedure job aid


Field Description
ViewName Creates a new entry with this group name. The range is 1 to 32 characters.
Subtree Any valid object identifier that defines the set of MIB objects accessible
by this SNMP entity, for example, 1.3.6.1.1.5.
Mask (Optional) If a bit mask is used with vacmViewTreeFamilySubtree to determine
whether an OID falls under a view subtree.
Type Access to a MIB object is either granted (Included) or denied (Excluded).
Included is the default.

Creating a community
A Community table contains objects for mapping between community
strings and the security name created in VACM Group Membership. You
can create a community using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, click Edit > SnmpV3 >
Community Table.
The Community Table dialog box appears.

2 Click Insert.
The Community Table, Insert Community Table dialog box appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
80 Configuring security features

See the following procedure job aid.


3 In the Index field, enter an index number.

4 In the Name field, enter a name that is a community string.


5 In the SecurityName field, enter a security name.

6 Click Insert.
The Community Table dialog box appears. The new community
is shown in the list.

—End—

Procedure job aid


Field Description
Index The unique index value of a row in this table. The range
is 1 to 32 characters.
Name The community string for which a row in this table represents
a configuration.
SecurityName The security name assigned to this entry in the Community
table. The range is 1 to 32 characters.
Context Engine ID The identity of the SNMP engine on the switch. It is an octet
string.

Configuring RADIUS authentication and accounting


RADIUS authentication allows the remote server to authenticate logins.
RADIUS accounting logs all of the activity of each remote user in a session
on the centralized RADIUS accounting server.
For more information on RADIUS authentication or RADIUS accounting
in your network, see Nortel Metro Ethernet Services Unit 1800 and 1850
Fundamentals (NN46212-100).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 81

Navigation
• "Enabling authentication type" (page 81)
• "Configuring RADIUS" (page 82)
• "Adding a RADIUS server" (page 83)
• "Deleting a RADIUS configuration" (page 84)
• "Showing RADIUS authentication" (page 85)
• "Showing RADIUS accounting" (page 86)
• "Showing RADIUS server statistics in Layer 2 mode" (page 88)
• "Showing RADIUS statistics" (page 89)
• "Showing RADIUS session" (page 91)

Enabling authentication type


You can enable the authentication type using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the Authentication tab.


The Authentication tab appears.

See the following procedure job aid.

3 In the Authentication field, select the appropriate authentication.


4 Click Apply.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
82 Configuring security features

Procedure job aid


Field Description
Authentication Sets the system to authenticate users using the local user
database or the RADIUS server.

Configuring RADIUS
You must configure RADIUS globally using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the RADIUS Global tab.


The RADIUS Global tab appears.

See the following procedure job aid.

3 In the Deadtime, Timeout, and Retransmit fields, enter appropriate


values.
4 Click Apply.

—End—

Procedure job aid


Field Description
Deadtime The period of time during which the ESU does not send a new authentication
request to the RADIUS server that failed to respond to the previous request.
The valid range is from 1 to 65535 minutes. The default is 1 minute.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 83

Field Description
Timeout The timeout period that the ESU waits for a server to reply. The valid range
is from 1 to 65535 seconds. The default is 10.
Retransmit The number of retries that can occur if no server responds to a RADIUS
authentication request. The valid range is from 1 to 65536 retries. The
default is 2.

Adding a RADIUS server


You can add a RADIUS server using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the RADIUS Server tab.


The RADIUS Server tab appears.

3 Click Insert.
The Security, Insert RADIUS Server dialog box appears.

See the following procedure job aid.

4 In the Index field, enter an index number (1 or 2).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
84 Configuring security features

5 In the Address field, enter the IP address of the RADIUS server


that you want to add.

6 In the AuthUdpPort, enter the UDP port of the RADIUS


authentication server (1 to 65536).
7 In the AcctUdpPort field, enter the UDP port of the RADIUS
accounting server (1 to 65536).

8 In the SecretKey field, enter a secret key.


9 Click Insert.
The information for the configured RADIUS server appears in the
RADIUS Servers tab of the Security dialog box.

—End—

Procedure job aid


Field Description
Index A unique identifier for the RADIUS server (1 or 2).
Address The IP address for the RADIUS server.
AuthUdpPort The UDP port on the RADIUS server allocated to receive
authentication packets from the RADIUS client. The valid
range is 1 to 65536.
AcctUdpPort The UDP port on the RADIUS server allocated to receive
accounting packets from the RADIUS client. The valid range
is 1 to 65535.
SecretKey The shared secret text string between the RADIUS
server and the RADIUS client. The shared secret allows
authentication transactions between the client and the
RADIUS server to occur. Enter the shared secret as a
case-sensitive string (32 characters maximum).

Deleting a RADIUS configuration


You can delete an existing RADIUS configuration using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the RADIUS Servers tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 85

The RADIUS Servers tab appears.

3 Identify the configuration to delete by clicking anywhere in the row.

4 Click Delete.

—End—

Showing RADIUS authentication


You can display RADIUS authentication information using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the RADIUS Authentication tab.


The RADIUS Authentication tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
ServerIndex A unique identifier for the RADIUS server (1 or 2).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
86 Configuring security features

Field Description
ServerIpAddress The IP address of the configured RADIUS server.
ServerPortNumber The UDP port the client is using to send requests to the server.
RoundTripTime A measure of the current delay on the network.
AccessAccepts The total number of access accept packets sent to this server. This
number does not include retransmissions.
AccessRejects The total number of access reject packets received from this server.
AccessChallenges The total number of access challenges received from this server.
MalformedAccessRespons The number of malformed response packets received from this
es server. Malformed packets include packets with an invalid length.
BadAuthenticators The total number of packets that contained invalid signature attributes.
PendingRequests Number of request packets destined for this server that have not yet
timed out or received a response.
Timeouts The number of timeouts to this server. After a time out, the system
can retry the same server, send to a different server, or give up.
Retrying the same server is counted as a retransmission as well as
a timeout. Sending to a different server is counted as a request as
well as a timeout.
UnknownTypes The number of packets received from this server that were of
unknown type.
PacketsDropped The number of incoming packets dropped for reasons other than
being malformed, bad authenticators, or unknown types.

Showing RADIUS accounting


You can show RADIUS accounting information using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the RADIUS Accounting tab.


The RADIUS Accounting tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 87

See the following procedure job aid.

—End—

Procedure job aid


Field Description
ServerIndex A unique identifier of the RADIUS server (1 or 2).
ServerIpAddress The IP address of the configured RADIUS server.
ServerPortNumber Authentication UDP port.
RoundTripTime A measure of the current delay on the network.
Requests The total number of RADIUS accounting request packets sent to this
server. This number does not include retransmissions.
Retransmissions Number of retransmissions sent to this server.
Responses The total number of RADIUS accounting response packets sent
to the client.
MalformedResponses The number of malformed response packets received from this
server. Malformed packets include packets with an invalid length.
BadAuthenticators The total number of packets that contained invalid signature
attributes.
PendingRequests Number of request packets destined for this server that have not yet
timed out or received a response.
Timeouts The number of time-outs to this server. After a time-out, the system
can retry the same server, send to a different server, or give up.
Retrying the same server is counted as a retransmission as well as
a timeout. Sending to a different server is counted as a request as
well as a timeout.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
88 Configuring security features

Field Description
UnknownTypes The number of packets received from this server that were of
unknown type.
PacketsDropped The number of incoming packets dropped for reasons other than
being malformed, bad authenticators, or unknown types.

Showing RADIUS server statistics in Layer 2 mode


You can show RADIUS server statistics on the switch using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.
2 Click the RADIUS Server Statistics tab.
The RADIUS Server Statistics tab appears. See the following figures.

ATTENTION
These fields are read-only.

RADIUS Server Statistics tab: ESU 1850

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 89

RADIUS Server Statistics tab: ESU 1800

See the following procedure job aid.

—End—

Procedure job aid


Field Description
PortNumber The port number associated with this port.
FramesRX The number of frames received.
FramesTX The number of frames transmitted.

Showing RADIUS statistics


You can show RADIUS statistics on the switch using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.
2 Click the RADIUS Statistics tab.
The RADIUS Statistics tab appears. See the following figures.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
90 Configuring security features

ATTENTION
These fields are read-only.

RADIUS Statistics tab: ESU 1800

RADIUS Statistics tab: ESU 1850

See the following procedure job aid.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RADIUS authentication and accounting 91

Procedure job aid


Field Description
PortNumber The port number associated with this physical port.
UserName The user name representing the identify of the Supplicant
Port Access Entity (PAE).
FramesRX The number of frames received.
FramesTX The number of frames transmitted.
Time The duration of the session in seconds.

Showing RADIUS session


You can show RADIUS session information using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.
2 Click the RADIUS Session tab.
The RADIUS Session tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
Id A unique identifier for the RADIUS server (1 or 2).
Name The name of the RADIUS server.
Time The length of the RADIUS session.
From The source of the RADIUS session: SSH, Telnet,
Console.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
92 Configuring security features

Field Description
Level The user level of the RADIUS session: User (3), Admin
(4).
Loginway The log on method for the session: RADIUS or Local.

Configuring the Supplicant


The 802.1X Supplicant, standardized by IEEE (IEEE Std 8021.X-2001), is
designed to provide compatible authentication mechanisms for devices
interconnected by IEEE 802 LAN, and to control network access rights with
a port-based system in the original standard. It provides a VLAN-based
authentication mechanism.

Navigation
• "Enabling the Supplicant module" (page 92)
• "Modifying Supplicant user name and password" (page 93)

Enabling the Supplicant module


To enable the Supplicant module on the ESU 1800:

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the Supplicant State tab.


The Supplicant State tab appears.

3 Click enabled.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the Supplicant 93

4 Click Apply.

—End—

Modifying Supplicant user name and password


Use this procedure to modify the user name and password of the 802.1x
Supplicant on the ESU1800/1850.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the Supplicant User Profile tab.


The Supplicant User Profile tab appears.

See the following procedure job aid.

3 Edit the Supplicant username and password.


4 Click Apply.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
94 Configuring security features

Procedure job aid


Field Description
SuppUserName The username currently in use by the Supplicant
SuppPassword The password currently in use by the Supplicant
SuppUserState The current state of the Supplicant

Configuring SSH
You can configure Secure Shell (SSH), a client/server protocol, to specify
methods for secure communications over a network. For more information
on SSH in your network, see Nortel Metro Ethernet Services Unit 1800 and
1850 Fundamentals (NN46212-100).

Navigation
• "Enabling SSH authentication type" (page 94)
• "Setting the SSH algorithm" (page 95)
• "Configuring the existing SSH user information" (page 97)

Enabling SSH authentication type


You can enable the connection to the SSH server and authentication mode
in Device Manager using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.
2 Click the SSH tab.
The SSH tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SSH 95

See the following procedure job aid.

3 Enter information or select options in the fields.

4 Click Apply.

—End—

Procedure job aid


Field Description
Admin The status (enabled or disabled) of the SSH server.
The default is disabled.
MaxConnections The maximum number of server connections. The
default is 3.
ConnectionTimeout The maximum amount of time that is allowed for
an SSH session to be established. If this time is
exceeded before the SSH session begins, the SSH
server discontinues the connection. The default is
120.
MaxAuthFailAttempts The maximum number of times the SSH server
allows a remote host to attempt to become
authorized. If this number of attempts is exceeded,
the SSH server discontinues the connection. The
default is 2.
SessionKeyRekeying The length of time that an SSH session can last
before generating a new set of encryption or
decryption keys. The default is never.
PortNumber The TCP port the SSH server listens on, for
requests from remote hosts to establish an SSH
connection with the switch.
RegenerateHostKey The regeneration of the server host key. The default
is normal.
PasswdAdmin The status (enabled or disabled) of the password
administration state. The default is enabled.
PubKeyAdmin The status (enabled or disabled) of the public key
administration state. The default is enabled.
HostBasedAdmin The status (enabled or disabled) of host-based
administration. The default is enabled.

Setting the SSH algorithm


You can choose the SSH authentication and encryption algorithm using
Device Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
96 Configuring security features

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the SSH Algorithm tab.


The SSH Algorithm tab appears.

See the following procedure job aid.

3 Change any desired fields.

4 Click Apply.

—End—

Each of the following tab fields sets the administrative state to either enabled
or disabled. The default for each is enabled.

Procedure job aid


Field Description
3DESAdmin 3DES Algorithm
AES128Admin AES128 Algorithm
AES192Admin AES192 Algorithm
AES256Admin AES256 Algorithm

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring SSH 97

Field Description
ArcfourAdmin Arcfour Algorithm
BlowfishAdmin Blowfish Algorithm
CAST128Admin CAST128 Algorithm
Twofish128Admin Twofish128 Algorithm
Twofish192Admin Twofish192 Algorithm
Twofish256Admin Twofish256 Algorithm
MD5Admin MD5 Algorithm
SHA1Admin SHA1 Algorithm
RSAAdmin RSA Algorithm
DSAAdmin DSA Algorithm

Configuring the existing SSH user information


You can configure the existing SSH user information using Device Manager.

ATTENTION
To configure new SSH user, you must use the CLI. See Nortel Metro Ethernet
Services Unit 1850 Configuration — VPN and IP VLAN Services using the CLI
(NN46211-500).

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the SSH User tab.


The SSH User tab appears.

See the following procedure job aid.

3 Edit a user configuration by clicking on a field.

4 Click Apply.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
98 Configuring security features

—End—

Procedure job aid


Field Descriptions
Username Use a password to establish user authorization for an SSH
session.
Authmode Authorization mode (none, publickey, password, hostbased),
and the default is none.
HostName The name of the host that is authorized to establish an SSH
connection to the switch.
HostIp The name or IP address of the host (a remote PC) that is
authorized to establish an SSH connection to the switch.

Configuring EAPoL in Layer 2 mode


Use Extensible Authentication Protocol over LAN (EAPoL) to control
port-based network access. For more information, see Nortel Metro
Ethernet Services Unit 1800 and 1850 Fundamentals (NN46212-100).

Navigation
• "Configuration prerequisites" (page 98)
• "Globally configuring EAPoL in Layer 2 mode" (page 99)

Configuration prerequisites
Use the following configuration rules when using EAPoL:
• Before configuring your switch, you must configure at least one EAPoL
RADIUS server and Shared Secret fields.
• You cannot configure EAPoL on ports that are currently configured for:
— Shared segments
— Multilink Trunking
— Port mirroring

• Change the status to auto for each port to be controlled. The auto
setting automatically authenticates the port according to the results of
the RADIUS server. The default authentication setting for each port is
force-authorized or preauthorized to use the service.
• You can connect only a single client on each port that is configured for
EAPoL. If you attempt to add additional clients on the EAPoL authorized
port, the port goes into force-unauthorized mode.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring EAPoL in Layer 2 mode 99

EAPoL uses RADIUS protocol for EAPoL-authorized logins.

Globally configuring EAPoL in Layer 2 mode


The SystemAuthControl field globally enables or disables EAPoL on the
switch. (By default, EAPoL is disabled.) With this one command, you can
make all the controlled ports on the switch EAPoL-enabled.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > Security.
The Security dialog box appears with the SNMP Community tab
displayed.

2 Click the EAPoL tab.


The EAPoL tab opens.

3 Click enabled.
4 Click Apply.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
100 Configuring security features

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
101

Managing firmware configuration files


This section describes how to set up and edit your switch ports.

You can use the Trivial File Transfer Protocol (TFTP) utility to upgrade
the switch firmware by transferring a new firmware image file from a
TFTP server to the switch. You can also use the TFTP server to load a
configuration file into the switch, save switch settings to the TFTP server,
and upload a history log from the switch to the TFTP server.

This section describes how to set up and edit your switch ports.

ATTENTION
Nortel recommends that you maintain no more than three stored images on the
ESU 1800/1850 firmware. If more than three images exist, you update one of the
three existing file numbers or delete one of the files before using firmware create.

Navigation
• "Downloading firmware from the server: ESU 1850" (page 101)
• "Creating firmware: ESU 1850" (page 103)
• "Booting firmware: ESU 1850" (page 104)
• "Uploading and downloading configuration settings to the server: ESU
1850" (page 105)
• "Saving a history log to the server: ESU 1850" (page 106)
• "Downloading firmware from the server: ESU 1800" (page 107)
• "Uploading and downloading configuration settings to the server: ESU
1800" (page 108)
• "Saving a history log to the server: ESU 1800" (page 109)

Downloading firmware from the server: ESU 1850


You can download a firmware file from the TFTP server using Device
Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
102 Managing firmware configuration files

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System >
Firmware.
The Firmware dialog box appears with the Update tab displayed.

See the following procedure job aid.

2 Edit the IP Address, path/filename, and LoadType.


3 Click Apply to save the configuration.

ATTENTION
The ESU 1850 automatically reboots after the firmware download
completes. Device Manager connectivity will be temporarily lost.

—End—

Procedure job aid


Field Description
Id The identifier.
Addr The configured IP address of the TFTP server.
Filename Configures the DOS path and filename of the firmware on
the TFTP server.
LoadType Sets the system to download mode. When this field is
selected, the Apply button becomes active. The options are:
• none (default)
• upload
• download

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Creating firmware: ESU 1850 103

Creating firmware: ESU 1850


You can create a firmware file using Device Manager. Nortel recommends
maintaining no more than three stored images on the ESU 1850 firmware. If
more than three images exist, update one of the three existing file numbers
or delete one of the files before using firmware create.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System >
Firmware.
The Firmware dialog box appears with the Update tab displayed.

2 Click the Create tab.


The Firmware dialog box appears with the Create tab displayed.

See the following procedure job aid.

3 Edit the IP Address, path/filename, and LoadType.


4 Click Apply to save the configuration.

—End—

Firmware dialog box, Create tab fields

Procedure job aid


Field Description
FileName The name of the firmware file.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
104 Managing firmware configuration files

Field Description
Addr The IP address where the new firmware file is located.
Ctrl The valid values are:
• none—The specified firmware file is not downloaded.
• download—Downloads the specified firmware file.

Booting firmware: ESU 1850


You must boot a firmware file using Device Manager before the new
firmware file will take affect.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System >
Firmware.
The Firmware dialog box appears with the Update tab displayed.

2 Click the Boot tab.


The Firmware dialog box appears with the Boot tab displayed.

See the following procedure job aid.

3 Click Apply to save the configuration.

4 Reboot the device.

—End—

Procedure job aid


Field Description
Index The table index for the file entry.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Uploading and downloading configuration settings to the server: ESU 1850 105

Field Description
Dscr Describes the version of the software file.
Ctrl The valid values are:
• bootup—Identifies the default file to use for bootup.
• nonactive—This file is not used for bootup
• delete—Deletes the file.

The setting takes affect when the system is restarted.

Uploading and downloading configuration settings to the server:


ESU 1850
You can update a configuration file from a TFTP server using Device
Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System >
Configuration.
The Configuration tab opens.

See the following procedure job aid.

2 Enter the IP Address and path/filename.


3 Select upload or download.

4 Click Apply.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
106 Managing firmware configuration files

Procedure job aid


Field Description
TftpServerIpAddress Configures the IP address of the TFTP server.
PathAndFilename Configures the DOS path and filename of the switch
configuration file on the TFTP server.
Action Sets the system to upload (to upload a file) or download
(to download a file) mode. When the appropriate field is
selected, the Apply button becomes active. Click Apply
to initiate the file transfer.
Status Read-only field; the status of the file transfer.

Saving a history log to the server: ESU 1850


You can save a history log to the TFTP server using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System
> HistoryLog.
The HistoryLog dialog box appears with the HistoryLog tab
displayed.

See the following procedure job aid.


2 Enter the configuration information.

3 Select upload to save a history log.

4 Click Apply to save the configuration.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Downloading firmware from the server: ESU 1800 107

—End—

Procedure job aid


Field Description
TftpServerIpAddress Configures the IP address of the TFTP server.
PathAndFilename Configures the DOS path and filename of the history
log file on the TFTP server.
Action Sets the system to upload mode. When the field is
selected, the Apply button becomes active. Click Apply
to initiate the file transfer.
Status Read-only field; the status of the file transfer.

Downloading firmware from the server: ESU 1800


You can download a firmware file from the TFTP server.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System.
The FileSystem dialog box appears with the Firmware Download
tab displayed.

See the following procedure job aid.

2 Enter the IP Address and path/filename.


3 Click Apply to save the configuration.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
108 Managing firmware configuration files

ATTENTION
The ESU 1800 automatically reboots after the firmware download
completes. Device Manager connectivity is temporarily lost.

—End—

Procedure job aid


Field Description
TftpServerIpAddress Configures the IP address of the TFTP server.
PathAndFilename Configures the DOS path and filename of the
firmware on the TFTP server.
Action Sets the system to download mode. When this field
is selected, the Apply button becomes active. Click
Apply to initiate the file transfer.
Status Read-only field; the status of the file transfer.

Uploading and downloading configuration settings to the server:


ESU 1800
You can upload a configuration file to or download a configuration file from
the TFTP server.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System.
The FileSystem dialog box appears with the Firmware Download
tab displayed.
2 Click the Configuration File tab.
The Configuration File tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Saving a history log to the server: ESU 1800 109

See the following procedure job aid.


3 Enter the configuration information.

4 Click Apply to save the configuration.

—End—

Procedure job aid


Field Description
TftpServerIpAddress Configures the IP address of the TFTP server.
PathAndFilename Configures the DOS path and filename of the switch
configuration file on the TFTP server.
Action Sets the system to upload (to upload a file) or
download (to download a file) mode. When the
appropriate field is selected, the Apply button
becomes active. Click Apply to initiate the file
transfer.
Status Read-only field; the status of the file transfer.

Saving a history log to the server: ESU 1800


You can save a history log to the TFTP server.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit > File System.
The FileSystem dialog box appears with the Firmware tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
110 Managing firmware configuration files

2 Click the History Log tab.


The History Log tab appears.

See the following procedure job aid.

3 Enter the configuration information.


4 Click Apply to save the configuration.

—End—

Procedure job aid


Field Description
TftpServerIpAddress Configures the IP address of the TFTP server.
PathAndFilename Configures the DOS path and filename of the history
log file on the TFTP server.
Action Sets the system to upload mode. When the field is
selected, the Apply button becomes active. Click
Apply to initiate the file transfer.
Status Read-only field; the status of the file transfer.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
111

Configuring VLANs in Ring, Standalone,


Layer 2, and Q-in-Q mode
ATTENTION
Q-in-Q mode is not supported on the ESU 1800.

This section describes how to perform IP Virtual Local Area Network


(VLAN), VLAN Layer 2 switch mode, and Q-in-Q mode configuration tasks,
and Internet Group Management Protocol (IGMP) snooping.

Navigation
• "Configuring a default VLAN" (page 112)
• "Configuring IP VLANs in Ring and Standalone mode" (page 112)
• "Creating a port-based VLAN in Layer 2 and Q-in-Q mode" (page 114)
• "Viewing current VLANs in Layer 2 mode" (page 117)
• "Configuring FDB in Layer 2 mode" (page 118)
• "Configuring multicast FDB in Layer 2 mode" (page 121)
• "Configuring GVRP in Layer 2 mode" (page 123)
• "Configuring IGMP snooping globally in Layer 2 mode" (page 126)
• "Configuring IGMP snooping in Layer 2 mode" (page 126)
• "Configuring IP VLAN IGMP snooping in Ring and Standalone mode"
(page 128)
• "Configuring IGMP snooping group in Layer 2 mode" (page 131)
• "Configuring IP VLAN IGMP Snooping Group in Ring and Standalone
mode" (page 132)
• "Configuring MLTs in Layer 2 and Q-in-Q mode" (page 133)
• "Configuring STP in Layer 2 mode" (page 137)

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
112 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Configuring a default VLAN


Configure a default VLAN to tag all untagged ingress packets with the
configured default VLAN ID, and to forward the packet with the configured
default VLAN ID of the access port.
Prerequisites
• The ESU assigns a default VLAN ID of 4094 to all access ports during
cold-start boot-up initialization. You must remove the default VLAN ID
of 4094 from the access port before you can assign another default
VLAN ID.

Procedure steps
Step Action

1 From the Device Manager menu bar, select IP VLAN > VLANs >
Default VLAN
The Default VLAN dialog box appears.

2 In the VlanID field, specify a VLAN ID for the default VLAN.


3 In the PortList field, list all customer access ports belonging to the
default VLAN.

—End—

For more information, see "Variable definitions" (page 112).

Variable definitions

Variable Value
VlanID The ID of the VLAN.
PortList The customer access ports belonging to the
default VLAN. The port members are untagged
ports and cannot overlap.

Configuring IP VLANs in Ring and Standalone mode


You can configure an IP VLAN and assign one or more customer access
ports to that IP VLAN using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP VLAN > VLAN.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IP VLANs in Ring and Standalone mode 113

The IPVLAN dialog box opens with the VLAN tab displayed.

2 Click Insert.
The IPVLAN, Insert VLAN dialog box opens.
The IPVLAN, Insert VLAN dialog box opens.

See the following procedure job aid.


3 After you configure the VLAN ID and assign customer access ports
to it, click Insert.

—End—

Procedure job aid


Field Description
Index The VLAN ID. The valid range is 1 to 4094.
AccessCPUPort Enables or disables accessing the CPU port to an IP VLAN.
AccessPortList The customer access ports on the Metro ESU to which you want
to assign the VLAN ID. You can enter multiple ports, separated by
commas (for example, 2,6,8). Valid values are 1 to 12. Descriptions
1 to 4 are for ports 1 to 4 when no MDA1 or MDA2 is installed.
Descriptions 1 to 8 for ports 1 to 8 when there is a MDA1 installed but
no MDA2 installed. Descriptions 1 to 12 for ports 1 to 12 when both
MDA1 and MDA2 are installed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
114 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Creating a port-based VLAN in Layer 2 and Q-in-Q mode


A VLAN is a collection of ports on one or more switches that defines a
broadcast domain. The Metro ESU switch performs the Layer 2 switching
functions necessary to transmit information within VLANs. You can define a
VLAN for a single switch or you can have it span multiple switches. You can
define a port to be a member of multiple VLANs.
The Metro ESU supports port-based VLANs. A port-based VLAN is a VLAN
in which the ports are explicitly configured to be in the VLAN. When creating
a port-based VLAN on a switch, you assign a VLAN identification number
(VLAN ID) and specify which ports belong to the VLAN. The VLAN ID is
used to coordinate VLANs across multiple switches. For more information
about VLAN concepts and terminology, see Metro Ethernet Services Unit
1850 Fundamentals (NN46212-100).
You can create a port-based VLAN using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > VLAN >
Static.
The StaticVLAN dialog box opens with the Static VLAN tab
displayed. See the following figures.
StaticVLAN dialog box: Layer 2 mode

StaticVLAN dialog box: Q-in-Q mode

See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Creating a port-based VLAN in Layer 2 and Q-in-Q mode 115

2 Click Insert.
The StaticVLAN, Insert Static VLAN dialog box opens. See the
following figures.
StaticVLAN, Insert Static VLAN dialog box: Layer 2 mode

StaticVLAN, Insert Static VLAN dialog box: Q-in-Q mode

3 In the StaticId field, type the VLAN ID.


Assign a value from 1 to 4094, as long as it is not already in use.
(The default VLAN has a VLAN ID of 1.)
4 In the StaticName field, type the VLAN name (optional).
If you do not enter a name, a default is created.

5 Specify the port membership by clicking the StaticEgressPorts


ellipsis button.
The dot1qVlanStaticEgressPorts dialog box opens. See the
following figures.
dot1qVlanStaticEgressPorts dialog box: ESU 1850

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
116 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

dot1qVlanStaticEgressPorts dialog box: ESU 1800

For port-based VLANs, you specify whether ports are always


members by selecting the member ports. Selected ports appear
depressed in the window. Port numbers that display in gray indicate
ports that cannot be selected to belong to the VLAN. (For example,
you cannot select ports that do not have the same spanning tree
group ID as that of the new VLAN.)

6 Click Ok.
7 In Layer 2 mode, specify the forbidden ports by clicking the
ForbiddenEgressPorts ellipsis button.
The dot1qVlanForbiddenEgressPorts dialog box opens.

8 In Layer 2 mode, specify the untagged ports by clicking the


StaticUntaggedPorts ellipsis button.
The dot1qVlanStaticUntaggedPorts dialog box opens.
For example, for steps 5 through 7:
a. Assign ports 1-4 to StaticEgressPorts.
b. Assign ports 5-6 to ForbiddenEgressPorts.
c. Assign port 1 to StaticUntaggedPorts because port 1 belongs
to the StaticEgressPorts set.

ATTENTION
If port 1 is a StaticUntaggedPort in another VLAN, remove it from
that VLAN.

Then, add it to this VLAN’s StaticUntaggedPorts set.

9 On the VLAN, Insert VLAN dialog box, click Insert.


10 Click Apply to change the configuration.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Viewing current VLANs in Layer 2 mode 117

Procedure job aid


Field Description
StaticId The static VLAN ID used for the VLAN.
StaticName The name of the VLAN.
StaticEgressPorts The ports belonging to this VLAN. Note that a port
belonging to the StaticEgressPorts cannot belong to
ForbiddenEgressPorts in the same VLAN.
ForbiddenEgressPorts The ports that are not allowed to become members
of this VLAN. This advertisement enables the use
of GVRP.
This feature is for Layer 2 only.
StaticUntaggedPorts The set of ports belonging to this VLAN, which
transmit the frame as untagged. Untagged ports are
part of the StaticEgressPorts in that VLAN.
If a port is a StaticUntaggedPort in one VLAN, it
cannot act as an StaticUntaggedPort for another
VLAN. In such cases, you must remove the port
from the first VLAN before assigning it to the second
VLAN as a StaticUntaggedPort.
This feature is for Layer 2 only.

Advertising a static VLAN


Enable or disable the advertisement of the VLAN to make it visible on the
network.

Procedure steps
Step Action

1 On the Static VLAN tab, select the VLAN you want to advertise.

2 Click the Advertisement button.

3 Select the enable option.

4 Click Apply.

—End—

Viewing current VLANs in Layer 2 mode


You can view the currently configured VLANs in Layer 2 using Device
Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
118 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > VLAN >
Current.
The CurrentVLAN dialog box opens with the Current VLAN tab
displayed.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
TimeMark The time the VLAN has been active.
StaticId The static VLAN ID used for the VLAN.
FdbId The FDB ID used for the VLAN.
CurrentEgressPorts The current ports belonging to this VLAN. Note that
a port belonging to the CurrentEgressPorts cannot
belong to ForbiddenEgressPorts in the same VLAN.
CurrentUntaggedPorts The set of ports belonging to this VLAN, which
transmit the frame as untagged. Untagged ports are
part of the CurrentEgressPorts in that VLAN.
Status The status of the current VLAN.
CreationTime The time the current VLAN was created.

Configuring FDB in Layer 2 mode


You can create a static entry in the MAC address forwarding table (database)
(FDB) in the Metro ESU to allow link routing.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring FDB in Layer 2 mode 119

Navigation
• "Setting the FDB aging timer in Layer 2 mode" (page 119)
• "Creating an FDB list in Layer 2 mode" (page 120)

Setting the FDB aging timer


The FDB aging timer specifies the amount of time an address remains
in the FDB. Lowering the aging timer prompts the FDB to drop expired
addresses. This is useful for networks with many devices, which can cause
the FDB to fill up.
You can set the FDB aging timer using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > FDB.
The FDB dialog box opens with the FDB tab displayed.

See the following procedure job aid.

2 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
Aging Timeout The time, in seconds, that a dynamically learned MAC
address remains in the unit MAC address forwarding table,
without being accessed, before being dropped from the
database. The range is 300 to 1000000 seconds.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
120 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Creating an FDB list in Layer 2 mode


You can create lists using Device Manager for the purpose of having VLAN
traffic automatically forwarded to MAC addresses. You can see how the
MAC address is maintained in the list, that is, learned, self, or permanent.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > FDB.
The FDB dialog box opens with the FDB tab displayed.

2 Click the FDB List tab.


The FDB List tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
dot1qFdbld The VLAN ID.
Address The MAC address added to the static forwarding table.
Port The port number of the corresponding MAC destination address.
Status The type of aging (learned [network based learning], self [local
learning on the CPU or VLANs], or permanent).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring multicast FDB in Layer 2 mode 121

Configuring multicast FDB in Layer 2 mode


You can create a static entry using Device Manager for multicast MAC
addresses per VLAN and assign static egress ports for these addresses.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > Multicast
FDB.
The MulticastFDB dialog box opens with the Multicast FDB tab
displayed.

2 Click Insert to add a MAC address to a multicast FDB.


The MulticastFDB, Insert Multicast FDB dialog box opens.

See the following procedure job aid.

3 Click the VlanIndex ellipsis button to indicate the VLAN Index.


The VlanIndex dialog box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
122 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

4 Select a VLAN.
5 Click OK to add the VLAN Index number.

6 Enter the MAC address.


7 Click the StaticEgressPorts ellipsis button to add a port.
The dot1qStaticMulticastStaticEgressPorts dialog box opens.
See the following figures.
dot1qStaticMulticastStaticEgressPorts dialog box: ESU 1850

dot1qStaticMulticastStaticEgressPorts dialog box: ESU 1800

8 Select a port by clicking on it, or click All for all the ports.
9 Click Ok.
The ports appear in the StaticEgressPorts field.

10 Click Insert.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring GVRP in Layer 2 mode 123

11 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
VlanIndex The VLAN index (default or 1).
MacAddress
The MAC address added to the static forwarding
table.

ATTENTION
The MacAddress is the multicast MAC Address
starting with 01 in the first octet of the address.

StaticEgressPort The port number of the corresponding MAC destination


address. Step 4 describes adding a VLAN Index.

Configuring GVRP in Layer 2 mode


You can configure Generic VLAN Registration Protocol (GVRP), which
provides a standard way to communicate information about IEEE 802.1Q
VLANs from one switch to another, using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > GVRP.
The GVRP dialog box opens with the GVRP tab displayed. See
the following figures.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
124 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

GVRP tab: ESU 1850

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring GVRP in Layer 2 mode 125

GVRP tab: ESU 1800

See the following procedure job aid.

2 Modify the PortGvrpStatus and PortIngressFiltering settings by


double clicking on a field for a port and using the scroll down menu
to chose an alternative setting.

3 Click Apply to change the configuration.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
126 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Procedure job aid


Field Description
Port The port on the Metro ESU.
Pvid The port VLAN ID number.
PortGvrpStatus The status (enabled or disabled) of GVRP on that port.
The default is disabled.
PortIngressFiltering The status (true or false) of ingress filtering on that
port. Ingress filtering, or checking, discards packets for
VLANs that the port does not belong to. The default
is true.

Configuring IGMP snooping globally in Layer 2 mode


You can configure your switch to perform IGMP snooping, or to capture the
IGMP message packets and examine their contents, using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > IGMP.
The GVRP dialog box opens with the IGMP Globals displayed.

2 Click enabled.

3 Click Apply to change the configuration.

—End—

Configuring IGMP snooping in Layer 2 mode


You can configure your switch to perform IGMP snooping using Device
Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IGMP snooping in Layer 2 mode 127

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > IGMP.
The GVRP dialog box opens with the IGMP Globals displayed.

2 Click the IGMP Snoop tab.


The IGMP Snoop tab appears. See the following figure.
IGMP Snoop tab: Layer 2 mode

See the following procedure job aid.

3 Click on each field to modify the settings for a particular group.


4 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
CtrVid Identifies the IGMP control entry VLAN ID. The valid
range is from 0 to 4094.
HostTimeout The timer value for sending IGMP query packets when
none was sent by the host in the LAN. The timer works
on a per-VLAN basis. The device sends the query
message if the timer is expired. The range is 1 to
16711450 seconds with a default value of 260.
RouteTimeout The amount of time a host must wait after hearing a
query before it sends any IGMPv2 messages. The
default value is 260 seconds.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
128 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Field Description
LeaveTimer The frequency (in seconds) at which a querier sends
group-specific queries to group members when the
querier receives a leave group message. The range is
from 1 to 16711450 with a default value of 1.
MaxRespCode The maximum time allowed before sending a responding
report. The range is 1 to 255 seconds with a default
of 100.
CtrlState The current state of the IGMP (disabled or enabled) for
this entry. To enable or disable the current state, click
on the field and a selection box appears with the enable
and disable options.

Configuring IP VLAN IGMP snooping in Ring and Standalone mode


IGMP snooping allows the switch to snoop, or to capture the IGMP message
packets, and examine their contents as these packets pass between hosts
and routers. When the switch receives an IGMP join message from a host
for a given multicast group, the switch then adds the host IGMP information
into its list for that group. When the switch receives an IGMP leave message
for a host, it removes the host from its list for that multicast group.
You can configure your switch to perform IGMP snooping using Device
Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP VLAN > IGMP
Snoop.
The GVRP dialog box opens with the IGMP Snoop tab displayed.

See the following procedure job aid.


2 Click each field to modify the settings for a particular group.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IGMP querier in Layer 2 mode 129

3 Click Apply to apply the new settings.

—End—

Procedure job aid


Field Description
CtrVid Identifies the IGMP control entry VLAN ID. The valid range is from
0 to 4094.
HostTimeout The timer value for sending IGMP query packet when none was sent
by a host in the LAN. The timer works on a per-VLAN basis. The
device will send the query message if the timer is expired. The range
is 1 to 16711450 seconds with a default value of 260.
RouteTimeout The amount of time a host must wait after hearing a Query before it
sends any IGMPv3messages. The default value is 260 seconds.
LeaveTimer If membership reports are not received by the switch before the
query response time expires, a port is removed from the multicast
group membership. You can configure the leave timer (HostTimeout)
so that the switch waits after sending a group-specific query to
determine if hosts are still interested in a specific multicast group
before it removes the port from the multicast group membership. The
IGMP leave time can be configured from 0 to 16711450 seconds.
The default is 0 seconds.
MaxRespCode The maximum time allowed before sending a responding report to a
host on the LAN. The range is 1 to 255 with a default of 100.
CtrlState The current state of the IGMP (disabled or enabled) for this entry. To
enable or disable the current state, click on the field and a selection
box appears with the enable and disable options.

Configuring IGMP querier in Layer 2 mode


Using IGMP querier, the Metro ESU can learn what host devices are on its
network. You can configure your switch to perform IGMP queries using
Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > IGMP.
The GVRP dialog box opens with the IGMP Globals tab displayed.

2 Click on the IGMP Querier tab.


The IGMP Querier tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
130 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

See the following procedure job aid.


3 Click on each field to modify the settings for a particular group.

4 Click Apply to apply the new settings.

—End—

Procedure job aid


Field Description
CtrlVid The VLAN ID for the VLAN. The VLAN ID in each
entry must be unique in the IGMP control table.
The valid range is from 0 to 4094.
QueryInterval The frequency at which IGMP host-query packets
are transmitted on this switch. The valid range is
from 1 to 65535 seconds. The default is 125.
MaxResponseTIme The maximum query response time on this switch.
The valid range is from 1 to 25 seconds. The
default is 10 seconds.
Robustness Allows tuning for the expected packet loss of
a network. The valid range is from 2 to 255
seconds. The default is 2 seconds. Increase the
value if you expect the network to experience loss.
LastMemberQueryInterval The length of time (in seconds) an entry remains
in the multicast table before timeout. The valid
range is from 1 to 65535 seconds. The default is
1 second.
SFlag When set to one, the S Flag indicates to any
receiving multicast routers that they are to
suppress the normal timer updates they perform
upon hearing a query. It does not, however,
suppress the querier election or the normal
host-side processing of a query that a router can
be required to perform if the router is a group
member. The default is disabled.
QQIC The query interval used by the querier. The range
is 1 to 255 with a default of 100.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring IGMP snooping group in Layer 2 mode 131

Field Description
Query Version The version of IGMP (1, 2 or 3) that you want to
configure on this interface. For IGMP to function
correctly, all routers on a LAN must use the same
version. The default is version 3.
Joint Aggregation The status (enabled or disabled) for Joint
Aggregation, which turns on or turns off the IGMP
proxy feature for the specified VLAN. The default
is disabled.
QueryState Identifies the IGMP query state as enabled or
disabled.
CurrentState Identifies the current IGMP query state as:
• other
• querier
• non-querier
CtrlState Identifies the status of this entry:
• disabled
• enabled

Configuring IGMP snooping group in Layer 2 mode


You can configure your IGMP snooping groups using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > IGMP.
The GVRP dialog box opens with the IGMP Globals tab displayed.

2 Click on the IGMP Snooping Group tab.


The IGMP Snooping Group tab appears.

See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
132 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

3 Click on each field to modify the settings for a particular group.

4 Click Apply to change the settings.

—End—

Procedure job aid


Field Description
Vid The VLAN ID for the VLAN. The VLAN ID in each entry
must be unique in the IGMP control table. The valid
range is from 0 to 4094.
GroupIpAddr The group IP address.
MacAddr The group MAC address.
PortMap The port the group is mapped to.
IpGroupReportCount The number of reports.

Configuring IP VLAN IGMP Snooping Group in Ring and Standalone


mode
You can configure IGMP snooping groups on the ESU using Device
Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose IP VLAN > IGMP
Snooping Group.
The GVRP dialog box opens with the IGMP Snooping Group tab
displayed. See "Figure" (page 132).

See the following procedure job aid.

2 Click on each field to modify the settings for a particular group.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring MLTs in Layer 2 and Q-in-Q mode 133

3 Click Apply to save the new settings.

—End—

Procedure job aid


Field Description
Vid The VLAN ID for the VLAN. The VLAN ID in each entry
must be unique in the IGMP control table. The valid
range is from 0 to 4094.
GroupIpAddr The group IP address.
MacAddr The group MAC address.
PortMap The port the group is mapped to.
IpGroupReportCount The number of reports.

Configuring MLTs in Layer 2 and Q-in-Q mode


You use Multilink Trunking (MLT) to combine a number of ports together to
create a single high-bandwidth data pipeline. For more information about
MLT concepts and terminology, refer to Metro Ethernet Services Unit 1850
Fundamentals (NN46212-100).

This topic discusses using Device Manager in the Metro ESU switch to
enable and insert an MLT and configure the trunk algorithm.

Navigation
• "Configuring the MLT trunk algorithm in Layer 2 and Q-in-Q mode"
(page 133)
• "Enabling and inserting an MLT in Layer 2 and Q-in-Q mode" (page 134)

Configuring the MLT trunk algorithm


You must configure the MLT trunk algorithm using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > MLT.
The MLT dialog box opens, with the Global tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
134 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

See the following procedure job aid.

2 Enable MLT by clicking one of the available options.

3 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
TrunkAlgorithm Configures the portion of the packet to be
examined by the switch when selecting the
egress port for transmitting load-sharing
data. This feature is only available using the
address-based load-sharing algorithm.
Possible values here include:
• mac-source
• mac-destination
• mac-source-dest
• ip-source
• ip-destination
• ip-source-dest

Enabling and inserting an MLT in Layer 2 and Q-in-Q mode


You can enable and then insert a MultiLink Trunk using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > MLT.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring MLTs in Layer 2 and Q-in-Q mode 135

The MLT dialog box opens, with the Global tab displayed.

2 Click the Multi Link Trunk tab.


The Multi Link Trunk tab opens with the active MLTs displayed.

See the following procedure job aid.


3 In the Multi Link Trunk tab, click Insert.
The MLT, Insert MultiLink Trunk dialog box opens.

4 Enter the index number from 1 to 7.

5 Specify the master port by clicking the MasterPort ellipsis button.


The esuSwL2TrunkMasterPort dialog box opens. See the following
figures.
esuSwL2TrunkMasterPort dialog box: ESU 1850

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
136 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

esuSwL2TrunkMasterPort dialog box: ESU 1850

6 Select the trunk master port.


The Port button is depressed. Note that this master port must
belong to the TrunkMembers group.

7 Click Ok.
8 Specify the member ports by clicking the Member ellipsis button.
The esuSwL2TrunkMember dialog box opens (see the following
figures).
esuSwL2TrunkMember: ESU 1850

esuSwL2TrunkMember: ESU 1800

9 Select the trunk member port or, select All.


The port appears depressed.

10 Click Ok.
11 Set the state to Enabled.

12 On the MLT, Insert MultiLink Trunks dialog box, click Insert.


13 Click Apply to change the configuration.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring STP in Layer 2 mode 137

—End—

Procedure job aid


Field Description
Index The logical port trunk index. The trunk group number depends on the
existence of the unit and module. In this case, it is a number from 1 to
7, inclusive.
Name The name of the MLT.
MasterPort The master port number of the port trunk entry. When using port trunk,
you cannot configure any other ports in the group, except the master port.
You must configure these other ports in the same way as the master
port. (Speed, duplex, enabled/disabled, flow control and so on, must be
the same.)
Member All other ports in this trunk besides the master port. Up to seven ports
can be identified in this field.
Enabled The status of this entry. Possible values are:
• disabled—the port trunk is disabled.
• enabled—the port trunk is enabled.
FloodingPort The flooding port number of the port trunk entry. The first port in the trunk
is implicitly configured as the flooding port.

Configuring STP in Layer 2 mode


You can control path redundancy for VLANs by implementing the
Spanning Tree Protocol (STP). For more information about STP concepts
and terminology, refer to Metro Ethernet Services Unit 1800 and 1850
Fundamentals (NN46212-100).

Navigation
• "Enabling STP in Layer 2 mode" (page 137)
• "Displaying STP port data in Layer 2 mode" (page 140)

Enabling STP
You can enable STP globally using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > Spanning
Tree.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
138 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

The STP dialog box opens, with the Globals tab displayed.

See the following procedure job aid.


2 In the STP Status field, select enabled.
Note that the Globals tab allows you to control the STP status for
the entire switch. This is the first level of control. The second level
occurs at the STP ports level and it allows you to control the STP
status for each port. Thus, you must enable the STP status for the
switch and also enable the port status in the Layer 2 > Spanning
Tree > STP Ports tab as explained in step 4.
3 Click Apply.

4 To enable the port status, select a port and choose Layer 2 >
Spanning Tree.
The STP dialog box opens with the Globals tab displayed.
5 Click the STP Ports tab.
The STP Ports tab appears. See the following figures.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring STP in Layer 2 mode 139

STP Ports tab: ESU 1850

STP Ports tab: ESU 1800

6 Select a Port Status field and select Enable or Disable from the
drop-down menu and then click Apply. Note that the STP for each
port is automatically generated.

7 Enter a priority or a path cost, or just accept the default values.

8 Click Apply to change the configuration.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
140 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Procedure job aid


Field Description
STPStatus If STP is enabled or disabled.
Priority Sets the STP bridge priority, in units of hundredths of a
second. The range is 0 (highest priority) to 65535 (lowest
priority). The default is 32768.
FowardingBPDU If BPDU forwarding is enabled or disabled.
Last Topology Change The time (in hundredths of a second) since the last topology
change was detected.
Total Topology Changes The total number of topology changes detected since the
management entity was last reset or initialized.
Root Identifier The bridge identifier of the spanning tree root determined
by STP that is executed by this node.
Root Cost The cost of the path to the root as seen from this bridge.
Root Port The number of the port that offers the lowest cost path from
this bridge to the root bridge.
Bridge Maximum Age The maximum age of the STP information learned from
the network on any port before it is discarded, in units of
hundredths of a second.
Bridge Hello Interval The amount of time between the transmission of
configuration bridge PDUs by this node on any port when it
is the root of the spanning tree or is trying to become so, in
units of hundredths of a second.
Bridge Forwarding Delay The interval, measured in units of hundredths of a second,
that controls how quickly a port changes its spanning state
when moving towards the forwarding state.

Displaying STP port data in Layer 2 mode


You can display STP port data using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Layer 2 > STP.
The STP dialog box opens, with the Globals tab displayed.

2 Click the STP Ports tab.


The STP Ports tab appears. See "STP Ports tab: ESU 1850" (page
139).
See the following procedure job aid.

3 Configure the STP status for each port by editing each field.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring STP in Layer 2 mode 141

4 Click Apply to update the configuration.

—End—

Procedure job aid


Field Description
Port The port number for this entry containing STP
management information.
Priority The value of the priority field, which is contained
in the first octet (in network byte order) of the
(two-octets long) port ID. The other octet of the
port ID is determined by the value of the port.
The range is from 0 to 255.
PortState The port current state as defined by STP. This
state controls what action a port takes when
it receives a frame. If the bridge detects a
malfunctioning port, it designates that port as
broken. Similarly, ports that are disabled are
designated as disabled.
Status The port configured status, enabled or disabled.
Path Cost The port contribution to the path costs toward
the spanning tree root including this port.
802.1D-1990 recommends that the default
value of this parameter be in inverse proportion
to the speed of the attached LAN
Root The unique bridge identifier recorded as the
root in the configuration BPDUs transmitted by
the designated bridge for the segment to which
the port is attached.
Root Cost The path cost of the designated segment port
connected to this port. This value is compared
to the root path cost field in received bridge
PDUs.
Bridge The bridge identifier, which this port considers
as the designated bridge for this port segment.
Bridge Port On the designated bridge, the port identifier for
this port segment.
Learn-Forward Transitions The number of times this port has transitioned
from the learning state to the forwarding state.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
142 Configuring VLANs in Ring, Standalone, Layer 2, and Q-in-Q mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
143

Configuring Q-in-Q mode


This section describes the Device Manager available to configure Q-in-Q
mode on the Metro ESU 1850.

To configure Q-in-Q mode using the Command Line Interface, see Nortel
Metro Ethernet Services Unit 1850 Configuration — Q-in-Q Mode using the
CLI (NN46211-504).

Navigation
• "Designating a port as access or uplink" (page 143)
• "Configuring the SVLAN" (page 147)
• "Configuring automatic port shutdown " (page 148)

Designating a port as access or uplink


A port must be designated as a customer facing access port or as a service
provider facing uplink port for Q-in-Q mode.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.

2 From the Device Manager menu bar, choose Edit > Port.
The Port dialog box opens with the Interface tab displayed. See
the following figure.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
144 Configuring Q-in-Q mode

See the following procedure job aid.

3 In the UplinkMode field, select disabled for an access port or


enabled for an uplink port.

4 Click Apply to save the changes.

—End—

Procedure job aid


Field Description
Index Read-only field; a unique value assigned to each interface. The
value range is 1 to 12.
Name Displays the alphanumeric name for the port.
Alias A field where you can further identify the port.
Descr Read-only field; the specific location of this interface.
Type Read-only field; the media type of this interface.
Mtu Read-only field; the maximum packet size, in octets, that can be
sent or received on this interface.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Designating a port as access or uplink 145

Field Description
Speed Read-only field; the port current speed (10 Mbit/s, 100 Mbit/s, 1
Gbit/s).
PhysAddress Read-only field; the MAC address assigned to this interface.
AdminStatus Sets the port administrative status value to either of the following
states:
• up
• down

When a managed system initializes, all interfaces start with


AdminStatus in the up state. As a result of either explicit
management action or for configuration information retained by
the managed system, AdminStatus is then changed to the down
state.
OperStatus Read-only field-the current operational state of the interface.
Possible state values are:
• up
• down

If the AdminStatus field is set to down, then the OperStatus field


indicates down. If the AdminStatus field is changed to up, then
the OperStatus field changes to up state if the interface is ready to
transmit and receive network traffic. It remains in the down state
only if there is a fault that prevents it from going to the up state.
LinkTrap Sets the interface to generate (enabled) or not generate (disabled)
link Up/link Down traps for this interface.
PortType Read-only field; the port type for this interface.
PortLinkStatus Read-only field; the port link status.
Possible values are:
• other
• link-pass
• link-fail

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
146 Configuring Q-in-Q mode

Field Description
AdminSpeedDuplex Sets the port duplex value (half-duplex or full-duplex mode).
Possible duplex values are:
• auto—sets the port to Autonegotiation mode.
• 10Mbps-Half—sets the port to operate at 10 Mbit/s in
half-duplex mode.
• 10Mbps-Full—sets the port to operate at 10 Mbit/s in
full-duplex mode.
• 100Mbps-Half—sets the port to operate at 100 Mbit/s in
half-duplex mode.
• 100Mbps-Full—sets the port to operate at 100 Mbit/s in
full-duplex mode.
• 1Gigabps-Full—sets the port to operate at 1 Gbit/s in
full-duplex mode. Gigabit ports are statically set for 1000
Mbit/s and cannot be set to slower speeds.
OperSpeedDuplex Read-only field; the port current duplex value.
FlowCtrlState Enables or disables flow control on this port interface.
PortName The name of the Ethernet port.
PortMode Used to configure port mode.
Possible values are:
• access
• uplink
• pass-thru

UplinkMode Identifies a port as an access port or an uplink port.


Possible values are:
• disabled—select for an access port. This is the default setting.
• enabled—select for an uplink port
Pass-thru Allows ports to be associated with VLANs. Reserves the original
VLAN tag and does not add new SVID when the packet is send
from access port to uplink port. Passes QiQ data traffic and
management traffic.
• per port—one port mode
• per vlan—one access port, one uplink port, and ten pass-thru
ports

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring the SVLAN 147

Configuring the SVLAN


After setting the chassis and port states, specify the service provider VLAN
(SVLAN) required for Q-in-Q double tagging.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose QinQ > VLAN.
The QinqVlan dialog box opens with the VLAN tab displayed.

See the following procedure job aid.

2 Click Insert.
The QinqVlan, Insert Vlan dialog box appears.

3 In the SPVIDIndex field, if desired, specify a SPVID index number,


or accept default.
4 In the VLAN field, enter the VLAN name.

5 In the Ports field, click the ellipsis button (...).


The esuSwL2QinQVlanPorts dialog box appears.

6 Select a port or a ranges of ports.


7 Click Ok.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
148 Configuring Q-in-Q mode

8 Click Insert.

—End—

Procedure job aid


Field Description
SPVIDIndex Read-only field that indicates a unique value assigned
to each SPVID index.
Name The name assigned to the service provider VLAN.
Ports The ports assigned to the service provider VLAN.

Configuring automatic port shutdown


This section describes how to configure the automatic port shutdown
feature. Only ports one and two on the ESU1850 (in Layer 2 and QiQ modes
only) are supported by this feature. This allows the product to be used as a
CPE device in a dark fiber implementation. The ESU1850 can be used as a
CPE with port one being the uplink port, and port two being the access port.

ATTENTION
This feature is applicable to ESU 1850 only.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit >


AutoPortShutDown.

2 In the State field, select enable to enable the automatic port


shutdown feature. The default state is disable.
3 Click Apply to save the changes

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring automatic port shutdown 149

Configuring automatic shutdown ports


This section describes how to configure ports as an uplink or an access port
and how to assign an access port to an uplink port.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Edit >


AutoPortShutDown.

2 Click the Ports Tab. The Ports tab appears.

See the following procedure job aid.

3 Click Apply to save the changes.

—End—

Procedure job aid


Field Description
UplinkState Designates a port as an uplink port
• enable activates the port
• disable disables the port; the
default is enable.
AccessState Designates a port as an access port
• enable activates the port
• disable disables the port; the
default is enable.
AccessToUplinkPort Designates a port as an uplink port for
the setting port.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
150 Configuring Q-in-Q mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
151

Configuring filters and access control


lists
This section describes how to configure Metro ESU filters and access lists
for the customer ports.

Navigation
• "Configuring MAC filters" (page 154)
• "Configuring packet filters" (page 151)
• "Configuring IGMP access lists in Layer 2, and VPN and IPVLAN
modes" (page 156)
• "Applying access control lists in Layer 2, and VPN and IPVLAN modes"
(page 157)

Configuring packet filters


The Metro ESU supports packet filters that act on packets ingressing
the Metro ESU ports. You use packet filters to filter out certain customer
packets. You can filter on one of the following data fields:
• IP source or destination address, or both
• TCP source or destination port, or both
• UDP source or destination port, or both

You can apply one of the following actions to the packets that match the
filter criteria:
• drop—the Metro ESU does not forward packets that match the filter
criteria
• forward—the Metro ESU forwards packets that match the filter criteria
• copy to CPU—copy to CPU performs the same function as drop

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
152 Configuring filters and access control lists

ATTENTION
If the filter has an implicit deny-all at the end of a filter list, then you must configure
a forward statement for the rest of the traffic otherwise the traffic is dropped.

You can assign one or more packet filters to a port; the priority of the filters is
based on the ID of the filter (the lowest ID number has the highest priority).
You can configure filters for the Metro ESU using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Filter.
The Filter dialog box opens with the Filter tab displayed.

2 Click Insert.
The Filter, Insert Filter dialog box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring packet filters 153

See the following procedure job aid.

3 Enter the values you want for the metering rule and click Insert. The
newly created rule appears in the Filter tab.

—End—

Procedure job aid


Field Description
Index Identifies the filter. The valid range is 1 to 99999999.
Name The name of the filter.
Action Determines what happens to packets that match the filter criteria. The
valid options are:
• drop—indicates that the packet is dropped if it matches the criteria.
• forward—indicates that the packet is forwarded to the next device
if it matches the criteria.
• copytocpu—in release 3.3, the copytocpu option performs the same
function as drop.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
154 Configuring filters and access control lists

Field Description
DataField The field on which filtering occurs. The valid options are:
• etype—if you select this value, you must specify other for the rule
and a value for Etype.
• ipaddr—if you select this value, you must specify a rule (except other)
and the associated value or values. For example, if you specify dest
for the rule, you must enter a value for IpAddrDest.
• ipprot—if you select this value, you must specify other for the rule and
a value for IpProt.
• tcpport—if you select this value, you must specify a rule (except other)
and the associated value or values. For example, if you specify dest
for the rule, you must enter a value for TcpPortDest.
• udpport—if you select this value, you must specify a rule (except other)
and the associated value or values. For example, if you specify dest
for the rule, you must enter a value for UdpPortDest.
Rule Filter packets on the destination address (dest), the source address (src),
the source or destination address (srcordest), the source and destination
address (srcanddest), or other (Ethernet type or IP protocol).
Etype The Ethernet type on which you want to filter packets. An Etype example
is 8046 for AT&T.
IpAddrSrc The source IP address on which you want to filter packets.
IpAddrDest The destination IP address on which you want to filter packets.
IpProt The next-level IP protocol (an 8-bit field) that you want to use to filter
packets. For example, 24 is for multicast route advertisement.
TcpPortSrc The source TCP port on which you want to filter packets.
TcpPortDest The destination TCP port on which you want to filter packets.
UdpPortSrc The source UDP port on which you want to filter packets.
UdpPortDest The destination UDP port on which you want to filter packets.

Configuring MAC filters


You can configure MAC filters using Device Manager to block various
Spanning Tree Protocol Bridge Packet Data Units (BPDU), including the
Cisco PVST+.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> MAC Filter.
The MacFilter dialog box opens with the MAC Filter tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring MAC filters 155

2 Click Insert.
The MacFilter, Insert MAC Filter dialog box opens.

See the following procedure job aid.


3 After you configure the MAC filter, click Insert.

4 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
Index Identifies the MAC filter. xx:xx:xx:xx:xx:xx indicates no address
assigned.
Name The name of the MAC filter.
DAMacAddr The destination MAC address
SAMacAddr The source MAC address

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
156 Configuring filters and access control lists

Configuring IGMP access lists in Layer 2, and VPN and IPVLAN


modes
You can configure IGMP access lists using Device Manager to specify which
multicast group addresses that you want to allow for a particular customer
access port of the Metro ESU.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> IGMP Access List.
The IgmpAccessList dialog box opens with the Igmp Access List
tab displayed.

2 Click Insert.
The IgmpAccessList, Insert Igmp Access List dialog box opens.

See the following procedure job aid.

3 Configure the IGMP access list, and click Insert.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Applying access control lists in Layer 2, and VPN and IPVLAN modes 157

Procedure job aid


Field Description
Index Identifies the IGMP access list. The valid values are
1 to 99999999.
Name The name of the IGMP access list.
IpType The valid options are range and mask.
IpAddrStart The start of the IP multicast address range that can be
sent to the customer access port.
IpAddrEndOrMask The end of the IP multicast address range that can be
sent to the customer access port.

Applying access control lists in Layer 2, and VPN and IPVLAN


modes
After you set up rules for packet classification or packet policer and create
packet filters (see "Configuring packet filters" (page 151)), you can add
those rules and traffic filters to the FE or GE (GE only if in standalone
configuration) ports on the Metro ESU.
You can configure policer ports and access control lists using Device
Manager.
You can configure access control lists using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Policer Ports.
The PolicerPorts dialog box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
158 Configuring filters and access control lists

See the following procedure job aid.

2 Locate the filter, packet classification, packet policing rule, or access


control list that you want to apply to a port. Double-click the Port
field next to that access list, filter or rule.
The Port dialog box opens.

3 Select the port or ports to which you want to apply the access list,
filter or rule. Use the Shift or Ctrl key to select multiple ports.
4 Click Ok.
The PolicerPorts dialog box reappears. The port or ports that you
chose appear next to the selected access list.
5 Click Apply.

—End—

Procedure job aid


Field Description
Type The type of access list or policer (filter, packet classification rule,
or packet policing rule) that you want to apply to a port or ports
in ring or standalone mode.
Id Identifies the access control list in Layer 2 mode or policer in
ring or standalone mode.
Port Identifies the port or ports to which you want to apply the policer
in Layer 2, or the filter or rule in ring or standalone mode.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
159

Configuring packet policing and


policies
This section describes how to configure Metro ESU customer packet rules
and filters on its customer ports.

Navigation
• "Configuring a CoS profile" (page 159)
• "Configuring packet classification" (page 161)
• "Configuring packet policing" (page 164)
• "Applying policies to ports" (page 167)
• "Clearing the out-of-profile counter" (page 169)
• "Configuring EVPN broadcast optimization in VPN and IPVLAN mode"
(page 170)

Configuring a CoS profile


You can configure the Metro ESU to limit customer traffic bandwidth for
each VPN (port). The FE port or GE port can be configured for standalone
configuration. The CoS profile defines a metering or policing rate to be
applied to a traffic stream. CoS profiles are used in conjunction with packet
policers. You can have a total of 63 meters for every 8 Metro ESU FE ports
or 1 GE port, and the rate-limit is in increments of 1 Mbit/s. The ingress
traffic is rate-limited to the configured bandwidth.
You can create a Class of Service (CoS) profile using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> CosProfile.
The CosProfile dialog box opens with the CoS Profile tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
160 Configuring packet policing and policies

2 Click Insert.
The CosProfile, Insert COS Profile dialog box opens.

See the following procedure job aid.

3 Enter the values you want for the CoS profile and click Insert. The
newly created metering rule appears in the CoS Profile tab.

—End—

Procedure job aid


Field Description
Index Identifies the COS profile.
Name The name of the COS profile.
Bandwidth The bandwidth you want to assign to the COS profile. Traffic is
rate-limited to the configured bandwidth. The rate-limit is at 1
Mbit/s increment.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring packet classification 161

Configuring packet classification


You use packet classification to classify customer traffic and remark its
priority (priority bit [pbit]), based on the packet pbit, MAC address, Ethertype,
IP address, TCP port number, UDP port number, IP protocol, or DSCP.
You can create a packet classification rule using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Packet Classification.
The Packet Classification dialog box opens with the Packet
Classification tab displayed.

2 Click Insert.
The PacketClassification, Insert Packet Classification dialog
box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
162 Configuring packet policing and policies

See the following procedure job aid.

3 Enter the values you want for the packet classification rule and click
Insert. The newly created rule appears in the Packet Classification
tab.

—End—

Procedure job aid


Field Description
Index Identifies the packet classification rule. The valid range is 1 to 99999999.
Name The name of the packet classification rule.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring packet classification 163

Field Description
Rule The rule that you want to use to classify packets. The valid options are:
• port—All traffic from a port is mapped to a configured priority value. If you
select this rule, you must also specify a value in the Priority field.
• pbits—Packets with a matching pbit value use the configured priority value.
If you select this rule, you must also specify the pbit field.
• macaddr—Packets with a matching source or destination MAC address use
the configured priority value. If you select this rule, you must also specify
values in the Priority and MacAddr fields.
• etype—Packets with a matching Ethertype use the configured priority value.
If you select this rule, you must also specify values in the Priority and
Etype fields.
• ipaddr—Packets with a matching source or destination IP address use
the configured priority value. If you select this rule, you must also specify
values in the Priority and IPAddr fields.
• ipprot—Packets with a matching IP protocol use the configured priority
value. If you select this rule, you must also specify values in the Priority
and IpProt fields.
• tcpport—Packets with a matching source or destination TCP port number
use the configured priority value. If you select this rule, you must also
specify values in the Priority and TcpPort fields.
• udpport—Packets with a matching source or destination UDP port number
use the configured priority value. If you select this rule, you must also
specify values in the Priority and UdpPort fields.
• dscp—Packets with a matching DiffServ code point (DSCP) use the
configured priority value. If you select this rule, you must also specify
values in the Priority and Dscp fields.
Pbits Enter a value between 0 and 7, inclusive.
MacAddr Enter a valid MAC address.
Etype Enter a value between 0 and 65535, inclusive. For example 8046 is for AT&T.
IpAddr Enter a valid IP address.
IpProt Enter a value between 0 and 255, inclusive.
TcpPort Enter a value between 0 and 65535, inclusive.
UdpPort Enter a value between 0 and 65535, inclusive.
Dscp Enter a value between 0 and 63, inclusive.
Priority The priority of a packet, with 0 representing the lowest priority and 7
representing the highest. Enter a value between 0 and 7, inclusive.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
164 Configuring packet policing and policies

Configuring packet policing


You can use packet policing to limit the bandwidth of a customer packet and
optionally remark its priority based on the following packet information:
• Physical ingress port
• Port and VLAN ID
• Port, VLAN ID, and p-bit value
• Port and DSCP value
• Port and p-bit value
• Port, VLAN ID, and DSCP value
• Port, VLAN ID, p-bit, and DSCP value
• Port, p-bit, and DSCP value
• Type of service (TOS)
• Source MAC allowed

ATTENTION
The last entered policer ID, when a number of policers are entered, is the first to
affect the packet.
You can create a packet policing rule using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Packet Policing.
The PacketPolicing dialog box opens with the Packet Police tab
displayed .

2 Click Insert.
The PacketPolicing, Insert Packet Police dialog box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring packet policing 165

See the following procedure job aid.


3 Enter the values you want for the packet police rule and click Insert.
The newly created rule appears in the Packet Police tab.

—End—

PacketPolicing, Insert Packet Police dialog box fields

Procedure job aid


Field Description
Index Identifies the packet policing rule. The valid range is 1 to 99999999.
Name The name of the packet policy rule.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
166 Configuring packet policing and policies

Field Description
Rule The rule that you want to use for packet policing. The valid options
are:
• none—Indicates that you do not want to use a rule for packet
policing to apply to any traffic. If you select none, you must
specify a value for remarking of the priority bits after the frame
has gone through the ESU.
• vid—Indicates that you do want the packet policing rule to apply
to traffic with the specified VLAN ID. If you select this rule, you
must specify values for VlanID and remarking of the priority bits
after the frame has gone through the ESU.
• vidpbit—Indicates that you want the packet policing rule to apply
to traffic with the specified VLAN ID priority bit value. If you
select this rule, you must specify values for VlanID, Pbit, and the
remarking of the priority bits after the frame has gone through
the ESU.
• dscp—Indicates that you want the packet policing rule to apply to
traffic with the specified DiffServ code point (DSCP). If you select
this rule, you must specify values for the DSCP and the remarking
of the priority bits after the frame has gone through the ESU.
• pbit—Indicates that you want the packet policing rule to apply to
traffic with the specified priority bit value. If you select this rule,
you must specify values for Pbit and remarking of the priority bits
after the frame has gone through the ESU.
• viddscp—Indicates that you want the packet policing rule to apply
to traffic with the specified VLAN ID and the DiffServ code point
(DSCP). If you select this rule, you must specify values for VlanID
and DSCP and the remarking of the priority bits after the frame
has gone through the ESU.
• vidpbitdscp—Indicates that you want the packet policing rule
to apply to traffic with the specified VLAN ID priority bit value
and the DiffServ code point (DSCP). If you select this rule, you
must specify values for the VlanID, Pbit, and the DSCP and the
remarking of the priority bits after the frame has gone through
the ESU.
• pbitdscp—Indicates that you want the packet policing rule to
apply to traffic with the specified priority bit value and DSCP. If
you select this rule, you must specify values for Pbit and DSCP
and remarking of the priority bits after the frame has gone through
the ESU.
• srcmac—Indicates that you want the packet policing rule to limit
received packets to packets originating from the MAC address
entered in the SAMMacAddr box.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Applying policies to ports 167

Field Description

• TOS--Indicates that you want to included the packet policing rule


to included the type of service (TOS) value or values entered in
the TOS box.
VlanID Enter a VLAN ID.
Pbit Enter a value between 0 and 7, inclusive
Dscp Enter a value between 0 and 63, inclusive.
Tos The type of service value (1-5).
SAMacAddr The source MAC address that is allowed. The policer drops packets
originating from other MAC addresses.
CosProfile/Priority Option The valid values are:
• none–When set to none, the cosprofile number and priority
remark options are reset.
• cosprofile–When set, policer uses the assigned cosprofile to
rate-limit traffic that matches this policer.
• priority–When set, policer uses the assigned priority to remark
the customer p-bits as the packets matching this policer.
• cosprofile-priority–When set, the packet policer applies both the
cosprofile and priority remark rule to all packets matching this
policer.
CosProfile The name of the COS profile.
Priority The priority of the packet policing rule, with 0 representing the lowest
priority and 7 representing the highest. Enter a value between 0 and
7, inclusive.

Applying policies to ports


After you have set up rules for packet classification or packet policer and
created packet filters. See "Configuring filters and access control lists"
(page 151). You can add those rules and traffic filters to the FE or GE (GE
only if in standalone configuration) ports on the Metro ESU.
You can add policers to ports using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Policer Ports.
The PolicerPorts dialog box opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
168 Configuring packet policing and policies

See the following procedure job aid.

2 Find the filter, packet classification, or packet policing rule that you
want to apply to a port. Double-click the Port field next to that filter
or rule.
The Port dialog box opens. See the following figures.
Port dialog box: ESU 1850

Port dialog box: ESU 1800

3 Select the port or ports to which you want to apply the filter or rule.
Use the Shift or Ctrl key to select multiple ports.
4 Click Ok.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Clearing the out-of-profile counter 169

The PolicerPorts dialog box reappears. See "Figure" (page 168).


The port or ports that you chose appear next to the selected access
list.

5 Click Apply.

—End—

Procedure job aid


Field Description
Type The type of access list in Layer 2 and Q-in-Q mode that you
want to apply to a port or ports.
In VPN and IPVLAN mode, the type of access list or policer
(filter, packet classification rule, or packet policing rule) that you
want to apply to a port or ports in ring or standalone mode.
Id Identifies the access control list in Layer 2 and Q-in-Q mode.
In VPN and IPVLAN mode, identifies the access control list in
Layer 2 mode or policer in ring or standalone mode.
Port Identifies the port or ports to which you want to apply the policer
in Layer 2 and Q-in-Q mode
In VPN and IPVLAN mode, identifies the port or ports to which
you want to apply the policer in Layer 2 mode, or the filter or
rule in ring or standalone mode.

Clearing the out-of-profile counter


You can clear statistics from the out-of-profile counter using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> Out Profile Counter.
The Out Profile Counters dialog box appears.

See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
170 Configuring packet policing and policies

2 Click Clear Counter to clear the statistics.

—End—

Procedure job aid


Field Description
PolicingId The policer ID.
Port The port associated with the policer.
Counter The number of packets policed.

Configuring EVPN broadcast optimization in VPN and IPVLAN mode


To prevent excessive use of uplink bandwidth for broadcast traffic on a
standalone ESU or ESU ring, Ethernet Virtual Private Network (EVPN)
broadcast optimization eliminates the replicated packets on the ring or
uplink.
You can configure EVPN broadcasting using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Packet Classification


> EVPN Broadcast.
The EVPN Broadcast dialog box appears.

2 Click Insert.
The Warning dialog box appears.

3 Click OK.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring EVPN broadcast optimization in VPN and IPVLAN mode 171

The EVPN Broadcast, Insert EVPN dialog box appears.

4 In the Vid box, enter the VLAN ID.

ATTENTION
The EVPN VLAN and the IP VLAN cannot share the same VLAN ID.

5 In the MemberPort box, click the ellipsis button (...).


The esuSwL2EvpnVlanMemberPort dialog box appears. See the
following figures.
esuSwL2EvpnVlanMemberPort dialog box: ESU 1800

esuSwL2EvpnVlanMemberPort dialog box: ESU 1850

6 Select a port or a range of ports.

ATTENTION
Do not select the CPU port.

7 Click OK.

8 Click Insert.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
172 Configuring packet policing and policies

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
173

Configuring EAPoL on Ethernet ports


in Layer 2 Switch mode
Extensible Authentication Protocol over LAN (EAPoL) is a port-based
network access control protocol. EAPoL provides security to your network
by preventing users from accessing network resources before they are
authenticated.

EAPoL allows you to set up network access control on internal LANs and
to exchange authentication information between any end station or server
connected to the Metro ESU switch and an authentication server, such
as a RADIUS server. This security feature extends the benefits of remote
authentication to internal LAN clients. For example, if a new client PC fails
the authentication process, EAPoL prevents it from accessing the network.

In addition to the port configuration, EAPoL also must be configured globally.

This section describes how perform port configuration tasks.

Navigation
• "Configuration prerequisites" (page 173)
• "Changing a port authentication status in Layer 2 switch mode" (page
174)

Configuration prerequisites
Use the following configuration rules when using EAPoL:
• Before configuring your switch, you must configure at least one EAPoL
RADIUS server and Shared Secret fields.
• You cannot configure EAPoL on ports that are currently configured for:
— Shared segments
— MultiLink Trunking
— Port mirroring

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
174 Configuring EAPoL on Ethernet ports in Layer 2 Switch mode

— Tagged ports

• Change the status to auto for each port that you want to be controlled.
See "Changing a port authentication status in Layer 2 switch mode"
(page 174). The auto setting automatically authenticates the port
according to the results of the RADIUS server. The default authentication
setting for each port is force-authorized.
• You can connect only a single client on each port that is configured for
EAPoL. If you attempt to add additional clients on the EAPoL authorized
port, the port goes into force-unauthorized mode.

EAPoL uses RADIUS protocol for EAPoL-authorized logins.

Changing a port authentication status in Layer 2 switch mode


Ports are force-authorized by default. This means that the ports are always
authorized and are not authenticated by the RADIUS server.
You can change this setting so that the ports are always unauthorized
or unauthenticated (force-unauthorized). You can also make the ports
controlled so that they are automatically authenticated when you globally
enable EAPoL (auto).
You can change the port authentication status using Device Manager.

Procedure steps
Step Action

1 Select the port you want to edit.


If you want to select multiple ports, press [Control] + click the ports
you want to configure. A yellow outline appears around the selected
ports.
2 Do one of the following:
• Double-click the selected port.
• From the shortcut menu, choose Edit.
• From the Device Manager main menu, choose Edit > Port.
• On the toolbar, click Edit.

The Port dialog box for the selected port(s) opens with the Interface
tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Changing a port authentication status in Layer 2 switch mode 175

3 Click the EAPOL tab.


The EAPOL tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
176 Configuring EAPoL on Ethernet ports in Layer 2 Switch mode

See the following procedure job aid.


4 In the AuthControlledPortControl field, select one of the following:
• forceUnauthorized—sets the port so it is always unauthorized.
• auto—sets the port to match the global EAPoL authentication
setting.
• forceAuthorized—sets the port so it is always authorized
(default).

5 Click Apply to change the configuration.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Changing a port authentication status in Layer 2 switch mode 177

Procedure job aid


Field Description
PortProtocolVersion The protocol version number of the EAPOL implementation
supported by the port.
PortCapabilities The capabilities of the PAE associated with the port. This
parameter indicates whether Authenticator functionality, Supplicant
functionality, both, or neither is supported by the port PAE.
PortInitialize When selected, initializes EAPoL authentication on this port. After
the port initializes, this field reverts to its default, which is disabled.
PortReauthenticate When selected, reauthenticates the Supplicant connected to this
port immediately. The default is disabled.
PaeState Displays the current Authenticator PAE state.
The possible states are:
initialized disconnected connecting
authenticating authenticated aborting
held forceAuth forceUnauth
BackendAuthState Displays the current state of Backend Authentication.
The possible states are:
request response success fail
timeout idle initialize
AdminControlDirections Determines whether the port exerts control over communication in
both directions (both incoming and outgoing) or only in incoming
direction.
operControlledDirections The current direction of control over communications exerted on
the port.
AuthControlledPortStatus Displays the port current state: unauthorized, auto, or authorized.
AuthControlledPortControl Sets the authentication status for this port. The default is
forceAuthorized.
• forceUnauthorized—port is always unauthorized.
• auto—port authorization depends on the results of the EAPoL
authentication by the RADIUS server.
• forceAuthorized—port is always authorized.
QuietPeriod Sets the time interval (in seconds) between authentication failure
and the start of a new authentication. The allowed range is 1 to
65535, and the default is 60.
TxPeriod Sets the time (in seconds) to wait for a response from a Supplicant
for EAP request/identity packets. The allowed range is 1 to 65535,
and the default is 30.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
178 Configuring EAPoL on Ethernet ports in Layer 2 Switch mode

Field Description
SuppTimeout Sets the time (in seconds) to wait for a response from a Supplicant
for all EAP packets except EAP Request/Identity packets. The
allowed range is 1 to 65535, and the default is 30.
ServerTimeout Sets the time (in seconds) to wait for a response from the RADIUS
server. The allowed range is 1 to 65535, and the default is 30.
MaxReq Sets the maximum number of times to retry sending packets to the
Supplicant. The allowed range is 1 to 10, and the default is 2.
ReAuthPeriod Sets the time interval (in seconds) between successive
reauthentications. See ReAuthEnabled). The allowed range is 1 to
2147483647, and the default is 3600 (1 hour).
ReAuthEnabled When checked, re-authenticates an existing Supplicant at the time
interval specified in ReAuthPeriod.
SuppPaeState The current state of the Supplicant PAE state machine. The
following states are represented by an integer value:
• 1—disconnected
• 2—logoff
• 3—connecting
• 4—authenticating
• 5—authenticated
• 6—acquired
• 7—held
SuppHeldPeriod The value (in seconds) of the heldPeriod constant currently in use
by the Supplicant PAE state machine. The default is 60 seconds.
SuppAuthPeriod The value (in seconds) of the authPeriod constant currently in use
by the Supplicant PAE state machine. The default is 30 seconds.
SuppStartPeriod The value (in seconds) of the startPeriod constant currently in use
by the Supplicant PAE state machine. The default is 30 seconds.
SuppMaxStart The value of the maxStart constant currently in use by the
Supplicant PAE state machine. The default is 3.
SuppControlledPortStatus The current state of the Supplicant PAE state machine.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Changing a port authentication status in Layer 2 switch mode 179

Field Description
SuppAccessCtrlWithAuth The setting for the application of the Supplicant authorization
state when the port is operating as both a Supplicant and an
Authenticator. The following states are represented by an integer
value:
• 1—inactive: indicates the port will not apply the Supplicant
authorization state, using only the Authenticator authorization
state to restrict access to the port.
• 2—active: indicates the port will apply the Supplicant
authorization state, as well as the Authenticator authorization
state.

SuppBackendState The current state of the Supplicant Backend state machine. The
following states are represented by an integer value:
• 1—initialize
• 2—idle
• 3—request
• 4—response
• 5—receive
• 6—fail
• 7—success
• 8—timeout

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
180 Configuring EAPoL on Ethernet ports in Layer 2 Switch mode

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
181

Configuring QoS
This section describes a range of features on the Metro ESU that enable
you to allocate network resources to mission-critical applications at the
expense of applications that are less sensitive to such factors as time
delays or network congestion. You can configure your network to prioritize
specific types of traffic, ensuring that they receive the appropriate Quality of
Service (QoS) level.

This section also describes how you can use Device Manager to configure
and manage the QoS feature on a Metro ESU device (Layer 2 mode only).

For more information about QoS management, see Metro Ethernet Services
Unit 1800 and 1850 Fundamentals (NN46212-100).

Navigation
• "Configuring QoS output scheduling" (page 181)
• "Viewing and configuring IEEE 802.1p default priority" (page 183)
• "Viewing and configuring IEEE 802.1p user priority" (page 185)
• "Configuring broadcast storm control in Standalone, Layer 2, and VPN
and IPVLAN modes" (page 186)

Configuring QoS output scheduling


You can configure output scheduling using Device Manager.

Procedure steps
Step Action

1 From the Device manager menu bar, choose QOS > QOS.
The QOS dialog box appears with the Output Scheduling tab
displayed by default. See the following figures.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
182 Configuring QoS

Output Scheduling tab: ESU 1850

Output Scheduling tab: ESU 1800

"Output Scheduling tab: ESU 1850" (page 182) shows the default
configuration; a value of 0 for MaxPkts for any given queue indicates
strict priority queuing is being used.
See the following procedure job aid.

2 In the MaxPkts field, enter the maximum number of packets to be


transmitted.

3 Click Apply.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Viewing and configuring IEEE 802.1p default priority 183

Procedure job aid


Field Description
ClassId The hardware priority queue.
For ESU 1800, the four hardware priority queues are identified
by number, from 0 to 4, with the 0 queue being the lowest priority
and 4 being the highest.
For ESU 1850, the seven hardware priority queues are identified
by number, from 0 to 7, with the 0 queue being the lowest priority
and 7 being the highest.
MaxPkts
Maximum number of packets the priority queue is allowed
to transmit before allowing the next lowest priority queue to
transmit its packets. Specify a value between 0 and 255.

ATTENTION
If you specify a value of 0 for MaxPkts and MaxLatency,
the queue uses strict priority.

MaxLatency
The maximum amount of time that the queue needs to wait for
its turn to transmit. You can specify a value between 0 and
255. The value is multiplied by 16 microseconds to arrive at
the maximum amount of time that the queue must wait.

ATTENTION
If you specify a value of 0 for MaxPkts and MaxLatency,
the queue uses strict priority.

Viewing and configuring IEEE 802.1p default priority


You can view and configure IEEE 802.1p default priorities for each port. The
priority queues are numbered from 0, the lowest priority, to 7, the highest
priority. The default priority is used if a frame enters as untagged frame
(that is, no 802.1p field).

ATTENTION
The factory default setting for the ESU 1850 only configures the first 4 queues.

You can view and configure default port priorities using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose QOS > QOS.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
184 Configuring QoS

The QOS dialog box opens with the Output Scheduling tab
displayed. See "Output Scheduling tab: ESU 1850" (page 182).

2 Click the 802.1p Default Priority tab.


The 802.1p Default Priority tab opens. See the following figures.
802.1p Default Priority tab: ESU 1850

802.1p Default Priority tab: ESU 1800

See the following procedure job aid.

3 Click on the field you want to change.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Viewing and configuring IEEE 802.1p user priority 185

4 Using the drop-down list, select a priority from 0 to 7.

5 Click Apply to save the configuration.

—End—

Procedure job aid


Field Description
Port The port number that the user priority is assigned.
DefaultPriority
The default ingress user priority for this port; a value of
0 to 7.

ATTENTION
By factory default, only the first four queues (0 to 3)
are configured on the ESU 1850. Manually configure
queues 4 to 7.

Viewing and configuring IEEE 802.1p user priority


You can view and configure a Class of Service, (CoS), for each of the IEEE
802.1p priorities. After you assign a maximum number of packets and a
maximum latency to a given CoS on the switch, you can then assign this
class to each of the eight levels of IEEE 802.1p priorities.

ATTENTION
The factory default setting for the ESU 1850 only configures the first 4 queues.

You can view and configure a CoS using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose QOS > QOS.
The QOS dialog box opens with the Output Scheduling tab
displayed. See "Output Scheduling tab: ESU 1850" (page 182).

2 Click the 802.1p User Priority tab.


The 802.1p User Priority tab opens.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
186 Configuring QoS

See the following procedure job aid.

3 Click the field you want to change.


4 Using the drop-down list, select the class.

5 Click Apply to save the configuration.

—End—

Procedure job aid


Field Description
ClassPriority Determined for the ingress frame. The value is equivalent
to the priority indicated in the tagged frame received, or
one of the evaluated priorities, determined according to the
service type.
For untagged frames received, this value is equal to the
User Priority value for the ingress port.
Class The user-defined class to which the ingress frame is to be
mapped.

Configuring broadcast storm control in Standalone, Layer 2, and


VPN and IPVLAN modes
You can manage broadcast, multicast, and destination lookup failure storm
control data using Device Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring broadcast storm control in Standalone, Layer 2, and VPN and IPVLAN modes 187

Procedure steps
Step Action

1 On the Device Manage menu bar, choose QOS > Traffic Control.
The Traffic Control dialog box appears with the Traffic Control tab
displayed.

See "Traffic Control tab fields" (page 187).

2 Select a field for a groupindex.


3 Select enable or disable from the drop-down list.

4 Click Apply to change the configuration.

—End—

Traffic Control tab fields

Procedure job aid


Field Description
GroupIndex The index of logical trunk ports. The trunk group number
depends upon the existence of the unit and module.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
188 Configuring QoS

Field Description
BMStormthreshold Decides how many thousand packets per
second of broadcast/multicast traffic will activate
storm control. It depends upon whether the
BcastStromCtrl,McastStromCtrl, or DlfStromCtrl objects
are enabled.
Whenever a port reaches its configured number of
packets in the one second interval, the device starts
dropping that type of packet, until the time interval
expires. Once the time interval expires, the device
starts forwarding that type of packet. The value range
is 0 to 255.
BcastStormCtrl If the broadcast storm control function is enabled or
disabled.
McastStormCtrl If the multicast storm control function is enabled or
disabled.
DlfStormCtrl If the destination lookup fail function is enabled or
disabled.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
189

Configuring RMON
The Remote Network Monitoring (RMON) MIB is an interface between the
RMON agent on the Metro ESU and an RMON management application,
such as the Device Manager. RMON defines objects that are suitable for
the management of any type of network; some groups are targeted for
Ethernet networks in particular. Enabling RMON on the switch allows the
RMON agent to continuously collect statistics and proactively monitor switch
performance. This data can then be viewed using Device Manager.

ATTENTION
RMON is not supported for access port statistics relating to VPN, IP VLAN, or
Internet Protocol multicast (IPMC) services assigned to the access ports.

RMON has three major functions:


• gathering cumulative statistics for Ethernet interfaces
• tracking a history of statistics for Ethernet interfaces
• creating and displaying alarms for user-defined events

ATTENTION
Before using RMON functions, you must globally enable RMON. In addition,
specify certain options to control how RMON operates on the switch. See
"Configuring and enabling RMON options" (page 190).

This section describes how to configure RMON.

Navigation
• "Configuring and enabling RMON options" (page 190)
• "Using Ethernet statistics" (page 196)
• "Configuring RMON history" (page 191)
• "Graphing RMON history" (page 202)
• "Configuring RMON alarms" (page 203)

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
190 Configuring RMON

• "HP OpenView" (page 212)

Configuring and enabling RMON options


You must enable RMON globally and set options using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Options.
The RMONOptions dialog box opens with the Probe Configuration
tab displayed.

ATTENTION
The Probe Configuration tab displays default values. See the following
figure.
If you want to use non-default RMON parameter values, set these before
enabling RMON or when you create the specific RMON function.

See the following procedure job aid.

2 In the RmonState field, click enabled.

3 Enter optional information in the remaining fields.

4 Click Apply to save the configuration.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON history 191

Procedure job aid


Field Description
RmonState Allows you to globally enable or disable RMON. The default value
is enabled.
probeCapabilities Read-only field—The RMON MIB groups supported on at least one
interface by this probe.
The supported values are:
• etherStats
• historyControl
• etherHistory
• alarm
• event
• probeConfig
probeSoftwareRev Read-only field—The probe software revision level.
probeHardwareRev Read-only field—The probe hardware revision level.
probeResetControl Sets the probe reset value. The default value is running.
Three choices are available:
• running—sets the ESU to normal operation mode.
• warmBoot—sets the ESU to restart the application software with
current configuration parameters saved in non-volatile memory.
• coldBoot—sets the ESU to reinitialize configuration parameters in
non-volatile memory to default values and restart the application
software.
netDefaultGateway The IP address of the default gateway. If this value is undefined or
unknown, it has the value 0.0.0.0.

Configuring RMON history


You can establish a time-dependent method for gathering RMON statistics
on a port by enabling and creating histories. The RMON History group
records periodic statistical samples from a network. A sample is called a
history and is gathered in time intervals referred to as buckets.
Following are the default values for history:
• Buckets are gathered at 30-minute intervals.
• The number of buckets gathered is 50.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
192 Configuring RMON

Both the time interval and the number of buckets is configurable. However,
when reaching the last bucket, bucket 1 is dumped and recycled to hold a
new bucket of statistics. Then bucket 2 is dumped, and so forth.

Navigation
• "Configuring RMON history parameters" (page 192)
• "Disabling RMON history" (page 195)

Configuring RMON history parameters


You can use RMON to collect statistics at intervals. For example, if you
want RMON statistics to be gathered over the weekend, you want enough
buckets to cover two days. To do this, set the history parameters to gather
one bucket over every hour, thus covering a 48-hour period. After you set
history parameters, you cannot modify them; you must delete the history
and create another one.
You can establish a history for a port and set the bucket interval using
Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control.
The RMONOptions dialog box opens with the History tab displayed.

2 Click Insert.
The RmonControl, Insert History dialog box opens. See
"RmonControl, Insert History dialog box: ESU 1850" (page 193) and
"RmonControl, Insert History dialog box: ESU 1800" (page 193).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON history 193

RmonControl, Insert History dialog box: ESU 1850

RmonControl, Insert History dialog box: ESU 1800

See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
194 Configuring RMON

3 In the Port field, select a port by clicking on the ellipsis button (...).
The historyControlDataSource dialog box opens. See
"RmonControl, Insert History dialog box: ESU 1850" (page 193) and
"RmonControl, Insert History dialog box: ESU 1800" (page 193).

4 Click the button for the desired port and click Ok.

5 In the Buckets Requested field, enter the number of discrete time


intervals to save data.

6 In the Interval field, enter the data sample rate in seconds.


7 Click Insert.
The new port history data is displayed in the RmonControl History
tab.

—End—

Procedure job aid


Field Description
Index An index that uniquely identifies an entry in the historyControl table. Each entry
defines a set of samples at a particular interval for an interface on the device.
Port Identifies the source of data for which historical data was collected and placed
in a media-specific table on behalf of this historyControlEntry. This source can
be any interface on this device. In order to identify a particular interface, this
object identifies the instance of the ifIndex object, defined for the desired inter-
face. For example, if an entry were to receive data from interface #1, the object
would be set to ifIndex.1. The statistics in this group reflect all packets on the
local network segment attached to the identified interface. This object can not
be modified if the associated historyControlStatus object is equal to valid.
Buckets The requested number of discrete time intervals over which data is to
Requested be saved in the part of the media-specific table associated with this
historyControl entry. When this object is created or modified, the probe sets
historyControlBucketsGranted as closely to this object as is possible for the
particular probe implementation and available resources.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON history 195

Field Description
Buckets The number of discrete sampling intervals over which data is saved in the part
Granted of the media-specific table associated with this history control entry. When the
associated BucketsRequested object is created or modified, the probe sets this
object as closely to the requested value as possible for the particular probe
implementation and available resources. The probe must not lower this value
except as a result of a modification to the associated BucketsRequested object.
At times, the actual number of buckets associated with this entry is less than
the value of this object. In this case, at the end of each sampling interval,
a new bucket is added to the media-specific table. When the number of
buckets reaches the value of this object and a new bucket is to be added to the
media-specific table, the oldest bucket associated with this entry is deleted by
the agent so that the new bucket can be added. When the value of this object
changes to a value less than the current value, entries are deleted from the
media-specific table associated with this entry. Enough of the oldest of these
entries is deleted by the agent so that their number remains less than or equal
to the new value of this object. When the value of this object changes to a
value greater than the current value, the number of associated media-specific
entries are allowed to grow.
Interval The interval in seconds over which the data is sampled for each bucket in the
part of the media-specific table associated with this historyControl entry. This
interval can be set to any number of seconds between 1 and 3600 (1 hour).
Because the counters in a bucket can overflow at their maximum value with no
indication, a prudent manager will take into account the possibility of overflow in
any of the associated counters. It is important to consider the minimum time
in which any counter could overflow on a particular media type and set the
historyControlInterval object to a value less than this interval. This is typically
most important for the octets counter in any media-specific table. For example,
on an Ethernet network, the etherHistoryOctets counter could overflow in about
one hour at the Ethernet maximum utilization. This object cannot be modified if
the associated historyControlStatus object is equal to valid (1).
Owner The entity that configured this entry and is therefore using the resources
assigned to it.

Disabling RMON history


You can disable RMON history on a port using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control.
The RmonControl dialog box opens with the History tab displayed.
See "RmonControl, Insert History dialog box: ESU 1850" (page
193) and "RmonControl, Insert History dialog box: ESU 1800" (page
193).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
196 Configuring RMON

2 Select the row that contains the port ID you want to delete.

3 Click Delete.

—End—

Using Ethernet statistics


You can use Device Manager to gather and graph Ethernet statistics for
viewing in a variety of formats, or you can save the statistics to a file and
export into an outside presentation or graphing application.

ATTENTION
This implementation of RMON requires a control row for Ethernet statistics; this
appears as port 0/1 when you choose RMON > Control > Ethernet Statistics. The
row ID is reserved for the control row. Automated tests, such as ANVL, can fail
when attempts are made to create a row 1.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control.
The RmonControl dialog box opens with the History tab displayed.
See "RmonControl, Insert History dialog box: ESU 1850" (page 193).
2 Click the Ethernet Statistics tab.
The Ethernet Statistics tab appears. See the following figures. Note
that the default owner is the host name on which Device Manager is
running. You can change the host name. See "Configuring a new
host name" (page 199).

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Using Ethernet statistics 197

Ethernet Statistics tab: ESU 1850

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
198 Configuring RMON

Ethernet Statistics tab: ESU 1800

See the following procedure job aid.

—End—

Procedure job aid


Field Description
Index An integer value that uniquely identifies an entry in the Ethernet
Statistics tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Using Ethernet statistics 199

Field Description
Port Identifies the source of the data that this etherStats entry is
configured to analyze.
Owner Identifies the entity that configured this entry and is therefore
using the resources assigned to it.

Configuring a new host name


The default owner of the RMON statistics port is the host name on which
the Device Manager software is running.
You can insert another host name using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control.
The RmonControl dialog box opens with the History tab displayed.

2 Click the Ethernet Statistics tab.


The Ethernet Statistics tab appears. See "Ethernet Statistics tab:
ESU 1850" (page 197) and "Ethernet Statistics tab: ESU 1800"
(page 198).
3 In the RmonControl dialog box, click Insert.
The RmonControl dialog box opens with the Insert Ethernet
Statistics tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
200 Configuring RMON

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Using Ethernet statistics 201

See the following procedure job aid.

4 In the RmonControl, Insert Ethernet Statistics dialog box, click


the Port ellipsis button.
The EtherStatsDataSource dialog box opens.
5 In the EtherStatsDataSource dialog box, select a port.

6 Click Ok.
The selected port number appears in the RmonControl, Insert
Ethernet Statistics dialog box.

7 In Owner field of the RmonControl, Insert Ethernet Statistics


dialog box, enter the new host name.

8 Click Insert.
The new host name entry appears in the RmonControl Ethernet
Statistics tab.

9 Click Apply to change the configuration.

—End—

Procedure job aid


Field Description
Index Index that uniquely identifies an entry in the Ethernet
Statistics table.
Port Source of the data that this etherStats entry is configured
to analyze.
Owner The entity that configured this entry and is therefore using
the assigned resources.

Disabling RMON statistics


You can disable RMON statistics on a port using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control. The
RmonControl dialog box opens with the History tab displayed.

2 Click the Ethernet Statistics tab.


The Ethernet Statistics tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
202 Configuring RMON

3 Select the row that contains the port ID you want to disable.

4 Click Delete.

—End—

Graphing RMON history


You can graph RMON history using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Control.
The RmonControl dialog box opens with the History tab displayed.
See "RmonControl, Insert History dialog box: ESU 1850" (page
193) and "RmonControl, Insert History dialog box: ESU 1800" (page
193).
2 Select the row for the entry that you want to graph.

3 Click the Graph button.


A graph of the selected row appears showing the RMON history.

See the following procedure job aid.

4 If you want to clear the counters, click Clear Counters.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON alarms 203

—End—

Procedure job aid


Field Description
Octets The number of octets.
Pkts The number of packets.
BroadcastPkts The number of broadcast packets.
MulticastPkts The number of multicast packets.
DropEvents The number occurrences of dropped traffic.
CRCAlignErrors The number of Frame Check Sequence (FCS) and align
errors.
UnderSizePkts The number of under-sized packets.
OverSizePkts The number of over-sized packets.
Fragments The number of fragmented packets.
Collisions The number of packets in a collision.

Configuring RMON alarms


Navigation
• "Creating RMON alarms" (page 203)
• "Viewing alarm files" (page 206)
• "Configuring RMON events" (page 208)
• "Viewing log files" (page 211)
• "Viewing events" (page 210)

Creating RMON alarms

ATTENTION
The example alarm described here is intended only to demonstrate how alarms
fire. This alarm will generate at least one alarm every 5 minutes. Because of the
high frequency, you can delete this alarm in a real world scenario.

When you create an alarm, you select a variable from the variables list
(refer to "RMON alarm reference" (page 241)) and a port, or other switch
component, to which the alarm is connected. Some variables require port
IDs, card IDs, or other indexes (for example, spanning tree group IDs).
To create an alarm using default values and to receive statistics and history:

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
204 Configuring RMON

Procedure steps
Step Action

1 Ensure that RMON is enabled globally. See "Configuring and


enabling RMON options" (page 190).
When you enable RMON globally, you also create a default rising and
falling event. The default for the events is log-and-trap, meaning you
will receive notification through a trap as well as through a log file.

2 From the Device Manager menu bar, choose RMON > Alarm
Manager.
The Alarm Manager dialog box opens.

See the following procedure job aid.

3 In the field, select a variable for the alarm and a port (or other ID) on
which you want to set an alarm.
In the example shown, the variable if InOctets has been selected
from the variable list under Interface. (Refer to "RMON alarm
reference" (page 241) for a list of variable definitions.)
Alarm variables are in three formats, depending on the type:
• A chassis, power supply, or fan-related alarm ends in x where
the x index is hard-coded. No further information is required.
• A card, RIP or OSPF, or EtherStat alarm ends with a dot (.). You
must enter a card number, IP address, or EtherStat information.
• A port alarm requires a port ifindex. For example, when you
select a port alarm for ifInOctets (interface incoming octet count),
the Choose port dialog box opens, allowing you to select a port.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON alarms 205

Leave remaining fields, including the sample type of delta, at default


values.

4 Click Insert.
If the message "Alarm x already exists" appears, you must assign
a new index.If you want to make field changes, refer to the field
descriptions in "Procedure job aid" (page 205).

—End—

Procedure job aid


Field Description
Field Name and type of alarm—indicated by the format:
• alarmname.x, where x=0 indicates a chassis alarm, and x=1 or 2 indicates
a power supply or fan alarm with 1 being the primary unit and 2 being the
secondary unit.
• alarmname, where the user must specify the index. This value is a card
number for module-related alarms, an STG ID for spanning tree group alarms
(the default STG is 1; other STG IDs are user-configured), an IP address for
RIP or OSPF alarms (RIP/OSPF must be enabled on the VLAN or router
port and enabled globally), or the Ether Statistics Control Index for RMON
Stats alarms.
• alarmname with no dot or index is a port-related alarm and results in display
of the port picker tool.
Sample Type Can be either absolute or delta.
Sample Time period (in seconds) over which the data is sampled and compared with the
Interval rising and falling thresholds.
Index Uniquely identifies an entry in the alarm table. Each such entry defines a
diagnostic sample at a particular interval for an object on the device.
Threshold Type Rising Description or Falling Description
Description Rising Description—When the current sampled value is greater than or equal
to this threshold, and the value at the last sampling interval was less than this
threshold, generates a single event.
Falling Description—When the current sampled value is less than or equal to
this threshold, and the value at the last sampling interval was greater than this
threshold, generates a single event.
Event Rising Description—Index of the event entry that is used when a rising threshold
Index is crossed. The event entry identified by a particular value of this index is the
same as identified by the same value of the event index object. (Generally, accept
the default that is already filled in.)

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
206 Configuring RMON

Field Description

Falling Description—Index of the event entry that is used when a falling threshold
is crossed. The event entry identified by a particular value of this index is the
same as identified by the same value of the event index object. (Generally, accept
the default that is already filled in.)

Viewing alarm files


You can view the RMON alarm file information using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Alarms

—End—

The RmonAlarms dialog box opens with the Alarm tab displayed.

See the following procedure job aid.

Procedure job aid


Field Description
Index An integer value that uniquely identifies an entry in the alarm table.
Interval The interval in seconds over which the data is sampled and compared with the
rising and falling thresholds.
Field The object identifier of the particular variable to be sampled. Only variables that
resolve to an ASN.1 primitive type of INTEGER (INTEGER, Counter, Gauge, or
TimeTicks) can be sampled.
SampleType Can be either absolute or delta.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON alarms 207

Field Description
Description The value of the statistic during the last sampling period. For example, if the
sample type is deltaDescription, this value is the difference between the samples
at the beginning and end of the period. If the sample type is absoluteDescription,
this value is the sampled value at the end of the period.
This is the value that is compared with the rising and falling thresholds. The
value during the current sampling period is not made available until the period is
completed and remains available until the next period completes.
Startup The alarm that can be sent when this entry is first set to valid. If the first sample
Alarm after this entry becomes valid is greater than or equal to the risingThreshold and
alarmStartupAlarm is equal to risingAlarm or risingOrFallingAlarm, then a single
rising alarm will be generated.
If the first sample after this entry becomes valid is less than or equal to
the fallingThreshold and alarmStartupAlarm is equal to fallingAlarm or
risingOrFallingAlarm, then a single falling alarm is generated. This object cannot
be modified if the associated alarmStatus object is equal to valid.
Rising A threshold for the sampled statistic. When the current sampled value is greater
Threshold than or equal to this threshold, and the value at the last sampling interval was
less than this threshold, a single event will be generated. A single event is also
generated if the first sample after this entry becomes valid is greater than or equal
to this threshold and the associated alarmStartupAlarm is equal to risingAlarm or
risingOrFallingAlarm.
After a rising event is generated, another such event is not generated until the
sampled value falls below this threshold and reaches the alarmFallingThreshold.
This object cannot be modified if the associated alarmStatus object is equal to
valid.
RisingEvent The index of the eventEntry that is used when a rising threshold is crossed. The
Index eventEntry identified by a particular value of this index is the same as identified by
the same value of the eventIndex object. If there is no corresponding entry in the
eventTable, then no association exists.
In particular, if this value is zero, no associated event is generated, as zero is not
a valid event index. This object cannot be modified if the associated alarmStatus
object is equal to valid.
Falling A threshold for the sampled statistic.
Threshold
When the current sampled value is less than or equal to this threshold, and the
value at the last sampling interval was greater than this threshold, a single event
is generated.
A single event is also generated if the first sample after this entry becomes valid
is less than or equal to this threshold and the associated alarmStartupAlarm is
equal to fallingAlarm or risingOrFallingAlarm.
After a falling event is generated, another such event is not generated until the
sampled value rises above this threshold and reaches the alarmRisingThreshold.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
208 Configuring RMON

Field Description

This object cannot be modified if the associated alarmStatus object is equal to


valid.
FallingEventInd The index of the eventEntry that is used when a falling threshold is crossed.
ex
The eventEntry identified by a particular value of this index is the same as
identified by the same value of the eventIndex object. If there is no corresponding
entry in the eventTable, then no association exists.
In particular, if this value is zero, no associated event is generated, as zero is not
a valid event index. This object cannot be modified if the associated alarmStatus
object is equal to valid (1).
Owner The entity that configured this entry and is therefore using the resources assigned
to it.
Status The status of this alarm entry.

Configuring RMON events


You can configure RMON events that work with alarms to notify you when
values in your network go out of a specified range. When a value passes
the specified range, the alarm is triggered and fires. The event specifies
how the activity is recorded.

Creating events
You can create an event using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Alarms.
The RmonAlarms dialog box opens with the Alarms tab displayed.
2 Click the Event tab.
The RmonAlarms, Event tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON alarms 209

See the following procedure job aid.


3 In the RmonAlarms, Event tab, click Insert.
The RmonAlarms, Insert Event dialog box opens.

ATTENTION
When you create an alarm, if RisingEvent and FallingEvent do not appear
in the Description field on the RmonAlarms, Event tab, Device Manager
creates them. These events are used during alarm creation and appear
in the RisingEventIndex and FallingEventIndex fields on the RmonAlarms,
Alarm tab.

4 In the RmonAlarms, Insert Event dialog box Description field,


type a name for the event.
5 Select the type of event you want.
The default setting is log-and-trap. You can choose to set the event
type to log to save memory or to snmp-log to reduce traffic from
the switch.
If you select snmp-trap or log, you must set trap receivers in order to
receive the trap if it is generated.
6 Click Insert.
The new event is displayed in the Event tab of the RmonAlarms
dialog box.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
210 Configuring RMON

Procedure job aid


Field Description
Index An index that uniquely identifies an entry in the event table.
Each entry defines one event that is to be generated when
the appropriate conditions occur.
Description Describes if this is a rising or falling event.
Type The type of notification that the Device Manager provides
about this event. In the case of log, an entry is made in
the log table for each event. In the case of trap, an SNMP
trap is sent to one or more management stations. Possible
notifications are as follows:
• none
• log
• trap
• log-and-trap
Community The SNMP community string acts as a password. Only
those management applications with this community string
can view the alarms.
LastTimeSent The value of sysUpTime at the time this event entry last
generated an event. If this entry has not generated any
events, this value is zero.
Owner If traps are specified to be sent to the owner, then this is the
IP address of the machine that receives alarm traps.

Viewing events
You can view a table of RMON Alarm events using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Alarms.
The RmonAlarms dialog box opens with the Alarms tab displayed.
2 Click the Event tab.
The Event tab appears.

—End—

Deleting events
You can delete an event using Device Manager.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Configuring RMON alarms 211

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Alarms.
The RmonAlarms dialog box opens with the Alarms tab displayed.
2 Click the Event tab.
The Event tab appears.

3 Select the event you want to delete.

4 Click Delete.

—End—

Viewing log files


You can view the RMON log information using Device Manager.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose RMON > Alarms.
The RmonAlarms dialog box opens with the Alarm tab displayed.
2 Click the Log tab.
The Log tab appears.

See the following procedure job aid.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
212 Configuring RMON

Procedure job aid


Field Description
Time The time the alarm event occurred.
Description The alarm description.

HP OpenView
You can integrate RMON into HP OpenView. You must set the HP
OpenView path to include the UNIX environment variable. The path is set
in the .cshrc file.

Procedure steps
Step Action

1 To see the path, enter the following:


setenv | grep PATH
The following is an example of a displayed path:
PATH=/usr/local/
xemacs/bin/sparc-sun-solaris2.4:
bin:/sbin:/usr/sbin:/usr/ccs/bin:/usr/dt/bin:/usr/open-
win/bin:/
usr/etc:/usr/ucb:/usr/local/bin:/usr/lo-
cal/share/lib:/usr/local/
share/bin:/opt/OV/bin:/home/jblogs/bin:.

2 Ensure that the HP OpenView directory is in path /opt/OV/bin


MIB files are shipped with the Device Manager, in the following
directory:
dm/dmdb/acc/OV/mibs

3 Load each of the MIB files in the following order:


• rfc1213.mib
• rfc1493.mib
• rfc1643.mib
• rfc1757.mib

—End—

Now you can start HP OpenView.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
HP OpenView 213

Configuring HP OpenView to function with Device Manager


You can verify that the switch is sending the traps. When both HP OpenView
and Device Manager are running on a machine, and that machine is
configured on the switch as a trap receiver, HP OpenView is the process that
receives the trap. HP OpenView then passes the trap to Device Manager.
HP OpenView intercepts the trap message. If Device Manager displays a
trap, HP OpenView has also received the trap.
The Log only event categorization bug in HP OpenView 4.0 causes traps to
be written to the ASCII trap log file and to be displayed in the event browser.
The default category for SNMP traps, such as link up and link down, is Log
only. The correct procedure for an event (trap) with a Log only categorization
is that it only be written to the ASCII trap log file.
In version 4.0, standard SNMP traps are displayed in the event browser
when the default category of Log only is selected. However, SNMP traps
are not displayed in the event browser version 5.0 because this bug is
fixed. If users are not aware that version 4.0 had a problem, then they can
erroneously assume that the switch is not sending these traps. In this case,
you can view the ASCII trap log file:
/var/opt/OV/share/log/trapd.log
To display standard SNMP traps in the event browser for HP OpenView 5.0:

Procedure steps
Step Action

1 Select Options > Event Configuration.

2 Select the enterprise name snmpTraps.


3 Double-click the event (trap) name that you want to verify.

4 Change the category from Log Only to any event type: Error Events,
Threshold Events (normally used for RMON alarms), Status Events,
Configuration Events, or Application Alert Events. Click OK.
5 Choose File and then choose Save.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
214 Configuring RMON

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
215

Displaying network statistics


This section describes how to monitor the network utilizing graphs for port
and chassis statistics.

Navigation
• "Graphing port statistics" (page 215)
• "Graphing chassis statistics" (page 226)

Graphing port statistics


This topic describes the various port statistics tabs in the Graph Port dialog
box and includes descriptions of the statistics fields.

All graphing port tables have the following buttons: Line Chart, Area Chart,
Bar Chart, Pie Chart, Export Data, Print table, Clear Counter, Close, and
Help.

To reset the statistics counters, use the Clear Counter button. When you
click this button, all Cumulative, Average, Minimum, Maximum, and LastVal
columns are reset to zero and automatically begin to recalculate statistical
data.

ATTENTION
Device Manager Clear Counter function does not affect the AbsoluteValue
counter of the switch. The Clear Counter function clears all cached data in Device
Manager (except AbsoluteValue). To reset AbsoluteValue(s), use the Reset
Counter function (Edit > Chassis > System).

Graphing ports for single or multiple ports


To graph port statistics for a single port or multiple ports, select the port or
ports on the chassis you want to graph.
• Right-click a port or ports. On the shortcut menu, choose Graph.
• From the Device Manager menu bar, choose Graph > Port.
• On the Device Manager toolbar, click the Graph Selected button.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
216 Displaying network statistics

ATTENTION
Some statistics are available only when you graph a single port.

Navigation
• "Graphing ports for single or multiple ports" (page 215)
• "Graphing interface statistics" (page 216)
• "Graphing Ethernet error statistics" (page 217)
• "Graphing port utilization statistics" (page 220)
• "Graphing bridging statistics" (page 221)
• "Graphing RMON port statistics" (page 222)
• "Graphing EAPOL port statistics" (page 224)

Graphing interface statistics


Use the Graph Interface tab to graph interface statistics.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.

2 From the Device Manager menu bar, choose Graph > Port.
The Graph Port dialog box opens with the Interface tab displayed.

See the following procedure job aid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing port statistics 217

—End—

Procedure job aid


Field Description
InOctets The total number of octets received on the interface, including framing
characters.
InUcastPkts The number of packets delivered by this sub-layer to a higher sub-layer that
were not addressed to a multicast or broadcast address at this sub-layer.
InNUcastPkts The number of non-unicast (that is, a subnetwork-broadcast or
subnetwork-multicast) packets delivered to a higher-layer protocol.
InDiscards The number of inbound packets that were discarded because of frames with
errors or invalid frames or, in some cases, to fill up buffer space.
InErrors For packet-oriented interfaces, the number of inbound packets that contained
errors preventing them from being deliverable to a higher-layer protocol.
For character-oriented or fixed-length interfaces, the number of inbound
transmission units that contained errors preventing them from being deliverable
to a higher-layer protocol.
OutOctets The total number of octets transmitted out of the interface, including framing
characters.
OutUcastPkts The number of packets that higher-level protocols requested be transmitted that
were not addressed to a multicast address at this sub-layer. This total number
includes those packets discarded or not sent.
OutNUcastPkts The total number of packets that higher-level protocols requested be
transmitted, and that were addressed to a multicast or broadcast address at this
sub-layer, including those that were discarded or not sent.
OutDiscards The number of outbound packets which were chosen to be discarded even
though no errors had been detected to prevent their being transmitted. One
possible reason for discarding such a packet is to free up buffer space.
OutErrors For packet-oriented interfaces, the number of outbound packets that could
not be transmitted because of errors. For character-oriented or fixed-length
interfaces, the number of outbound transmission units that could not be
transmitted because of errors.
OutQlen The length of the output packet queue (in packets).

Graphing Ethernet error statistics


Use the Ethernet Errors tab to graph Ethernet error statistics.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
218 Displaying network statistics

2 From the Device Manager menu bar, choose Graph > Port.
The Graph Port dialog box opens with the Interface tab displayed.

3 Click the Ethernet tab.


The Ethernet tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
AlignmentErrors A count of frames received on a particular interface that are not an
integral number of octets in length and do not pass the FCS check.
The count represented by an instance of this object is incremented
when the alignmentError status is returned by the MAC service to the
LLC (or other MAC user).
Received frames for which multiple error conditions obtain are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the
LLC.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing port statistics 219

Field Description
FCSErrors A count of frames received on a particular interface that are an
integral number of octets in length but do not pass the FCS check.
The count represented by an instance of this object is incremented
when the frameCheckError status is returned by the MAC service
to the LLC (or other MAC user).
Received frames for which multiple error conditions obtained are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the
LLC.
InternalMacTransmitErrors A count of frames for which transmission on a particular interface fails
due to an internal MAC sub-layer transmit error.
A frame is only counted by an instance of this object if it
is not counted by the corresponding instance of either the
dot3StatsLateCollisions object, the dot3StatsExcessiveCollisions
object, or the dot3StatsCarrierSenseErrors object.
The precise meaning of the count represented by an instance of this
object is implementation specific. In particular, an instance of this
object can represent a count of transmission errors on a particular
interface that are not otherwise counted.
InternalMacReceiveErrors A count of frames for which reception on a particular interface fails
due to an internal MAC sub-layer receive error.
A frame is only counted by an instance of this object if it
is not counted by the corresponding instance of either the
dot3StatsFrameTooLongs object, the dot3StatsAlignmentErrors
object, or the dot3StatsFCSErrors object.
The precise meaning of the count represented by an instance of this
object is implementation specific. In particular, an instance of this
object can represent a count of receive errors on a particular interface
that are not otherwise counted.
CarrierSenseErrors The number of times that the carrier sense condition was lost or
never asserted when attempting to transmit a frame on a particular
interface. The count represented by an instance of this object is
incremented at most once per transmission attempt, even if the
carrier sense condition fluctuates during a transmission attempt.
FrameTooLongs A count of frames received on a particular interface that exceed
the maximum permitted frame size. The count represented by an
instance of this object is incremented when the frameTooLong status
is returned by the MAC service to the LLC (or other MAC user).
Received frames for which multiple error conditions obtained are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the
LLC.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
220 Displaying network statistics

Field Description
SQETestErrors A count of times that the SQE TEST ERROR message is generated
by the physical signaling sublayer (PLS) for a particular interface.
The SQE TEST ERROR message is defined in section 7.2.2.2.4
of ANSI/IEEE 802.3-1985 and its generation described in section
7.2.4.6 of the same document.
DeferredTransmissions A count of frames for which the first transmission attempt on a
particular interface is delayed because the medium is busy. The
count represented by an instance of this object does not include
frames involved in collisions.
SingleCollisionFrames A count of successfully transmitted frames on a particular
interface for which transmission is inhibited by exactly one
collision. A frame that is counted by an instance of this object
is also counted by the corresponding instance of either the
ifOutUcastPkts, ifOutMulticastPkts, or ifOutBroadcastPkts,
objects and is not counted by the corresponding instance of the
dot3StatsMultipleCollisionFrames object.
MultipleCollisionFrames A count of successfully transmitted frames on a particular interface
for which transmission is inhibited by more than one collision.
A frame that is counted by an instance of this object is also
counted by the corresponding instance of either the ifOutUcastPkts,
ifOutMulticastPkts, or ifOutBroadcastPkts, objects and is not counted
by the corresponding instance of the dot3StatsSingleCollisionFrames
object.
LateCollisions The number of times that a collision is detected on a particular
interface later than 512 bit-times into the transmission of a packet;
512 corresponds to 51.2 microseconds on a 10 Mbit/s system. A
(late) collision included in a count represented by an instance of this
object is also considered as a (generic) collision for purposes of other
collision-related statistics.
ExcessiveCollisions A count of frames for which transmission on a particular interface
fails due to excessive collisions.

Graphing port utilization statistics


Use the Utilization tab to graph port utilization statistics.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.

2 From the Device Manager menu bar, choose Graph > Port.
The Graph Port dialog box opens with the Interface tab displayed.

3 Click the Utilization tab.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing port statistics 221

The Utilization tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
TxSec The number of transmit packets transmitted by this port in one
second.
RxSec The number of receive packets received by this port in one
second.
Utilization The port utilization statistics and characteristics.

Graphing bridging statistics


Use the Bridging tab to graph port bridging statistics.

Procedure steps
Step Action

1 On the device view, select a port or multiple ports.


2 From the Device Manager menu bar, choose Graph > Port.
The Graph Port dialog box opens with the Interface tab displayed.

3 Click the Bridging tab.


The Bridging tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
222 Displaying network statistics

See the following procedure job aid.

—End—

Procedure job aid


Field Description
Frames In The number of frames that have been received by this port from its
segment. Note that a frame received on the interface corresponding
to this port is only counted by this object if and only if it is for a
protocol being processed by the local bridging function, including
bridge management frames.
Frames Out The number of frames that have been transmitted by this port
to its segment. Note that a frame transmitted on the interface
corresponding to this port is only counted by this object if and only
if it is for a protocol being processed by the local bridging function,
including bridge management frames.
Discarded Frames In Count of valid frames that have been received by this port from
its segment which were discarded (for example, filtered) by the
Forwarding Process.
InOverflowFrames The number of times the associated dot1dTpPortInFrames counter
has overflowed.
OutOverflowFrames The number of times the associated dot1dTpPortOutFrames counter
has overflowed.

Graphing RMON port statistics


Use the RMON tab to graph RMON port statistics.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Graph > Port.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing port statistics 223

ATTENTION
RMON must be enabled globally to view these statistics. See "Configuring
and enabling RMON options" (page 190).

The Graph Port dialog box opens with the Interface tab displayed.

2 Click the RMON tab.


The Rmon tab appears.

See the following procedure job aid.

3 If you want to clear the counters, click Clear Counters.

—End—

Each of the following fields shows a number value.

Procedure job aid


Field Description
Octets Octets.
Pkts Packets.
BroadcastPkts Broadcast packets.
MulticastPkts Multicast packets.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
224 Displaying network statistics

Field Description
DropEvents Occurrences of dropped traffic.
CRCAlignErrors Frame Check Sequence (FCS) and align errors.
UnderSizePkts Under-sized packets.
OverSizePkts Over-sized packets.
Fragments Fragmented packets.
Collisions Packets in a collision.
Jabbers Packets that are greater than 1518 with bad
Cyclical Redundancy Check (CRC)/Frame Check
Sequence (FCS) due to Carrier-Sense Multiple
Access/Collision Detection (CSMA/CD) violation.
Pkts64Octets Packets that are 64 octets or less.
Pkts65to127Octets Packets that are 65 to 127 octets long.
Pkts128to255Octets Packets that are 128 to 255 octets long.
Pkts256to511Octets Packets that are 256 to 511 octets long.
Pkts512to1023Octets Packets that are 512 to 1023 octets long.
Pkts1024to1528Octets Packets that are 1024 to 1518 octets long.

Graphing EAPOL port statistics


Use the EAPOL tab to graph EAPOL port statistics.

Procedure steps
Step Action

1 From the Device Manager menu bar, choose Graph > Port.
The Graph Port dialog box opens with the Interface tab displayed.

2 Click the EAPOL tab.


The EAPOL tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing port statistics 225

See the following procedure job aid.

3 If you want to clear the counters, click Clear Counters.

—End—

Each of the following fields shows a number value.

Procedure job aid


Field Description
EapolFramesRx Displays the number of valid EAPoL frames of any type that are
received.
EapolFramesTx Displays the number of EAPoL frame types of any type that are
transmitted.
EapolStartFramesTx Displays the number of EAPoL start frames that are received.
EapolLogoffFramesTx Displays the number of EAPoL Logoff frames that are received.
EapolRespIdFramesTx Displays the number of EAPoL Resp/Id frames that are received.
EapolRespFramesTx Displays the number of valid EAP Response frames (Other than
Resp/Id frames) that are received.
EapolReqIdFramesRx Displays the number of EAPoL Req/Id frames that are received.
EapolReqFramesRx Displays the number of EAP Req/Id frames (other than Rq/Id frames)
that are received.
InvalidEapolFramesRx Displays the number of EAPoL frames that are received in which
the frame type is not recognized.
EapLengthErrorFramesRx Displays the number of EAPoL frames that are received in which the
packet body length field is not valid.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
226 Displaying network statistics

Field Description
LastEapolFrameVersion Displays the protocol version number that is in the most recently
received EAPoL frame.
LastEapolFrameSource Displays the source MAC address that is in the most recently
received EAPoL frame.

Graphing chassis statistics


This section describes how to graph chassis statistics in the Graph Chassis
dialog box.
All graphing chassis tables have the following buttons: Line Chart, Area
Chart, Bar Chart, Pie Chart, Export Data, Print table, Clear Counter, Close,
and Help. To reset the statistics counters, use the Clear Counter button.
When you click this button, all Cumulative, Average, Minimum, Maximum,
and LastVal columns are reset to zero and automatically begin to recalculate
statistical data.

ATTENTION
The Clear Counter function in Device Manager does not affect the AbsoluteValue
counter in the unit. Instead, the Clear Counter function clears all cached data in
Device Manager (except AbsoluteValue). To reset AbsoluteValue(s), use the
Reset Counter function (Edit > Chassis > System).

To graph chassis statistics, select the chassis.


• On the shortcut menu, choose Graph.
• From the Device Manager menu bar, choose Graph > Chassis.
• On the Device Manager toolbar, choose the Graph Selected button.

Navigation
• "Graphing SNMP statistics" (page 226)
• "Graphing IP statistics" (page 229)
• "Graphing ICMP In statistics" (page 231)
• "Graphing ICMP Out statistics" (page 232)
• "Graphing TCP statistics" (page 234)
• "Graphing UDP statistics" (page 235)

Graphing SNMP statistics


You can graph statistics for all SNMP packets that enter the chassis from
different interfaces.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing chassis statistics 227

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.

See the following procedure job aid.

—End—

Each field in the following table shows a total number for that field.

Procedure job aid


Field Description
InPkts Messages delivered to the SNMP entity from the transport service.
OutPkts SNMP messages passed from the SNMP protocol entity to the
transport service.
InTotalReqVars MIB objects retrieved successfully by the SNMP protocol entity as the
result of receiving valid SNMP Get-Request and Get-Next PDUs.
InTotalSetVars MIB objects altered successfully by the SNMP protocol entity as the
result of receiving valid SNMP Set-Request PDUs.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
228 Displaying network statistics

Field Description
InGetRequests SNMP Get-Request PDUs that have been accepted and processed
by the SNMP protocol entity.
InGetNexts SNMP Get-Next PDUs accepted and processed by the SNMP
protocol entity.
InSetRequests SNMP Set-Request PDUs accepted and processed by the SNMP
protocol entity.
InGetResponses SNMP Get-Response PDUs accepted and processed by the SNMP
protocol entity.
OutTraps SNMP Trap PDUs generated by the SNMP protocol entity.
OutTooBigs SNMP PDUs generated by the SNMP protocol entity for which the
value of the error-status field is tooBig.
OutNoSuchNames SNMP PDUs generated by the SNMP protocol entity for which the
value of the error-status field is noSuchName.
OutBadDescriptions SNMP PDUs which were generated by the SNMP protocol entity and
for which the value of the error-status field is ’badDescription’.
OutGenErrs SNMP PDUs generated by the SNMP protocol entity for which the
value of the error-status field is genErr.
InBadVersions SNMP messages delivered to the SNMP protocol entity for an
unsupported SNMP version.
InBadCommunityNames SNMP messages delivered to the SNMP protocol entity that used an
SNMP community name not known to said entity.
InBadCommunityUses SNMP messages delivered to the SNMP protocol entity that
represented an SNMP operation not allowed by the SNMP community
named in the message.
InASNParseErrs ASN.1 or BER errors encountered by the SNMP protocol entity when
decoding received SNMP messages.
InTooBigs SNMP PDUs delivered to the SNMP protocol entity for which the
value of the error-status field is tooBig.
InNoSuchNames SNMP PDUs delivered to the SNMP protocol entity for which the
value of the error-status field is noSuchName.
InBadDescriptions SNMP PDUs delivered to the SNMP protocol entity for which the
value of the error-status field is badDescription.
InReadOnlys SNMP PDUs delivered to the SNMP protocol entity for which the
value of the error-status field is readOnly. It is a protocol error
to generate an SNMP PDU containing the value "readOnly" in
the error-status field. This object is provided to detect incorrect
implementations of the SNMP.
InGenErrs SNMP PDUs delivered to the SNMP protocol entity for which the
value of the error-status field is genErr.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing chassis statistics 229

Graphing IP statistics
You can graph statistics for all IP packets that enter the chassis from
different interfaces.

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.

2 Click the IP tab.


The IP tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
InReceives Input datagrams received from interfaces, including those received in error.
InHdrErrors Input datagrams discarded due to errors in their IP headers, including bad
checksums, version number mismatch, other format errors, time-to-live
exceeded, errors discovered in processing their IP options.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
230 Displaying network statistics

Field Description
InAddrErrors Input datagrams discarded because the IP address in their IP header
destination field was not a valid address to be received at this entity. This
count includes invalid addresses (for example, 0.0.0.0) and addresses of
unsupported Classes (for example, Class E). For entities that are not IP
Gateways and therefore do not forward datagrams, this counter includes
datagrams discarded because the destination address was not a local
address.
ForwDatagrams Input datagrams for which this entity was not their final IP destination, as a
result of which an attempt was made to find a route to forward them to that
final destination. In entities that do not act as IP Gateways, this counter
includes only those packets that were Source-Routed by way of this entity
and had successful Source-Route option processing.
InUnknownProtos Locally addressed datagrams received successfully but discarded because
of an unknown or unsupported protocol.
InDiscards Input IP datagrams for which no problems were encountered to prevent
their continued processing but that were discarded (for example, for lack
of buffer space). Note that this counter does not include any datagrams
discarded while awaiting reassembly.
InDelivers Input datagrams successfully delivered to IP user-protocols (including
ICMP).
OutRequests IP datagrams that local IP user-protocols (including ICMP) supplied to IP
in requests for transmission. Note that this counter does not include any
datagrams counted in ipForwDatagrams.
OutDiscards Output IP datagrams for which no problem was encountered to prevent
their transmission to their destination, but that were discarded (for
example, for lack of buffer space). Note that this counter would include
datagrams counted in ipForwDatagrams if any such packets met this
(discretionary) discard criterion.
OutNoRoutes IP datagrams discarded because no route was found to transmit them to
their destination. Note that this counter includes any packets counted in
ipForwDatagrams that meet this no-route criterion. This counter includes
any datagrams a host cannot route because all of its default gateways
are down.
FragOKs IP datagrams that have been successfully fragmented at this entity.
FragFails IP datagrams that have been discarded because they needed to be
fragmented at this entity but could not be, for example, because their Don’t
Fragment flag was set.
FragCreates IP datagram fragments that have been generated as a result of
fragmentation at this entity.
ReasmReqds IP fragments received that needed to be reassembled at this entity.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing chassis statistics 231

Field Description
ReasmOKs IP datagrams successfully reassembled.
ReasmFails Failures detected by the IP reassembly algorithm (for whatever reason:
timed out, errors, and so on). Note that this number is not necessarily
a count of discarded IP fragments because some algorithms (notably
the algorithm in RFC 815) can lose track of the number of fragments by
combining them as they are received.

Graphing ICMP In statistics


You can graph statistics for all ICMP packets received into the chassis from
different interfaces.

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.

2 Click the ICMP In tab.


The ICMP In tab appears.

See the following procedure job aid.

—End—

Each of the following fields shows a total number of ICMP messages; each
ICMP field type is described.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
232 Displaying network statistics

Procedure job aid


Field Description
Msgs The total number of ICMP messages that the entity received.
Note that this counter includes all those counted by
icmpInErrors.
Errors Messages that the entity received but determined as having
ICMP-specific errors (for example, bad ICMP checksums,
bad length, and so on).
SrcQuenchs Source Quench messages received.
Redirects Redirect messages received.
Echos Echo (request) messages received.
EchoReps Echo Reply messages received.
Timestamps Timestamp (request) messages received.
TimestampReps Timestamp Reply messages received.
AddrMasks Address Mask Request messages received.
AddrMaskReps Address Mask Reply messages received.
ParmProbs Parameter Problem messages received.
DestUnreach Destination Unreachable messages received.
TimeExcd The number of ICMP Time Exceeded messages received.

Graphing ICMP Out statistics


The Internet Control Message Protocol (ICMP) Out tab displays statistics
for all ICMP sent messages.

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.

2 Click the ICMP Out tab.


The ICMP Out tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing chassis statistics 233

See the following procedure job aid.

—End—

Procedure job aid


Field Description
Msgs The total number of ICMP messages that this entity
attempted to send. Note that this counter includes all those
counted by icmpOutErrors.
Errors The number of ICMP messages that this entity did not send
due to problems discovered within ICMP such as a lack
of buffers. This value does not include errors discovered
outside the ICMP layer such as the inability of IP to route the
resultant datagram. In some implementations, there are no
types of error that contribute to this counter value.
SrcQuenchs The number of ICMP Source Quench messages sent.
Redirects The number of ICMP Redirect messages received. For a
host, this object is always zero, because hosts do not send
redirects.
Echos The number of ICMP Echo (request) messages sent.
EchoReps The number of ICMP Echo Reply messages sent.
Timestamps The number of ICMP Timestamp (request) messages sent.
TimestampReps The number of ICMP Timestamp Reply messages sent.
AddrMasks The number of ICMP Address Mask Request messages
sent.
AddrMaskReps The number of ICMP Address Mask Reply messages sent.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
234 Displaying network statistics

Field Description
ParmProbs The number of ICMP Parameter Problem messages sent.
DestUnreachs The number of ICMP Destination Unreachable messages
sent.
TimeExcds The number of ICMP Time Exceeded messages sent.

Graphing TCP statistics


You can graph statistics for all Transmission Control Protocol (TCP)
messages.

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.
2 Click the TCP tab.
The TCP tab appears.

See the following procedure job aid.

—End—

Procedure job aid


Field Description
ActiveOpens The number of times TCP connections have made a direct
transition to the SYN-SENT state from the CLOSED state.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Graphing chassis statistics 235

Field Description
PassiveOpens The number of times TCP connections have made a direct
transition to the SYN-RCVD state from the LISTEN state.
AttemptFails The number of times TCP connections have made a direct
transition to the CLOSED state from either the SYN-SENT
state or the SYN-RCVD state, plus the number of times TCP
connections have made a direct transition to the LISTEN
state from the SYN-RCVD.
EstabResets The number of times TCP connections have made a
direct transition to the CLOSED state from either the
ESTABLISHED state or the CLOSE-WAIT state.
CurrEstab The number of TCP connections for which the current state
is either ESTABLISHED or CLOSE- WAIT.
InSegs The total number of segments received, including those
received in error. This count includes segments received on
currently established connections.
OutSegs The total number of segments sent, including those on
current connections but excluding those containing only
retransmitted octets.
RetransSegs The total number of segments retransmitted - that is, the
number of TCP segments transmitted containing one or
more previously transmitted octets.
InErrs The total number of segments received in error (for example,
bad TCP checksums).
OutRsts The number of TCP segments sent containing the RST flag.

Graphing UDP statistics


You can graph statistics for all User Datagram Protocol (UDP) messages.

Procedure steps
Step Action

1 From the Device Manager Menu bar, choose Graph > Chassis.
The Graph Chassis dialog box opens with the SNMP tab displayed.

2 Click the UDP tab.


The UDP tab appears.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
236 Displaying network statistics

See the following procedure job aid.

—End—

Procedure job aid


Field Description
InDatagrams The total number of UDP datagrams delivered to UDP users.
NoPorts The total number of received UDP datagrams for which there was no
application at the destination port.
InErrors The number of received UDP datagrams that could not be delivered for
reasons other than the lack of an application at the destination port.
OutDatagrams The total number of UDP datagrams sent from this entity.

System monitoring
You can capture system events with the Ethernet Services Unit system
monitoring feature. The following system monitoring features are available:
• Logs and syslogs
• RDP sent and received counters on ring facing ports
• RRP Hello counters

In addition, ESU syslog also captures the following events:


• EVPN Link Up/Down Messages sent and received
• Mcast Link Up/Down Messages sent and received for any failure
occurrences

System monitoring navigation


• "Configuring a syslog host" (page 237)
• "Enabling and disabling syslog messages" (page 238)
• "Deleting syslog hosts" (page 239)

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
System monitoring 237

Configuring a syslog host


Configure a syslog host to the manage event messages. You configure
syslog hosts on ports.

Procedure steps
Step Action

1 Select the port you want to configure.

2 On the Device Manager menu bar, select Edit > Syslog .


The Syslog dialog box appears.
3 Select the Host tab.

4 Click Insert .
The Insert Host dialog box appears.

5 Complete the dialog box as required.


For more information, see "Insert Syslog Host variable definitions"
(page 238).
For more information, see the following procedure job aid.

6 Click Insert.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
238 Displaying network statistics

Insert Syslog Host variable definitions

Procedure job aid


Field Description
Id The value (0 through 10) that identifies the host.
IP The IP address for the host.
Valid options are:
• 1.0.0.1-126.255.255.254 - the last three
octets cannot be 255.255.255 or 0.0.0
• 128.0.0.1-191.255.255.254 - the last two
octets cannot be 255.255 or 0.0
• 192.0.0.1-223.255.255.254 - the last octet
cannot be 255 or 0
Severity The severity level for events included in the
syslog.
Facility The local use facility for processes and daemons
that have no assigned facility value.
UDPPort The value for the UDP port (514-530).
Enable Select to enable the host.

Enabling and disabling syslog messages


Enable or disable syslog messages that capture the configured events in
the syslog. You enable and disable syslog messages on ports.

Procedure steps
Step Action

1 Select the port you want to configure.

2 On the Device Manager menu bar, select Edit > Syslog.


The Syslog dialog box appears with the General tab displayed.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
System monitoring 239

3 Complete the fields as required.


For more information, see "Syslog variable definitions" (page 239).

4 Click Apply.

—End—

Syslog variable definitions

Procedure job aid


Field Description
State Enable or disable syslogs.
MaxHostSupport The maximum number (1 through 10) of syslog
hosts.

Deleting syslog hosts


Delete syslog hosts when you exceed the allowable number of hosts (10)
and must capture different messages.

Procedure steps
Step Action

1 Select the port with a syslog host that you want to delete.
2 On the Device Manager menu bar, select Edit > Syslog.
The Syslog dialog box appears.

3 Select the Host tab.

4 Select the host that you want to delete.

5 Click Delete.

—End—

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
240 Displaying network statistics

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
241

Appendix
RMON alarm reference
RMON alarm reference information is divided into three categories: Security,
Errors, and Traffic. Each category can have a number of subcategories.

"Alarm variables" (page 241) lists the alarm variable categories and provides
a brief variable description.

Alarm variables
Category Subcategory Field Definition
Security snmpInBadCommunity The total number of SNMP messages
Names.0 delivered to the SNMP protocol entity
that represented an SNMP operation not
allowed by the SNMP community named
in the message.
Errors Interface ifInDiscards The number of inbound packets chosen to
be discarded even though no errors were
detected to prevent their being deliverable
to a higher-layer protocol. One possible
reason for discarding such a packet is to
free up buffer space.
ifInErrors For packet-oriented interfaces, the
number of inbound packets that contained
errors preventing them from being
delivered to a higher-layer protocol.
For character-oriented or fixed-length
interfaces, the number of inbound
transmission units that contained errors
preventing them from being delivered to a
higher-layer protocol.
ifOutDiscards The number of outbound packets chosen
to be discarded even though no errors
had been detected to prevent their being
transmitted. One possible reason for
discarding such a packet is to free up
buffer space.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
242 Appendix RMON alarm reference

Category Subcategory Field Definition


ifOutErrors For packet-oriented interfaces, the
number of outbound packets that could
not be transmitted because of errors.
For character-oriented or fixed-length
interfaces, the number of outbound
transmission units that could not be
transmitted because of errors.
Ethernet dot3StatsAlignment A count of frames received on a particular
Errors interface that are not an integral number
of octets in length and do not pass the
Frame Check Sequence (FCS) check.
The count represented by an instance
of this object is incremented when the
alignmentError status is returned by the
MAC service to the LLC (or other MAC
user). Received frames for which multiple
error conditions exist are, according to
the conventions of IEEE 802.3 Layer
Management, counted exclusively
according to the error status presented
to the LLC.
dot3StatsFCSErrors A count of frames received on a particular
interface that are an integral number
of octets in length but do not pass the
FCS check. The count represented by
an instance of this object is incremented
when the frameCheckError status is
returned by the MAC service to the LLC
(or other MAC user). Received frames
for which multiple error conditions occur
are, according to the conventions of
IEEE 802.3 Layer Management, counted
exclusively according to the error status
presented to the LLC.
dot3StatsSingle A count of successfully transmitted
CollisionFrames frames on a particular interface for
which transmission is inhibited by exactly
one collision. A frame that is counted
by an instance of this object is also
counted by the corresponding instance
of either the ifOutUcastPkts object,
the ifOutMulticastPkts object, or the
ifOutBroadcastPkts object, and is not
counted by the corresponding instance
of the dot3StatsMultipleCollisionFrames
object.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 243

Category Subcategory Field Definition


dot3StatsMultiple A count of successfully transmitted
CollisionFrames frames on a particular interface for which
transmission is inhibited by more than
one collision. A frame that is counted by
an instance of this object is also counted
by the corresponding instance of either
the ifOutUcastPkts, ifOutMulticastPkts,
or ifOutBroadcastPkts object, and is not
counted by the corresponding instance
of the dot3StatsSingleCollisionFrames
object.
dot3StatsSQETest A count of times that the SQE TEST
Errors ERROR message is generated by the
PLS sub-layer for a particular interface.
The SQE TEST ERROR message is
defined in section 7.2.2.2.4 of ANSI/IEEE
802.3-1985 and its generation is
described in section 7.2.4.6 of the same
document.
dot3StatsDeferred A count of frames for which the first
Transmissions transmission attempt on a particular
interface is delayed because the medium
is busy. The count represented by an
instance of this object does not include
frames involved in collisions.
dot3StatsLate The number of times that a collision is
Collisions detected on a particular interface later
than 512 bit-times into the transmission
of a packet; 512 bit-times corresponds to
51.2 microseconds on a 10 Mbit/s system.
A (late) collision included in a count
represented by an instance of this object
is also considered as a (generic) collision
for purposes of other collision-related
statistics.
dot3StatsExcessive A count of frames for which transmission
Collisions on a particular interface fails due to
excessive collisions.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
244 Appendix RMON alarm reference

Category Subcategory Field Definition


dot3StatsInternalMac A count of frames for which transmission
TransmitErrors on a particular interface fails due to an
internal MAC sub-layer transmit error.
A frame is only counted by an instance
of this object if it is not counted by
the corresponding instance of either
the dot3StatsLateCollisions object, the
dot3StatsExcessiveCollisions object, or
the dot3StatsCarrierSenseErrors object.

The precise meaning of the count


represented by an instance of this object
is implementation specific. In particular,
an instance of this object can represent
a count of transmission errors on a
particular interface that are not otherwise
counted.
dot3StatsCarrierSense The number of times that the carrier
Errors sense condition was lost or never
asserted when attempting to transmit
a frame on a particular interface. The
count represented by an instance of
this object is incremented at most once
per transmission attempt, even if the
carrier sense condition fluctuates during a
transmission attempt.
dot3StatsFrameToo A count of frames received on a
Longs particular interface that exceed the
maximum permitted frame size. The
count represented by an instance of
this object is incremented when the
frameTooLong status is returned by the
MAC service to the LLC (or other MAC
user). Received frames for which multiple
error conditions obtained are, according
to the conventions of IEEE 802.3 Layer
Management, counted exclusively
according to the error status presented
to the LLC.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 245

Category Subcategory Field Definition


dot3StatsInternalMac A count of frames for which transmission
ReceiveErrors on a particular interface fails due to an
internal MAC sub-layer transmit error.
A frame is only counted by an instance
of this object if it is not counted by
the corresponding instance of either
the dot3StatsLateCollisions object, the
dot3StatsExcessiveCollisions object, or
the dot3StatsCarrierSenseErrors object.

The precise meaning of the count


represented by an instance of this object
is implementation specific. In particular,
an instance of this object can represent
a count of transmission errors on a
particular interface that are not otherwise
counted.
IP ipInHdrErrors.0 The number of input datagrams discarded
due to errors in their IP headers,
including bad checksums, version number
mismatch, other format errors, time-to-live
exceeded, and errors discovered in
processing their IP options.
ipInDiscards.0 The number of input IP datagrams for
which no problems were encountered
to prevent their continued processing
but that were discarded (for example,
for lack of buffer space). Note that this
counter does not include any datagrams
discarded while awaiting reassembly.
ipOutDiscards.0 The number of output IP datagrams
for which no problem was encountered
to prevent their transmission to their
destination but that were discarded (for
example, for lack of buffer space). Note
that this counter would include datagrams
counted in ipForwDatagrams if any such
packets met this (discretionary) discard
criterion.
ipFragFails.0 The number of IP datagrams discarded
because they needed to be fragmented at
this entity but could not be, for example,
because their Don’t Fragment flag was
set.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
246 Appendix RMON alarm reference

Category Subcategory Field Definition


ipReasmFails.0 The number of failures detected by the
IP reassembly algorithm (for whatever
reason: timed out, errors, and so forth).
Note that this is not necessarily a count
of discarded IP fragments because some
algorithms (notably the algorithm in RFC
815) can lose track of the number of
fragments by combining them as they are
received.
icmpInParmProbs.0 The number of ICMP In parameter
problem messages received.
icmpOutParmProbs.0 The number of ICMP Out parameter
problem messages received.
Other snmpInAsnParseErrs.0 The total number of ASN.1 or BER errors
encountered by the SNMP protocol
entity when decoding received SNMP
messages.
rcStgPortInBadBpdus The number of bad BPDUs received by
this port.
dot1dTpPortInDiscards Count of valid frames received that
were discarded (that is, filtered) by the
forwarding process.
rip2ifStatRcvBad The number of routes in valid RIP packets
Packets ignored for any reason.
rip2ifStatRcvBad The number of RIP response packets
Routes received by the RIP process that were
subsequently discarded for any reason.
Traffic Interface ifInOctets The total number of octets received on the
interface, including framing characters.
ifInMulticastPkts The number of packets, delivered by
this sub-layer to a higher sub-layer,
addressed to a multicast address at this
sub-layer. For a MAC layer protocol,
this number includes both Group and
Functional addresses.
ifInBroadcastPkts The number of packets, delivered by this
sub-layer to a higher sub-layer, addressed
to a broadcast address at this sub-layer.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 247

Category Subcategory Field Definition


ifInUnkownProtos For packet-oriented interfaces, the
number of packets received by the
interface discarded because of an
unknown or unsupported protocol.
For character-oriented or fixed-length
interfaces that support protocol
multiplexing, the number of transmission
units received by the interface discarded
because of an unknown or unsupported
protocol. For any interface that does not
support protocol multiplexing, this counter
will always be 0.
ifOutOctets The total number of octets transmitted
out of the interface, including framing
characters.
ifOutMulticastPkts The total number of packets that
higher-level protocols requested be
transmitted, and addressed to a multicast
address at this sub-layer, including those
discarded or not sent. For a MAC layer
protocol, this includes both Group and
Functional addresses.
ifoutBroadcastPkts The total number of packets that
higher level protocols requested to be
transmitted, and addressed to a broadcast
address at this sub layer, including those
discarded or not sent.
ifLastChange The value of sysUpTime at the time the
interface entered its current operational
state. If the current state was entered
prior to the last reinitialization of the local
network management subsystem, then
this object contains a zero value.
RmonEther etherStatsOctets The total number of octets of data
Stats (including those in bad packets) received
on the network (excluding framing bits
but including FCS octets). This object
can be used as a reasonable estimate
of Ethernet utilization. For greater
precision, sample the etherStatsPkts and
etherStatsOctets objects before and after
a common interval.
etherStatsPkts The total number of packets (including
bad packets, broadcast packets, and
multicast packets) received.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
248 Appendix RMON alarm reference

Category Subcategory Field Definition


etherStatsBroadcast The total number of good packets
Pkts received that were directed to the
broadcast address. Note that this number
does not include multicast packets.
etherStatsMulticast The total number of good packets
Pkts received that were directed to a multicast
address. Note that this number does not
include packets directed to the broadcast
address.
The total number of packets received that
had a length (excluding framing bits, but
including FCS octets) of between 64 and
1518 octets, inclusive, but had either a
bad Frame Check Sequence (FCS) with
an integral number of octets (FCS Error)
etherStatsCRCAlign or a bad FCS with a nonintegral number
Errors of octets (Alignment Error).
etherStatsUndersize The total number of packets received that
Pkts were less than 64 octets long (excluding
framing bits, but including FCS octets)
and were otherwise well formed.
etherStatsOversize The total number of packets received that
Pkts were longer than 1518 octets (excluding
framing bits, but including FCS octets)
and were otherwise well formed.
etherStatsFragments The total number of packets received
that were less than 64 octets in length
(excluding framing bits but including FCS
octets) and had either a bad Frame Check
Sequence (FCS) with an integral number
of octets (FCS Error) or a bad FCS with a
nonintegral number of octets (Alignment
Error).
It is entirely normal for etherStatsFragm
ents to increment because it counts both
runts (which are normal occurrences due
to collisions) and noise hits.

Category Subcategory Field Definition


etherStatsCollisions The best estimate of the total number of
collisions on this Ethernet segment.
IP ipInReceives.0 All incoming IP packets.
ipInAddrErrors.0 The number of bad IP destination
addresses.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 249

Category Subcategory Field Definition


ipForwDatagrams.0 IP packets forwarded.
ipInUnknownProtos.0 Number of unsupported IP protocols.
ipInDelivers.0 The number of IP In packets delivered.
ipOutRequests.0 The total number of IP datagrams that
local IP user-protocols supplied to IP in
request for transmission.
ipOutNoRoutes.0 The number of IP datagrams discarded
because no route was found to transmit
to their destination.
ipFragOKs.0 The number of IP datagrams that have
been successfully fragmented.
ipFragCreates.0 The number of IP datagram fragments
that have been generated as a result of
fragmentation.
ipReasmReqds.0 The number of requests to reassemble
fragments.
ipReasmOKs.0 The number of fragments reassembled
successfully.
ICMP IcmpInSrcQuenchs.0 The number of ICMP Source Quench
messages received.
icmpInRedirects.0 The number of ICMP redirect messages.
icmpInEchos.0 The number of ICMP Echo requests
messages received.
icmpInEchosReps.0 The number of ICMP Echo reply
messages received.
icmpInTimeStamps.0 The number of ICMP timestamp request
messages received.
icmpInTimeStamps The number of ICMP timestamp reply
Reps.0 messages received.
icmpInAddrMasks.0 The number of ICMP mask request
messages reviewed.
icmpInAddrMasks The number of ICMP mask reply
Reps.0 messages reviewed.
icmpInDestUnreachs.0 The number of ICMP destinations
unreachable messages received.
icmpInTimeExcds.0 The number of ICMP Time Exceeded
messages received.
icmpOutSrcQuenchs.0 The number of ICMP Source Quench
messages sent.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
250 Appendix RMON alarm reference

Category Subcategory Field Definition


icmpOutRedirects.0 The number of ICMP redirect messages
sent.
icmpOutEchos.0 The number of ICMP Echo request
messages sent.
icmpOutEchosReps.0 The number of ICMP Echo reply
messages sent.
icmpOutTimeStamps.0 The number of ICMP Timestamp request
messages sent.
icmpOutTimeStamps The number of ICMP Timestamp reply
Reps.0 messages sent.
icmpOutAddrMasks.0 The number of ICMP Address mask
messages sent.
icmpOutAddrMasks The number of ICMP Address mask reply
Reps.0 messages sent.
icmpOutDest The number of ICMP destination
Unreachs.0 unreachable messages sent.
icmpOutTimeExcds.0 The number of ICMP time exceeded
messages sent.
Snmp snmpInPkts.0 The total number of messages delivered
to the SNMP entity from the transport
service.
snmpOutPkts.0 The total number of SNMP messages
passed from the SNMP protocol entity to
the transport service.
snmpInBadVersions.0 The total number of SNMP messages
delivered to the SNMP protocol entity and
were for an unsupported SNMP version.
snmpInBadCommunity The total number of SNMP messages
Uses.0 delivered to the SNMP protocol entity
that represented an SNMP operation that
was not allowed by the SNMP community
named in the message.
The total number of SNMP PDUs
delivered to the SNMP protocol entity and
for which the value of the error-status field
nmpInTooBigs.0 is tooBig.
snmpInNoSuch The total number of SNMP PDUs
Names.0 delivered to the SNMP protocol entity and
for which the value of the error-status field
is noSuchName.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 251

Category Subcategory Field Definition


snmpInBadDescriptions The total number of SNMP PDUs
.0 received that were generated by the
SNMP protocol entity and for which
the value of the error-status field is
badDescription.
snmpInReadOnlys.0 The total number of valid SNMP PDUs
delivered to the SNMP protocol entity and
for which the value of the error-status
field is readOnly. It is a protocol error to
generate an SNMP PDU that contains the
value readOnly in the error-status field; as
such, this object is provided as a means
of detecting incorrect implementations of
the SNMP.
snmpInGenErrs.0 The total number of SNMP PDUs
delivered to the SNMP protocol entity and
for which the value of the error-status field
is genErr.
snmpInTotalReqVars.0 The total number of MIB objects retrieved
successfully by the SNMP protocol entity
as the result of receiving valid SNMP
Get-Request and Get-Next PDUs.
snmpInTotalSetVars.0 The total number of MIB objects altered
successfully by the SNMP protocol entity
as the result of receiving valid SNMP
Set-Request PDUs.
snmpInGetRequests.0 The total number of SNMP Get-Request
PDUs accepted and processed by the
SNMP protocol entity.
snmpInGetNexts.0 The total number of SNMP Get-Next
PDUs accepted and processed by the
SNMP protocol entity.
snmpInSetRequests.0 The total number of SNMP Set-Request
PDUs accepted and processed by the
SNMP protocol entity.
snmpInGet The total number of SNMP Get-Response
Responses.0 PDUs accepted and processed by the
SNMP protocol entity.
snmpInTraps.0 The total number of SNMP Trap PDUs
accepted and processed by the SNMP
protocol entity.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
252 Appendix RMON alarm reference

Category Subcategory Field Definition


snmpOutTooBigs.0 The total number of SNMP PDUs
generated by the SNMP protocol entity
and for which the value of the error-status
field is tooBig.
snmpOutNoSuch The total number of SNMP PDUs
Names.0 generated by the SNMP protocol entity
and for which the value of the error-status
field is noSuchName.
snmpOutBadDescriptio The total number of SNMP PDUs sent
ns.0 that were generated by the SNMP
protocol entity and for which the value of
the error-status field is badDescription.
snmpOutGenErrs.0 The total number of SNMP PDUs
generated by the SNMP protocol entity
and for which the value of the error-status
field is genErr.
snmpOutGet The total number of SNMP Get-Request
Requests.0 PDUs generated by the SNMP protocol
entity.
snmpOutGetNexts.0 The total number of SNMP Get-Next
PDUs generated by the SNMP protocol
entity.
snmpOutSet The total number of SNMP Set-Request
Requests.0 PDUs generated by the SNMP protocol
entity.
snmpOutGet The total number of SNMP Get-Response
Responses.0 PDUs generated by the SNMP protocol
entity.
snmpOutTraps.0 The total number of SNMP Trap PDUs
generated by the SNMP protocol entity.
Bridge dot1dTpPortInFrames The number of frames received by this
port from its segment. Note that a frame
received on the interface corresponding
to this port is counted by this object if and
only if it is for a protocol being processed
by the local bridging function, including
bridge management frames.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Appendix RMON alarm reference 253

Category Subcategory Field Definition


dot1dTpPortOut The number of frames transmitted by
Frames this port to its segment. Note that
a frame transmitted on the interface
corresponding to this port is counted by
this object if and only if it is for a protocol
being processed by the local bridging
function, including bridge management
frames.
dot1dTpLearnedEntry The total number of Forwarding Database
Discards.0 entries learned or would have been
learned but were discarded due to a lack
of space to store them in the Forwarding
Database. If this counter is increasing,
it indicates that the forwarding database
is regularly becoming full (a condition
that has unpleasant performance effects
on the subnetwork). If this counter has
a significant value but is not presently
increasing, it indicates that the problem
has been occurring but is not persistent.
ip2GlobalRoute The number of changes made to the IP
RIP Changes.0 Route database by RIP.
ip2GlobalQueries.0 The number of responses sent to RIP
queries from other systems.
ip2ifStatSentUpdates The number of triggered RIP updates
actually sent on this interface.
OSPF ospfExternLSACount.0 The number of external (LSA type 5)
link-state advertisements in the link-state
database.
ospfOriginateNew The number of new link-state
Lsas.0 advertisements that have been
originated. The number increments each
time the router originates a new LSA.
ospfRxNewLsas.0 The number of link-state advertisements
received determined to be new
installations.
ospfSpfRuns The number of SPF calculations
performed by OSPF.
ospfAreaBdrRtrCount The total number of area border routers
reachable within this area.
ospfASBdrRtrCount The total number of autonomous system
border routers reachable within this area.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
254 Appendix RMON alarm reference

Category Subcategory Field Definition


ospfAreaLSACount The total number of link-state
advertisements in this area link-state
database.
ospfIfState This signifies that there has been a
change in the state of an OSPF virtual
interface.
ospfIfEvents The number of times this OSPF interface
has changed its state or an error has
occurred.
ospfVirtIfState The number of times this OSPF interface.
ospfVirtIfEvents The number of state changes or error
events on this virtual link.
ospfVirtNbrState The state of the Virtual Neighbor
Relationship.
ospfVirtNbrEvents The number of times this virtual link has
changed its state or an error has occurred.
Igmp igmpInterfaceWrong The number of queries received whose
Versions IGMP version does not match. IGMP
requires that all routers on the LAN be
configured to run the same version of
IGMP.
igmpInterfaceJoins The number of times a group membership
has been added on this interface.
igmpInterfaceLeaves The number of times a group membership
has been deleted on this interface.

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
255

Index
A 802.1p User Priority tab 186
access policies 56 Clear Counter button 215, 226
accounting information 86 configuration settings, uploading and
alarms, RMON 203 downloading 105
ARP 49 configuring 53
Configuring the MLT trunk algorithm 133
B creating firmware 103
Current VLAN 117
basic configuration 82
customer access ports, configuring 157,
basic port configuration 18, 143
167
booting firmware 104
Bridging
graphing statistics 221
D
broadcast control date and time, resetting 40
displaying 186 Daylight Saving Time, editing 41
buckets, RMON 191 Default Priority field
802.1p Default Priority tab 185
C default VLAN 112
DefaultTTL field
chassis Globals tab 46, 158, 169
contact information 26 Dest field
Daylight Saving Time 41 IP, Insert Routes dialog box 47
editing 25 Routes tab 47
editing information 31 Downloading firmware 101, 107
graphing statistics 226 duplex, setting value 20, 146
NTP global attributes 56
NTP key attributes 59
NTP server attributes 58
E
software version 26 EAPoL
Chassis tab 31 AuthControlledPortControl 177
Class field AuthControlledPortStatus 177
802.1p Default Priority tab 186 BackendAuthState 177
ClassId field configuration prerequisites 98, 173
Output Scheduling tab 183 configuring authentication status 174
Classpriority field configuring globally 99

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
256 Index

configuring ports 174 history log 106


MaxReq 178 HopOrMetric field
PaeState 177 IP, Insert Routes dialog box 48
PortInitialize 177 Routes tab 48
PortReauthenticate 177 HP OpenView 212, 212
QuietPeriod 177 HP OpenView, using with RMON 212
ReAuthEnabled 178
ReAuthPeriod 178 I
ServerTimeout 178 ICMP In statistics, graphing 231
SuppTimeout 178 ICMP Out statistics, graphing 232, 234
TxPeriod 177 IGMP access lists, configuring 156
Editing Ports 18 IGMP querier
Enable field Configuring 129
IP, Insert Routes dialog box 48 IGMP snooping 128
Routes tab 48 configuring 128
Enabling and inserting an MLT 134 global configuration 126
Enabling STP 137 IGMP Snooping
ESU menu 17 Configuring 126, 126
Ethernet error statistics, graphing 217 IGMP snooping group
events, RMON 208 Configuring 131
EVPN broadcast configuring 132
configuring 170 InDscp field 186
initialize EAPoL port 177
F Insert Routes tab
FDB fields
aging timer 119 Interface field
Configuring 118 IP, Insert Route dialog box 48
list 120 Routes tab 48
multicast 121 Interface statistics 34
filters, configuring packet 151 interface statistics, graphing 216
Forwarding field IP forwarding, enabling 44
Globals tab 45, 158, 169 IP Globals tab
full duplex, setting 20, 146 fields
IP routes, creating 46
G IP routes, deleting 48
IP statistics, graphing 229
Globals tab
accessing 44
Graphing Ports 215 L
graphing ports 215 link traps 20, 145
GVRP
Configuring 123 M
MAC address
H ports 19, 145
half duplex, setting 20, 146 MAC filters, configuring 154
hardware revision 32 management station IP address 67

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Index 257

Mask field packet policing, configuring 159


IP, Insert Routes dialog box 47 Port field
Routes tab 47 802.1p Default Priority tab 185, 186
MaxLatency field Port Interface tab 18, 143
Output Scheduling tab 183 port mirroring
MaxPkts field description 52
Output Scheduling tab 183 Port mirroring 53, 54
metering, configuring 159 Port Statistics 215
MIBs port utilization statistics 36
checking status 50 ports
checking status details 51 configuring 17, 67, 101
MLT duplex value 20, 146
configuring the MLT trunk algorithm 133 graphing 215
enabling and inserting an MLT 134 MAC address 19, 145
MLT, Globals tab MTU 19, 144
Port field 134 status 20, 145
MLT, Insert Multi Link Trunks tab type 19, 144
FloodingPort field 137 Preference field
Index field 137 IP, Insert Routes dialog box 48
MasterPort field 137 Routes tab 48
Member field 137
State field 137 Q
MTU, ports 19, 144 QOS dialog box 181
Multicast FDB 121
MultiLink Trunking 133
R
Radius 82
N authentication information 85
NextHop field authentication type 81
IP, Insert Routes dialog box 48 session information 91
Routes tab 48 RADIUS 86
NMM (network management MIB) 51 deleting the configuration, using Device
NTP global attributes, editing 56 Manager 84
NTP key attributes, editing 59 Server statistics
NTP prerequisites 56 showing statistics for, using Device
NTP server attributes, editing 58 Manager 88, 89
RADIUS servers
O adding, using Device Manager 83
out-of-profile counter rapid ping 61
viewing 169 ping responses 64
ReasmTimeout field
P Globals tab 46
reauthenticate EAPoL port 177
packet classification resetting the date and time 40
configuring 161 Ring Resiliency Protocol
packet policer Hello 38
configuring 164 RMON 212

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
258 Index

alarms 203 User security model 71


disabling history 195 software version 26, 29
disabling statistics 201 Spanning Tree Protocol. See STP 137
Ethernet statistics 196 SSH
events 208 configuring user information 97
functions 189 setting the algorithm 95
global setting and enabling 190 statistics
history 191 clearing chassis 226
history parameters, configuring 192 clearing port 215
inserting a new host name 199 disabling 201
overview 189 STP 137
using HP OpenView with 212 displaying STP port data
variables 241 Displaying STP port data 140
verifying statistics 196 enabling 137
viewing history 202, 222 spanning tree groups 137
RMON alarms 203 STP, Globals tab
viewing 206 Forwarding Delay field 140
RMON events Hello Interval field 140
creating 208 Last Topology Change field 140
deleting 210 Maximum Age field 140
viewing 210 Priority field 140
RMON History tab 202, 223 Root Cost field 140
RMON logs Root Identifier field 140
viewing 211 Root Port field 140
Routes tab StpState field 140
accessing 46 Total Topology Changes field 140
routing table 44 STP, Ports tab
Bridge field 141
S Bridge Port field 141
Learn-Forward Transitions field 141
Saving a history log 109
Path Cost field 141
selecting ports 54
Port field 141
Serial Port 24
PortState field 141
SFP types
Priority field 141
viewing Metro Ethernet Service Unit using
Root Cost field 141
DM 21
Root field 141
SNMP
Status field 141
graphing statistics 226
SVLAN
SNMP communities 68
configuring using Device Manager 147
SNMPv3
system information, editing 26
Creating group access 75
System tab 26
Default login 69
Group membership 74
Loading encryption module 70 T
Mapping a community to a group time to live, setting 46
member 79 topology 50
MIB access view 77 Topology alarms 33

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Index 259

Topology Table tab 52 Upload/download configuration settings 108


Traffic Control tab
BcastStormCtrl field 188 V
BMStormThreshold field 188 variables
DlfStormCtrl field 188 See also individual variable names 241
GroupIndex field 187 Viewing 117
McastStormCtrl field 188 VLAN
Trap Receivers tab 37 default 112
traps VLAN, Basic tab
editing receivers 37 ForbiddenPorts field 117
enabling 27, 30 Id field 117
enabling link 20, 145 Name field 117
Type field PortMembers field 117
Routes tab 48 Untagged Ports field 117, 118
VLANs
U configuring a port-based VLAN 114
UDP statistics, graphing 235

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
260 Index

Nortel Metro Ethernet Services Unit 1800 and 1850


Configuration — Using Device Manager for all Modes
NN46212-503 01.00 Standard
3.5 27 March 2008
Copyright © 2008, Nortel Networks
.
Nortel Metro Ethernet Services Unit 1800 and 1850

Configuration — Using Device Manager for all Modes


Copyright © 2008, Nortel Networks
All Rights Reserved.

Publication: NN46212-503
Document status: Standard
Document version: 01.00
Document date: 27 March 2008

Sourced in Canada and the United States of America

To provide feedback or report a problem in this document, go to www.nortel.com/documentfeedback.

www.nortel.com

LEGAL NOTICE

While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing
NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR
IMPLIED. The information and/or products described in this document are subject to change without notice.

* Nortel, the Nortel logo and the Globemark are trademarks of Nortel Networks.

All other trademarks are the property of their respective owners.