Nortel

Nortel Ethernet Routing Switch Solution
Nortel Press
Nortel Networks Inc. 4001 E. Chapel Hill-Nelson Hwy. Research Triangle Park, NC 27709 www.nortel.com/nortelpress
Published by: Nortel Press Nortel Networks Inc. 4001 E. Chapel Hill-Nelson Hwy. Research Triangle Park, NC 27709 Copyright 2008 Nortel Networks. All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the United States of America First Printing October 2008 Library of Congress Control Number: 2008936924 ISBN 978-0-9815218-1-7 The information contained in this book is provided "AS IS" without any express, statutory, or implied warranties or conditions of any kind. Neither the authors nor Nortel Networks Inc. shall have any liability or responsibility for any damages arising either directly or indirectly from the use of this book or the information contained herein. The information and/or products described in this document are subject to change without notice. Nortel, Nortel Networks, the Nortel Logo, the Globemark, and Passport are trademarks of Nortel Networks. Internet Explorer, Microsoft, Windows, Windows NT, Windows Vista, and Windows XP are trademarks of Microsoft Corporation. NETSCAPE NAVIGATOR is a trademark of Netscape Communications Corporation. UNIX is a trademark of X/Open Company Limited. SOLARIS is a trademark of Sun Microsystems, Inc. All other trademarks are the property of their respective owners.
Warning
Always refer to the procedures described in the most current documentation that are appropriate for the system and software release that you support. Failure to use the appropriate documentation can result in serious technical difficulties and damage to your system. To access Nortel technical documentation, visit www.nortel.com/support or contact your local system vendor for the most current documentation releases.
vi
Acknowledgments
Many Nortel employees made invaluable individual contributions to the writing of this book. We thank them all.
vii
Contents at a Glance
Part I: Ethernet Routing Switch Solution Chapter 1: Converged Network Architecture Overview ................................... 3 Chapter 2: Nortel Ethernet Routing Switch Portfolio .....................................15 Chapter 3: Layer 1 Physical Media Types and PoE..........................................53 Chapter 4: Designing VLANs and Layer 2 Considerations ...........................69 Chapter 5: Designing a Layer 3 Routed Network ...........................................85 Chapter 6: Link Aggregation ..............................................................................113 Chapter 7: Nortel Split MultiLink Trunking......................................................123 Chapter 8: Layer 3 Redundancy: Virtual Router Redundancy Protocol and Routed Split MultiLink Trunking................................................157 Chapter 9: Quality of Service ........................................................................... 185 Chapter 10: Designing for IP Multicasting ...................................................... 197 Chapter 11: Converged Campus Solution: Small Campus Design................ 215 Chapter 12: Converged Campus Solution: Medium Campus Design ...........231 Chapter 13: Converged Campus Solution: Large Campus Design ............. 249 Part II: Ethernet Routing Switch Solution Installation and Configuration Chapter 14: Converged Campus Ethernet Routing Switch Solutions .........271 Chapter 15: ERS 8600 and ERS 8300 Installation and Configuration .... 303 Chapter 16: ERS 5500/4500/2500 Installation and Configuration ......... 365 Chapter 17: Small Campus Core Configuration ..............................................397 Chapter 18: Medium Campus Core Configuration ......................................... 419 Chapter 19: Large Campus Core Configuration ............................................. 441 Chapter 20: Small Campus Edge Configuration........................................... 465 Chapter 21: Medium Campus Edge Configuration.........................................477 Chapter 22: Large Campus Edge Configuration........................................... 485 Appendix A: Answers......................................................................................... 495 Appendix B: Ethernet Routing Switch Documentation ............................... 509 Glossary ................................................................................................................ 515 Index ..................................................................................................................... 525
ix
Table of Contents
Part I: Ethernet Routing Switch Solution 1: Converged Network Architecture Overview .............................................................3
Nortel Converged Campus solution .................................................................................... 5 Solution features ............................................................................................................ 5 Converged Campus design solutions .................................................................................. 5 General network design overview .............................................................................. 6 Two-tier architecture compared to three-tier architecture ...................................... 8 Edge switching: chassis compared to stackable ...................................................... 11 Knowledge Check 1-1: Converged Network Architecture Overview .......................... 13 Chapter summary ................................................................................................................. 14 Resources................................................................................................................................ 14
2: Nortel Ethernet Routing Switch Portfolio...............................................................15

ERS 8600 Release 5.0 feature overview.............................................................................. 17 Ethernet Routing Switch and Ethernet Switch series ............................................. 17 Network integration.................................................................................................... 19 Ethernet Routing Switch 2500 series......................................................................... 19 ERS 4500 series ............................................................................................................. 21 ERS 5500 series ............................................................................................................. 22 ERS 1600 series ............................................................................................................. 23 ERS 8300 series ............................................................................................................. 24 Dual Input Power Supply........................................................................................... 27 ERS 8600 ........................................................................................................................ 28 ERS 8600 CPU/Switch Fabric modules .................................................................... 30 Other ERS 8600 modules ............................................................................................ 30 High Availability mode (L2/L3 Redundancy) for Release 5.0 ............................. 30 ERS 8600 I/O modules: Module interoperability ................................................... 31 Mirroring enhancements for R/RS modules ........................................................... 38 Software licensing for Release 5.0 ............................................................................. 38 Ethernet Switches ........................................................................................................ 39 ERS installation and configuration product options .............................................. 41 Overview of management options for ES and ERS portfolios .............................. 42 Nortel Secure Network Access .................................................................................. 46 Knowledge Check 2-1: Nortel Ethernet Routing Switch Portfolio ................................ 50
Chapter summary..................................................................................................................51 Resources ................................................................................................................................51
3: Layer 1 Physical Media Types and PoE.................................................................. 53

Autonegotiation .....................................................................................................................55 Custom Autonegotiation Advertisements (CANA) for R/RS modules for Release 5.0................................................................................................................55 Autonegotiation design recommendations .......................................................................56 Physical layer considerations: Uplink connectivity..........................................................56 Transceiver options and distances ......................................................................................57 Uplink design recommendation: Single fiber fault detection .........................................58 Power over Ethernet..............................................................................................................59 PoE distribution ............................................................................................................60 PoE network design .....................................................................................................60 ERS 8300 PoE.................................................................................................................61 ERS 5520 PoE.................................................................................................................62 ERS 4500.........................................................................................................................62 ERS 2500 PoE.................................................................................................................63 ES 470 PoE .....................................................................................................................63 Redundant Power Supply 15 ......................................................................................63 Nortel IP phones and access points ...........................................................................65 PoE design recommendations .............................................................................................66 Knowledge Check 3-1: Layer 1 Physical Media Types and PoE ....................................67 Chapter summary..................................................................................................................68 Resources ................................................................................................................................68
4: Designing VLANs and Layer 2 Considerations ..................................................... 69

VLAN types............................................................................................................................71 Membership criteria .....................................................................................................71 Port-based VLANs.................................................................................................................72 Policy-based VLANs .............................................................................................................72 Membership states/assignments ........................................................................................73 Potential membership..................................................................................................73 Source MAC address ...................................................................................................73 IP source subnet............................................................................................................73 Protocol ..........................................................................................................................74 Extending the VLAN.............................................................................................................74 Spanning multiple switches........................................................................................74 Frame tagging ...............................................................................................................74 IEEE 802.1Q tagging..............................................................................................................75 VLAN type ....................................................................................................................75
Table of Contents
xi
Tag Protocol Identifier and Tag Control Information Fields ................................ 75 Maximum packet size ................................................................................................. 76 Types of ports ........................................................................................................................ 76 Access ports .................................................................................................................. 77 Tagged ports................................................................................................................. 77 VLAN scaling ............................................................................................................... 77 VLAN design decisions ....................................................................................................... 77 Edge design recommendations.................................................................................. 78 Core design recommendations .................................................................................. 79 Spanning Tree........................................................................................................................ 80 Spanning Tree FastStart .............................................................................................. 80 Design recommendations: Edge connectivity with Spanning Tree ..................... 81 Knowledge Check 4-1: Designing VLANs and Layer 2 Considerations ...................... 82 Chapter summary ................................................................................................................. 83 Resources................................................................................................................................ 83
5: Designing a Layer 3 Routed Network .....................................................................85

ERS IP routing features ....................................................................................................... 87 RIP overview ......................................................................................................................... 87 Design recommendations: RIP .................................................................................. 87 OSPF overview ...................................................................................................................... 88 OSPF features ............................................................................................................... 88 Comparison of RIP and OSPF.................................................................................... 89 OSPF design recommendations................................................................................. 89 Border Gateway Protocol overview ................................................................................... 90 Static routes and default routes .......................................................................................... 90 Equal Cost MultiPath .......................................................................................................... 91 ECMP on the ERS 8300 for Release 4.1 ..................................................................... 91 Alternate routes..................................................................................................................... 91 ERS IP routing support ........................................................................................................ 92 IP routing interfaces .................................................................................................... 92 IP routing configuration ............................................................................................. 93 ERS routing table .................................................................................................................. 93 ERS IP Routing Table Manager ................................................................................. 93 RTM preference example............................................................................................ 95 Route preferences.................................................................................................................. 96 Routing Table Manager policies ......................................................................................... 97 Layer 3 routing design ......................................................................................................... 97 Network design consideration: Layer 2 compared to Layer 3 at the edge..................................................................................................................... 97 IP routing protocols design overview ...................................................................... 99 Design recommendation: Dynamic Host Configuration Protocol forwarding .. 99
xii
Summary........................................................................................................................99 Design recommendations..........................................................................................100 Multi-Protocol Label Switching for Release 5.0 ..............................................................100 MPLS support .............................................................................................................101 Virtual Routing Forwarding Lite .....................................................................................102 VRF Lite for ERS 8300/Release 4.1 ..........................................................................102 VRF Lite for ERS 8600 for Release 5.0......................................................................103 VRF Lite for the ERS 8600/Release 5.0 Support ....................................................104 Virtualization: Typical customer scenarios ............................................................105 VRF Lite logical separation: Shared services..........................................................109 Knowledge Check 5-1: Designing a Layer 3 Routed Network .....................................111 Chapter summary................................................................................................................112 Resources ..............................................................................................................................112
6: Link Aggregation .................................................................................................. 113

Link aggregation overview ................................................................................................115 What is MultiLink Trunking? ...................................................................................115 How does MLT work? ...............................................................................................116 Forwarding algorithm ...............................................................................................116 Link Aggregation IEEE 802.3ad.........................................................................................117 Link Aggregation 802.3ad and MLT comparison..................................................117 Benefits of end-to-end checking ...............................................................................117 Limitations to LACP that must be considered.......................................................117 Virtual LACP........................................................................................................................118 LACP and VLACP independence............................................................................118 VLACP features ..........................................................................................................118 Hashing algorithm for traffic distribution .......................................................................119 Link aggregation design recommendations ...........................................................119 Knowledge Check 6-1: Link Aggregation........................................................................121 Chapter summary................................................................................................................122 Resources ..............................................................................................................................122
7: Nortel Split MultiLink Trunking ......................................................................... 123

Understanding Split MultiLink Trunking .......................................................................125 How SMLT works ......................................................................................................126 Advantages of SMLT .................................................................................................127 SMLT scalability .........................................................................................................127 SMLT interoperability ...............................................................................................127 SMLT advantage: No spanning tree needed ..........................................................127 SMLT advantage: Link failure scenario ..................................................................129 SMLT advantage: Total failure scenario .................................................................130
Table of Contents
xiii
Detailed SMLT topology.................................................................................................... 132 SMLT VLAN membership ....................................................................................... 132 802.1Q frame tagging ................................................................................................ 132 Interswitch Trunk configuration ............................................................................. 133 Traffic flow in an SMLT ............................................................................................ 133 Configuring SMLT..................................................................................................... 133 Switch Clustering terminology................................................................................ 134 Switch Cluster support by ERS model ................................................................... 135 Switch Cluster topologies......................................................................................... 135 Switch Clustering reference architecture ............................................................... 136 Two-tier design: Core to edge.................................................................................. 137 Three-tier design: Core to distribution to edge ..................................................... 138 Layer 2 between distribution and core: SMLT ...................................................... 138 Layer 3 between distribution and core: Routed SMLT ........................................ 138 Protection mechanisms in the switch cluster.................................................................. 139 Control plane rate limit (cp-limit) ........................................................................... 140 CP-limit design recommendations.......................................................................... 141 Extended cp-limit (ext-cp-limit) .............................................................................. 142 Ext-cp-limit design recommendations.................................................................... 144 Loop detection............................................................................................................ 144 Address Resolution Protocol Detect ....................................................................... 145 Loop Detect and ARP Detect design recommendations...................................... 145 Rate limiting ............................................................................................................... 145 Rate limiting design recommendation ................................................................... 146 Simple Loop Prevention Protocol............................................................................ 146 SLPP detects VLAN-based network loops............................................................. 146 The occurrence of loops and SLPP .......................................................................... 147 SLPP design recommendations ............................................................................... 147 Bridge Protocol Data Units filtering ....................................................................... 148 BPDU filtering design recommendations .............................................................. 148 Virtual Link Aggregation Control Protocol ........................................................... 149 VLACP design recommendations ........................................................................... 149 Switch Cluster with SLT/SMLT/RSMLT design recommendations.......................... 150 ERS 8600 platform-specific recommendations ...................................................... 152 Knowledge Check 7-1: Nortel Split MultiLink Trunking ............................................. 154 Chapter summary ............................................................................................................... 155
8: Layer 3 Redundancy: Virtual Router Redundancy Protocol and Routed Split MultiLink Trunking .........................................................................................157
Understanding Virtual Router Redundancy Protocol................................................... 159 What is VRRP? ........................................................................................................... 159 How does VRRP work? ............................................................................................ 159
xiv
What problem does VRRP solve? ............................................................................160 Current VRRP support ..............................................................................................164 VRRP Critical IP Interface .........................................................................................164 Management of the ERS with VRRP .......................................................................164 VRRP Backup Master enhancement for Split MultiLink Trunk ...................................165 VRRP/Backup Master design considerations .................................................................166 VRRP/Backup Master design recommendations..................................................166 What is Routed Split MultiLink Trunking? .....................................................................166 RSMLT key concepts ....................................................................................... 167 Why RSMLT? ..............................................................................................................167 Rules for enabling RSMLT ........................................................................................167 How does RSMLT work? ..........................................................................................168 RSMLT requirements illustrated.......................................................................................168 RSMLT: Normal forwarding state ....................................................................................170 Traffic flow ..................................................................................................................170 RSMLT in action: Router 1 goes down ............................................................................173 RSMLT in action: R1 goes down: With RSMLT, R2 continues answering traffic for R1 .............................................................................................174 RSMLT in action: The network begins to reconverge ...........................................175 RSMLT in action: R2 owns the 10.0.0.0 network....................................................176 RSMLT recovery process: R1 comes up as a VLAN bridge ..........................................177 RSMLT: R1 comes up.................................................................................................177 RSMLT recovery process: Network reconverges............................................................178 RSMLT recovery process: Network recovers ..................................................................179 Implementing RSMLT ........................................................................................................180 RSMLT design rules ............................................................................................................180 Comparison of VRRP and RSMLT for default gateway resiliency .....................180 Advantages of using RSMLT over using VRRP ....................................................180 Guidelines for RSMLT core connectivity ................................................................181 Guidelines for RSMLT-edge connectivity...............................................................181 Knowledge Check 8-1: Virtual Router Redundancy Protocol and Routed Split MultiLink Trunking ...................................................................................................182 Chapter summary................................................................................................................183
9: Quality of Service.................................................................................................. 185

Differentiated Services........................................................................................................187 DiffServ terms .............................................................................................................187 Understanding the network traffic ..........................................................................188 Key QoS parameters ..................................................................................................188 QoS and IP telephony ................................................................................................188 Strategies for deploying QoS ....................................................................................188 Nortel QoS service class matrix................................................................................189
Table of Contents
xv
Nortel service classes ................................................................................................ 190 Differentiated Services Code Point marking .................................................................. 190 DSCP marking............................................................................................................ 191 DSCP markings definition................................................................................................. 191 Overview of the DiffServ network model....................................................................... 192 Mapping Layer 2 to Layer 3 QoS............................................................................. 193 QoS design recommendations .......................................................................................... 193 Knowledge Check 9-1: Quality of Service ....................................................................... 194 Chapter summary ............................................................................................................... 195
10: Designing for IP Multicasting ............................................................................197

Overview of multicast ........................................................................................................ 199 What is multicasting?................................................................................................ 199 Comparing casting technologies ............................................................................. 199 How does IP multicast work? ........................................................................................... 200 IP multicast basic addressing: IP and Media Access Control....................................... 201 Multicast IP addressing ............................................................................................ 201 Transient addresses ................................................................................................... 201 Source-specific multicast addresses ........................................................................ 201 Multicast MAC addressing ...................................................................................... 202 Multicast advantages ......................................................................................................... 203 Multicast disadvantages .................................................................................................... 203 Solving multicasts disadvantages .......................................................................... 204 Types of multicast applications ........................................................................................ 205 Multicast application requirements ........................................................................ 205 Multicast protocols ............................................................................................................. 205 IGMP............................................................................................................................ 205 IGAP ............................................................................................................................ 206 DVMRP ....................................................................................................................... 206 PIM-SM ....................................................................................................................... 206 PIM-SSM ..................................................................................................................... 207 PGM ............................................................................................................................. 207 Multicast streams scaling................................................................................................... 207 Multicast at Layer 2 ................................................................................................... 208 Multicast Layer 2 design recommendations ................................................................... 209 Multicast at Layer 3 ............................................................................................................ 209 IP multicast routing protocols: PIM/DVMRP....................................................... 209 Multicast Layer 3 design considerations ......................................................................... 210 DVMRP recommendations ...................................................................................... 210 PIM-SM ....................................................................................................................... 210 Placing the ERS 8600 in a multicast network.................................................................. 210 Multicast VLAN registration for ERS 8300 Release 4.1 ................................................. 211
xvi
Square SMLT support for multicast traffic for ERS 8300 Release 4.1...........................211 Knowledge Check 10-1: Designing for IP Multicasting .................................................213 Chapter summary................................................................................................................214
11: Converged Campus Solution: Small Campus Design ........................................ 215

Small, Medium, and Large Campus Designs ..................................................................217 Network management for Small Campus Designs ...............................................218 VLANs .........................................................................................................................220 Link aggregation.........................................................................................................220 Discard Untagged Frames.........................................................................................221 Spanning Tree Protocol .............................................................................................221 Quality of service........................................................................................................222 Multicast ......................................................................................................................222 Design considerations for Small Campus Design: Core switching..............................223 Advanced software license .......................................................................................224 Switch Clustering .......................................................................................................224 Discard Untagged Frames feature ...........................................................................225 Virtual Link Aggregation Control Protocol............................................................225 Spanning tree ..............................................................................................................226 VLANs .........................................................................................................................226 Quality of service........................................................................................................226 Layer 3..........................................................................................................................227 Virtual Router Redundancy Protocol with Backup Master .................................228 Dynamic Host Configuration Protocol relay..........................................................229 Network management design for the small campus ............................................229 Chapter summary................................................................................................................230
12: Converged Campus Solution: Medium Campus Design.................................... 231

Small, Medium, and Large Campus Designs ..................................................................233 Network management for small, medium, and large designs ............................234 Medium Campus Design....................................................................................................234 Implementation considerations: Edge switching ..................................................235 Stacking configuration of edge switches.................................................................235 VLANs .........................................................................................................................236 Link aggregation.........................................................................................................237 Discard Untagged Frames feature ...........................................................................237 Virtual Link Aggregation Control Protocol............................................................238 Spanning Tree Protocol .............................................................................................238 Quality of service........................................................................................................239 Multicast ......................................................................................................................240 Medium Campus Design implementation: Core switching .........................................241
Table of Contents
xvii
Advanced Software License ..................................................................................... 241 Switch Clustering....................................................................................................... 241 Discard Untagged Frames ........................................................................................ 242 Spanning tree.............................................................................................................. 243 VLANs......................................................................................................................... 243 Quality of service ....................................................................................................... 243 Layer 3 ......................................................................................................................... 244 Virtual Router Redundancy Protocol with Backup Master ................................ 245 Dynamic Host Configuration Protocol relay ......................................................... 246 Chapter summary ............................................................................................................... 247
13: Converged Campus Solution: Large Campus Design .........................................249

Small, Medium, and Large Campus Designs ................................................................. 251 Network management for small, medium, and large campus designs............. 252 Large Campus Design ........................................................................................................ 252 Design considerations: Edge switching........................................................................... 253 Stacking configuration of edge switches ......................................................................... 253 VLANs .................................................................................................................................. 254 Link aggregation ................................................................................................................. 255 Discard Untagged Frames ................................................................................................. 256 Spanning Tree Protocol...................................................................................................... 256 Quality of service ................................................................................................................ 256 Multicast............................................................................................................................... 257 Security: DHCP Snooping/Dynamic Address Resolution Protocol Inspection........ 258 Large Campus Design implementation: Core switching.............................................. 258 Switch Clustering................................................................................................................ 259 Discard Untagged Frames ................................................................................................. 260 Virtual Link Aggregation Control Protocol .................................................................... 260 Simple Loop Prevention Protocol..................................................................................... 261 Spanning tree....................................................................................................................... 262 VLANs .................................................................................................................................. 262 Quality of service ................................................................................................................ 263 Layer 3 .................................................................................................................................. 263 Virtual Router Redundancy Protocol with Backup Master.......................................... 265 Dynamic Host Configuration Protocol relay .................................................................. 266 Chapter summary ............................................................................................................... 268
xviii
Part II: Ethernet Routing Switch Solution Installation and Configuration 14: Converged Campus Ethernet Routing Switch Solutions ................................... 271
Nortel Converged Enterprise architecture.......................................................................273 Small, Medium, and Large Campus Designs.........................................................274 Small Campus Design................................................................................................275 Medium Campus Design ..........................................................................................276 Large Campus Design ...............................................................................................277 Switch Clustering ................................................................................................................278 SMLT protection mechanism....................................................................................279 SMLT recommendations ..........................................................................................280 Recommended values for switch features ..............................................................282 Virtual Link Aggregation Control Protocol............................................................285 Simple Loop Prevention Protocol ............................................................................288 Routed Split MultiLink Trunking: ERS 8600 and ERS 8300 ..........................................292 RSMLT L2 edge support for dual IST core switch failure situation ...................292 Edge access switch .....................................................................................................295 Switch clustering reference design ..........................................................................298 Ethernet Routing Switch 8300, Release 4.1: New software features ............................298 Virtual Routing Forwarding Lite .............................................................................298 Nortel Secure Network Access 2.0...........................................................................300 NSNA VLAN on a non-NSNA port and Fail Open ..............................................300 Knowledge Check 14-1: Converged Campus Ethernet Routing Switch Solutions....301 Chapter summary................................................................................................................302 References .............................................................................................................................302
15: ERS 8600 and ERS 8300 Installation and Configuration.................................. 303
Installing the Ethernet Routing Switch 8600 ...................................................................305 Step 7: ERS 8600 power-on sequence................................................................................305 Step 8: Successful installation verification ..............................................................306 Step 9: Check boot and runtime images..................................................................307 Step 10: Run ERS 8600 setup utility .........................................................................307 Step 11: Perform configuration tasks ................................................................................309 Establishing a CLI connection ..................................................................................309 Installing the Ethernet Routing Switch 8300 ...................................................................314 Connecting to the console port of the ERS 8300 ....................................................316 ERS 8300 power-on sequence ............................................................................................317 Successful installation verification...........................................................................319 Load the boot monitor ...............................................................................................320 Load the runtime image ............................................................................................320 Initialize I/O modules and load configuration......................................................320
Table of Contents
xix
ERS 8000 setup utility................................................................................................ 321 Connecting for management............................................................................................. 321 Log in to the ERS 8300............................................................................................... 323 Power supplies ........................................................................................................... 325 ERS 8600 ..................................................................................................................... 325 ERS 8300 ..................................................................................................................... 326 PoE Calculations ....................................................................................................... 330 ERS 8600 Licensing .................................................................................................... 337 Configuring the ERS 8600/8300/1600 ............................................................................. 338 New in ERS 8600 Release 5.0.................................................................................... 339 Log in using the CLI, JDM, and Web manager ..................................................... 340 JDM .............................................................................................................................. 343 CLI overview ....................................................................................................................... 345 Navigating the CLI ............................................................................................................. 346 Getting help with the boot monitor and runtime CLI.......................................... 347 Additional CLI help commands .............................................................................. 348 Repeating commands................................................................................................ 348 ERS 8600 configuration files..................................................................................... 349 New in ERS 8600 Release 4.1: Secure Copy ........................................................... 355 Upgrading the ERS 8600 switch software .............................................................. 358 Updating the ERS 8300 switch software................................................................. 359 Knowledge Check 15-1: ERS 8600 and ERS 8300 Installation and Configuration..... 362 Chapter summary ............................................................................................................... 363 References ............................................................................................................................ 363
16: ERS 5500/4500/2500 Installation and Configuration ........................................365

ERS 5500/4500/2500 installation...................................................................................... 367 Common installation procedures ............................................................................ 367 ERS 5500/4500/2500 user interfaces....................................................................... 367 Boot menu ................................................................................................................... 368 Setting the IP address................................................................................................ 369 Ethernet Routing Switch 5500 ........................................................................................... 371 ERS 5500 configuration options............................................................................... 371 Changing the default console .................................................................................. 371 Software licensing with the ERS 5500 .............................................................................. 377 Base license ................................................................................................................. 377 Advanced license ....................................................................................................... 377 Types of software licenses ........................................................................................ 377 Stacking the ERS 5500 ............................................................................................... 380 ERS 5500 Power over Ethernet................................................................................. 381 Ethernet Routing SwitchRS 4500 ...................................................................................... 382 ERS 4500 configuration interfaces ........................................................................... 382
xx
NNCLI access levels...................................................................................................382 ERS 4500 stacking .......................................................................................................382 ERS 4500 Power over Ethernet .................................................................................385 Ethernet Routing Switch 2500 ...........................................................................................385 ERS 2500 power-up procedure .................................................................................385 ERS 2500 configuration options ...............................................................................385 ERS 2500 software license .........................................................................................388 ERS 2500 stacking ......................................................................................................390 ERS 2500 Power over Ethernet .................................................................................392 Power over Ethernet: Summary for ERS 5500/4500/2500 ............................................392 Knowledge Check 16-1: ERS 5500/4500/2500 Installation and Configuration .........395 Chapter summary................................................................................................................396 References ............................................................................................................................396
17: Small Campus Core Configuration..................................................................... 397

Small Campus Design.........................................................................................................399 ERS5500 triangle Switch Cluster using VRRP with Backup Master ...................405 Verification processes ................................................................................................408 Knowledge Check 17-1: Small Campus Core Configuration........................................417 Chapter summary................................................................................................................418 References .............................................................................................................................418
18: Medium Campus Core Configuration ................................................................ 419

Implementing core switching in the Medium Campus Design....................................421 Designing and configuring an Routed Split MultiLink Trunking network ......431 Verification of operations ...................................................................................................433 New in ERS 8300 Release 4.1 .............................................................................................438 Deep Packet Pattern Matching Filters .....................................................................438 Knowledge Check 18-1: Medium Campus Core Configuration...................................439 Chapter summary................................................................................................................440 References .............................................................................................................................440
19: Large Campus Core Configuration ..................................................................... 441

Implementing core switching in the Large Campus Design.........................................443 Verification process .............................................................................................................453 Verify MLT configuration .........................................................................................453 Verify VLAN configuration ......................................................................................454 Verify IST configuration ............................................................................................455 Verify SLPP configuration ........................................................................................459 Verify VRRP operations ............................................................................................460
Table of Contents
xxi
Knowledge Check 19-1: Large Campus Core Configuration ....................................... 463 Chapter summary ............................................................................................................... 464 References ............................................................................................................................ 464
20: Small Campus Edge Configuration .....................................................................465

Small Campus Design ........................................................................................................ 467 Interim configuration of edge switches.................................................................. 467 Configuring MLT on the ERS 2500 Layer 2 switch edge ..................................... 471 Knowledge Check 20-1: Small Campus Edge Configuration....................................... 474 Chapter summary ............................................................................................................... 475 References ............................................................................................................................ 475
21: Medium Campus Edge Configuration ................................................................477

Medium Campus Design................................................................................................... 479 VLANs......................................................................................................................... 479 Multicast...................................................................................................................... 480 ERS 4500 Layer 2 edge switch ................................................................................. 480 Knowledge Check 21-1: Medium Campus Edge Configuration ................................. 483 Chapter summary ............................................................................................................... 484
22: Large Campus Edge Configuration .....................................................................485

Large Campus Design ........................................................................................................ 487 Large Campus edge design features....................................................................... 487 Access switches .......................................................................................................... 489 Edge switch configuration........................................................................................ 489 Knowledge Check 22-1: Large Campus Edge Configuration ...................................... 492 Chapter summary ............................................................................................................... 493
Appendix A: Answers................................................................................................495
Knowledge Check 1-1: Introduction to Unified Communications.............................. 496 Knowledge Check 2-1: Nortel Ethernet Routing Switch Portfolio .............................. 497 Knowledge Check 3-1: Layer 1 Physical Media Types and PoE.................................. 497 Knowledge Check 4-1: Designing VLANs and Layer 2 Considerations .................... 498 Knowledge Check 5-1: Designing a Layer 3 Routed Network .................................... 499 Knowledge Check 6-1: Link Aggregation ....................................................................... 500 Knowledge Check 7-1: Nortel Split MultiLink Trunking ............................................. 501 Knowledge Check 8-1: Virtual Router Redundancy Protocol and Routed Split MultiLink Trunking................................................................................................... 501 Knowledge Check 9-1: Quality of Service ....................................................................... 502
xxii
Knowledge Check 10-1: Designing for IP Multicasting .................................................503 Knowledge Check 14-1: Converged Campus Ethernet Routing Switch Solutions....503 Knowledge Check 15-1: ERS 8600 and ERS 8300 Installation and Configuration .....504 Knowledge Check 16-1: ERS 5500/4500/2500 Installation and Configuration .........505 Knowledge Check 17-1: Small Campus Core Configuration........................................506 Knowledge Check 18-1: Medium Campus Core Configuration...................................507 Knowledge Check 19-1: Large Campus Core Configuration........................................507 Knowledge Check 20-1: Small Campus Edge Configuration .......................................508 Knowledge Check 21-1: Medium Campus Edge Configuration ..................................508 Knowledge Check 22-1: Large Campus Edge Configuration .......................................508
Appendix B: Ethernet Routing Switch Documentation ........................................... 509

ERS 8600 Technical documentation ..................................................................................509 ERS 8300 Technical Documentation .................................................................................510 Important information...............................................................................................510 Installation and User Guides ....................................................................................510 Reference and Configuration Guides ......................................................................511 Ethernet Routing Switch 5500 Documentation ......................................................512 Ethernet Routing Switch 4500 Documentation ......................................................513
Glossary..................................................................................................................... 515 Index.......................................................................................................................... 525
xxiii
Introduction
This book introduces you to Nortel's Ethernet Routing Switch (ERS) platforms, including ERS 8600, ERS 8300, ERS 5500, ERS 4500, and ERS 2500. This book is divided into two parts; each will help you prepare for a Nortel Professional Certification exam. The first part of this book introduces the Nortel Converged Campus Architecture. Three standard designs, encompassing different sizing and feature requirements, are discussed in detail. For each design, you will learn the ERS product placement and the Nortel recommended best practices. You will be introduced to the latest features of the ERS 8600 5.0 software, including network virtualization, Multiprotocol Label Switching (MPLS), and the IPVPN solution. In addition, you'll learn how the ERS 8300 4.1 software expands its capability as a core switch by adding Routed Split MultiLink Trunking (RSMLT). You will learn how these latest features of ERS Campus core products compliment and extend your network design solutions. Detailed discussion of the underlying ERS technologies that provide performance, scalability, quality of service (QoS), and resilience are also included. This part can also help you gain the necessary knowledge to design small, medium, and large converged campus solutions following the Nortel best practices design recommendations. The first part of this book will help prepare you for the Nortel Certified Design Specialist (NCDS) Nortel Converged Campus ERS Solution (920-220) Nortel Professional Certification exam. The second part of the book builds upon part one and explores the installation process for Nortel ERS, including licensing and Power over Ethernet (PoE) configurations. This part discusses the processes involved in the implementation of Nortel's small, medium, and large converged campus solutions. Hardware resiliency, power considerations, and physical links are discussed along with Ethernet switching technologies, including link detection/protection, link resiliency, Layer 2 and Layer 3 security, Layer 3 routing, and QoS. Both part one and part two of this book will help prepare you for the Nortel Certified Support Specialist (NCSS) Nortel Converged Campus ERS Installation & Configuration (920-221) Nortel Professional Certification exam.
xxiv
Objectives
Part One
Describe the Nortel Converged Campus Architecture including the goals, features, and scalability. Identify Nortel's Ethernet Routing Switch hardware platforms, connectivity options and scalability, software features, and product placement. Describe the physical layer considerations when designing a Converged Campus including Ethernet media types, Layer 1 protocols, and Power over Ethernet. Explain the design recommendations and operation of VLANs and spanning tree within a Converged Campus. Explain how the ERS builds the IP routing table for IP routing operations and identify the IP routing design recommendations. Describe the two options for link aggregation on the ERS/ES products, MultiLink Trunking (MLT), and 802.3ad, and identify the design recommendations. Explain how Split MultiLink Trunking (SMLT) operates in the network, state the advantages of SMLT, and identify design considerations for SMLT. Describe the Layer 3 redundancy choices on the ERS including VRRP and Routed Split MultLink Trunking (RSMLT) and identify the design recommendations. Describe the quality of service implementation of the ERS products including the use of Differentiated Services (DiffServ), 802.1p and the hardware queue structure, and the design recommendations for a Converged Campus. Identify IP multicast operation and protocols and the design guidelines for the Converged Campus. Identify the proper ERS product placement within the Converged Campus and the design guidelines for Small, Medium and Large Campus Designs.
Part Two
Describe the installation process for the ERS 8600 and ERS 8300. Describe the installation process for the ERS 5000, 4500, and 2500. Describe how to use Nortel Command Line Interface (NNCLI), Ethernet Routing Switch Command Line Interface (ERS CLI), and Java Device Manager (JDM) to configure Ethernet Routing Switches. List the processes needed to configure small converged networks with the ERS 5500 at the core and the ERS 2500 at the edge. List the processes needed to configure medium converged networks with the ERS 8300 at the core and the ERS 4500 at the edge. List the processes needed to configure large converged networks with the ERS 8600 at the core and the ERS 5500 at the edge.
xxv
Nortel
Nortel is a recognized leader in delivering communications capabilities that make the promise of Business Made Simple a reality for its customers. Nortels next-generation technologies, for both service providers and enterprise networks, support multimedia and business-critical applications. Nortel's technologies are designed to help eliminate today's barriers to efficiency, speed, and performance by simplifying networks and connecting people to the information they need, when they need it. With more than a century of experience in shaping the evolution of communications, Nortel continues its tradition of innovation today by providing secure solutions that ignite and power global commerce while helping solve the world's greatest challenges. Nortel's leading portfolio of solutions spanning packet, optical, wireless, and voice technologies are at the very foundation of the world's economy, powering global commerce and delivering innovative network capabilities to connect rural and underdeveloped regions. Working together with its customers in 150 countries, Nortel is improving the human experience by fundamentally changing how the world works and how people communicate, creating unique capabilities for business, education, entertainment, and security through reliable data and voice technologies. Drawing on its fundamental understanding of the networkboth voice and dataNortel secures computing, network applications, and end-user environments while maintaining five 9s of reliability.1 Nortel helps governments, businesses, and individuals stay ahead of threats, including hacker intrusion, worms, denial of service (DoS) attacks, and identity theft, and by delivering enhanced network management capabilities. Whether supporting billions of transactions by a financial institution, providing vital information services for healthcare, or helping education heighten learning experiences through the most advanced technologies, Nortel solutions are at work wherever reliable data and voice communications are most critical. For more information about Nortel, go to www.nortel.com
1. Reported customer availability metrics across Nortel's popular products exceeds 99.999 percent, August 2004.
xxvi
Intended Audience
This book is designed for Network designers, technicians, engineers, and any individuals who wish to gain a strong understanding of Nortel's Ethernet Routing Switches and how to design, install, and configure these switches into Nortel's Converged Campus Architecture.
Note
Exam skills and objectives are subject to change without prior notice and at the sole discretion of Nortel. Please visit www.nortel.com/certification for the most current exam information.
Prerequisite Knowledge
Individuals who read this book should have an understanding of Internet Protocol (IP) fundamentals, such as basic networking, IP Suite, and the basics of routing.
How to Use This Book

This book is meant to be used as a study guide for understanding Nortel's Ethernet Routing Switch solutions. It will help prepare you for the Nortel Professional Certification exams Nortel Converged Campus ERS Solution (920-220) and Nortel Converged Campus ERS Installation & Configuration (920-221). While the best attempt has been made to provide the most up-to-date information, this text is only as current as the moment it is printed. As those who work in technology are aware, information is constantly changing; therefore, be sure to visit www.nortel.com for the most current information regarding Nortel's Ethernet Routing Switches and www.nortel.com/certification for the most current list of certification exam objectives. Please visit www.nortel.com/nortelpress for the most current information related to the Nortel Ethernet Routing Switch Solution guide.
xxvii
Chapter Layout
Each chapter begins with a brief description on the concepts presented in the chapter and how they connect to Ethernet Routing Switches. Chapter Topics identifies the specific topics within the chapter. Chapter Goals list the objectives of the chapter and what specific information should be gained upon the completion of the chapter. Key Terms lists the specific terms within the chapter and the page where the terms are introduced.
Note
Notes provide specific information related to topics being discussed which are important to understand when working with the topic.
Tip Alert
Tips provide recommendations related to the topics being discussed.
Alerts identify situations that warrant special attention.
! !
CAUTION!
Caution! identifies risks related to the information just presented.
WARNING!
Warning! identifies potentially damaging situations that require extra attention.
Knowledge Check presents multiple choice questions reviewing the topics just discussed. These questions help to identify topics that may need to be reviewed in order to be able to demonstrate a complete understanding of the chapter. Answers for Knowledge Check questions are found in Appendix A. Chapter Summary briefly discusses the main topics of the chapter just presented.
xxviii
About the CD-ROM

The CD-ROM that comes with this book contains labs that instruct you on how to use and work with the components of Nortel Ethernet Routing Switches. The following exercises are included: Ethernet Routing Switch 8600 CLI Installation and Setup Configure the switch to boot from ERS 8600 CLI Analyze Configuration Files Run-time CLI Java Device Manager Boot Monitor Interface Advanced Run-time CLI Commands Backing up configuration files Ethernet Routing Switch 8600 NNCLI Installation and Setup Configure the switch to boot from NNCLI Analyze Configuration Files Run-time NNCLI Java Device Manager Boot Monitor Interface Advanced NNCLI Commands Backing up configuration files ERS 5500 Initial Setup Initial IP address configuration Displaying ERS 5500 Information Saving the configuration to a TFTP Server Layer 2 ERS 8600 Core Configuration Create VLANs Create IST Configure SLTs to ERS 5500 Configure SMLT to other core 8600s Add VLANs to IST Configure CP limit on SMLT port members Enable SLPP Enable VLACP Configure Ext-CP limit Configure discard untagged frames. ERS 5500 Edge Configuration
xxix
VRRP Configuration Configure a VLAN for VRRP DHCP Enable Verification Process Additionally, a sample Certification Exam is found on the CD-ROM, which can help you prepare for the Nortel Professional Certification exams Nortel Converged Campus ERS Solution (920-220) and Nortel Converged Campus ERS Installation & Configuration (920-221).
xxx
Nortel Learning Services

The demand for learning services is on the rise and so are questions related to learning. Among the primary concerns that businesses face today are how to determine what level of training is appropriate for each core job function and what is the best way to optimize the costs and time spent on learning. Take advantage of Nortel Learning Services to easily educate your employees on networking solutions, the convergence points between wired and wireless networks, applications and infrastructure, and carriers and enterprises. By better equipping employees in the field, you'll increase operations efficiencies. Nortel Learning Services will maximize the performance of your workforce with end-to-end learning solutions for enterprise and carrier customers. The portfolio is composed of Training Services, Learning Needs Analysis Services, and Custom Learning Services. Visit www.nortel.com/ls to learn more.
Training Services
Nortel Knowledge Services and its authorized education partners offer a wide variety of eLearning and classroom training options: Self-paced eLearningWeb and CD-ROM-based eLearning. Instructor-led eLearning (facilitated and hands-in eLearning)Facilitated eLearning provides real-time access to an instructor/Subject Matter Expert (SME) from the location of your choice. Hands-in eLearning provides realtime access to an instructor/SME from the location of your choice, but also allows customers to complete handsin exercises on Nortel networking equipment from their own location. Instructor-led TrainingInstructor-led Training is a traditional classroom training option. In most cases, this training delivery method provides customers with access to Nortel equipment so they can complete hands-on exercises. Most courses can be completed at a Nortel facility or the customer's location. Visit www.nortel.com/training to find detailed course descriptions, curriculum paths, a list of Nortel's global training centers, and more.
Learning Needs Analysis Services

Maximize your training dollars, improve operations efficiencies, and reduce operating costs with Nortel's Learning Needs Analysis Services. By taking advantage of this service, you will receive a custom report highlighting specific learning recommendations for your people at each job function. It enables your business to easily educate your employees on the transition to the latest technologies, keeping your company at the forefront of the technology curve. You will also receive recommendations to better equip employees in the field and, thereby, increase operations efficiencies. Better yet, the clear plan will allow you to closely manage applicable learning costs and time requirements.
Custom Learning Services

Nortel Custom Learning Services drive an increased return on investment for you by helping to maximize the performance of your workforce. Nortel offers a wide variety of custom training and learning solutions to ensure that your employees have the role-based knowledge they need to excel in their jobs.
xxxi
Nortel Professional Certification

Nortel Professional Certifications provide the best method to prove your command of current technologies and Nortel products. These certification exams are developed to validate your mastery of critical competencies as you design, develop, implement, and support communications solutions. Nortel has seven certification designations:
Nortel Certified Technology Specialist (NCTS)

This designation is technology focused. It certifies that the successful candidate can apply an entry level of technical proficiency required to engineer or support a converged network solution in support of a customer's business requirements.
Nortel Certified Technology Expert (NCTE)

This designation is technology focused. It certifies that the successful candidate can apply an intermediate to advanced level of technical proficiency required to plan, design, engineer, or support a converged network solution. It builds upon the Nortel Certified Technology Specialist level competencies.
Nortel Certified Support Specialist (NCSS)

This designation certifies that the successful candidate can apply an entry level of technical proficiency required to install, configure, administer, maintain, and troubleshoot a Nortel solution/product. Support Specialist certifications for Application Development certify that the successful candidate can apply an entry level of technical proficiency required to write and debug applications for a Nortel solution. Support Specialist certifications for Database Administration certify that the successful candidate can apply an entry level of technical proficiency required to administer a database for a Nortel solution.
Nortel Certified Support Expert (NCSE)

This designation certifies that the successful candidate can apply an intermediate-to-advanced level of technical proficiency required to configure, administer, maintain, and troubleshoot complex Nortel solutions/products. It builds upon the Nortel Certified Support Specialist level competencies and focuses on advanced solution support, which may involve multiple products and interworking functionalities.
Nortel Certified Design Specialist (NCDS)

This designation certifies that the successful candidate can apply an entry level of technical proficiency required to plan, design, and/or engineer a solution in support of a customer's business requirements using Nortel products.
Nortel Certified Design Expert (NCDE)

This designation certifies that the successful candidate can apply an intermediate-to-advanced level of technical proficiency required to plan, design, and/or engineer a solution using multiple Nortel products. It builds upon the Nortel Certified Design Specialist level competencies and focuses on advanced solution engineering and may involve multiple products and interworking functionalities.
xxxii
Nortel Certified Architect (NCA)

This is the highest level of certification. Nortel Certified Architects offer a highly advanced level of technical design and analytical expertise for complex Nortel solutions. For the most current information regarding Nortel Professional Certifications, visit: www.nortel.com/certification.
xxxiii
About Nortel Press

Nortel Press is a Nortel authorized publisher, developing self-study guides on the networking subjects that are shaping the future of business communications. The guides are designed for IT professionals, individuals supporting and maintaining Nortel product solutions, and participants in the Nortel Technology Solutions Academy. All Nortel Press guides are developed by Nortel Subject Matter Experts, in conjunction with leaders in networking technology, all of whom have the knowledge and experience to keep readers ahead of the technology curve. The guides complement a robust portfolio of Nortel Learning services and help prepare individuals for professional certifications. To learn more, visit www.nortel.com/nortelpress.
Contacting Nortel Press

Nortel can be reached at 1-800-466-7835. Nortel Press can be reached at: Mail: Nortel Networks Inc. 4001 E. Chapel Hill-Nelson Hwy. Mailstop: D17/03/0F1 Research Triangle Park, NC 27709 E-mail: [email protected]
xxxiv
Preparing for the Exam

The following steps provide a guide on how to use this book to help you achieve your certification goals: 1. Read this textbook and complete the Knowledge Checks. 2. Review each chapter once more. Pay special attention to your notes and any information you highlighted. Complete the Knowledge Checks again. Pay special attention to any questions that you missed. Make sure you understand why answer choices are correct or incorrect. 3. Read the question and answer options carefully. Eliminate distracters (words or phrases that are irrelevant or technically inaccurate). 4. Some questions instruct you to select more than one correct answer. Make sure to double-check the number of answers you select. For example, if instructed to supply two answers, do not supply three.
Part I: Ethernet Routing Switch Solution

Upon successful completion of this section, you will be able to: Describe the Nortel Converged Campus Architecture including the goals, features, and scalability. Identify Nortel's Ethernet Routing Switch hardware platforms, connectivity options and scalability, software features, and product placement. Describe the physical layer considerations when designing a Converged Campus including Ethernet media types, Layer 1 protocols, and Power over Ethernet. Explain the design recommendations and operation of VLANs and spanning tree within a Converged Campus. Explain how the ERS builds the IP routing table for IP routing operations and identify the IP routing design recommendations. Describe the two options for link aggregation on the ERS/ES products, MultiLink Trunking (MLT), and 802.3ad, and identify the design recommendations. Explain how Split MultiLink Trunking (SMLT) operates in the network, state the advantages of SMLT, and identify design considerations for SMLT. Describe the Layer 3 redundancy choices on the ERS including VRRP and Routed Split MultLink Trunking (RSMLT) and identify the design recommendations. Describe the quality of service implementation of the ERS products including the use of Differentiated Services (DiffServ), 802.1p and the hardware queue structure, and the design recommendations for a Converged Campus. Identify IP multicast operation and protocols and the design guidelines for the Converged Campus. Identify the proper ERS product placement within the Converged Campus and the design guidelines for Small, Medium and Large Campus Designs.
1: Converged Network Architecture Overview

The purpose of this chapter is to describe the goals and key features of the Converged Campus architecture. Understanding this architecture will help you design converged campus networks. Whether the networks are small, medium, or large in size, you will be able to apply the principles described in this chapter to create a Nortel Converged Campus.
1
Converged Network Architecture Overview
Chapter 1 Topics:
In this chapter, you will learn how to: describe the goals of the converged network architecture describe the features of the converged network architecture discuss the two-tier and three-tier architecture and when to use them discuss the advantages and disadvantages of chassis and stackable switch solutions
1
Key Terms
Access Tier Core Tier Distribution Tier Edge switching Hitless Software Upgrade Large Campus Design Medium Campus Design Modular chassis solution Network-attached device 10 10 10 6 7 7 7 11 7 Nortel Converged Campus solution Routed Split MultiLink Trunking (RSMLT) Small Campus Design Stackable solution Three-tier architecture Total cost of ownership (TCO) Two-tier architecture 5 10 7 12 8 5 8
Nortel Converged Campus solution
Nortel Converged Campus solution

The Nortel Converged Campus solution combines a highly available network infrastructure with proven, feature-rich business telephony and applications. Nortel solutions provide a strong foundation for innovative converged applications such as IP telephony and multimedia. The underlying infrastructure must be able to support a multitude of applications and services across a single network. In order to maintain an expected quality of experience for the users, the network must be resilient, reliable, secure, and still provide high performance. This chapter provides an overview of various deployment scenarios with a focus on the infrastructure factors to consider when designing a Converged Campus. Each of the solutions ensures the highest levels of business continuity, reliability, and application availability. The solutions are also easy to implement and manage, thereby reducing total cost of ownership (TCO) and increasing the return on investment (ROI).
1
Solution features
resilient infrastructure with N+1 redundancy As used in this course, resilient infrastructure indicates the ability of the network to function seamlessly even with the failure of a single hardware or software component. As used in this course, N+1 redundancy indicates a duplication of components so that the failure of a single network hardware or software component does not affect the core network. resilient switch clustering flexible deployment options quality of service (QoS)-capable infrastructure simplified management of all components
Converged Campus design solutions

The main goal of the Converged Campus architecture is to provide an infrastructure that is resilient, secure, and flexible while being easily manageable. Once these goals are met, the infrastructure will enable services to solve business challenges, which is the ultimate reason for creating a Converged Campus solution. This course leads you through the concepts covered in the Converged Campus Solution Guide and addresses specific areas to consider when designing the network infrastructure. The Converged Campus Solution Guide provides optimal network designs and general best practices when implementing and administering the network. The goal is a network that can sustain both normal data traffic as well as any converged applications the end users wish to access.
1
Converged Network Architecture Overview FIGURE 1-1: CONVERGED CAMPUS DESIGN SOLUTIONS
(Service Oriented Architecture)
physical network design considerations client connectivity edge switching uplink resiliency core switching threat protection logical network design considerations virtual local area networks (VLANs)/broadcast domains IP routing security network management
General network design overview

The Converged Campus Technical Solution Guide focuses specifically on the Converged Campus architecture for edge switching and core switching. There are many permutations of possible designs when deploying infrastructure from Nortel, but this guide highlights three standard designs for the small, medium, and large campus with the strategic products in each area that are currently available. Although the definition of small, medium, and large may vary between enterprise customers and between regions throughout the world, the concepts of the designs are based on the network devices that can be supported adequately and the feature set required in each instance.
1
The Small Campus Design is intended to support a network with anywhere from 1 to 1,500 network devices. The Medium Campus Design is intended to support a network with anywhere from 500 to 3,000 network devices. The Large Campus Design is intended to support a network with 2,000 network devices or more. Note that these numbers represent network-attached devices (PCs, IP phones, printers, access points), not users. Attempting to base a network design on users is becoming increasingly difficult as more devices are being connected to the infrastructure. Therefore, recommendations are based on network-attached devices. The ultimate goal of these designs is to provide a highly reliable infrastructure with subsecond, seamless failover preventing any interruption of traffic on the network. The value in this is twofold. First, in the event of a failure, no loss of connectivity or traffic will be experienced by the end user. Secondly, and probably just as important, is the ability to provide hitless software upgrades for the core of the network. The architecture shown in the following figure includes all areas of the Nortel Converged Enterprise solution.

FIGURE 1-2: CONVERGED ENTERPRISE SOLUTIONS ARCHITECTURE
1
Two-tier architecture compared to three-tier architecture

When designing a Converged Campus solution, two major topologies can be implemented: The two-tier architecture, in which all edge switches terminate in the core of the network. The three-tier architecture, in which the edge switches terminate in a distribution layer network. The distribution layer network then terminates in the core. Three-tier architecture is usually required when the existing cable plant cannot support a two-tier deployment because of fiber distances or physical layout of the fiber. With both designs, there are several areas of configuration that must be taken into consideration in order to build a truly resilient network. There are also issues to be reviewed regarding the selection of the proper edge-switching solution.
1
From a switching/routing perspective, there are two options to be considered: Layer 2 at the edge with Layer 3 in the core/distribution Layer 3 at the edge with Layer 3 in the core/distribution Nortel provides Ethernet switching platforms that can provide either design alternative. There is no right answer for all possible designs; however, the Nortel design philosophy is to always keep the architecture as simple as possible without compromising resiliency and scalability. This philosophy results in easier management and an overall lower TCO by centralizing routing in the core and distributing intelligence across the network. The detailed topology in the following figure shows a typical deployment scenario in a twotier architecture design. The next figure shows the same scenario in a three-tier architecture design.
FIGURE 1-3: TWO-TIER ARCHITECTURE Converged Network Architecture Overview
Core
Edge
10

FIGURE 1-4: THREE-TIER ARCHITECTURE
1
Core Distribution Edge
Design recommendation
Deploy a two-tier architecture whenever possible. This simplifies the network, reduces the amount of equipment required, and does not compromise scalability and resiliency. The two-tier architecture supports either Layer 2 or Layer 3 at the edge. As a general rule, if you are aggregating fewer than 3,000 devices, it is desirable to use Layer 2 between the access and core. If you are aggregating more than 3,000 devices, use Layer 3 between the access and core: This helps distribute ARP tables, simplifies subnet provisioning, and, with Routed Split MultiLink Trunking (RSMLT), it allows the extension of Layer 2 virtual local area networks (VLANs) across multiple access switches when necessary.
Note
RSMLT provides full redundancy in core networks and provides rapid failover, eliminating routing protocol timer dependencies when network failures occur.
11
1
Under normal circumstances, avoid bridging VLANs between edge closets. Nortel recommends keeping Layer 2 VLANs at the edge and routing between VLANs at the core. If a three-tier architecture is deployed, Nortel recommends using Layer 3 between the distribution and core layers, using RSMLT for these connections. The same rules apply to the connections between the access and distribution layers (for fewer than 3,000 devices, use Layer 2; for more than 3,000 devices, use Layer 3). With any of these options, it is critical to deploy an end-to-end QoS strategy to ensure that mission-critical applications are able to provide the required quality of experience for the users.
Edge switching: chassis compared to stackable

Several factors come into play when choosing the edge-switching solution, including selecting the edge product. Keep in mind that the stacking technology continues to evolve and is getting closer and closer to simulating a modular chassis solution in many respects.
Note
A stackable switch is an Ethernet switch that can operate as a stand-alone switch or can be stacked with other Ethernet switches to (a) operate as a single switch with a single IP address, and (b) have the port capacity that is the sum of all the switches in the stack.
Switch reliability is a key concern. In the past, modular switches were thought to be more reliable with redundant power supplies, redundant fan trays, and redundant Switch Fabrics and CPUs than stackable switches. The evolution of the stackable switch, however, has reduced the disparity between the two platforms by employing a resilient stacking architecture, supporting external redundant power supplies, and providing features such as auto unit replacement and new unit quick configuration. Both the stackable and the modular chassis solutions can provide an equally reliable edge solution today. Scalability of the edge switch includes the ability to add ports easily, increase bandwidth out of the closet, and add protocols and features within the closet. A chassis solution typically adds ports by adding new input/output (I/O) modules in the chassis, while stackable switches add ports by adding switches to the existing stack. Both solutions limit the total number of ports supported in a single stack/chassis. The stackable switches provide more flexibility when adding bandwidth out of the closet. A stack can be broken up into two or more stacks, thus increasing bandwidth out of the closet very easily. As stackable switches are added to the closet, each one must be powered individually, which uses several outlets in the closet. In contrast, only two to three outlets are usually required for a chassis solution. The stackable option will require the use of an external power supply when redundant power is necessary. For the most part, the same protocols and features are available on both platforms; however, scalability of those protocols is normally greater in a chassis solution. It is easier to redeploy
12
1
stackable switches as a stack or stand-alone unit, whereas the modular chassis requires additional hardware to support the I/O modules. Serviceability and manageability differences between the two solutions are minimal. With both solutions, you can add ports easily, perform software upgrades, retain multiple configurations, and manage the stack or chassis as a single entity. Rack space can also be a consideration when selecting the edge-switching platform. Typically, a stackable solution takes up less total rack space than a chassis solution in both height and depth. Stackable switches require rear access for power connections and stacking connections, whereas a chassis solution requires only front access. The final consideration between the two solutions is price. Usually, a chassis solution is slightly more expensive than a stackable solution due to the additional Switch Fabric/CPU (SF/CPU), chassis, and power supplies needed. In summary, both solutions offer good reliability and scalability. Each customer must decide which option provides the best solution for his organization.
Design recommendation
When selecting an edge-switching solution, consider the following: stackable resilient stacking architecture: always use stacking return cable uplink redundancy: distribute uplinks across multiple switches in the stack power redundancy: use external Redundant Power Supply Unit (RPSU), preferably on separate electrical circuits chassis redundant Switch Fabrics uplink redundancy: distribute uplinks across multiple I/O modules in the chassis power redundancy: use N+1 power supplies, preferably on separate electrical circuits
Knowledge Check 1-1: Converged Network Architecture Overview
13
Knowledge Check 1-1: Converged Network Architecture Overview

Answer the following questions. Answers to these Knowledge Check questions are located in Appendix A: Answers to Knowledge Check Questions. 1. The main goal of the Converged Campus architecture is to provide
a. b. c.
1
an infrastructure that is resistant to hurricanes and other natural disasters. an infrastructure that is resilient, secure, and flexible while being easily manageable. an infrastructure that contains many interchangeable parts to reduce the maintenance expense. an infrastructure that includes artificial intelligence to reduce the amount of human intervention in the daily operations.
d.
2. Although the definitions and design standards vary, under most conditions what size Converged Campus would support 1,800 devices?
a. b. c. d.
small campus large campus virtual campus medium campus
3. There are two major topologies that can be implemented in a Converged Campus design. They are listed below. Describe the key features and advantages of each topology.
a. b.
two-tier architecture three-tier architecture
4. When considering edge switching, which technology uses an external RPSU power supply and uplinks distributed across multiple switches?
a. b.
stackable switches modular chassis switches
14
1
Chapter summary
In this chapter, you learned how to: describe the goals of the converged network architecture describe the features of the converged network architecture discuss the two-tier and three-tier architecture and when to use them discuss the advantages and disadvantages of chassis and stackable switch solutions
Resources
These resources can be downloaded from www.nortel.com by using the Search tool. Converged Campus Technical Solution Guide
7: Nortel Split MultiLink Trunking

The purpose of this chapter is to describe how Split MultiLink Trunking (SMLT) operates in the network, show the advantages of SMLT, and identify design considerations for SMLT.
Chapter 7 Topics:
In this chapter, you will learn how to: describe how Split MultiLink Trunking (SMLT) works and its advantages over Spanning Tree Protocol describe the SMLT topologies supported in the Converged Campus describe the detailed VLAN/IP Routing configuration used to support SMLT describe the advantage of Single Link Trunking (SLT) identify the Nortel Switch Cluster Reference Architecture, including the supported topologies describe the loop protection and CPU protection mechanisms describe the SMLT design recommendations for the Converged Campus
7
Nortel Split MultiLink Trunking
124
Key Terms
802.1Q frame tagging 132 Address Resolution Protocol (ARP) Detect feature 139 BPDU filtering 148 139 139 126 142 126 144 136 139 137 Control plane rate limit (cp-limit) Extended cp-limit (ext-cp-limit) Forwarding database (FDB) HardDown Interswitch Trunk (IST) Loop Detection feature Loop Prevention mechanisms Rate limiting Resilient Switch Cluster Routed Split MultiLink Trunking (RSMLT) Simple Loop Prevention Protocol (SLPP) Single Link Trunking (SLT) SoftDown Split MultiLink Trunking (SMLT) Square switch cluster topology Switch Clustering Three-tier design Triangle switch cluster topology Two-tier design Virtual LACP (VLACP) 136 139 134 142 125 135 125 138 136 137 139
7
Full Mesh switch cluster topology 135
Understanding Split MultiLink Trunking
125

Switch Clustering using Split MultiLink Trunking (SMLT) provides technology for the resiliency of the Converged Campus design. Providing redundant links that forward traffic with no spanning tree allows the ultimate design in a converged environment. Subsecond failover and the simplicity of a network without spanning tree reduce total cost of ownership (TCO) and ensure that multimedia and IP Telephony will function flawlessly in the event of a single point of network failure. Switch Clustering also provides the ability to perform virtual hitless upgrades of the core switches (cluster). With redundant connections to the cluster, a single core switch can be taken out of service without interrupting end-user traffic. This switch then can be upgraded and brought back into service. By performing the same function on the other switch, after the upgraded switch is back online, the entire cluster can be upgraded without a service outage and without interrupting any traffic flows on the network. A vital feature of Switch Clustering is its ability to work transparently with any end device that supports some form of link aggregation. These end devices include third-party switches, servers, or appliances. SMLT is a Nortel-proprietary form of link aggregation that provides a way to combine two switches into one logical device for L2 networking. SMLT connects a MultiLink Trunking (MLT) switch to a pair of SMLT switches. The introduction of SMLT makes the need for Spanning Tree Protocol (STP) and its complexity obsolete. The SMLT feature is now available on the ERS 8600, 8300, 1600 and 5500 switches. SMLT provides redundant paths and Media Access Control (MAC) address synchronization across peer aggregator switches, which results in fast failover/recovery and better traffic load balancing for access switch traffic.
FIGURE 7-1: UNDERSTANDING SMLT
7
> SMLT is:

MLT or Link Aggregation configured on one side Opposite side split among two switches (SMLT)
SMLT Client Closet

Link Aggregation
> Inter-switch trunk (IST) is between SMLT aggregation switches.

IST should be a reliable link (Gigabit Ethernet with MLT).
SMLT
Core
> Both links are active.
IST SMLT Aggregation Switches
126
How SMLT works

In SMLT, two devices are connected by an Interswitch Trunk (IST). The IST is a reliable link using any Ethernet interface (Gigabit is recommended). Edge switches use static link aggregation or MultiLink Trunking (MLT). SMLT combines two switches into one logical device for L2 networking. From the device on the edge, the link, made up of multiple ports, is treated as going to the same destination switch in the core. Therefore, the edge switch forwards traffic over the Link Aggregation Group (LAG) using its local outbound rules for hashing and distribution. The two core switches use the IST to share L2 learned information, so they appear as one. Any new MAC addresses learned by one switch across the SMLT initiate an update through the IST to the other switch. The result is that the forwarding databases (FDBs) are synchronized for all VLANs that are part of the SMLT. In the example in the next figure, the workstations MAC address is learned by the edge switch on Port 1/1 as part of VLAN 1, which also extends to the core for routing. As a packet from the workstation is forwarded to the core, only one path of the Link Aggregation Group (LAG) is chosen based on link aggregation distribution rules. The core switch learns the MAC address on the SMLT link within VLAN 1 and then uses the ISTs control VLAN to inform the other SMLT switch that this MAC address has been learned on the SMLT link. The result is that both FDBs reflect the MAC address and forward traffic back to the workstation using its own local link.
FIGURE 7-2: HOW SMLT WORKS
7
> SMLT combines two switches into one logical device for L2 networking. > IST is used by the two switches to share L2 learned information so they appear as one.
New MAC addresses learned by one switch initiate an update through the IST to the other switch. The designated IST control VLAN implements a specialized control protocol that encapsulates the update in IP. The forwarding databases (FDB) are synchronized.
Outbound LAG rules pick path
IST
The MAC address is learned on the SMLT link The MAC address info is encapsulated across IST to update the other SMLT switchs FDB
127
Advantages of SMLT
Using SMLT increases scalability improves reliability of an L2 network, because it requires multiple active paths from edge to core avoids the use of spanning tree in a loop network provides rapid failure detection and rapid failover eliminates a single-point of failure speeds recovery in case of failure through hitless failover and hitless upgrades provides load-sharing of all links used provides 99.999 percent uptime
7
SMLT scalability
The following list shows the features of SMLT scalability: one Interswitch Trunk (IST) 31 SMLT links supports up to eight ports per IST/SMLT supports up to 20K MAC addresses 120 VLANs supported on SMLT switch
SMLT interoperability
SMLT is supported on 10/100/1000 Mps Ethernet Links, Asynchronous Transfer Mode (ATM), and Packet over SONET (PoS). The IST must be Ethernet, with Gigabit MLT highly recommended for bandwidth and no single point of failure. An SMLT switch pair can connect to all of Nortels MLT devices as well as to Cisco Etherchannel devices. These include Cisco switches and server cards supporting Etherchannel. SMLT interoperates with 802.3ad as well.
SMLT advantage: No spanning tree needed

The following two figures show a network with and without SMLT. The network without SMLT has redundant physical links from the edge to the core, but spanning tree is blocking the redundant links. Configuring SMLT allows the network to use the full bandwidth of every available physical link.
128

FIGURE 7-3: RESILIENT NETWORK WITH SPANNING TREE
7
L2
VRRP
L3
Root Bridge
VRRP
Blocked Ports
L2
FIGURE 7-4: RESILIENT NETWORK WITH SMLT
L2
VRRP
L3
VRRP
No Loops No Spanning Tree!
L2
129
SMLT advantage: Link failure scenario

In the case of a link failure of some sort, whether a cable failure, a module failure, or a stack unit failure, the edge switch continues to transmit data to the core. Consider the situation shown in the following Link failure scenario figures. Host A is communicating with Server D, and Host B is communicating with Server C over the indicated legs of the SMLT. If the right leg of the SMLT goes down due to link failure, Host B can still reach Server C. Host Bs traffic flows down the left leg of the SMLT to the switch on the left, then crosses the IST between the two switches, and from there goes to Server C. The failover happens almost immediately, in less than a second.
FIGURE 7-5: LINK FAILURE SCENARIO, 1 OF 2
Host A Host B
7
Module/Link Failure
SMLT Links
Inter Switch Trunk
Server C
SMLT Links
Server D
130

FIGURE 7-6: LINK FAILURE SCENARIO, 2 OF 2
Host A Host B
Module/Link Failure
7
SMLT Links
Inter Switch Trunk
Server C
SMLT Links
Server D
SMLT advantage: Total failure scenario

Consider what happens when one of the core 8600s totally fails, as shown in the following total failure scenario figures. Host A now communicates with Server D through the righthand 8600. Note that if the right-hand switch failed, Host B would be unable to communicate with Server C because Server C does not have a redundant link to the core.

FIGURE 7-7: TOTAL FAILURE SCENARIO, 1 OF 2
Host A Host B
131
Total Switch Failure

SMLT Links
7
Inter Switch Trunk
Server C
SMLT Links
Server D
FIGURE 7-8: TOTAL FAILURE SCENARIO, 2 OF 2

Host A Host B
Total Switch Failure

SMLT Links
Inter Switch Trunk
Server C
SMLT Links
Server D
132
Detailed SMLT topology

Refer to the detailed SMLT topology example for the following discussion on SMLT topology.
FIGURE 7-9: DETAILED SMLT TOPOLOGY EXAMPLE
VLAN 3
7
VLAN 2 VLAN 1
T T
802.1Q Tagging
MLT Tagged SMLT Trunk

T
VLAN 3 VLAN 2
VLAN 3 VLAN 2
VLAN 1 VLAN IP Interface 1 172.16.1.1/24 2 172.16.2.1/24 3 172.16.3.1/24 8 192.168.8.1/24
VLAN 1 VLAN IP Interface 1 172.16.1.2/24 2 172.16.2.2/24 3 172.16.3.2/24 8 192.168.8.2/24
MLT VLAN 8 VLAN 10

T T
VLAN 8 VLAN 10
IST
SMLT VLAN membership

You can configure multiple VLANs in the SMLT. Both switches configured in the SMLT must have the identical SMLT VLAN configuration so that forwarding through either switch produces predictable frame forwarding. MAC addresses learned on a VLAN in one SMLT switch are mirrored to the same VLAN forwarding database of the other SMLT switch. In this example VLAN 1, VLAN 2, and VLAN 3 are being carried across the SMLT to the Ethernet Switch. All three switches have these three VLANs configured. Traffic from the Ethernet Switch may be forwarded out either MLT port member to either ERS SMLT member. The Ethernet Switch uses outbound MLT algorithm rules for choosing the path.
802.1Q frame tagging

Ports, as part of an SMLT configuration, may be tagged or untagged. Port configurations should be consistent for predictable frame forwarding. The tagged setting allows multiple VLANs to be carried across the switch links maintaining their VLAN identity. An added benefit of tagged ports is the propagation of 802.1p L2 priority bits.
133
In the example, all the interswitch links shown are configured with port tagging enabled (indicated by T).
Interswitch Trunk configuration

All VLANs that are members of the SMLT must be propagated across the link between the SMLT members. This link includes the Interswitch Trunk (IST) that is made up of IP interfaces configured on VLANs on both SMLT switches. The VLAN that is used as the IST may also be used for routed traffic between switches. In the example, VLAN 1, VLAN 2, and VLAN 3 are members of the MLT between the ERSs because they are members of the SMLT. VLAN 8 is configured as the IST VLAN. The IP addresses of the VLAN 8 IP interfaces are required when configuring the IST. The link between ERSs may also include VLANs not involved in the SMLT configuration. In this example VLAN 10 is not participating in the SMLT configuration.
7
Traffic flow in an SMLT

The ERS controls the traffic flow in an SMLT environment using the following basic rules. After a packet is received, a lookup is performed on the forwarding database. If an entry exists and it was locally learned from the SMLT locally or through the IST remote switch, the ERS forwards it out on local port. (The packet should not be sent to the IST for forwarding unless there is no local connection.) Unknown and Broadcast packets are flooded out all ports that are members of this VLAN. For load-sharing purposes in an SMLT scenario, the switch obeys the MLT traffic distribution algorithm.
Configuring SMLT
In order to configure SMLT, you must create an IST between two ERS 8600s. The two switches use the IST to share Layer 2 information (the forwarding database) with each other. This enables them to send identical information to the switch on the edge, so the edge switch is fooled into thinking it connects physically to only one 8600. There are certain limitations on creating your ISTs, as follows: An ERS can participate in only one IST at a time. This means that you can only connect two ERSs in any give IST configuration; you cannot daisy-chain three or more ERSs together using ISTs. You must set up your IST as a Nortel-standard MultiLink Trunking (MLT). You cannot create an IST using 802.3ad. Note that your IST functions as a standard MLT for the purpose of passing traffic between the two core ERSs. IST is an application that runs over the MLT between the two switches, exchanging control information across a VLAN dedicated to that purpose. Nortel recommends that you use Gigabit Ethernet links into an MLT to carry the IST. Edge switches use standard MLT (link aggregation).
134
Switch Clustering terminology

Single Link Trunking
Single Link Trunking (SLT) is a port-based option of SMLT where only one port from each core switch is used in the SMLT. It is best used in large-scale deployments of edge switches from a single Switch Cluster. Every port (except at least two for the IST) can be used for SLT groups terminating into the cluster, with each SLT group consisting of a maximum of two uplinks (one for each core Ethernet Routing Switch). For most typical deployments, the ability to have two connections for each edge switch/stack is more than sufficient bandwidth and allows a single cluster to handle many environments. The flexibility of the Nortel edge switch solutions allows for uplinks ranging from 10 Mbps to 10 Gbps. (Uplinks within the same SLT group must be of the same media type and link speed.)
7
Split MultiLink Trunking

The MLT-based SMLT option allows for increased scaling of the number of links within a single SMLT group. The number of links supported in an SMLT group is the same number of MLT links supported on the Ethernet Routing Switch platform being used for the Switch Cluster. The SMLT links can be spread across the Switch Clusterusually in an even dispersion, but this is not an absolute requirement. One MLT group must be used to create the IST between the two switches used to form the Switch Cluster.
FIGURE 7-10: COMPARISON OF SLT AND SMLT OPTIONS
SLT Single Link Trunking Standard Layer 2 design using port-based connections
SMLT Split MultiLink Trunking Standard Layer 2 design using MLT-based connections
Maximum two uplinks for each edge connection
Scaling uplinks between the edge and the core
Maximum number of SLTs supported per cluster is number of ports on one core switch less two required for IST.
Maximum number of SLTs supported per cluster is number of MLT groups supported less one required for IST.
135
Switch Cluster support by ERS model

The following table highlights the scaling capabilities of the various ERS with regard to MLT, SMLT, and SLT capabilities.
TABLE 7-1: SWITCH CLUSTERING FEATURES BY ERS MODEL
Switch Model ERS 8600 Legacy ERS 8600 R module ERS 8300 ERS 5500 ERS 1600
Links per MLT Group 8 8 4 8 4
MLT Groups per Switch or Stack 32 128 31* 32* 7
MLT-Based SMLT Groups Fiber (1GbE) 31 127 30 31 6 Fiber (10GbE) 31 127 30 31 6
Port-Based SLT Groups Fiber (1GbE) 238 238 398 94 22 Fiber (10GbE) 22 22 64 14 N/A
7
Copper 31 127 30 31 6
Copper 382 382 382 382 46
*Advanced software license is required on the ERS 8300 and the ERS 5500 for SMLT.
Switch Cluster topologies

There are three supported topologies with Switch Clustering. The use of each of these topologies depends on the overall design of the network. TriangleSingle Switch Cluster at the core with the edge directly connected using SLT or SMLT SquareTwo pairs of Switch Clusters interconnected by SMLT. Squares can be scaled with additional pairs of Switch Clusters. Full meshExpanding on the Square topology, the full mesh adds connections between the pairs so that each switch has at least one connection to every other switch in the square. Full mesh topologies can be scaled with additional pairs of Switch Clusters.
136

FIGURE 7-11: SWITCH CLUSTER TOPOLOGIES
7
Switch Clustering reference architecture

In order to easily identify different aspects of the Switch Cluster design, the following reference architecture is used throughout the discussion on best practice recommendations. The following diagram depicts a six-switch core for completeness, showing the triangle, square and full mesh topologies. Please note that this is not a requirement for implementing switch clustering. AccessSLT and SMLT represent connections from the core out to the edge closets and are normally in a standard triangle configuration. CoreSMLT or Routed Split MultiLink Trunking (RSMLT) connections exist between Switch Clusters and can be formed using either the square or full mesh topologies. SMLT connections are used for the core so that bandwidth can easily be added. To add bandwidth, simply add another connection to the MLT group that forms the SMLT. The major difference between the access and the core is in the Loop Prevention mechanisms recommended for each. The core is obviously more critical to the overall network and is also a much more controlled environment; therefore, the best practice implementation will differ between the access and the core. A more detailed discussion on these techniques follows.

FIGURE 7-12: SWITCH CLUSTER ARCHITECTURE
137
Architecture
Access SLT and SMLT represent connections from the core out the edge closets and are normally in a standard triangle configuration.
7
Core SMLT or RSMLT is used to connect the Switch Clusters. Bandwidth is increased by adding connections to the MLT group that forms the SMLT.
l t hit
Two-tier design: Core to edge

With the basic two-tier design, the edge switches connect directly into the core. In the Converged Campus, the core is a Resilient Switch Cluster consisting of a minimum of two ERSs with sufficient port density to accommodate dual homing of all edge switches. An IST ties the pair of switches together to form the Resilient Switch Cluster. The IST is a critical component of the Switch Cluster and therefore must be highly resilient. The architecture of Switch Clustering and the traffic flow through the cluster is such that there is not a high volume of traffic across the IST, so resiliency of the connection is more important than total bandwidth. The architecture is very flexible and can accommodate most design scenarios. The standard recommendation is to have Layer 2 at the access (on the edge switches) and Layer 3 at the core. This architecture does not preclude the ability to extend Layer 3 to the access if that is desired.
138

FIGURE 7-13: TWO-TIER ARCHITECTURE
7
Three-tier design: Core to distribution to edge

With a three-tier design, a distribution layer is inserted between the edge and the core. A distribution layer is needed if there is a certain physical infrastructure, such as fiber plant layout, or if there multiple buildings on a single campus that need to be connected. In the latter case, the building cores would form the distribution layer and connect back to a centralized core. In situations where three tiers are necessary, there are options on the deployment of Switch Clustering for resiliency between the layers. The edge to distribution considerations are the same as described in the above section. Between the distribution and core layers, there are different options available based on the architecture deployed.
Layer 2 between distribution and core: SMLT

In the attempt to centralize routing functionality and distribute the intelligence throughout the network, it is easy to keep a simple Layer 2 architecture between these two layers of the network. In this design, the distribution to core connectivity mimics that of the edge to the core described in the above section. The main difference lies in the ability to fully mesh the distribution to the core. A fully meshed solution provides the highest level of resiliency possible while still maintaining subsecond failover and recovery. A square or full mesh is mandatory to maintain full resiliency and bandwidth between distribution and core.
Layer 3 between distribution and core: Routed SMLT

If routing is desired between the distribution and core layers, deploy RSMLT to maintain subsecond failover and recovery while running a standard Interior Gateway Protocol (IGP)
Protection mechanisms in the switch cluster
139
routing protocol such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF). RSMLT builds on the SMLT technology by providing an active-active router concept to SMLT networks with routing enabled on the core VLANs. In the case of a routing switch failure, RSMLT takes care of packet forwarding at Layer 2 while the routing protocol converges at the Layer 3 level. This allows the nonstop forwarding of traffic in the event of any failure, with no disruption to the user. Another huge advantage of RSMLT is the ability to extend Layer 2 subnets, which is impossible if using only Layer 3 routing between the core and distribution.
FIGURE 7-14: THREE-TIER ARCHITECTURE
7

Protection features recommended to ensure a solid and resilient infrastructure include: CPU protection Control plane rate limit (cp-limit) Extended cp-limit (ext-cp-limit) Loop protection Loop detection Address Resolution Protocol (ARP) Detect Rate limiting Simple Loop Prevention Protocol (SLPP) Bridge Protocol Data Units (BPDU) filtering Virtual Link Aggregation Control Protocol (VLACP)
140
With the implementation of Switch Clustering, there are several protection features that are recommended for use to ensure a solid and resilient infrastructure. This section details each of these features and describes their functionality. The applicability of each of these features, either separately or in conjunction, varies by hardware platform being used and the corresponding software installed. Improvements in software capabilities and features also cause this variation.
7
The design recommendations at the end of this section highlight the software levels and features recommended for use with each protection feature. Always consult the latest Release Notes for the most up-to-date information on recommended feature use.
Control plane rate limit (cp-limit)

Control plane rate limit (cp-limit) controls the amount of multicast control traffic, broadcast control traffic, and exception frames that can be sent to the CPU from a physical port (for example, an OSPF hello or a RIP update). It protects the CPU from being flooded by traffic from a single, unstable port. Cp-limit limits the volume of control multicast and broadcast traffic that is sent to the CPU; for example, an IP subnet broadcast. This differs from port rate limiting, which limits the noncontrol broadcast and multicast traffic that passes through the switch, but does not require processing from the CPU. The cp-limit feature is configured by port within the chassis. The cp-limit default settings are: Default state is enabled on all ports. When creating the IST, cp-limit is disabled automatically on the IST ports. Default multicast packets-per-second value is 15,000. Default broadcast packets-per-second value is 10,000. If the actual rate of packets per second (pps) sent from a port exceeds the defined rate, then the port is administratively shut down to protect the CPU from continued bombardment. A Simple Network Management Protocol (SNMP) trap and a log file entry are generated indicating that the physical port that has been shut down and identifying the packet rate causing the shut down. To reactivate the port, you must first administratively disable the port and then re-enable the port. Having cp-limit disable an IST port in this way could impair network traffic flow, as this is a critical port for SMLT configurations. Nortel recommends that an IST MLT contain at least two physical ports, although this is not a requirement. Nortel also recommends that cp-limit be disabled on all physical ports that are members of an IST MLT, which is the default configuration. Disabling cp-limit on IST MLT ports forces another, less-critical port to be disabled if the defined cp-limits are exceeded. This preserves network stability in case a protection condition (cp-limit) arises. Note that, although it is likely that one of the SMLT MLT ports (risers) would be disabled in such a condition, traffic would continue to flow uninterrupted through the remaining SMLT ports.
141
CP-limit design recommendations

Enable cp-limit on all SLT/SMLT ports in the distribution/core. Disable cp-limit for all ports in the IST. Ports participating in the IST should never be shut down under any circumstances. In multi-tiered core environments, Nortel recommends that edge closet switches have cplimit values less than the values used on the core links. This way, if an offending device does transmit malicious traffic, the edge switches will be triggered by the lower values, thus preventing the important core links from shutting down. This practice will also aid in isolating problems. For edge- and server-connected ports, if the connected device produces traffic to the levels for which cp-limit is configured, the connected port will be disabled when it starts transmitting. The traffic must be baselined so the default values can be adjusted to the required needs.
TABLE 7-2: RECOMMENDED VALUES FOR CP-LIMIT
7
Recommended cp-limit values

Broadcast Aggresive Workstation Server Non-IST Interconnection Moderate Workstation Server Non-IST Interconnection Relaxed Workstation Server Non-IST Interconnection 4000 7000 10000 4000 7000 10000 2500 5000 9000 2500 5000 9000 1000 2500 7500 1000 2500 7500 Multicast
142
Note
Altering cp-limit values from their defaults during normal network operation can cause the links to become disabled. Nortel strongly recommends that you obtain a baseline of the network traffic across the links, choose the right value, and apply.
7
Extended cp-limit (ext-cp-limit)

The ext-cp-limit feature goes one step further than cp-limit by adding the ability to read buffer congestion at the CPU as well as port-level congestion on the I/O modules. This feature protects the CPU from any traffic hitting the CPU by shutting down the ports that are responsible for sending traffic to CPU at a rate greater than desired. To make use of ext-cp-limit, configuration must take place at both the chassis and port level. The network administrator must predetermine the number of ports that should be monitored when congestion occurs. Ext-cp-limit can be enabled on all ports in the chassis, but when congestion is detected, ext-cp-limit monitors the most heavily used ports in the chassis. The number of heavily used ports monitored is configured in the MaxPorts parameter as described below.
Chassis-level configuration of ext-cp-limit

The following parameters are available for configuring ext-cp-limit at the chassis level: MinCongTime (Minimum Congestion Time) sets the minimum time, in milliseconds, that CPU frame buffers can be oversubscribed for before triggering the congestion algorithm. MaxPorts (Maximum Ports) sets the total number of ports that need to be analyzed from the may-go-down port list. PortCongTime (Port Congestion Time) sets the maximum time, in seconds, that a ports bandwidth use can exceed the threshold. When this timer is exceeded, the port is disabled. This parameter is only used by SoftDown. TrapLevel sets the manner in which an SNMP trap is sent if a port becomes disabled. None: no traps are sent (default value) Normal: sends a single trap if ports are disabled Verbose: sends a trap for each port that becomes disabled
Port-level configuration of ext-cp-limit

The following parameters are available for configuring ext-cp-limit at the port level: HardDown disables the port immediately when the CPU frame buffers are congested for a certain period of time. SoftDown monitors the CPU frame buffer congestion and the port congestion time for a specified period. The ports are disabled only if the traffic does not subside after the time has been exceeded. The network administrator can configure the maximum number of SoftDown ports to be monitored.
143
CplimitUtilRate defines the percentage of link bandwidth use to set as the threshold for the PortCongTime. This parameter is only used by SoftDown. The following two figures detail the flow logic of the HardDown and SoftDown operation of ext-cp-limit.
FIGURE 7-15: EXT-CP-LIMIT HARDDOWN OPERATION
7
144

FIGURE 7-16: EXT-CP-LIMIT SOFTDOWN OPERATION
7
Ext-cp-limit design recommendations

Enable the SoftDown option on all ports except IST on the ERS 8600 Release 4.1 or later, using the following values: Maxports = 5 MinCongTime = 3 seconds (default) PortCongTime = 5 seconds (default) CPLimitUtilRate = Dependent on network traffic The network should be baselined to understand what the average use rate is. After the average rate is known, the CPLimitUtilRate can be set to a value higher than the average rate. This should be a rate that is considered out of the norm for use, which would indicate port congestion. For example, if the average use rate is 10 percent, then a rate of 25 percent could indicate a potential issue on the network.
Loop detection
On a per-port basis, the Loop Detection feature detects MAC addresses that are looping from one port to other ports. After a loop is detected, the port on which the MAC addresses were
145
learned is disabled. If a MAC address is found to be looping, the MAC address is disabled for that VLAN. The Loop Detection feature is used at the edge of a network to prevent loops. It detects whether the same MAC address appears on different ports. This feature can disable a VLAN or a port. The Loop Detection feature can also disable a group of ports if it detects the same MAC address on two different ports five times in a configurable amount of time. The Loop Detection feature can only be enabled on SMLT ports and can never be used on IST ports or core SMLT square or full mesh ports. The Loop Detection feature is configured per switch. If a loop detection event takes place, peer switches are not notified. The Loop Detection feature has the following traits: Loop detect action set to macdiscard. If a source MAC address is found to loop, and the specified loop detect action is macdiscard, the MAC address is disabled. Any incoming packets with this source or destination MAC address will be discarded for that VLAN. Ports, VLANs, and MAC addresses that have been disabled by the Loop Detection feature are re-enabled for automatic recovery. Loop detection cannot be enabled on IST trunk ports. This feature is only recommended for certain releases of ERS 8600 software. Consult the table at the end of this section for specific information on those releases.
7
Address Resolution Protocol Detect

The Address Resolution Protocol (ARP) Detect feature shuts down a port when an ARP loop is detected. ARP Detect works in conjunction with the Loop Detect feature described above. This option only works when Loop Detect is enabled and can be cleared by disabling Loop Detect. This feature is only recommended for certain revisions of ERS 8600 software. Consult the table at the end of this section for specific information on those revisions.
Loop Detect and ARP Detect design recommendations

Enable Loop Detect and ARP Detect on SMLT ports. Do not enable Loop Detect or ARP Detect on the IST ports. Be sure to enable Loop Detect with the action of port down as opposed to the action of VLAN down. This feature disables the port where a MAC incorrectly shows up (looping port) due to MAC flapping between the correct port and the looping port.
Rate limiting
Port level rate limiting limits packets with broadcast and/or multicast addresses to control the amount of user traffic on a port. This functionality is configured by port. For each port, the network administrator can configure a rate limit for broadcast traffic and a rate limit for multicast traffic. These rates are configured as the maximum packets per second allowed for that traffic type on that specific port.
146
It is extremely important to understand the network and application environment before configuring the rate-limiting feature. In certain environments, there naturally will be a higher rate of a traffic type due to the applications being used. For example, in a network that uses multimedia communications, such as streaming video and video on demand, there likely will be a higher rate of multicast traffic. Rate limiting this traffic could adversely affect the applications being used.
7
Rate limiting design recommendation

If rate limiting is implemented, it should be done at the edge of the network, as close to the user as possible. This will have the greatest effect on overall traffic, as limiting will occur before traffic reaches the core of the network.
Simple Loop Prevention Protocol

Simple Loop Prevention Protocol (SLPP) provides active protection against Layer 2 network loops on a per-VLAN basis. SLPP uses a lightweight hello packet mechanism to detect network loops. SLPP packets are sent using Layer 2 multicast. Each switch only looks at its own SLPP packets or at its peers SLPP packets. It ignores SLPP packets from other parts of the network.
FIGURE 7-17: SIMPLE LOOP PREVENTION PROTOCOL (SLPP)
SLPP detects VLAN-based network loops

Sending hello packets on a per-VLAN basis allows SLPP to detect VLAN-based network loops for untagged as well as tagged IEEE 802.1Q VLAN link configurations. When a loop is detected, the port is shut down. The SLPP functionality is configured using the following criteria: SLPP Tx ProcessThe network administrator decides on which VLANs a switch should send SLPP hello packets. The packets are then replicated out all ports that are members of the SLPP-enabled VLAN. Nortel recommends enabling SLPP on all VLANs.
147
SLPP Rx ProcessThe network administrator decides on which ports the switch should act when receiving an SLPP packet that is sent by the same switch or by its SMLT peer. Enable this process only on Access SMLT/SLT ports. Do not enable the SLPP Rx process on IST ports or core SMLT/SLT ports in the case of square/full mesh core design. SLPP ActionThe action operationally disables the ports receiving the SLPP packet. You can also tune the network failure behavior by choosing how many SLPP packets need to be received before a switch starts taking an action. These values need to be staggered to avoid edge switch isolation. See the recommendations at the end of this section.
7
The occurrence of loops and SLPP

Loops may be introduced through the loss of an MLT configuration caused by user error or malfunctioning equipment on the edge. This scenario may not always introduce a broadcast storm, but because all MAC addresses are learned through the looping ports, it does significantly impact Layer 2 MAC learning. spanning tree would not in all cases be able to detect such a configuration issue, whereas SLPP reacts and disables the malfunctioning links, limiting network impact to a minimum. The desired outcome and goal is to prevent a loop from causing network problems while avoiding totally isolating the edge where the loop was detected.
SLPP primary and secondary switches

The Rx thresholds are staggered between the primary and secondary switch, so the primary switch disables an uplink immediately if a loop occurs. If this resolves the loop issue, the edge closet still has connectivity back through the SLPP secondary switch. If the loop issue is not resolved, the SLPP secondary switch disables the uplink and isolates the closet to protect the rest of the network from the loop.
SLPP design recommendations

SLPP Rx should never be configured on IST ports, as these ports should never be taken down under any circumstances. SLPP Rx should never be configured on SMLT core ports, those used to create a square or full mesh between Switch Clusters. Recommended SLPP settings for primary and secondary switches are shown in the table below.
TABLE 7-3: RECOMMENDED SLPP SETTINGS
ERS 8600 Switch

Primary
Ethertype
Default
Packet Rx Threshold
1
Transmission Interval
Default
Secondary
50
148
Bridge Protocol Data Units filtering

The Bridge Protocol Data Units (BPDU) filtering feature was originally developed to prevent an unwanted root selection process when a new device was added to a spanning tree network and/or to prevent unknown devices from influencing an existing spanning tree topology. When BPDU filtering is enabled on a port and a BPDU is received, that port is disabled and does not pass any traffic.
7
This feature can also be used to help protect a switch cluster network from inadvertent loops. Nortel recommends enabling spanning tree Fast Start on all access ports in the edge closet switches. With spanning tree enabled on these ports, BPDUs are automatically generated and sent out these ports. If two closets are mistakenly connected together as in the figure below, BPDU filtering disables the port receiving the BPDU and thus prevents a loop in the network, without adversely affecting the rest of the users in those closets and the entire network.
FIGURE 7-18: BPDU FILTERING
BPDU filtering design recommendations

Enable BPDU filtering on all access ports on the edge switches. Set timeout to 0: Port will remain disabled after a BPDU is received and require manual intervention to re-enable. BPDU filtering is not supported on MLT ports.
149
Virtual Link Aggregation Control Protocol

Although Virtual Link Aggregation Control Protocol (VLACP) has already been discussed, it is important to consider this feature in the context of Loop Prevention and CPU protection of Switch Cluster networks. This feature provides an end-to-end failure detection mechanism that helps prevent potential problems caused by misconfigurations in a Switch Cluster design. VLACP is configured by port, and traffic is only forwarded across the uplinks when VLACP is up and running correctly. The ports on each end of the link must be configured for VLACP. If one end of the link does not receive the VLACP Protocol Data Units (PDUs), it logically disables that port and no traffic can pass. This ensures that even if there is a link on the port at the other end, if it is not processing VLACP PDUs correctly, no traffic is sent. This feature alleviates potential black-hole situations by only sending traffic to ports that are functioning properly.
7
VLACP design recommendations

VLACP must be enabled on IST ports. Enable VLACP on all SMLT core links whenever possible. Enable VLACP on all SMLT/SLT access links whenever possible. Note that VLACP is Nortel Intellectual Property and therefore not supported on non-Nortel equipment. When enabling VLACP on local LAN connections, configure all links to use a unique MAC address (reserved multicast MAC of 01-80-C2-00-00-0F) to provide protection against links inadvertently being connected to an incorrect port by mistake; having a switch being reset to factory default; or having a configuration mistake causing a problem. When enabling VLACP on connections that traverse an intermediate optical network (such as a service provider LAN extension), do not use the reserved multicast MAC indicated above. Use the default address or another address that will be forwarded by the intermediate equipment. Make sure that the VLACP timers are set to the same value on both ends of the link and use the appropriate timeout values. Timeout Values Short = Fast periodic timer * timeout scale Long = Slow periodic timer * timeout scale
150

TABLE 7-4: VLACP RECOMMENDED VALUES FOR TIMERS AND TIMEOUT
Per Switch
ERS 5500 ERS 8300
Fast Timer
500ms 500ms 500ms N/A 500ms
Slow Timer
N/A N/A N/A 30000ms N/A
Timeout
Short Short Short Long Short
Timeout Scale
3 3 3 3 3
7
ERS 8600 Edge ERS 8600 Core ES 470
If VLACP is not supported on both ends of the SMLT link, Nortel recommends using MLT with Autonegotiation enabled.
Switch Cluster with SLT/SMLT/RSMLT design recommendations

There are several general design recommendations when deploying Switch Clustering with SLT/SMLT/RSMLT, whether in a two- or three-tier architecture. The following design aspects and switch features should be reviewed.
Edge switch design recommendations

All edge closets should be dual-homed and use SMLT between the edge and core/ distribution. On the edge switch, follow the design recommendation for Distributed MultiLink Trunking (DMLT), as no SMLT-specific configuration is necessary. Note that spanning tree must be disabled on the edge switch uplink ports participating in the SMLT. Failure to disable spanning tree can cause unexpected traffic behavior. Create a separate VLAN for the IST control VLAN and do not enable any Layer 3 protocols on this VLAN. The only exception to this rule is when Multicast Routing is enabled on the Switch Cluster. In this situation, Protocol Independent Multicast-Sparse Mode (PIM-SM) must be enabled on the Switch Cluster to insure fast recovery of multicast traffic. Use a private address space for the IST VLAN with a small subnet mask (for example, a 30bit mask). This VLAN should not be advertised outside of the Switch Cluster and is only required for IP communications between IST pairs. Verify that all VLANs participating in SLT/SMLT/RSMLT are configured on both IST peer switches and are tagged on both ends of the IST. Distribute physical IST connections between different modules in the chassis when applicable (ERS 8600 and ERS 8300) and use the lowest port numbers whenever possible. This provides a quicker initialization of the IST between the core switches.
151
If using MLT-based SMLT, it is good practice to use the same ID number for the MLT group and the corresponding SMLT group. This is not mandatory for configuration, but it simplifies operation and troubleshooting. Nortel recommends that you avoid overlapping the ID numbers when using MLT-based SMLT and port-based SLT. Follow the recommendations in the table below.
TABLE 7-5: RECOMMENDED SMLT ID VALUES
Switch Model
ERS 8600 Legacy ERS 8600 R-modules ERS 8300 ERS 5500 ERS 1600
Software Version
3.x4.0 4.1 and higher 3.0 and higher 5.0 and higher 2.1 adn higher
MLT-based SMLT IDs

132 1128 131 132 17
Port-based SLT IDs

33512 129512 32512 33512 8512
7
All SLT/SMLT uplinks should be 802.1Q tagged as this facilitates easily adding additional VLANs to the edge without impacting traffic. Ensure that Discard Untagged Frames is enabled on the SLT/SMLT Access ports in the core to prevent inadvertent connections to the core that potentially could cause loops or unexpected traffic flows. When configuring a core SMLT square or full mesh (SMLT between two pairs of switch clusters), use the same SMLT ID on both sides of the square/mesh for operational simplification. SMLT automatically disables Spanning Tree Protocol (STP) on the participating ERS 8600, ERS 8300, and ERS 1600 ports. Make sure to disable STP on the edge switch uplinks. STP must be manually disabled on all ports participating in SMLT on the ERS 5500. This includes both the IST and SMLT ports. Make sure to disable STP on the edge switch uplinks as well. Ports assigned to an MLT (IST) are indexed by a number starting at zero (0). The lowest port position (slot 1, port 1 in a chassis or switch 1, port 1 for a stand-alone/stackable) for an MLT link is assigned an index of zero. The next MLT link in the second lowest position gets an index of one (1) and so on. This index is used by the MLT algorithm to assign a flow over a particular MLT link. Therefore, Nortel recommends that you mate the lowest port position of one MLT link in a switch with the lowest port position of the peer switch. Follow this rule for all successive MLT links. This practice helps ensure that the MLT algorithm always resolves a flow over the same link between the two switches.
152
Core Switch loop and CPU protection

The table below highlights the loop and CPU protection mechanisms that should be used with respect to each of the Switch Cluster core solutions. Please note that not all features are available on all platforms. Nortel will continue to enhance the feature set of the various platforms to include these features where applicable.
TABLE 7-6: CORE SWITCH LOOP AND CPU PROTECTION
7
Hardware/ Software Platform

ERS 8600 3.7.0-3.7.4 ERS 8600 3.7.5-3.7.x ERS 8600 4.0.x ERS 8600 4.1.x ERS 8600 5.0.x ERS 8300 3.0.x ERS 8300 4.1.x ERS 5500 5.0.x ERS 1600 2.1.x
cplimit
Yes2 Yes2 Yes2 Yes2 Yes2 Yes1,2 Yes1,2 N/A Yes1,2
ext-cp-limit
N/A Yes1 (HardDown) N/A Yes2 (SoftDown) Yes2 (SoftDown) N/A N/A Yes2 (SoftDown) N/A
Loop Detect
Yes1 Yes1 Yes1 No No N/A N/A No N/A
ARP Detect
Yes1,2 Yes1,2 Yes1,2 No No N/A N/A No N/A
VLACP
Yes1 Yes1 Yes1 Yes1 Yes1 N/A Yes Yes1 N/A
SLPP
N/A N/A N/A Yes1 Yes1 N/A N/A Yes1 N/A
1 2
Loop Protection CPU Protection
Edge loop protection configuration

The following features are enabled on the edge switch access ports: BPDU FilteringRecommended as a loop protection feature Spanning Tree FastStartRecommended as a loop protection feature Port rate limitingRecommended as a CPU protection mechanism (optional)
ERS 8600 platform-specific recommendations

The ERS 8600 supports SMLT while using a single Switch Fabric (SSF)/CPU module in the chassis. If this configuration is required, ensure that the hardware I/O modules (specific to E modules) are at the correct hardware revision to support this feature and enable the single CPU SMLT feature in the software. This ensures SMLT ports on the I/O modules are
153
disabled if the Switch Fabric/CPU module fails or is removed from the chassis. There are no hardware restrictions when using R modules. The single CPU SMLT feature can be implemented in dual SSF/CPU chassis. This configuration provides a similar redundancy capability as high availability (HA) in an SMLT environment. The advantage of this feature is that there are no protocol restrictions as there are in HA mode. This feature is fully supported on R Modules. For support on other modules, consult your Nortel representative.
7
154
Knowledge Check 7-1: Nortel Split MultiLink Trunking

Answer the following questions. Answers to these Knowledge Check questions are located in Appendix A: Answers to Knowledge Check Questions. 1. A switch running MLT connected to an SMLT structure on the other end of the link should have STP
7
a. b.
enabled disabled
2. When running SLPP on top of an SMLT for loop protection, the Rx ports should be configured on the
a. b.
IST core ports SMLT core ports
Chapter summary
155
Chapter summary
In this chapter, you learned how to: describe how SMLT works and its advantages over Spanning Tree Protocol describe the SMLT topologies supported in the Converged Campus describe the detailed VLAN/IP Routing configuration used to support SMLT describe the advantage of Single Link Trunking (SLT) identify the Nortel Switch Cluster Reference Architecture, including the supported topologies describe the loop protection and CPU protection mechanisms describe the SMLT design recommendations for the Converged Campus
7
14: Converged Campus Ethernet Routing Switch Solutions

The purpose of this chapter is to review the Nortel Converged Campus Ethernet Routing Switch Solutions.
Chapter 14 Topics:
In this chapter, you will learn how to: describe the complete solution and technologies describe the small campus solution describe the medium campus solution describe the large campus solution
14
Converged Campus Ethernet Routing Switch Solutions
272
Key Terms
Cp-limit function Global Routing Table (GRT) Large campus solution Lightweight LACP Medium campus solution Nortel Converged Enterprise Routed Split MultiLink Trunking (RSMLT) Simple Loop Prevention Protocol (SLPP) 282 299 277 285 276 273 279 288 Small campus solution Split MultiLink Trunking (SMLT) Switch Clustering Virtual Link Aggregation Control Protocol (VLACP) Virtual Router Forwarding (VRF Lite) Virtual Router Redundancy Protocol with Backup Master 275 276 278 279 298 290
14
Nortel Converged Enterprise architecture
273

The Nortel Converged Campus solution combines a highly available network infrastructure with proven, feature-rich business telephony and applications. Nortel solutions provide a strong foundation for innovative converged applications such as IP telephony and multimedia. The underlying infrastructure must be able to support a multitude of applications and services across a single network. In order to maintain an expected quality of experience for the users, the network must be resilient, reliable, secure, and still provide high performance. The architecture shown in this figure includes all areas of the Nortel Converged Enterprise solution. We will focus specifically on the Converged Campus architecture for edge switching and core switching. The ultimate goal of these designs is to provide a highly reliable infrastructure with subsecond, seamless failover, preventing any interruption of traffic on the network. The value in this is twofold: First, in the event of a failure, no loss of connectivity or traffic will be experienced by the end user. Secondly, and probably just as important, is the ability to provide hitless software upgrades for the core of the network.
14
274

FIGURE 14-1: NORTEL CONVERGED ENTERPRISE ARCHITECTURE
14
Small, Medium, and Large Campus Designs

This section highlights three standard designs for the small, medium, and large campus with the strategic products, features, and best practices in each area that are presently available. Although the definition of small, medium, and large may vary between enterprise customers and between regions throughout the world, the designs are conceptually based on the network devices that can be adequately supported and the feature set required in each instance. Campus networks are not one size fits all. Nortel recognizes this fact and provides tremendous flexibility in the solution offerings. The Converged Campus designs are highly resilient, simple to deploy, easy to maintain, and scalable to the needs of the enterprise. The following three standard designs offer these features across the various Ethernet switching platforms.

FIGURE 14-2: SMALL, MEDIUM, AND LARGE CAMPUS DESIGNS
275
Small Campus Design

The Small Campus Design is intended to support a network of 1 to 1,500 network devices on the high end. The following figure shows an overview of the small campus components. Note that these numbers are network-attached devices such as PCs, IP phones, printers, and access points. They do not represent users. Attempting to base a network design on users is becoming increasingly difficult as more devices are being converged onto the infrastructure. Therefore, recommendations are based on network attached devices.
14
276

FIGURE 14-3: SMALL CAMPUS DESIGN
ERS 2500 edge switch 2526T, 2526T-PWR, 2550T, 2550T-PWR 2G Ethernet uplink ports per switch (16 per stack) up to 384 10/100 ports half ports support Power over Ethernet (PoE) on PWR switches resilient stacking architecture (Release 4.1) ERS 5530 Switch Cluster core 2G Ethernet Interswitch Trunks (IST) up to 10 edge closets using Single Link Trunking(SLT)/Split MultiLink Trunking (SMLT) Four 10G Ethernet ports for servers 12 10/100/1000 ports per switch
14
Medium Campus Design

The Medium Campus Design is intended to support a network of 500 to 3,000 network devices on the high end. The following figure shows an overview of the medium campus components.

FIGURE 14-4: MEDIUM CAMPUS DESIGN
277
ERS 4500 edge switch 4550T, 4550T-PWR, 4548GT, 4548GT-PWR 2G Ethernet uplink ports per switch (16 per stack) up to 384 10/100 ports or 384 10/100/1000 or mix all ports support PoE on PWR switches resilient stacking architecture (320 Gbps) ERS 8300 Switch Cluster core 2G Ethernet (IST) up to 398 edge closets (SLT) up to 30 edge closets (SMLT) 10/100/1000 ports for server connectivity
14
Large Campus Design

The Large Campus Design is intended to support a network of 2,000 network devices or more. The following figure shows an overview of the large campus components.
278

FIGURE 14-5: LARGE CAMPUS DESIGN
ERS 5500 edge switch 5510, 5520, 5530
14
24G Ethernet or two 10G Ethernet uplink ports per switch up to 384 10/100/1000 ports all ports support PoE on PWR switches resilient stacking architecture (640 Gbps) ERS 8600 Switch Cluster Core GbE or 10G Ethernet IST up to 238 edge closets (SLT) up to 127 edge closets (SMLT) 10/100/1000 and 10G Ethernet ports for server connections
Switch Clustering
Switch Clustering is the logical aggregation of two ERS nodes forming one logical entity known as the Switch Cluster (SC). The two peer nodes in a SC are connected via an Interswitch Trunk (IST). The IST is used to exchange forwarding and routing information between the two peer nodes in the SC. Switch Clustering uses Split MultiLink Trunking (SMLT), Single Link Trunking (SLT), Routed Split MultiLink Trunking (RSMLT), or Multicast Split MultiLink Trunking (MSMLT) depending on the physical and logical network
Switch Clustering
279
requirements. Switch Clustering is completely transparent to edge devices which connect to the Switch Cluster. With the implementation of Switch Clustering, there are several protection features that are recommended for use to ensure a solid and resilient infrastructure. The protection features and their support in the various ERS platforms are listed as follows.
SMLT protection mechanism

control plane rate limit (cp-limit) extended cp-limit (ext-cp-limit) Loop Detection feature Address Resolution Protocol (ARP) detect rate limiting Simple Loop Protection Protocol (SLPP) Virtual Link Aggregation Control Protocol (VLACP) Filter Untagged Frames
TABLE 14-1: FEATURE SUMMARY
Hardware Platform
ERS 8600 4.1.x
cp-limit
Yes2
ext-cplimit
Yes2 (SoftDown) N/A Yes1 (HardDown) N/A N/A N/A N/A
Loop Detect
No
ARP Detect
No
Port level rate limiting

Yes2
VLACP
Yes1
SLPP
Yes1
14
ERS 8600 4.0.x ERS 8600 3.7.53.7.x
Yes2 Yes2
Yes1 Yes1
Yes1,2 Yes1,2
Yes2 Yes2
Yes1 Yes1
N/A N/A
ERS 8600 3.7.03.7.4 ERS 8300 4.1 ERS 8300 4.0.x ERS 8300 3.x
Yes2 Yes2 Yes1,2 Yes1,2
Yes1 Yes No N/A
Yes2 Yes No N/A
Yes2 Yes No No
Yes1 Yes N/A N/A
N/A Yes Yes N/A
280
Hardware Platform
ERS 5500 5.0.x-5.1.x ERS 1600 2.1.x
cp-limit
N/A Yes
ext-cplimit
N/A N/A
Loop Detect
N/A N/A
ARP Detect
N/A N/A
Port level rate limiting

No No
VLACP
Yes N/A
SLPP
N/A N/A
1: Loop Protection 2: CPU Protection
ERS 8300 RSMLT edge support requires Release 4.1 or later. ERS 8600 RSMLT edge support requires Release 4.1.4.0 or later. For a detailed discussion on each of these features and their recommended values, please refer to the Converged Campus Technical Solutions Guide, NN48500-516 and the Switch Clustering using SMLT Technical Configuration Guide, NN48500-518.
SMLT recommendations
All configuration examples are based on the latest recommendations. We will use the following settings for each configuration example.
TABLE 14-2: SMLT CLUSTER CONFIGURATION RECOMMENDATIONS
14
Feature
Aggregation MLT VLAN Tagging STP disabled
ERS 8600
Yes Yes Yes Yes
ERS 8300
Yes Yes Yes Yes
ERS 5500
Yes Yes Yes Yes
ERS 1600
Yes Yes Yes Yes
SMLT Protection Mechanisms cp-limit ext-cp-limit with SoftDown Option SLPP VLACP Yes Yes Yes Yes Yes No 4.0 or higher license 4.1 or higher Yes No No Yes Yes No No No
Switch Clustering
281
Feature
Filter Untagged Frames VRRP instances
ERS 8600
Yes 255
ERS 8300
Yes 256
ERS 5500
Yes 64
ERS 1600
Yes 64
Note
Nortel recommends the use of MLT instead of 802.3ad as MLT provides faster recovery. The fastest possible recovery with 802.3ad would be approximately 1.5 seconds compared to less than 1 second with MLT. If you need to enable 802.3ad, refer to Technical Configuration Guide for Link Aggregation Control Protocol (LACP) 802.3ad and VLACP, NN48500-502 for more details.
Tips
Nortel recommends the use of the reserved multicast Media Access Control (MAC) address of 01:80:c2:00:00:0f for the Virtual Link Aggregation Control Protocol (VLACP) MAC address for all Ethernet applications. This recommendation does not apply if you use an Ethernet over a local area network (LAN) extension service where it is recommended to use the default VLACP MAC. Nortel recommends the use of a Simple Loop Prevention Protocol (SLPP) receive threshold of 5 on the primary switch and a value of 50 on the secondary switch in an SMLT cluster. Nortel recommends that you enable ext cp-limit with the SoftDown option when using ERS 8600 software Release 4.1 or higher. The HardDown option should only be used as a loop prevention mechanism in software release 3.7.x.
14
ERS 8600 control plane limit default settings

Apply the correction of the control plane limit (cp-limit) default settings to the Network Design Guidelines - Ethernet Routing Switch 8600 Software - Release 4.1 under section CPLimit considerations with SMLT IST. The cp-limit default settings are: default state = enabled (SMLT links) default state = disabled (IST) default multicast packets-per-second (pps) value = 10,000 default broadcast pps value =10,000
282
Cp-limit function
Protects CPU from broadcast and multicast storms. Looks at control multicast traffic and broadcast traffic. Only packets destined for the CPU. If the defined pps is exceeded, the port is shut down. Need to disable/enable port to recover. Does not look at data packets (session/user traffic). Does not protect against exception traffic such as: Simple Network Management Protocol (SNMP), telnet, Internet Control Message Protocol (ICMP), IP with Time To Live (TTL)1, Unknown Source Address (SA). Enabled on all ports by default. Automatically disabled on IST ports during IST creation.
Recommended values for switch features

The following information provides the recommended value for each feature. Configuration values are always left to the discretion of the user. The values suggested here are Nortel recommendations, which you may alter for your particular network and network needs. The values Nortel recommends have been tested and are known to work.
FIGURE 14-6: CP-LIMIT GUIDELINES
14
Switch Clustering
283
Extended cp-limit feature overview

Extended cp-limit (ext-cp-limit) expands on the ability of cp-limit by monitoring buffer congestion on CPU and port level congestion on the I/O modules. Introduced in Release 3.7.5 and 4.1 Not supported in 4.0 Does not look at data packets (session/user traffic) HardDown option Disables port immediately after crossing congestion threshold SoftDown option Monitors port for x amount of time; if congestion remains, port is disabled. User configures minimum congestion time (CPU) and port congestion time (used by SoftDown only)
FIGURE 14-7: EXT-CP-LIMIT HARDDOWN OPERATION
System Congestion Detected
MinCongTimer Starts Counting Down
14
MinCongTimer Expires (default 3 sec)
Send a system Congestion Alarm
Shutdown Ports In HardDown
284

FIGURE 14-8: EXT-CP-LIMIT SOFTDOWN OPERATION
System Congestion Detected
MinCongTimer Starts Counting Down
MinCongTimer Expires (default 3 sec)
Continues until congestion subsides
Send a congestion Alarm
Scan ports to see which ones are sending most traffic
Monitor the traffic rate of the highest contributing ports (number of ports depends on MaxPorts value) Shutdown the ports which exceed their threshold + sends alarm
Start the PortMinCong Timer
If any of the ports sustain a traffic rate above the CpUtilRate threshold and the PortMinCong Timer expires
14
FIGURE 14-9: EXT-CP-LIMIT GUIDELINES
Switch Clustering
285
Virtual Link Aggregation Control Protocol

Nortel has developed Virtual Link Aggregation Control Protocol (VLACP) to provide a true end-to-end failure detection mechanism between directly connected switches or connectivity across intermediary networks. This feature now adds a greater level of resiliency and flexibility to the Converged Campus design when used in conjunction with MLT, Distributed MultiLink Trunk (DMLT), and SMLT, especially in cases where switches are not directly attached to each other. Nortel recommends enabling VLACP on IST ports. Enable VLACP on all SMLT core links whenever possible. Enable VLACP on all SMLT/SLT access links whenever possible. When enabling VLACP on local LAN connections, configure all links to use a unique MAC address (reserved multicast MAC of 01-80-C2-00-11-00) to provide protection against links inadvertently being connected to an incorrect port, having a switch being reset to factory default, or having a configuration mistake causing a problem. When enabling VLACP on connections that traverse an intermediate optical network (such as a service provider LAN extension), do not use the reserved multicast MAC address indicated above. Use the default address or another address that will be forwarded by the intermediate equipment. Make sure that the VLACP timers are set to the same value on both ends of the link and use the appropriate timeout values. VLACP = Lightweight LACP Can detect Complete link failure Receive or transmit link disruptions only
14
Transmits VLACP-PDUs every x seconds so both ends of the link maintain state. VLACP does not perform link aggregation functions. Simpler implementation of LACP, less CPU-intensive Based on LACP but is intellectual property of Nortel and therefore not supported on nonNortel equipment.
286

FIGURE 14-10: VLACP
VLACP-PDUs
VLACP-PDUs
VLACP-PDUs
VLACP must be enabled both globally and on the individual ports. Both ends of the link must have the same configured multicast MAC address Ethertype timers LACP and VLACP can be used on the same links. VLACP uses a reserved multicast MAC address. VLACP protects against CPU failure/hung conditions. VLACP protects against far-end link failures. VLACP helps protect against loops cabling errors switch defaulting configuration mistakes Use short timeout on access SMLT and SLT connections. Use long timeout on IST connections.
14
Switch Clustering
FIGURE 14-11: VLACP GUIDELINES
287
Enable VLACP access SMLT/SLT/IST Links Use reserved multicast MAC 01-80-C2-00-11-00 To use Fast Periodic Timers of less than 200 ms (between ERS 8600s), a SuperMezz must be present.
TABLE 14-3: PEER SWITCH TIMERS
14
Peer Switch
ERS 5500 ERS 8600 Edge ERS 8600 Core ERS 8300
Fast Timer
500 ms 500 ms N/A 200 ms
Slow Timer
N/A N/A 30000 30000
Timeout
Short Short Long Short
Timeout Scale
3 3 3 3
288
Simple Loop Prevention Protocol

Simple Loop Prevention Protocol recommended values
Simple Loop Prevention Protocol (SLPP) provides active protection for a VLAN against Layer 2 network loops. SLPP uses a lightweight hello packet mechanism to detect network loops. SLPP packets are sent using Layer 2 multicast. A switch only looks at its own SLPP packets or at its peer SLPP packets. It ignores SLPP packets from other parts of the network. SLPP detects VLAN-based network loops for untagged as well as tagged IEEE 802.1Q VLAN link configurations by sending hello packets on a by-VLAN basis. The port is shut down once a loop is detected. The SLPP functionality is configured using the following criteria: SLPP Transmit (TX) ProcessThe network administrator decides on which VLANs a switch should send SLPP hello packets. The packets are then replicated out all ports that are members of the SLPP-enabled VLAN. Nortel recommends enabling SLPP on all VLANs. SLPP Receive (RX) ProcessThe network administrator decides on which ports the switch should act when receiving an SLPP packet that is sent by the same switch or by its SMLT peer. You should enable this process only on access SMLT/SLT ports and never on IST ports or core SMLT/SLT ports in the case of a square or full-mesh core design. SLPP ActionThe action operationally disables the ports receiving the SLPP packet. The administrator can also tune the network failure behavior by choosing how many SLPP packets need to be received before a switch starts taking an action. These values need to be staggered to avoid edge-switch isolation. See the recommendations at the end of this section.
14
Loops can be introduced into the network in many ways. One way is through the loss of an MLT configuration caused by user error or malfunctioning equipment. This scenario may not always introduce a broadcast storm, but because all MAC addresses are learned through the looping ports, it does significantly impact Layer 2 MAC learning. Spanning tree would not in all cases be able to detect such a configuration issue, whereas SLPP reacts and disables the malfunctioning links, limiting network impact to a minimum. The desire is to prevent a loop from causing network problems while also attempting to avoid totally isolating the edge where the loop was detected. Total edge-closet isolation is the last resort in order to protect the rest of the network from the loop. With this in mind, the concept of an SLPP primary switch and SLPP secondary switch has been adopted. These are strictly design terms and are not configuration parameters. The Rx Thresholds are staggered between the primary and secondary switch, therefore the primary switch will disable an uplink immediately upon a loop occurring. If this resolves the loop issue, the edge closet still has connectivity back through the SLPP secondary switch. If the loop is not resolved, the SLPP secondary switch disables the uplink and isolates the closet to protect the rest of the network from the loop. SLPP prevents loops in a Switch Cluster network. Loops can occur when: MLT at the edge is misconfigured. MLT is not created at the edge but links are plugged in anyway.
Switch Clustering
289
MLT configuration is lost (switch set back to factory default). SLPP uses an SLPP-PDU, which is generated by the Switch Cluster cores. Loop detection is achieved by detecting whether the SLPP-PDU is received on the IST peer switch port or on the same switch where it originated. If the packet is received The port is taken down. A log file entry is generated. An SNMP trap is sent. When SLPP disables a port to prevent a loop, that port remains disabled until someone reenables the port. In order to re-enable a port that has been disabled by SLPP, you need to manually disable the port and then enable the port. In the ERS 8600 CLI, the commands are: config ethernet <portlist> state disable config ethernet <portlist> state enable The Nortel Command Line Interface (NNCLI) version of the command is: From global configuration more... state [port <ports>] <enable|disable|test> SLPP is enabled on a by-VLAN basis and a by-port basis.
FIGURE 14-12: SLPP
14
290

FIGURE 14-13: SLPP GUIDELINES
Virtual Router Redundancy Protocol with Backup Master
14
Nortel has created an extension to VRRP that allows for local processing of traffic that would otherwise have to take an extra hop to get to the default gateway. VRRP Backup Master allows both core switches to forward and route traffic, creating an active-active environment for routing. This feature is extremely beneficial when implemented in conjunction with SMLT.
Switch Clustering
FIGURE 14-14: VRRP WITH BACKUP MASTER
291
FIGURE 14-15: VRRP GUIDELINES
14
292
Tip
If you use multiple VLANs with VRRP enabled, it is recommended that you stagger the VRRP Master assignment so that both SMLT cluster switches are the VRRP Master for half the VLANs.
Alert
Critical IP should not be used with VRRP Backup Master. There are known issues when using this feature with VRRP Backup Master.
Routed Split MultiLink Trunking: ERS 8600 and ERS 8300

With Split MultiLink Trunking (SMLT), the switch can achieve rapid failover for network failures in Layer 2 environments. This improves high availability and redundancy while allowing all links to be active simultaneously. Routed Split MultiLink Trunking (RSMLT), an extension for SMLT, provides rapid failover for Layer 3 networks, using Layer 3 protocols, such as IP-RIP, IP-Open Shortest Path First (OSPF), and IPX-Routing Information Protocol (RIP). RSMLT is not dependent on the routing protocol used in the network. The router redundancy is achieved by synchronizing the required forwarding information. RSMLT implementation does not use a virtual IP address but instead uses physical IP addresses for redundancy. At the same time, RSMLT can be deployed in either L3/routed configurations or L2/edge configurations where previously one might have used VRRP (and Backup Master). RSMLT Layer 2 Edge provides support for similar Layer 2 environments as does basic SMLT without the need for VRRP. RSMLT Layer 2 Edge is now the recommended configuration rather than SMLT with VRRP, although either configuration can be used.
14
RSMLT L2 edge support for dual IST core switch failure situation
Previously, if there was a power outage or shutdown of both switches within a dual core IST pair and for some reason only one switch came backup, clients using the powered-off switchs IP/MAC as their default gateway would lose connectivity to the network. In such a scenario, even though RSMLT is enabled on the switch, it was unable to back up for the peer as it was unaware of the peers IP/MAC address. New in ERS 8600 Release 4.1, the RSMLT peer IP and MAC addresses are stored in the config file and will be used on the next reboot if the IST link does not become active and operational. Otherwise, the switches will learn from their peer as normal. This feature can be enabled and disabled by the following CLI command: config ip rsmlt rsmlt-edge-support <enable/disable> When the configuration file is saved, if the rsmlt-edge-support flag is enabled and RSMLT peer is UP, the peer IP address and MAC address also are automatically saved.
293
The peer information is cleared by the following CLI command. config ip rsmlt clear-rsmlt-peer [<vlanId>] To display RSMLT configuration and status information use the following CLI command. config ip rsmlt info
Note
If the peer information is cleared, the switch could stop forwarding for the peer.
After both the dual core IST switches have come backup, and if the IST comes up and is operational, if an RSMLT-peer-enabled message is received from the peer, then RSMLT operates normally. If the peer has either an IP or a MAC change, then a new save config must be performed in order for the new information to be saved and RSMLT Layer 2 Edge support to operate correctly. But if the IST peer up message is not received (for example RSMLT is not properly enabled) and the rsmlt-edge-forward flag is enabled, then first the RSMLT hold-down timer starts to allow routing protocols to converge. During this period user operation could be affected. After the hold-down timer expires, saved peer information is picked up, and the switch starts to back up for the peer by adding the previously saved MAC and ARP records. The hold-up timer then starts and, once this timer expires, the previously added MAC and ARP records are deleted and the switch stops backing up for the peer, as the peer is not running proper RSMLT for the VLAN. It should be noted that RSMLT is a per-VLAN parameter, and therefore all affects are on a per-VLAN basis, not necessarily a per-switch basis. In L2-Edge-support mode, the local values of the hold-down timer (default value of 60 seconds) and hold-up timer (default value of 180 seconds) will be used.
14
Note
This feature is supported only for IP RSMLT VLANs and not for IPX RSMLT VLANs.
294

FIGURE 14-16: RSMLT EDGE RECOMMENDATIONS
Either VRRP or RSMLT edge should be used, but not both simultaneously on the same VLAN. RSMLT is based on SMLT, so all SMLT rules apply.
14
RSMLT is configured on a per-VLAN basis. VLAN must be routable and must be part of the SMLT links and IST link. Hold-up timer must be increased to 9999 (meaning infinity) so that the functioning switch is able to forward traffic indefinitely for a failed peer.

FIGURE 14-17: RSMLT RECOMMENDED VALUES
295
Edge access switch

FIGURE 14-18: EDGE SWITCH
14
296

FIGURE 14-19: EDGE SWITCH CAPABILITIES
Port-level rate-limiting feature overview

Port-level rate-limiting protects the network from broadcast and multicast storms Port-level rate-limiting enables rate limiting on the edge and/or the access SMLT and access SLT
14
Protects against non-CPU-bound traffic Impact is not as severe to the network Impacts only that local subnet The network administrator should analyze and understand multicast and broadcast traffic in the network before enabling rate limiting.
Bridge Protocol Data Unit filtering feature overview

Bridge Protocol Data Unit (BPDU) allows the network administrator to achieve the following: Block an unwanted root selection process when an edge device is added to the network. This prevents unknown devices from influencing an existing spanning tree topology. Block the flooding of BPDUs from an unknown device. When a port has BPDU-filtering enabled and it receives a Spanning Tree Protocol (STP) BPDU, the following actions take place: The port is immediately put in the operationally disabled state. A trap is generated and the following log message is written to the log:
297
BPDU received on port with BPDU-Filtering enabled Port <x> has been disabled The port timer starts. The port stays in the operationally disabled state until the port timer expires.
FIGURE 14-20: BPDU FILTERING GUIDELINES
14
298
Switch clustering reference design

This figure shows recommendations for the network edge, uplink ports, and network core.
FIGURE 14-21: SWITCH CLUSTERING REFERENCE DESIGN
14
Ethernet Routing Switch 8300, Release 4.1: New software features

Virtual Routing Forwarding Lite
Use the Virtual Router Forwarding (VRF Lite) feature to allow ERS 8600 and ERS 8300 interfaces to act as many virtual routers (up to 128). ERS 8600 and ERS 8300 both support the same functionalities and features and the same Command Line Interface (CLI). Only scalability differences exist. Use VRF Lite to provide secure customer data isolation. VRF Lite allows you to offer networking capabilities and traffic isolation to customers that operate over the same node (router). Each virtual router emulates the behavior of a dedicated hardware router; the network treats each virtual router as a separate physical router. In effect, you can perform the functions of many routers using a single router that runs VRF Lite. The
Ethernet Routing Switch 8300, Release 4.1: New software features
299
result is a substantial reduction in the cost associated with providing routing and traffic isolation for multiple clients. VRF Lite provides virtualization of control and data planes, virtualized routing table managers (RTM), routing policies, OSPF, RIP, VRRP, ARP, BootP/DHCP relay. Specifically VRF Lite offers: support for overlapping addresses management through Global Routing Table (GRT) support for SMLT/RSMLT VRF Lite does not virtualize multicast routing; only VRF0 supports multicast The ERS 8300 supports Inter-VRF routing policies. The total number of potential virtual routers is 128 12 OSPF 24 RIP instances Remainder are static routes VRF Lite on the ERS 8300 is supported on the following modules: 8394SF 8348GTX 8348GTX-PWR 8348GB 8308XL You must enable V mode on the ERS 8300 to support the VRF Lite feature. You can select V mode by using the true selection in the V mode bootconfig flags command in the CLI or NNCLI. As of ERS 8300, Release 4.1, V mode is not supported by Device Manager. Non-V modules cannot operate in V mode. The non-V modules are: 8393SF/CPU 8324GTX 8324FX 8348TX 8348TX-PWR For more information about VRF Lite, see the following documents: Nortel ERS 8300 Configuration: IP Routing Protocols, NN46200-519 Nortel Ethernet Routing Switch 8300 Configuration: IP Routing, NN46200-518 Nortel Ethernet Routing Switch 8300 Administration, NN46200-604
14
300
Nortel Secure Network Access 2.0

Use the Nortel Secure Network Access (NSNA) 2.0 solution to guarantee end-point security. NSNA provides security by enabling policy definition for role- or identity-based access privileges. Policies are based on the security level of the device, user identity, and session context. NSNA additionally enforces security policy compliance to ensure that the required antivirus applications, definitions, or software patches are in effect before any user is granted access to the enterprise network.
NSNA VLAN on a non-NSNA port and Fail Open

The ERS 8300 4.1 supports an NSNA VLAN on a non-NSNA port and Fail Open. With Fail Open, users can connect to the network when Secure Network Access Switch (SNAS) is unable to control the security of the switches. For more information about NSNA 2.0 and NSNA VLAN on a non-NSNA port and Fail Open, see Nortel Ethernet Routing Switch 8300 Security, NN46200-605.
14
Knowledge Check 14-1: Converged Campus Ethernet Routing Switch Solutions
301
Knowledge Check 14-1: Converged Campus Ethernet Routing Switch Solutions

Answer the following questions. Answers to these Knowledge Check questions are located in Appendix A: Answers to Knowledge Check Questions. 1. The Small Campus Design consists of which combination of Ethernet Routing Switches?
a. b. c. d.
ERS 5500 core and ERS 2500 edge ERS 5500 edge and ERS 2500 core ERS 8300 core and ERS 4500 edge ERS 8300 edge and ERS 4500 core
2. The 4.1 software release for the ERS 8300 added which feature?
a. b. c. d.
cp-limit VLACP extended cp-limit with the HardDown option extended cp-limit with the SoftDown option
3. The 4.1 software release for the ERS 8600 added which feature?
a. b. c. d.
cp-limit VLACP extended cp-limit with the SoftDown option extended cp-limit with the HardDown option
14
4. STP should be not be disabled on which ports?

a. b. c. d.
IST ports MLT ports SMLT ports access ports
5. Simple Loop Prevention Protocol should be enabled on all of the following except?
a. b. c. d.
IST access SLT access SMLT core ports not configured for SMLT/SLT/IST
302
Chapter summary
In this chapter, you learned how to: describe the completed solution and technologies describe the small campus solution describe the medium campus solution describe the large campus solution
References
These references can be downloaded from www.nortel.com by using the Search tool. Nortel ERS 8300 Configuration: Link Aggregation, MLT, and SMLT, NN46200-517 Nortel Ethernet Routing Switch 8300 Security, NN46200-605 Nortel ERS 8600 Configuration: Link Aggregation, MLT, and SMLT, NN46205-518 Nortel Ethernet Routing Switch 8600 Configuration: IP Routing, NN46205-523 Technical Configuration Guide for Link Aggregation Control Protocol, NN48500-502 Converged Campus Technical Solution Guide, NN48500-516 Switch Clustering using SMLT Technical Configuration Guide, NN48500-518 Switch Clustering (SMLT/SLT/RSMLT/MSMLT) Supported Topologies and Interoperability with ERS 8600/5500/8300/1600, NN48500-555
14

Nortel

Uploaded by

Copyright:

Available Formats

Nortel

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nortel

Uploaded by

Copyright:

Available Formats

What are the main components of the Nortel Ethernet Routing Switch portfolio?

What are the main components of the Nortel Ethernet Routing Switch portfolio?

What physical media types and Power over Ethernet options are supported by the Ethernet Routing Switches?

What physical media types and Power over Ethernet options are supported by the Ethernet Routing Switches?

Nortel Ethernet Routing Switch Solution

2: Nortel Ethernet Routing Switch Portfolio...............................................................15

Nortel Ethernet Routing Switch Solution

Chapter summary..................................................................................................................51 Resources ................................................................................................................................51

3: Layer 1 Physical Media Types and PoE.................................................................. 53

4: Designing VLANs and Layer 2 Considerations ..................................................... 69

5: Designing a Layer 3 Routed Network .....................................................................85

Nortel Ethernet Routing Switch Solution

6: Link Aggregation .................................................................................................. 113

7: Nortel Split MultiLink Trunking ......................................................................... 123

Nortel Ethernet Routing Switch Solution

9: Quality of Service.................................................................................................. 185

10: Designing for IP Multicasting ............................................................................197

Nortel Ethernet Routing Switch Solution

11: Converged Campus Solution: Small Campus Design ........................................ 215

12: Converged Campus Solution: Medium Campus Design.................................... 231

13: Converged Campus Solution: Large Campus Design .........................................249

Nortel Ethernet Routing Switch Solution

16: ERS 5500/4500/2500 Installation and Configuration ........................................365

Nortel Ethernet Routing Switch Solution

17: Small Campus Core Configuration..................................................................... 397

18: Medium Campus Core Configuration ................................................................ 419

19: Large Campus Core Configuration ..................................................................... 441

20: Small Campus Edge Configuration .....................................................................465

21: Medium Campus Edge Configuration ................................................................477

22: Large Campus Edge Configuration .....................................................................485

Nortel Ethernet Routing Switch Solution

Appendix B: Ethernet Routing Switch Documentation ........................................... 509

Glossary..................................................................................................................... 515 Index.......................................................................................................................... 525

Nortel Ethernet Routing Switch Solution

Nortel Ethernet Routing Switch Solution

How to Use This Book

Tips provide recommendations related to the topics being discussed.

Alerts identify situations that warrant special attention.

Nortel Ethernet Routing Switch Solution

About the CD-ROM

Nortel Ethernet Routing Switch Solution

Nortel Learning Services

Learning Needs Analysis Services

Custom Learning Services

Nortel Professional Certification

Nortel Certified Technology Specialist (NCTS)

Nortel Certified Technology Expert (NCTE)

Nortel Certified Support Specialist (NCSS)

Nortel Certified Support Expert (NCSE)

Nortel Certified Design Specialist (NCDS)

Nortel Certified Design Expert (NCDE)

Nortel Ethernet Routing Switch Solution

Nortel Certified Architect (NCA)

About Nortel Press

Contacting Nortel Press

Nortel Ethernet Routing Switch Solution

Preparing for the Exam

Part I: Ethernet Routing Switch Solution

1: Converged Network Architecture Overview